Secure messaging

US 9,756,021 B2
Filed: 11/12/2012
Issued: 09/05/2017
Est. Priority Date: 11/11/2011
Status: Active Grant

First Claim

Patent Images

1. A method for transmitting an encrypted message from a messaging server to a handset comprising:

receiving, from a sender computer, at the messaging server, a message to be sent to the handset and a Mobile Station International Subscriber Directory Number (MSISDN) of the handset;

determining, at the messaging server, that the handset is not registered with the messaging server;

facilitating, at the messaging server, the registration of the handset by;

sending a notification to the handset requesting registration,receiving a temporary password and an instance of the MSISDN of the handset from the handset,authenticating the MSISDN if the received temporary password matches a second temporary password,receiving from the handset a handset encryption key for storage with the MSISDN, wherein the handset encryption key is a public key generated based at least in part on the MSISDN during asymmetric key generation by a handset application installed on or native to the handset, andstoring the handset encryption key against the MSISDN at the messaging server;

encrypting, at the messaging server, the received message using the public handset encryption key; and

sending the encrypted message to the handset to be decrypted by a private key corresponding to the received public key, the private key generated based at least in part on the MSISDN and generated by the handset application, the private key stored on the handset and neither transmitted to nor stored on the messaging server in any form.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for transmitting an encrypted message from a messaging server (106) to a handset (104) comprising the steps of receiving, at the messaging server (106) and from a sender computer (102), a message to be sent to the handset (104) and a handset identifier associated with the handset and determining that the handset is not registered with the messaging server (106) by determining that the handset identifier does not have an associated handset encryption key stored at the messaging server. The handset (104) is registered by sending a notification to the handset requesting registration, receiving back a handset encryption key associated with the handset identifier; and storing the handset encryption key against the handset identifier at the messaging server which is to be used to encrypt the received message before sending. Prior to registering the handset (104), intermediate encryption of the message may be employed to create an intermediate encrypted message to be stored at the messaging server.

37 Citations

View as Search Results

17 Claims

1. A method for transmitting an encrypted message from a messaging server to a handset comprising:
- receiving, from a sender computer, at the messaging server, a message to be sent to the handset and a Mobile Station International Subscriber Directory Number (MSISDN) of the handset;
  
  determining, at the messaging server, that the handset is not registered with the messaging server;
  
  facilitating, at the messaging server, the registration of the handset by;
  
  sending a notification to the handset requesting registration,receiving a temporary password and an instance of the MSISDN of the handset from the handset,authenticating the MSISDN if the received temporary password matches a second temporary password,receiving from the handset a handset encryption key for storage with the MSISDN, wherein the handset encryption key is a public key generated based at least in part on the MSISDN during asymmetric key generation by a handset application installed on or native to the handset, andstoring the handset encryption key against the MSISDN at the messaging server;
  
  encrypting, at the messaging server, the received message using the public handset encryption key; and
  
  sending the encrypted message to the handset to be decrypted by a private key corresponding to the received public key, the private key generated based at least in part on the MSISDN and generated by the handset application, the private key stored on the handset and neither transmitted to nor stored on the messaging server in any form.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. A method as claimed in claim 1 wherein determining that the handset is not registered comprises determining that the MSISDN does not have an associated handset encryption key stored at the messaging server.
  - 3. A method as claimed in claim 1 further comprising performing intermediate encryption of the message to create an intermediate encrypted message and storing the intermediate encrypted message at the messaging server.
  - 4. A method as claimed in claim 3 wherein the intermediate encryption uses a messaging server encryption key.
  - 5. A method as claimed in claim 3 wherein the method further comprises decrypting the intermediate encrypted message before encrypting the message with the handset encryption key.
  - 6. A method as claimed in claim 1 wherein the asymmetric keys are generated by a random number generator of the handset application, seeded at least in part by the MSISDN.

7. A method for transmitting an encrypted message from a messaging server to a handset comprising:
- receiving, from a sender computer, at the messaging server, a message to be sent to the handset and a handset identifier that identifies the handset;
  
  wherein the handset identifier is a Mobile Station International Subscriber Directory Number (MSISDN);
  
  determining, at the messaging server, that the handset is not registered with the messaging server;
  
  facilitating, at the messaging server, the registration of the handset by;
  
  sending a notification to the handset requesting registration using the handset identifier and a temporary password generated by the messaging server,receiving a return handset identifier and a return password from a handset application installed on or native to the handset, andcomparing the temporary password and the return password thereby to authenticate the handset identifier,receiving from the handset a handset encryption key for storage with the handset identifier, wherein the handset encryption key is a public key generated during asymmetric key generation by the handset application, andstoring the handset encryption key against the handset identifier at the messaging server;
  
  encrypting, at the messaging server, the received message using the public handset encryption key; and
  
  sending the encrypted message to the handset to be decrypted after receipt thereof by a private key corresponding to the received public key, the private key associated with the handset identifier and generated by the handset application, the private key stored on the handset and neither transmitted to nor stored on the messaging server in any form.
- View Dependent Claims (8, 9, 10)
- - 8. A method as claimed in claim 7 wherein different communication channels are used for providing the temporary password to the handset and receiving the return password back from the handset.
  - 9. A method as claimed in claim 8 wherein the temporary password is sent to the handset as part of an SMS, while the return password is received from the handset using a public mobile network supporting data communication.
  - 10. A method as claimed in claim 7 wherein authenticating the handset further comprises comparing a handset identifier received with the return password, with the handset identifier to which the temporary password was sent.

