Method and system for secure communication
First Claim
Patent Images
1. A method for secure communication, comprising:
- generating, by a server, a first shared key, a first counter and a second counter;
transmitting, by the server, the first shared key, the first counter and the second counter to a computing device;
encrypting outgoing messages sent over a network to another computing device using the first shared key shared with said other computing device, and the first counter, said first shared key and said first counter being stored in storage of the computing device;
decrypting incoming messages received over said network from said other computing device using said first shared key and the second counter stored in said storage of said computing device;
generating a first hash-based message authentication code from said first shared key and a first value of said first counter;
generating a second hash-based message authentication code from said first shared key and a second value of said first counter; and
generating a first encryption key as a first function of said first hash-based message authentication code and said second hash-based message authentication code, wherein said first and said second counters are asynchronous, and wherein said encrypting comprises encrypting using said first encryption key.
9 Assignments
0 Petitions
Accused Products
Abstract
A system and method for secure communication is provided. Outgoing messages to another computing device are encrypted using a first shared key shared with said other computing device, and a first counter, said first shared key and said first counter being stored in storage of a computing device. Incoming messages from said other computing device are decrypted using said first shared key and a second counter stored in said storage of said computing device.
-
Citations
22 Claims
-
1. A method for secure communication, comprising:
-
generating, by a server, a first shared key, a first counter and a second counter; transmitting, by the server, the first shared key, the first counter and the second counter to a computing device; encrypting outgoing messages sent over a network to another computing device using the first shared key shared with said other computing device, and the first counter, said first shared key and said first counter being stored in storage of the computing device; decrypting incoming messages received over said network from said other computing device using said first shared key and the second counter stored in said storage of said computing device; generating a first hash-based message authentication code from said first shared key and a first value of said first counter; generating a second hash-based message authentication code from said first shared key and a second value of said first counter; and generating a first encryption key as a first function of said first hash-based message authentication code and said second hash-based message authentication code, wherein said first and said second counters are asynchronous, and wherein said encrypting comprises encrypting using said first encryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for secure communication, comprising:
-
a server generating a first shared key, a first counter and a second counter, and transmitting the first shared key, the first counter and the second counter to a computing device; the computing device having a storage storing the first shared key, and the first counter and the second counter, and a processor executing an encryption module, said encryption module for encrypting outgoing messages sent over a network to another computing device using the first shared key and for decrypting incoming messages received over said network from said other computing device using said first shared key and said second counter, said other computing device also storing said first shared key and said first and second counters; wherein said first and said second counters are asynchronous, and wherein said encryption module generates a first hash-based message authentication code from said first shared key and a first value of said first counter, and a second hash-based message authentication code from said first shared key and a second value of said first counter, said encryption module generating a first encryption key as a first function of said first hash-based message authentication code and said second hash-based message authentication code, and encrypting one of said outgoing messages using said first encryption key, said encryption module causing said network interface to communicate said one encrypted outgoing message. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method for secure communication, comprising:
-
generating, by a server, a first shared key, a first counter and a second counter; transmitting, by the server, the first shared key, the first counter and the second counter to a computing device and to another computing device; encrypting outgoing messages sent over a network to said other computing device using the first shared key shared with said other computing device, and the first counter, said first shared key and said first counter being stored in storage of the computing device; decrypting incoming messages received over said network from said other computing device using said first shared key and the second counter stored in said storage of the computing device; receiving a second one-time password from said other computing device;
synchronizing said second counter using said second one-time password;generating a third hash-based message authentication code from said first shared key and a first value of said second counter;
generating a fourth hash-based message authentication code from said first shared key and a second value of said second counter;and generating a second encryption key as a first function of said third hash-based message authentication code and said fourth hash-based message authentication code, wherein said first and said second counters are asynchronous, and wherein said decrypting comprises decrypting using said second encryption key.
-
-
22. A system for secure communication, comprising:
-
a server generating a first shared key, a first counter and a second counter, and transmitting the first shared key, the first counter and the second counter to a computing device; the computing device having a storage storing the first shared key, and the first counter and the second counter, and a processor executing an encryption module, said encryption module for encrypting outgoing messages sent over a network to another computing device using the first shared key and for decrypting incoming messages received over said network from said other computing device using said first shared key and said second counter, said other computing device also storing said first shared key and said first and second counters; wherein said first and said second counters are asynchronous, wherein said encryption module synchronizes said second counter with said other computing device using a second one-time password received therefrom, and wherein said encryption module generates a third hash-based message authentication code from said first shared key and a first value of said second counter, a fourth hash-based message authentication code from said first shared key and a second value of said second counter, and a second encryption key as a first function of said third hash-based message authentication code and said fourth hash-based message authentication code, wherein said encryption module decrypts one of said incoming messages using said second encryption key.
-
Specification