Self-validating request message structure and operation
First Claim
1. A method comprises:
- generating, by a first device, a self-validating message by;
creating a master key;
using the master key and a secret function to create a message encryption key;
encrypting a message using the message encryption key to produce an encrypted message;
encrypting the master key using a public key of a second device to produce an encrypted master key; and
including a message authentication code of the first device in the self-validating message;
receiving, by the second device, the self-validating message; and
decoding, by the second device, the self-validating message by;
verifying the message authentication code of the first device; and
when the message authentication code of the first device is verified;
decrypting the encrypted master key using a private key of the second device to recover the master key;
using the master key and the secret function to create the message encryption key; and
decrypting the encrypted message using the message encryption key to recover the message,creating, by the second device, a self-validating response message by;
creating a responder encryption key from the master key and a second secret function;
encrypting a response to the message using the responder encryption key to produce an encrypted response; and
including a second message authentication code of the second device in the self-validating response message; and
sending, by the second device, the self-validating response message to the first device.
5 Assignments
0 Petitions
Accused Products
Abstract
A method begins by a first device generating a self-validating message by creating a master key, using the master key to create a message encryption key, encrypting a message using the message encryption key to produce an encrypted message, encrypting the master key using a public key of a second device to produce an encrypted master key, and including a message authentication code of the first device in the self-validating message. The method continues by the second device receiving and decoding the self-validating message by verifying the message authentication code of the first device, and when the message authentication code of the first device is verified, decrypting the encrypted master key using a private key of the second device to recover the master key, using the master key to create the message encryption key, and decrypting the encrypted message using the message encryption key to recover the message.
115 Citations
12 Claims
-
1. A method comprises:
-
generating, by a first device, a self-validating message by;
creating a master key;using the master key and a secret function to create a message encryption key;
encrypting a message using the message encryption key to produce an encrypted message;encrypting the master key using a public key of a second device to produce an encrypted master key; and including a message authentication code of the first device in the self-validating message; receiving, by the second device, the self-validating message; and decoding, by the second device, the self-validating message by; verifying the message authentication code of the first device; and
when the message authentication code of the first device is verified;decrypting the encrypted master key using a private key of the second device to recover the master key; using the master key and the secret function to create the message encryption key; and decrypting the encrypted message using the message encryption key to recover the message, creating, by the second device, a self-validating response message by; creating a responder encryption key from the master key and a second secret function;
encrypting a response to the message using the responder encryption key to produce an encrypted response; andincluding a second message authentication code of the second device in the self-validating response message; and sending, by the second device, the self-validating response message to the first device. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer readable storage medium comprises:
-
at least one memory section that stores operational instructions that, when executed by one or more processing modules of one or more devices of a dispersed storage network (DSN), causes the one or more devices to; generate, by a first device of the one or more devices, a self-validating message by;
creating a master key;using the master key and a secret function to create a message encryption key; encrypting a message using the message encryption key to produce an encrypted message; encrypting the master key using a public key of a second device to produce an encrypted master key; and including a message authentication code of the first device in the self-validating message; receive, by the second device of the one or more devices, the self-validating message; and decode, by the second device, the self-validating message by; verifying the message authentication code of the first device; and
when the message authentication code of the first device is verified;decrypting the encrypted master key using a private key of the second device to recover the master key; using the master key and the secret function to create the message encryption key; and decrypting the encrypted message using the message encryption key to recover the message, the at least one memory section stores further operational instructions that, when executed by the one or more processing modules, causes the one or more devices of the DSN to;
create, by the second device, a self-validating response message by;creating a responder encryption key from the master key and a second secret function;
encrypting a response to the message using the responder encryption key to produce an encrypted response; andincluding a second message authentication code of the second device in the self-validating response message; and send, by the second device, the self-validating response message to the first device. - View Dependent Claims (8, 9, 10, 11, 12)
-
Specification