System and method for merging encryption data without sharing a private key

US 9,628,450 B2
Filed: 04/16/2014
Issued: 04/18/2017
Est. Priority Date: 04/16/2014
Status: Expired due to Fees

First Claim

Patent Images

1. A computer implemented method for voice and video data encryption and decryption without sharing a private key, in a distributed video conferencing system including a plurality of client terminals communicating data at different data rates, the method comprising:

upon initiating a video conference amongst the plurality of client terminals, receiving by a second client terminal of the plurality of client terminals, a first public key from a first client terminal of the plurality of client terminals;

generating a second/first key switch hint for the first client terminal, by the second client terminal, using the first public key and a second private key of the second client terminal;

transmitting the second/first key switch hint and a second encrypted data from the second client terminal to a mixer;

receiving by a fourth client terminal of the plurality of client terminals, a third public key from a third client terminal of the plurality of client terminals;

generating a fourth/third key switch hint for the third client terminal, by the fourth client terminal, using the third public key and a fourth private key of the fourth client terminal;

transmitting the fourth/third key switch hint and fourth encrypted data from the fourth client terminal to the mixer;

receiving by the third client terminal, the first public key from the first client terminal;

generating a third/first key switch hint for the first client terminal, by the third client terminal, using the first public key and a third private key of the third client terminal;

transmitting the third/first key switch hint from the third client terminal to the mixer;

using, by the mixer, the second/first key switch hint and the second encrypted data from the second client terminal to switch the second encrypted data to generate a first switched encrypted data;

adding, by the mixer, the first switched encrypted data to the first encrypted data received from the first client terminal to output a first summed encrypted data;

using, by the mixer, the fourth/third key switch hint and a third encrypted data from the third client terminal to switch the fourth encrypted data to generate a second switched encrypted data;

adding, by the mixer, the second switched encrypted data to the third encrypted data received from the third client terminal to output a second summed encrypted data;

using, by the mixer, the third/first key switch hint and the second summed encrypted data to switch the second summed encrypted data to generate a third switched encrypted data;

adding, by the mixer, the third switched encrypted data to the first summed encrypted data to output a third summed encrypted data, wherein each encrypted data is encrypted voice or video data, and wherein a private key of each client terminal is not shared by any other client terminal; and

transmitting the third summed encrypted data to the first client terminal for decryption and playing back by the first client terminal.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for data privacy in a distributed communication system including a plurality of client terminals merges encrypted streaming data using tree-like encryption key switching and without sharing any private keys in a distributed communication system. The merged data is then sent to client terminals to be further process by respective client terminals.

20 Citations

View as Search Results

18 Claims

1. A computer implemented method for voice and video data encryption and decryption without sharing a private key, in a distributed video conferencing system including a plurality of client terminals communicating data at different data rates, the method comprising:
- upon initiating a video conference amongst the plurality of client terminals, receiving by a second client terminal of the plurality of client terminals, a first public key from a first client terminal of the plurality of client terminals;
  
  generating a second/first key switch hint for the first client terminal, by the second client terminal, using the first public key and a second private key of the second client terminal;
  
  transmitting the second/first key switch hint and a second encrypted data from the second client terminal to a mixer;
  
  receiving by a fourth client terminal of the plurality of client terminals, a third public key from a third client terminal of the plurality of client terminals;
  
  generating a fourth/third key switch hint for the third client terminal, by the fourth client terminal, using the third public key and a fourth private key of the fourth client terminal;
  
  transmitting the fourth/third key switch hint and fourth encrypted data from the fourth client terminal to the mixer;
  
  receiving by the third client terminal, the first public key from the first client terminal;
  
  generating a third/first key switch hint for the first client terminal, by the third client terminal, using the first public key and a third private key of the third client terminal;
  
  transmitting the third/first key switch hint from the third client terminal to the mixer;
  
  using, by the mixer, the second/first key switch hint and the second encrypted data from the second client terminal to switch the second encrypted data to generate a first switched encrypted data;
  
  adding, by the mixer, the first switched encrypted data to the first encrypted data received from the first client terminal to output a first summed encrypted data;
  
  using, by the mixer, the fourth/third key switch hint and a third encrypted data from the third client terminal to switch the fourth encrypted data to generate a second switched encrypted data;
  
