Cross-component message encryption

US 9,479,928 B2
Filed: 11/15/2011
Issued: 10/25/2016
Est. Priority Date: 11/15/2010
Status: Active Grant

First Claim

Patent Images

1. At a mobile communication device, a method of processing an electronic message, said method comprising:

receiving an initial part of an original message, said initial part of said original message having a size based on a size threshold in a policy established at a server associated with said mobile communication device;

detecting receipt of an instruction to;

encrypt a composite message, where said composite message includes a new message related to said original message and an entirely of said original message; and

add a cryptographic signature to said composite message;

obtaining a session key for use, at said server, in carrying out a request to encrypt said composite message;

transmitting, to said server;

said new message; and

said request to encrypt said composite message, said request including;

said session key;

an indication of said original message; and

a request for a hash of said composite message;

receiving, from said server, said hash;

obtaining a private cryptographic key;

employing said private cryptographic key to sign said hash, thereby forming a signed hash;

transmitting, to said server, said signed hash thereby, allowing said server to use said signed hash to form a signed encrypted composite message for transmission; and

providing, by the foregoing, maintenance of security considerations in view of bandwidth optimization measures.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Often, for reasons of wireless bandwidth conservation, incomplete messages are provided to wireless messaging devices. Employing cryptography, for secrecy or authentication purposes, when including a received message that has been incompletely received can lead to lack of context on the receiver'"'"'s end. By automatically obtaining the entirety of the message to be included, an outgoing message that includes the received message can be processed in a manner that securely and accurately represents the intended outgoing message. Alternatively, a server can assemble a composite message from a new message and an original message and, in cooperation with a wireless messaging device, encrypt and sign the composite message. Conveniently, security considerations are maintained even in view of bandwidth optimization measures.

Citations

24 Claims

1. At a mobile communication device, a method of processing an electronic message, said method comprising:
- receiving an initial part of an original message, said initial part of said original message having a size based on a size threshold in a policy established at a server associated with said mobile communication device;
  
  detecting receipt of an instruction to;
  
  encrypt a composite message, where said composite message includes a new message related to said original message and an entirely of said original message; and
  
  add a cryptographic signature to said composite message;
  
  obtaining a session key for use, at said server, in carrying out a request to encrypt said composite message;
  
  transmitting, to said server;
  
  said new message; and
  
  said request to encrypt said composite message, said request including;
  
  said session key;
  
  an indication of said original message; and
  
  a request for a hash of said composite message;
  
  receiving, from said server, said hash;
  
  obtaining a private cryptographic key;
  
  employing said private cryptographic key to sign said hash, thereby forming a signed hash;
  
  transmitting, to said server, said signed hash thereby, allowing said server to use said signed hash to form a signed encrypted composite message for transmission; and
  
  providing, by the foregoing, maintenance of security considerations in view of bandwidth optimization measures.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 wherein said session key for use in carrying out said request to encrypt said composite message comprises a composite message session key.
  - 3. The method of claim 2 wherein said request to encrypt said composite message further comprises an initialization vector corresponding to said session key.
  - 4. The method of claim 1 wherein said session key for use in carrying out said request to encrypt said composite message comprises an original message session key.

5. A mobile communication device comprising a processor adapted to:
- receive an initial part of an original message, said initial part of said original message having a size based on a size threshold in a policy established at a server associated with said mobile communication device;
  
  detect receipt of an instruction to;
  
  encrypt a composite message, where said composite message includes a new message related to said original message and an entirely of said original message; and
  
  add a cryptographic signature to said composite message;
  
  obtain a session key for use, at said server, in carrying out a request to encrypt said composite message;
  
  arrange transmission, to said server, of;
  
  said new message; and
  
  said request to encrypt said composite message, the request including;
  
  said session key;
  
  an indication of said original message; and
  
  a request for a hash of said composite message;
  
  receive, from said server, said hash;
  
  obtain a private cryptographic key;
  
