User interface systems and methods for secure message oriented communications
First Claim
Patent Images
1. A method of providing end-to-end encrypted communications between a first end-user device including a first end-user device processor and a second end-user device including a second end-user device processor, the method comprising:
- determining with the first end-user device processor whether the second end-user device is configured to securely communicate with the first end-user device;
if the determining determines the second end-user device is not configured to securely communicate with the first end-user device, the first end-user device processor configuring the first end-user device to send a clear text communication to the second end-user device;
if the determining determines the second end-user device is configured to securely communicate with the first end-user device, the first end-user device processor configuring the first end-user device to selectively send any of a clear text communication and a cipher text communication to the second end-user device;
autogenerating, with the first end-user device processor, a Public/Private key pair;
agreeing upon at least one shared secret based on a handshake communication between the first and second end-user devices without revealing the shared secret through the handshake communication, the first end-user device processor and the second end-user device processor each deriving at least part of the shared secret based at least on the Public key of the Public/Private key pair;
conditioned on the first end-user device processor configuring the first end-user device to enable the first end-user device to send a cipher text communication to the second end-user device, securely communicating an encrypted message from the first end-user device to the second end-user device, without requiring the encrypted message to be decrypted intermediate of the first end-user device and the second end-user device;
decrypting, using the shared secret, the communicated encrypted message at the second end-user device into message clear text;
the second end-user device making the message clear text available to a user only while the message clear text is being used; and
enabling downloading on demand of a secure communications application to the second end-user device, the secure communications application configuring the second end-user device to decrypt secure messages sent by the first end-user device and to encrypt secure messages to send to the first end-user device.
3 Assignments
0 Petitions
Accused Products
Abstract
A convenient, easy to use ubiquitous secure communications capability can automatically encrypt and decrypt messages without requiring any special intermediating security component such as gateways, proxy servers or the like. Trusted/secure applications for the mobile workforce can significantly improve productivity and effectiveness while enhancing personal and organizational security and safety.
49 Citations
22 Claims
-
1. A method of providing end-to-end encrypted communications between a first end-user device including a first end-user device processor and a second end-user device including a second end-user device processor, the method comprising:
-
determining with the first end-user device processor whether the second end-user device is configured to securely communicate with the first end-user device; if the determining determines the second end-user device is not configured to securely communicate with the first end-user device, the first end-user device processor configuring the first end-user device to send a clear text communication to the second end-user device; if the determining determines the second end-user device is configured to securely communicate with the first end-user device, the first end-user device processor configuring the first end-user device to selectively send any of a clear text communication and a cipher text communication to the second end-user device; autogenerating, with the first end-user device processor, a Public/Private key pair; agreeing upon at least one shared secret based on a handshake communication between the first and second end-user devices without revealing the shared secret through the handshake communication, the first end-user device processor and the second end-user device processor each deriving at least part of the shared secret based at least on the Public key of the Public/Private key pair; conditioned on the first end-user device processor configuring the first end-user device to enable the first end-user device to send a cipher text communication to the second end-user device, securely communicating an encrypted message from the first end-user device to the second end-user device, without requiring the encrypted message to be decrypted intermediate of the first end-user device and the second end-user device; decrypting, using the shared secret, the communicated encrypted message at the second end-user device into message clear text; the second end-user device making the message clear text available to a user only while the message clear text is being used; and enabling downloading on demand of a secure communications application to the second end-user device, the secure communications application configuring the second end-user device to decrypt secure messages sent by the first end-user device and to encrypt secure messages to send to the first end-user device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for providing end-to-end encrypted communications between a first end-user device and a second end-user device such that encrypted messages sent from the first end-user device to the second end-user device remain encrypted until decrypted by the second end-user device, the system comprising:
-
a first end-user device including a first processor; a second end-user device including a second processor, the first device processor being configured to determine whether the second end-user device is configured for secure communications with the first end-user device; the first and second end-user devices configuring to send clear text messages therebetween when the first device processor determines the second end-user device is not configured for secure communications with the first end-user device; the first and second end-user devices being further structured to each generate a public/private key pair, to each derive at least part of the at least one shared secret based at least in part on a public key and to agree upon at least one shared secret based on a handshake communication between the first and second devices, the handshake communication being used to provide agreement between the first and second devices on the at least one shared secret without revealing the shared secret through communications between the first and second devices; the first and second devices configuring to selectively communicate any of a clear text communication and a cipher text communication therebetween, based on at least the first processor determining that the second end-user device is configured for secure communications, including communicating an encrypted message between the first device and the second device without requiring the encrypted message to be decrypted intermediate of the first and second devices, and to use the shared secret to decrypt the encrypted message; the first and second devices being further configured to keep the communicated encrypted messages encrypted except while being used or viewed. - View Dependent Claims (11)
-
-
12. An end-user device providing end-to-end secure encrypted communications with a further end-user device, the end-user device comprising:
-
a processor; a display coupled to the processor a communications module coupled to the processor; and a storage device coupled to the processor, the storage device storing program instructions that when executed by the processor control the processor to; automatically generate a public/private key pair; determine whether the further end-user device is configured to securely communicate; conditioned on the processor determining that the further end-user device is not configured to securely communicate, configuring to exchange clear text communications with the further end-user device; agreeing with the further device on at least one shared secret based on a handshake communication between the device and the further device, including deriving at least part of the shared secret based at least in part on the public/private key pair and determining whether the further device agrees on the shared secret without revealing the shared secret through the handshake communication; conditioned on the processor determining that the further end-user device is configured to securely communicate, configuring to exchange any of clear text and cipher text communications with the further end-user device, including receiving an encrypted message from the further device and using the shared secret to decrypt the received encrypted message into message clear text without requiring the encrypted message to be decrypted and re-encrypted intermediate of the first and further devices; and keep the received encrypted message encrypted except while the processor displays or is otherwise using the message clear text. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification