Public key encryption algorithms for hard lock file encryption

US 9,825,919 B2
Filed: 11/02/2015
Issued: 11/21/2017
Est. Priority Date: 11/06/2013
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving an encrypted message, a private key, and an ephemeral public key of an entity;

dividing the encrypted message into a plurality of portions, wherein the plurality of portions include a first portion and a second portion;

generating, by a hardware processor, a shared secret based on the private key and the ephemeral public key;

in response to generating the shared secret, discarding the private key and the ephemeral public key;

generating, by the hardware processor, a first decryption key based on the shared secret;

decrypting, by the hardware processor, the first portion using the first decryption key;

generating, by the hardware processor, a second decryption key based on the first decryption key;

decrypting, by the hardware processor, the second portion using the second decryption key; and

outputting at least one of a decrypted first portion or a decrypted second portion.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In some aspects, an encryption method comprises encrypting a first portion of a message using a first secret key. The first secret key is generated based on the public key of an entity. A one-way function is used to generate a second secret key from the first secret key, and the first secret key is subsequently discarded. A second portion of the message is encrypted using the second secret key. The encrypted first portion of the message and the encrypted second portion of the message are provided to the entity.

Citations

18 Claims

1. A method, comprising:
- receiving an encrypted message, a private key, and an ephemeral public key of an entity;
  
  dividing the encrypted message into a plurality of portions, wherein the plurality of portions include a first portion and a second portion;
  
  generating, by a hardware processor, a shared secret based on the private key and the ephemeral public key;
  
  in response to generating the shared secret, discarding the private key and the ephemeral public key;
  
  generating, by the hardware processor, a first decryption key based on the shared secret;
  
  decrypting, by the hardware processor, the first portion using the first decryption key;
  
  generating, by the hardware processor, a second decryption key based on the first decryption key;
  
  decrypting, by the hardware processor, the second portion using the second decryption key; and
  
  outputting at least one of a decrypted first portion or a decrypted second portion.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the shared secret is discarded in response to generating the first decryption key.
  - 3. The method of claim 1, wherein the first decryption key is discarded in response to generating the second decryption key.
  - 4. The method of claim 1, wherein the first decryption key is generated using a key derivation function, the key derivation function produces one or more outputs comprising the first decryption key, and the key derivation function operates on one or more inputs comprising the shared secret.
  - 5. The method of claim 4, wherein the one or more outputs further comprise a first initialization vector that is used to decrypt the first portion.
  - 6. The method of claim 5, wherein the first initialization vector is used to generate a second initialization vector, and the second initialization vector is used to decrypt the second portion.

7. A device, comprising:
- a memory; and
  
  at least one hardware processor communicatively coupled with the memory and configured to;
  
  receive an encrypted message, a private key, and an ephemeral public key of an entity;
  
  divide the encrypted message into a plurality of portions, wherein the plurality of portions include a first portion and a second portion;
  
  generate a shared secret based on the private key and the ephemeral public key;
  
  in response to generating the shared secret, discard the private key and the ephemeral public key;
  
  generate a first decryption key based on the shared secret;
  
  decrypt the first portion using the first decryption key;
  
  generate a second decryption key based on the first decryption key;
  
  decrypt the second portion using the second decryption key; and
  
  output at least one of a decrypted first portion or a decrypted second portion.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The device of claim 7, wherein the shared secret is discarded in response to generating the first decryption key.
  - 9. The device of claim 7, wherein the first decryption key is discarded in response to generating the second decryption key.
  - 10. The device of claim 7, wherein the first decryption key is generated using a key derivation function, the key derivation function produces one or more outputs comprising the first decryption key, and the key derivation function operates on one or more inputs comprising the shared secret.
  - 11. The device of claim 10, wherein the one or more outputs further comprise a first initialization vector that is used to decrypt the first portion.
  - 12. The device of claim 11, wherein the first initialization vector is used to generate a second initialization vector, and the second initialization vector is used to decrypt the second portion.

13. A non-transitory computer-readable medium containing instructions which, when executed, cause a computing device to perform operations comprising:
- receiving an encrypted message, a private key, and an ephemeral public key of an entity;
  
  dividing the encrypted message into a plurality of portions, wherein the plurality of portions include a first portion and a second portion;
  
  generating a shared secret based on the private key and the ephemeral public key;
  
  in response to generating the shared secret, discarding the private key and the ephemeral public key;
  
  generating a first decryption key based on the shared secret;
  
  decrypting the first portion using the first decryption key;
  
  generating a second decryption key based on the first decryption key;
  
  decrypting the second portion using the second decryption key; and
  
  outputting at least one of a decrypted first portion or a decrypted second portion.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The non-transitory computer-readable medium of claim 13, wherein the shared secret is discarded in response to generating the first decryption key.
  - 15. The non-transitory computer-readable medium of claim 13, wherein the first decryption key is discarded in response to generating the second decryption key.
  - 16. The non-transitory computer-readable medium of claim 13, wherein the first decryption key is generated using a key derivation function, the key derivation function produces one or more outputs comprising the first decryption key, and the key derivation function operates on one or more inputs comprising the shared secret.
  - 17. The non-transitory computer-readable medium of claim 16, wherein the one or more outputs further comprise a first initialization vector that is used to decrypt the first portion.
  - 18. The non-transitory computer-readable medium of claim 17, wherein the first initialization vector is used to generate a second initialization vector, and the second initialization vector is used to decrypt the second portion.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited, Certicom Corporation (Blackberry Limited)
Inventors
Lambert, Robert John, Brown, Daniel Richard L., Yamada, Atsushi
Primary Examiner(s)
Abrishamkar, Kaveh

Application Number

US14/930,179
Publication Number

US 20170012946A1
Time in Patent Office

750 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 9/0637   Modes of operation, e.g. ci...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/0861   Generation of secret inform...

H04L 9/14   using a plurality of keys o...

H04L 9/3066   involving algebraic varieti...

H04L 9/3242   involving keyed hash functi...

Public key encryption algorithms for hard lock file encryption

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Public key encryption algorithms for hard lock file encryption

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links