  employ said private cryptographic key to sign said hash, thereby forming a signed hash;
  
  transmit, to said server, said signed hash, thereby allowing said server to use said signed hash to form a signed encrypted composite message for transmission; and
  
  provide, by the foregoing, maintenance of security considerations in view of bandwidth optimization measures.
- View Dependent Claims (6, 7, 8)
- - 6. The mobile communication device of claim 5 wherein said session key for use in carrying out said request to encrypt said composite message comprises a composite message session key.
  - 7. The mobile communication device claim 6 wherein said request to encrypt said composite message further comprises an initialization vector corresponding to said session key.
  - 8. The mobile communication device of claim 5 wherein said session key for use in carrying out said request to encrypt said composite message comprises an original message session key.

9. A non-transitory computer-readable medium containing computer-executable instructions that, when performed by a processor in a mobile communication device, cause said processor to:
- receive an initial part of an original message, said initial part of said original message having a size based on a size threshold in a policy established at a server associated with said mobile communication device;
  
  detect receipt of an instruction to;
  
  encrypt a composite message, where said composite message includes a new message related to said original message and an entirely of said original message; and
  
  add a cryptographic signature to said composite message;
  
  obtain a session key for use, at said server, in carrying out a request to encrypt said composite message;
  
  arrange transmission, to said server;
  
  said new message; and
  
  said request to encrypt said composite message, the request including;
  
  said session key;
  
  an indication of said original message; and
  
  a request for a hash of said composite message;
  
  receive, from said server, said hash;
  
  obtain a private cryptographic key;
  
  employ said private cryptographic key to sign said hash, thereby forming a signed hash;
  
  transmit, to said server, said signed hash thereby, allowing said server to use said signed hash to form a signed encrypted composite message for transmission; and
  
  provide, by the foregoing, maintenance of security considerations in view of bandwidth optimization measures.
- View Dependent Claims (10, 11, 12)
- - 10. The non-transitory computer-readable medium of claim 9 wherein said session key for use in carrying out said request to encrypt said composite message comprises a composite message session key.
  - 11. The non-transitory computer-readable medium of claim 10 wherein said request to encrypt said composite message further comprises an initialization vector corresponding to said session key.
  - 12. The non-transitory computer-readable medium of claim 9 wherein said session key for use in carrying out said request to encrypt said composite message comprises an original message session key.

13. At a mail server having a processor, said server associated with a mobile communication device, a method of processing an electronic message, said method comprising:
- splitting an entire original message into an initial part and a remaining part, said initial part having a size based on a size threshold in a policy established at said server;
  
  transmitting, to said mobile communication device, said initial part;
  
  detecting, by said processor, receipt, from said mobile communication device, of a message processing request for encryption of a composite message, where said composite message includes a new message related to said original message and said entire original message, said message processing request including;
  
  said new message;
  
  a session key for use in said encryption; and
  
  a request to sign said composite message;
  
  creating, by said processor, said composite message from said new message and said entire original message;
  
  employing said session key to encrypt, by said processor, said composite message to form an encrypted composite message;
  
  generating a hash of said composite message;
  
  transmitting, to said mobile communication device, said hash;
  
  receiving a signature, where said signature comprises said hash signed at said mobile communication device using a private key;
  
  adding said signature to said composite message, thereby forming a signed encrypted composite message;
  
  transmitting, via a communication subsystem, said signed encrypted composite message; and
  
  providing, by the foregoing, maintenance of security considerations in view of bandwidth optimization measures.
- View Dependent Claims (14, 15, 16)
- - 14. The method of claim 13 wherein said session key is a composite message session key and the method further comprising employing an original message session key to decrypt said original message prior to said creating of said composite message.
  - 15. The method of claim 13 wherein said creating said composite message comprises including an attachment received in association with said new message.
  - 16. The method of claim 13 wherein said creating said composite message comprises including an attachment received in association with said original message.