  adding, by the mixer, the second switched encrypted data to the third encrypted data received from the third client terminal to output a second summed encrypted data;
  
  using, by the mixer, the third/first key switch hint and the second summed encrypted data to switch the second summed encrypted data to generate a third switched encrypted data;
  
  adding, by the mixer, the third switched encrypted data to the first summed encrypted data to output a third summed encrypted data, wherein each encrypted data is encrypted voice or video data, and wherein a private key of each client terminal is not shared by any other client terminal; and
  
  transmitting the third summed encrypted data to the first client terminal for decryption and playing back by the first client terminal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprisingreceiving by the first client terminal, a second public key from the second client terminal;
    - generating a first/second key switch hint for the second client terminal, by the first client terminal, using the second public key and a first private key of the first client terminal;
      
      transmitting the first/second key switch hint and first encrypted data from the first client terminal to the mixer;
      
      using, by the mixer, the first/second key switch hint and the third summed encrypted data to switch the third summed encrypted data to generate fourth switched encrypted data; and
      
      transmitting the fourth switched encrypted data to the second client terminal for decryption by the second client terminal.
  - 3. The method of claim 2, further comprisingreceiving by the third client terminal, the first public key from the first client terminal;
    - generating a third/first key switch hint for the first client terminal, by the third client terminal, using the first public key and a third private key of the third client terminal;
      
      transmitting the third/first key switch hint and third encrypted data from the third client terminal to the mixer;
      
      using, by the mixer, the third/first key switch hint and the third summed encrypted data to switch the third summed encrypted data to generate a fifth switched encrypted data; and
      
      transmitting the fifth switched encrypted data to the third client terminal for decryption by the third client terminal.
  - 4. The method of claim 3, further comprisingreceiving by the third client terminal, a fourth public key from the fourth client terminal;
    - generating a third/fourth key switch hint for the fourth client terminal, by the third client terminal, using the fourth public key and the third private key of the third client terminal;
      
      transmitting the third/fourth key switch hint from the third client terminal to the mixer;
      
      using, by the mixer, the third/fourth key switch hint and the fifth switched encrypted data to switch the fifth switched encrypted data to generate a sixth switched encrypted data; and
      
      transmitting the sixth switched encrypted data to the fourth client terminal for decryption by the fourth client terminal.
  - 5. The method of claim 4, further comprising:
    - combining the third summed encrypted data, the fourth switched encrypted data, the fifth switched encrypted data and the sixth switched encrypted data in a matrix, a first column of the matrix including the third summed encrypted data, a second column of the matrix including fourth switched encrypted data, a third column of the matrix including the fifth switched encrypted data, and a fourth column of the matrix including the sixth switched encrypted data.
  - 6. The method of claim 5, further comprising sending one or more columns of the matrix to a respective client terminal.
  - 7. The method of claim 5, further comprising sending the matrix to all of the client terminals.
  - 8. The method of claim 5, further comprising replacing the content of a respective column of the matrix corresponding to a respective client terminal with all zeroes, before sending the matrix to the respective client terminal.
  - 9. The method of claim 1, wherein the first encrypted data, the second encrypted data, the third encrypted data and the fourth encrypted data are encoded before being encrypted by the respective client terminal.

10. A distributed video conferencing system for communicating data at different data rates and performing voice and video data encryption and decryption without sharing a private key comprising:
- a second client terminal that, upon initiating a video conference amongst a plurality of client terminals, receives a first public key from a first client terminal and generates a second/first key switch hint for the first client terminal, using the first public key and a second private key of the second client terminal;
  
  a mixer that receives the second/first key switch hint and a second encrypted data from the second client terminal; and
  
  a fourth client terminal that receives a third public key from a third client terminal;
  
  generates a fourth/third key switch hint for the third client terminal, using the third public key and a fourth private key of the fourth client terminal; and
  
  transmits the fourth/third key switch hint and a fourth encrypted data to the mixer, whereinthe third client terminal receives the first public key from the first client terminal;
  
  generates a third/first key switch hint for the first client terminal, using the first public key and a third private key of the third client terminal; and
  
  transmits the third/first key switch hint to the mixer, and wherein the mixer uses the second/first key switch hint and the second encrypted data from the second client terminal to switch the second encrypted data to generate a first switched encrypted data; and
  
