Methods and systems for secure electronic communication
First Claim
1. A method for secure electronic communication between a client application processor and a server processor, comprising:
- generating, using a server processor coupled to memory, a client application public/private key pair and storing the client application public/private key pair on a physical hardware security module without sending a client application private key to, or storing the client application private key on, a user'"'"'s communication device;
receiving, using the server processor, a request message from a user'"'"'s communication device processor consisting at least in part of a session key encrypted with the client application public key of the public/private key pair;
retrieving, using the server processor, the client application private key of the public/private key pair stored on the physical hardware security module;
decrypting, using the server processor, the request message with the client application private key of the public/private key pair and retrieving the decrypted session key from the decrypted request message;
generating, using the server processor, a response message and encrypting the response message with the retrieved session key; and
sending, using the server processor, the session key-encrypted response message to the user'"'"'s communication device processor.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for secure electronic communication involve, for example, using a processor coupled to memory to receive a request message from a user'"'"'s communication device processor including a session key encrypted with a public key of a public/private key pair without sending a private key of the public/private key pair to, or storing the private key on, the user'"'"'s communication device. Using the processor, the request message is decrypted with a private key of the public/private key pair and the session key is retrieved from the decrypted request message. Thereafter, also using the processor, a response message is generated and encrypted with the retrieved session key and sent to the user'"'"'s communication device processor.
40 Citations
13 Claims
-
1. A method for secure electronic communication between a client application processor and a server processor, comprising:
-
generating, using a server processor coupled to memory, a client application public/private key pair and storing the client application public/private key pair on a physical hardware security module without sending a client application private key to, or storing the client application private key on, a user'"'"'s communication device; receiving, using the server processor, a request message from a user'"'"'s communication device processor consisting at least in part of a session key encrypted with the client application public key of the public/private key pair; retrieving, using the server processor, the client application private key of the public/private key pair stored on the physical hardware security module; decrypting, using the server processor, the request message with the client application private key of the public/private key pair and retrieving the decrypted session key from the decrypted request message; generating, using the server processor, a response message and encrypting the response message with the retrieved session key; and sending, using the server processor, the session key-encrypted response message to the user'"'"'s communication device processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A machine for secure electronic communication, comprising:
a server processor coupled to memory, the server processor being programmed for; generating a client application public/private key pair and storing the client application public/private key pair on a physical hardware security module without sending a client application private key to, or storing the client application private key on, a user'"'"'s communication device; receiving a request message from a user'"'"'s communication device processor consisting at least in part of a session key encrypted with the client application public key of the public/private key pair; retrieving, using the server processor, the client application private key of the public/private key pair stored on the physical hardware security module; decrypting the request message with the client application private key of the public/private key pair and retrieving the decrypted session key from the decrypted request message; generating a response message and encrypting the response message with the retrieved session key; and sending the session key-encrypted response message to the processor of the user'"'"'s communication device.
-
13. A non-transitory computer-readable storage medium with an executable program stored thereon, wherein the program instructs a server processor to perform the following steps:
-
generate a client application public/private key pair and storing the client application public/private key pair on a physical hardware security module without sending a client application private key to, or storing the client application private key on, a user'"'"'s communication device; receive a request message from a user'"'"'s communication device processor consisting at least in part of a session key encrypted with the client application public key of the public/private key pair; retrieve the client application private key of the public/private key pair stored on the physical hardware security module; decrypt the request message with the client application private key of the public/private key pair and retrieve the decrypted session key from the decrypted request message; generate a response message and encrypt the response message with the retrieved session key; and send the session key-encrypted response message to the processor of the user'"'"'s communication device.
-
Specification