17. A mail server associated with a mobile communication device, said mail server comprising a processor adapted to:
- split an entire original message into an initial part and a remaining part, said initial part having a size based on a size threshold in a policy established at said server;
  
  transmit, to said mobile communication device, said initial part;
  
  detect receipt, from said mobile communication device, of a message processing request for encryption of a composite message, where said composite message includes a new message related to said original message and said entire original message, said message processing request including;
  
  said new message;
  
  a session key for use in said encryption; and
  
  a request to sign said composite message;
  
  create said composite message from said new message and said entire original message;
  
  employ said session key to encrypt said composite message to form an encrypted composite message;
  
  generate a hash of said composite message;
  
  transmit, to said mobile communication device, said hash;
  
  receive a signature, where said signature comprises said hash signed at said mobile communication device using a private key;
  
  add said signature to said composite message, thereby forming a signed encrypted composite message;
  
  arrange transmission of said signed encrypted composite message; and
  
  provide, by the foregoing, maintenance of security considerations in view of bandwidth optimization measures.
- View Dependent Claims (18, 19, 20)
- - 18. The mail server of claim 17 wherein said session key is a composite message session key and said processor is further adapted to employ an original message session key to decrypt said original message prior to said creating of said composite message.
  - 19. The mail server of claim 17 wherein said processor is further adapted to create said composite message by including an attachment received in association with said new message.
  - 20. The mail server of claim 17 wherein said processor is further adapted to create said composite message by including an attachment received in association with said original message.

21. A non-transitory computer-readable medium containing computer-executable instructions that, when performed by a mail server associated with a mobile communication device, said mail server including a processor, said instructions causing said processor to:
- split an entire original message into an initial part and a remaining part, said initial part having a size based on a size threshold in a policy established at said server;
  
  transmit, to said mobile communication device, said initial part;
  
  detect receipt, from said mobile communication device, of a message processing request for encryption and transmission of a composite message, where said composite message includes a new message related to said original message and original message, said message processing request including;
  
  said new message;
  
  a session key for use in said encryption; and
  
  a request to sign said composite message;
  
  create said composite message from said new message and said entire original message;
  
  employing said session key to encrypt said composite message to form an encrypted composite message;
  
  generate a hash of said composite message;
  
  transmit, to said mobile communication device, said hash;
  
  receive a signature, where said signature comprises said hash signed at said mobile communication device using a private key;
  
  add said signature to said composite message, thereby forming a signed encrypted composite message;
  
  arrange transmission of said signed encrypted composite message; and
  
  provide, by the foregoing, maintenance of security considerations in view of bandwidth optimization measures.
- View Dependent Claims (22, 23, 24)
- - 22. The non-transitory computer-readable medium of claim 21 wherein said session key is a composite message session key and the instructions further cause said processor to employ an original message session key to decrypt said original message prior to said creating of said composite message.
  - 23. The non-transitory computer-readable medium of claim 21 wherein said instructions further cause said processor to create said composite message by including an attachment received in association with said new message.
  - 24. The non-transitory computer-readable medium of claim 21 wherein said instructions further cause said processor to create said composite message by including an attachment received in association with said original message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Vats, Nikhil, Sherkin, Alexander, Singh, Ravi, Adams, Neil Patrick, Bender, Christopher Lyle
Primary Examiner(s)
Armouche, Hadi
Assistant Examiner(s)
Shayanfar, Ali

Application Number

US13/296,501
Publication Number

US 20120140927A1
Time in Patent Office

1,806 Days
Field of Search

380/270
US Class Current

1/1
CPC Class Codes

H04L 51/58   Message adaptation for wire...

H04L 63/0428   wherein the data content is...

H04L 9/3247   involving digital signatures

H04W 12/033   of the user plane, e.g. use...

H04W 12/106   Packet or message integrity

H04W 12/108   Source integrity

Cross-component message encryption

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Cross-component message encryption

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links