×

System for cryptographic key sharing among networked key servers

  • US 9,871,653 B2
  • Filed: 07/18/2013
  • Issued: 01/16/2018
  • Est. Priority Date: 07/18/2013
  • Status: Active Grant
First Claim
Patent Images

1. An apparatus comprising:

  • a network interface configured to enable communications over one or more networks; and

    a processor of a key server coupled to the network interface and a memory encoded with instructions that, when executed by the processor, cause the processor to;

    store cryptographic keys and an associated authentication and cryptographic policy on behalf of the key server;

    provide the cryptographic keys and the associated authentication and cryptographic policy to a device group including multiple devices connected with the key server over a local area network, to enable the device group to encrypt messages with the keys, wherein the device group is configured to;

    authenticate and integrity check the messages with the keys; and

    authenticate and integrity check the messages received from other device groups with other keys; and

    act as a proxy for other key servers, including;

    determining the other key servers from which the other keys are to be requested based on a service discovery protocol;

    requesting the other keys to decrypt encrypted messages from the determined other key servers over a wide area network, the encrypted messages encrypted with the other keys and received from other device groups respectively connected with the other key servers over respective local area networks;

    receiving the other keys together with respective associated authentication and cryptographic policies from the other key servers over the wide area network; and

    providing the other keys and associated authentication and cryptographic policies to the device group over the local area network to decrypt the encrypted messages.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×