Methods and apparatuses for secure information sharing in social networks using randomly-generated keys

US 8,769,259 B2
Filed: 01/06/2012
Issued: 07/01/2014
Est. Priority Date: 01/06/2012
Status: Active Grant

First Claim

Patent Images

1. A method for secure information sharing in a social network, comprising:

receiving authorization to obtain at least one message including data D₁, wherein the authorization is provided by a resource owner of the at least one message for a given user of the social network;

receiving the at least one message;

extracting a first ciphertext C_iand a second ciphertext C_D1from the at least one message;

decrypting the first ciphertext C_iwith a first key to obtain a random key K_R; and

decrypting the second ciphertext C_D1using the random key K_Rto obtain the data D₁;

wherein the first key is associated with an identity of the given user; and

wherein the receiving authorization, receiving the at least one message, extracting, decrypting the first ciphertext and decrypting the second ciphertext are performed by at least one processing device comprising a processor coupled to a memory.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

There can be problems with the security of social networking communications. For example, there may be occasions when a number of friends wish to communicate securely through a social network infrastructure, such that non-trusted 3^rd-party entities, such as a Social Network Operator or host that provides the application infrastructure, does not overhear the communication. In response to the above problems, embodiments presented propose a set of innovative, lightweight solutions, considering that in certain scenarios the Social Network Operator may not be a trusted entity. Embodiments of the present invention are directed to methods and apparatuses for secure information sharing in social networks using random keys.

Citations

20 Claims

1. A method for secure information sharing in a social network, comprising:
- receiving authorization to obtain at least one message including data D₁, wherein the authorization is provided by a resource owner of the at least one message for a given user of the social network;
  
  receiving the at least one message;
  
  extracting a first ciphertext C_iand a second ciphertext C_D1from the at least one message;
  
  decrypting the first ciphertext C_iwith a first key to obtain a random key K_R; and
  
  decrypting the second ciphertext C_D1using the random key K_Rto obtain the data D₁;
  
  wherein the first key is associated with an identity of the given user; and
  
  wherein the receiving authorization, receiving the at least one message, extracting, decrypting the first ciphertext and decrypting the second ciphertext are performed by at least one processing device comprising a processor coupled to a memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the first key is a private key of the given user corresponding to a known public key of the given user.
  - 3. The method of claim 2, wherein the at least one message comprises the following structure:
    - m₁=C_D1∥
      
      {U₂, C₂}∥
      
      . . . ∥
      
      {U_M, C_M}, wherein C_D1is the second ciphertext formed by encrypting D₁using K_R, the resource owner is a first one of M users, and {U₂, C₂}∥
      
      . . . ∥
      
      {U_M,C_M} is formed by concatenating first ciphertext C_icorresponding to each of a remaining M−
      
      1 users, where each first ciphertext is the random key K_Rencrypted with a public key of the corresponding user.
  - 4. The method of claim 1, wherein the first key is a group public key.
  - 5. The method of claim 4, further comprising:
    - securely obtaining the group public key from a key generation function entity.
  - 6. The method of claim 1, wherein the first key is a shared commonly derived key.
  - 7. The method of claim 6, wherein the resource owner is a first one of M users, and the shared commonly derived key is based on a secret random number generated by the resource owner and key components from one or more other users, and the key derivation is based on operations on a finite group, wherein the one or more other users are users that are authorized to derive the shared common key.
  - 8. The method of claim 7, wherein the finite group comprises points on a non-supersingular elliptic curve, and the key components are derived from a fixed known point on the curve, and the secret random numbers are random integers.
  - 9. The method of claim 1, further comprising:
    - receiving a notification that at least one message including data intended to be shared with the given user of the social network is present at the social network.
  - 10. The method of claim 1, further comprising:
    - sending an update request as to whether there is at least one message including data intended to be shared with the given user of the social network present at the social network; and
      
      receiving confirmation that there is at least one message including data intended to be shared with the given user of the social network present at the social network.
  - 11. The method of claim 1, wherein authorization is based on an OAuth protocol.
  - 12. The method of claim 1, further comprising:
    - presenting an access token to the social network; and
      
      receiving validation of the access token prior to receiving the at least one message.
  - 13. The method of claim 1, further comprising:
    - validating the integrity of the at least one message by using a known public key of the resource owner.