  adds the first switched encrypted data to the first encrypted data received from the first client terminal to output a first summed encrypted data;
  
  uses the second/first key switch hint and the second encrypted data from the second client terminal to switch the second encrypted data to generate a first switched encrypted data; and
  
  adds the first switched encrypted data to the first encrypted data received from the first client terminal to output a first summed encrypted data;
  
  uses the fourth/third key switch hint and a third encrypted data from the third client terminal to switch the fourth encrypted data to generate a second switched encrypted data; and
  
  adds the second switched encrypted data to the third encrypted data received from the third client terminal to output a second summed encrypted data;
  
  uses the third/first key switch hint and the second summed encrypted data to switch the second summed encrypted data to generate a third switched encrypted data; and
  
  adds the third switched encrypted data to the first summed encrypted data to output a third summed encrypted data, wherein each encrypted data is encrypted voice or video data, and wherein a private key of each client terminal is not shared by any other client terminal; and
  
  transmits the third summed encrypted data to the first client terminal for decryption and playing back by the first client terminal.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The distributed video conferencing system of claim 10, wherein the first client terminal receives a second public key from the second client terminal;
    - generates a first/second key switch hint for the second client terminal, using the second public key and a first private key of the first client terminal; and
      
      transmits the first/second key switch hint and first encrypted data from the first client terminal to the mixer, and whereinthe mixer adds the first/second key switch hint and the third summed encrypted data to switch the third summed encrypted data to generate a fourth switched encrypted data; and
      
      transmits the fourth switched encrypted data to the second client terminal for decryption by the second client terminal.
  - 12. The distributed video conferencing system of claim 11, wherein the third client terminal receives the first public key from the first client terminal;
    - generates a third/first key switch hint for the first client terminal, by the third client terminal, using the first public key and a third private key of the third client terminal; and
      
      transmits the third/first key switch hint and third encrypted data from the third client terminal to the mixer, and whereinthe mixer uses the third/first key switch hint and the third summed encrypted data to switch the third summed encrypted data to generate a fifth switched encrypted data; and
      
      transmits the fifth switched encrypted data to the third client terminal for decryption by the third client terminal.
  - 13. The distributed video conferencing system of claim 12, wherein the third client terminal receives a fourth public key from the fourth client terminal;
    - generates a third/fourth key switch hint for the fourth client terminal, by the third client terminal, using the fourth public key and the third private key of the third client terminal; and
      
      transmits the third/fourth key switch hint from the third client terminal to the mixer, and whereinthe mixer uses the third/fourth key switch hint and the fifth switched encrypted data to switch the fifth switched encrypted data to generate a sixth switched encrypted data; and
      
      transmits the sixth switched encrypted data to the fourth client terminal for decryption by the fourth client terminal.
  - 14. The distributed video conferencing system of claim 13, wherein the mixer combines the third summed encrypted data, the fourth switched encrypted data, the fifth switched encrypted data and the sixth switched encrypted data in a matrix, a first column of the matrix including the third summed encrypted data, a second column of the matrix including fourth switched encrypted data, a third column of the matrix including the fifth switched encrypted data, and a fourth column of the matrix including the sixth switched encrypted data.
  - 15. The distributed video conferencing system of claim 14, wherein the mixer sends one or more columns of the matrix to a respective client terminal.
  - 16. The distributed video conferencing system of claim 14, wherein the mixer sends the matrix to all of the client terminals.
  - 17. The distributed video conferencing system of claim 14, wherein the mixer replaces the content of a respective column of the matrix corresponding to a respective client terminal with all zeroes, before sending the matrix to the respective client terminal.
  - 18. The distributed video conferencing system of claim 10, wherein the first encrypted data, the second encrypted data, the third encrypted data and the fourth encrypted data are encoded by the respective client terminals before being encrypted by the respective client terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Raytheon BBN Technlogies Corp. (Rtx Corporation)
Original Assignee
Raytheon BBN Technlogies Corp. (Rtx Corporation)
Inventors
Rohloff, Kurt Ryan
Primary Examiner(s)
DOLLY, KENDALL LYNN

Application Number

US14/254,666
Publication Number

US 20150304287A1
Time in Patent Office

1,098 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

System and method for merging encryption data without sharing a private key

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for merging encryption data without sharing a private key

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links