System and method for secure end-to-end chat system
First Claim
Patent Images
1. A method of securely transferring data during a communications session, comprising:
- connecting to a communications server by sending a request over a communications protocol by providing a client id and a server key;
validating the connection by a challenge response sequence;
initiating a communications session by either randomly generating a symmetric key or generating a key based on a user provided passphrase;
broadcasting an encrypted message to a set of communications participants comprising of a randomly generated salt used for calculating the next key for the session;
inviting a new user to the session providing the initial key and an IVec using ECIES and sending a resynchronization message with the new IVec to the group for the new client to participate.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides an efficient secure end-to-end messaging system utilizing encrypted ephemeral messages. The method comprises the steps of using a combination of HTTPS for transport security, using symmetric key cryptography with rotating temporary keys for individual message security, and using elliptic curve cryptography for key derivation and message authentication. The key rotation scheme used provides forward secrecy even between messages and perfect forward secrecy between sessions.
-
Citations
5 Claims
-
1. A method of securely transferring data during a communications session, comprising:
-
connecting to a communications server by sending a request over a communications protocol by providing a client id and a server key; validating the connection by a challenge response sequence; initiating a communications session by either randomly generating a symmetric key or generating a key based on a user provided passphrase; broadcasting an encrypted message to a set of communications participants comprising of a randomly generated salt used for calculating the next key for the session; inviting a new user to the session providing the initial key and an IVec using ECIES and sending a resynchronization message with the new IVec to the group for the new client to participate. - View Dependent Claims (2, 3, 4, 5)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeBogart Associates, Inc.
-
Original AssigneeBogart Associates
-
InventorsTutt, Timothy, Sherwood, John Richard
-
Primary Examiner(s)Smithers, Matthew
-
Application NumberUS14/854,764Time in Patent Office350 DaysField of SearchUS Class Current1/1CPC Class CodesH04L 2209/24 Key scheduling, i.e. genera...H04L 2209/72 Signcrypting, i.e. digital ...H04L 63/0428 wherein the data content is...H04L 63/045 wherein the sending and rec...H04L 63/068 using time-dependent keys, ...H04L 63/168 above the transport layerH04L 67/02 based on web technology, e....H04L 9/0841 involving Diffie-Hellman or...H04L 9/0869 involving random numbers or...H04L 9/3066 involving algebraic varieti...H04L 9/3242 involving keyed hash functi...H04L 9/3247 involving digital signaturesH04L 9/3271 using challenge-response