14. An apparatus comprising:
- a memory; and
  
  at least one processor coupled to the memory and configured to;
  
  receive authorization to obtain at least one message including data D₁, wherein the authorization is provided by a resource owner of the at least one message for a given user of the social network;
  
  receive the at least one message;
  
  extract a first ciphertext C_iand a second ciphertext C_D1from the at least one message;
  
  decrypt the first ciphertext C_iwith a first key to obtain a random key K_R; and
  
  decrypt the second ciphertext C_D1using the random key K_Rto obtain the data D₁;
  
  wherein the first key is associated with an identity of the given user.

15. A, method for secure information sharing in a social network, comprising:
- selecting a random key K_R;
  
  encrypting data D₁intended to be shared with a set of users of the social network with the random key K_Rto create a first ciphertext C_D1;
  
  encrypting the random key K_Rwith a second key to create a second ciphertext C_i;
  
  creating a message including both the first and second ciphertexts; and
  
  sending the created message to a storage location of the social network;
  
  wherein the second key is associated with an identity of at least one of the users in the set of users;
  
  wherein the selecting, encrypting data, encrypting the random key, creating and sending are performed by at least one processing device comprising a processor coupled to a memory.
- View Dependent Claims (16, 17, 18)
- - 16. The method of claim 15, wherein the second key is a public key of a given user of the set of users, such that C_iequals the encryption of the random key K_Rwith the public key of the given user.
  - 17. The method of claim 15, wherein the second key is a group public key securely obtainable from a key generation function entity.
  - 18. The method of claim 15, wherein the second key is a shared commonly derived key based on a secret random number and a commonly agreed point on an elliptic curve.

19. An apparatus comprising:
- a memory; and
  
  at least one processor coupled to the memory and configured to;
  
  select a random key K_R;
  
  encrypt data D₁intended to be shared with a set of users of the social network with the random key K_Rto create a first ciphertext C_D1;
  
  encrypt the random key K_Rwith a second key to create a second ciphertext C_i;
  
  create a message including both the first and second ciphertexts; and
  
  send the created message to a storage location of the social network;
  
  wherein the second key is associated with an identity of at least one of the users in the set of users.

20. A system for secure information sharing in social networks, comprising:
- a plurality of social network users; and
  
  a social network host;
  
  a given one of the plurality of social network users being configured to;
  
  encrypt data to be shared between a set of one or more other social network users using a random key;
  
  generate a set of ciphertexts, each of the ciphertexts being generated by encrypting the random key with a second key corresponding to at least one of the set of other social network users;
  
  form a message including the encrypted data and the generated set of ciphertexts; and
  
  send the formed message to the social network host;
  
  the social network host being configured to;
  
  receive and store the formed message; and
  
  send the formed message to at least one of the set of other social network users; and
  
  each of the set of other social network users being configured to;
  
  receive the formed message;
  
  extract at least one ciphertext from the formed message;
  
  decrypt the at least one ciphertext using a first key corresponding to the second key to obtain the random key; and
  
  decrypt data from the formed message using the decrypted random key;
  
  wherein the first key and the second key are associated with an identity of at least one of the set of other social network users.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Alcatel-Lucent SA (Nokia Corporation)
Original Assignee
Alcatel-Lucent SA (Nokia Corporation)
Inventors
Broustis, Ioannis, Cakulev, Violeta, Sundaram, Ganapathy Subramanian
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
WYSZYNSKI, AUBREY H

Application Number

US13/345,241
Publication Number

US 20130179679A1
Time in Patent Office

907 Days
Field of Search

713/152, 726/3
US Class Current

713/152
CPC Class Codes

H04L 9/0822 using key encryption key

Methods and apparatuses for secure information sharing in social networks using randomly-generated keys

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and apparatuses for secure information sharing in social networks using randomly-generated keys

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links