System and method for secure messaging in a hybrid peer-to-peer network
First Claim
Patent Images
1. A method for changing an encryption key in a hybrid peer-to-peer network comprising:
- receiving, by a first endpoint, an instruction to change from a first encryption key to a second encryption key, wherein each of the first and second encryption keys is used by the first and second endpoints to form a plurality of known key iterations, and wherein each of the plurality of known key iterations is a valid encryption key for the first endpoint;
sending, by the first endpoint, a first message to a second endpoint that the first endpoint is going to change to the second encryption key, wherein the first message is defined for use with a transactional state model and includes information representing the second encryption key;
receiving, by the first endpoint, in response to the first message, a second message from the second endpoint indicating that the second endpoint received the first message, wherein the second message is defined for use with the transactional state model;
sending, by the first endpoint, a third message to the second endpoint acknowledging receipt of the second message, wherein the third message is defined for use with the transactional state model; and
changing, by the first endpoint, from the first encryption key to the second encryption key, wherein all incoming messages for the first endpoint are to be encrypted using the second encryption key, and wherein both the first and second encryption keys are used to decrypt messages received by the first endpoint until a defined period of time has elapsed since the second encryption key was replaced by the first encryption key.
1 Assignment
0 Petitions
Accused Products
Abstract
An improved system and method are disclosed for peer-to-peer communications. In one example, the method enables endpoints to securely send and receive messages to one another within a hybrid peer-to-peer environment.
-
Citations
20 Claims
-
1. A method for changing an encryption key in a hybrid peer-to-peer network comprising:
-
receiving, by a first endpoint, an instruction to change from a first encryption key to a second encryption key, wherein each of the first and second encryption keys is used by the first and second endpoints to form a plurality of known key iterations, and wherein each of the plurality of known key iterations is a valid encryption key for the first endpoint; sending, by the first endpoint, a first message to a second endpoint that the first endpoint is going to change to the second encryption key, wherein the first message is defined for use with a transactional state model and includes information representing the second encryption key; receiving, by the first endpoint, in response to the first message, a second message from the second endpoint indicating that the second endpoint received the first message, wherein the second message is defined for use with the transactional state model; sending, by the first endpoint, a third message to the second endpoint acknowledging receipt of the second message, wherein the third message is defined for use with the transactional state model; and changing, by the first endpoint, from the first encryption key to the second encryption key, wherein all incoming messages for the first endpoint are to be encrypted using the second encryption key, and wherein both the first and second encryption keys are used to decrypt messages received by the first endpoint until a defined period of time has elapsed since the second encryption key was replaced by the first encryption key. - View Dependent Claims (2, 3, 4)
-
-
5. A method for identifying a correct encryption key comprising:
-
receiving, by a first endpoint from a second endpoint, a first message that is encrypted using a first encryption key corresponding to the first endpoint, wherein the first encryption key is used by the first and second endpoints to form a plurality of known key iterations, and wherein each of the plurality of known key iterations is a valid encryption key for the first endpoint; applying, by the first endpoint, a first key iteration of the first encryption key to the first message to determine if the first key iteration will decrypt the first message; rotating, by the first endpoint, the first encryption key to form a next key iteration from the first encryption key if the first key iteration will not decrypt the first message; applying, by the first endpoint, the next key iteration to the first message to determine if the next key iteration will decrypt the first message; and as long as untried key iterations are available, continuing the steps of rotating and applying for each key iteration until either the first message is decrypted or the first endpoint fails to decrypt the first message after trying all possible key iterations. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for encrypting a plurality of messages comprising:
-
encrypting, by a first endpoint, a first message using a first iteration of a first encryption key corresponding to a second endpoint, wherein the first encryption key is used by the first and second endpoints to form a plurality of known key iterations, and wherein each of the plurality of known key iterations is a valid encryption key for the second endpoint; sending, by the first endpoint, the first message to the second endpoint; rotating, by the first endpoint, the first encryption key to form a second iteration of the first encryption key; encrypting, by the first endpoint, a second message using the second iteration of the first encryption key; sending, by the first endpoint, the second message to the second endpoint; receiving, by the first endpoint, a third message from the second endpoint that is encrypted using a second encryption key corresponding to the first endpoint, wherein the second encryption key is used by the first and second endpoints to form a plurality of known key iterations, and wherein each of the plurality of known key iterations is a valid encryption key for the first endpoint; applying, by the first endpoint, a first key iteration of the second encryption key to the third message to determine if the second key iteration will decrypt the third message; rotating, by the first endpoint, the second encryption key to form a next key iteration from the second encryption key if the first key iteration will not decrypt the third message; applying, by the first endpoint, the next key iteration to the third message to determine if the next key iteration will decrypt the third message; and as long as untried key iterations are available, continuing the steps of rotating and applying for each key iteration until either the third message is decrypted or the first endpoint fails to decrypt the third message after trying all possible key iterations. - View Dependent Claims (17, 18, 19, 20)
-
Specification