11. A method for transmitting an encrypted message from a messaging server to a handset comprising:
- receiving, from a sender computer, at the messaging server, a message to be sent to the handset and a handset identifier that identifies the handset;
  
  wherein the handset identifier is a Mobile Station International Subscriber Directory Number (MSISDN);
  
  determining, at the messaging server, that the handset is not registered with the messaging server;
  
  facilitating, at the messaging server, the registration of the handset by;
  
  sending a notification to the handset requesting registration,receiving a first temporary password from the handset, the first temporary password generated by a handset application installed on or native to the handset,receiving a return handset identifier and a second temporary password from the handset,comparing the first temporary password with the second temporary password thereby to authenticate the handset identifier,receiving from the handset a handset encryption key for storage with the handset identifier, wherein the handset encryption key is a public key generated during asymmetric key generation by the handset application, andstoring the handset encryption key against the handset identifier at the messaging server;
  
  encrypting, at the messaging server, the received message using the public handset encryption key; and
  
  sending the encrypted message to the handset to be decrypted after receipt thereof by a private key corresponding to the received public key, the private key associated with the handset identifier and generated by the handset application, the private key stored on the handset and neither transmitted to nor stored on the messaging server in any form.
- View Dependent Claims (12, 13, 14)
- - 12. A method as claimed in claim 11 wherein different communication channels are used for receiving the first and second temporary password from the handset, with the one channel being a public mobile network supporting data communication and the other channel being an SMS channel.
  - 13. A method as claimed in claim 12 wherein the first temporary password is automatically transmitted over a public mobile network supporting data communication from the handset once it has been generated by the handset application program, and is transmitted with the handset identifier entered by the user through the handset application.
  - 14. A method as claimed in claim 13 wherein the second temporary password is obtained along with the handset identifier as an SMS sent to the messaging server from the handset application, the SMS being sent automatically, without user interaction, from the handset application.

15. A computer system comprising:
- a memory;
  
  a processor; and
  
  instructions stored in the memory and configured to be executed by the processor to perform;
  
  receiving, from a sender computer, a message to be sent to the handset and a Mobile Station International Subscriber Directory Number (MSISDN) of the handset;
  
  determining that the handset is not registered with the messaging server;
  
  facilitating the registration of the handset by;
  
  sending a notification to the handset requesting registration,receiving a temporary password and an instance of the MSISDN of the handset from the handset,authenticating the MSISDN if the received temporary password matches a second temporary password,receiving from the handset a handset encryption key for storage with the MSISDN, wherein the handset encryption key is a public key generated based at least in part on the MSISDN during asymmetric key generation by a handset application installed on or native to the handset, andstoring the handset encryption key against the MSISDN at the messaging server; and
  
  encrypting the received message using the public handset encryption key and sending the encrypted message to the handset to be decrypted by a private key corresponding to the received public key, the private key generated based at least in part on the MSISDN and generated by the handset application, the private key stored on the handset and neither transmitted to nor stored on the messaging server in any form.

16. A method for registering a handset to enable the secure sending of a message to the handset, the method comprising:
- receiving, from a handset application installed on or native to the handset, a first instance of a handset identifier that identifies the handset;
  
  wherein the handset identifier is a Mobile Station International Subscriber Directory Number (MSISDN);
  
  generating, at the messaging server, a temporary password;
  
  transmitting the temporary password to the handset using the first instance of the handset identifier;
  
  receiving a return password from the handset along with a second instance of the handset identifier;
  
  comparing the temporary password with the return password to authenticate the handset identifier;
  
  in the event that the temporary password and the return password match, transmitting an authentication acknowledgement back to the handset; and
  
  receiving an encryption key in the form of a handset encryption key that identifies a handset identifier, wherein the handset encryption key is a public key generated during asymmetric key generation by a handset application installed on or native to the handset, which key is stored at the messaging server against the handset identifier, with the corresponding private encryption key generated by the handset application stored ont eh handset and not stored on or transmitted to the messaging server in any form.

17. A method for registering a handset to enable the secure sending of a message to the handset, the method comprising:
- receiving, at the messaging server, a first temporary password and a first instance of a handset identifier from a handset application installed on or native to the handset;
  
  wherein the handset identifier is a Mobile Station International Subscriber Directory Number (MSISDN);
  
  receiving, at the messaging server, a second temporary password and a second instance of the handset identifier from the handset;
  
  comparing the first and second temporary passwords with each other;
  
  in the event of a match, transmitting an authentication acknowledgement back to the handset; and
  
  receiving an encryption key in the form of a handset encryption key that identifies the handset identifier of the handset, wherein the handset encryption key is a public key generated using the handset identifier during asymmetric key generation by the handset application, which key is stored at the messaging server against the handset identifier, with the corresponding private encryption key generated by the handset application and stored on the handset and not stored on or transmitted to the messaging server in any form.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Soprano Design Pty Limited
Original Assignee
Soprano Design Pty Limited
Inventors
Favero, Richard Francis
Primary Examiner(s)
LANIER, BENJAMIN E

Application Number

US14/357,417
Publication Number

US 20140310514A1
Time in Patent Office

1,758 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/43   wireless channels

G06F 21/602   Providing cryptographic fac...

G06F 2221/2103   Challenge-response

G06F 2221/2107   File encryption

G06F 2221/2115   Third party

H04L 2209/80   Wireless network architectu...

H04L 63/0428   wherein the data content is...

H04L 63/0471   applying encryption by an i...

H04L 63/06   for supporting key manageme...

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04L 63/18   using different networks or...

H04L 9/0861   Generation of secret inform...

H04L 9/0866   involving user or device id...

H04L 9/0869   involving random numbers or...

H04L 9/3228   One-time or temporary data,...

H04W 12/02   Protecting privacy or anony...

H04W 12/033   of the user plane, e.g. use...

H04W 4/12   Messaging; Mailboxes; Annou...

Secure messaging

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

37 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Secure messaging

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others