Key encryption system and method, pager unit, and pager proxy for a two-way alphanumeric pager network
DCFirst Claim
1. A system for adding encryption services to an existing pager network, the pager network including a network operations center which provides a means for receiving an alphanumeric message from any of a plurality of handheld pager units and forwarding the alphanumeric message to another of the plurality of handheld pager units, at least two of said pager units comprising:
- means for inputting an alphanumeric message and a destination address;
means for including the alphanumeric message in a packet for transmission to the destination address by wireless transmission via the network operations center;
means for receiving an alphanumeric message from the network operations center; and
means for displaying the alphanumeric message received from the network operations center; and
a memory,wherein the system for adding encryption services comprises;
means in at least one of said pager units for generating a first session key, encrypting a message using the first session key, retrieving an encryption key from said memory, encrypting the first session key using said retrieved encryption key, and transmitting the encrypted message and the encrypted first session key via the network operations center to another of said pager units;
means in said another one of said pager units for decrypting and displaying the encrypted message; and
a pager proxy server including means for receiving a packet containing the encrypted message that has been sent to the network operations center, decrypting the first session key and at least a portion of the packet, and re-encrypting said portion of the packet for delivery to said another of said pager units via said network operations center.
5 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A method and system allows encryption services can be added to an existing wireless two-way alphanumeric pager network by providing a pager proxy which is arranged to receive an encrypted message from a sending pager and re-packages it for re-transmission to the destination pager. The sending pager encrypts the message using a session key, and encrypts the session key so that it can only be recovered by a secret key of the pager proxy. The pager proxy, upon recovery of the session key, decrypts the message, generates a new session key, re-encrypts the message, and encrypts the new session key so that it can only be recovered by a secret key of the destination pager. Encryption of the session key can either be carried out by shared secret key encryption or encryption of the session key by a public key corresponding to a private key of the pager proxy or destination pager. Authentication of the sending pager and proxy server is provided by encryption of the session keys together with identifying data, and authentication of the message is provided by a message authentication code generated by computing a message authentication code based on the session key, identifying data, and the message.
501 Citations
51 Claims
-
1. A system for adding encryption services to an existing pager network, the pager network including a network operations center which provides a means for receiving an alphanumeric message from any of a plurality of handheld pager units and forwarding the alphanumeric message to another of the plurality of handheld pager units, at least two of said pager units comprising:
-
means for inputting an alphanumeric message and a destination address; means for including the alphanumeric message in a packet for transmission to the destination address by wireless transmission via the network operations center; means for receiving an alphanumeric message from the network operations center; and means for displaying the alphanumeric message received from the network operations center; and a memory, wherein the system for adding encryption services comprises; means in at least one of said pager units for generating a first session key, encrypting a message using the first session key, retrieving an encryption key from said memory, encrypting the first session key using said retrieved encryption key, and transmitting the encrypted message and the encrypted first session key via the network operations center to another of said pager units; means in said another one of said pager units for decrypting and displaying the encrypted message; and a pager proxy server including means for receiving a packet containing the encrypted message that has been sent to the network operations center, decrypting the first session key and at least a portion of the packet, and re-encrypting said portion of the packet for delivery to said another of said pager units via said network operations center. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. An encryption method according to which encryption services may be added to an existing two-way wireless pager network, the pager network including a network operations center which provides a means for receiving an alphanumeric message from any of a plurality of handheld pager units and forwarding the alphanumeric message to another of the plurality of handheld pager units, comprising the steps of:
-
causing one of said pager units to perform the steps of generating a first session key, encrypting a message using the first session key, retrieving an encryption key from a memory of said pager unit, encrypting the first session key using said retrieved encryption key, including the encrypted message and the encrypted first session key in a wireless transmission packet, and transmitting the encrypted message from said one of said pager units to a pager proxy server via the network operations center, causing the pager proxy server to perform the steps of receiving the encrypted message and repackaging it for transmission to another of said pager units via the network operations center; and causing said another of said pager units to perform the steps of decrypting and displaying the encrypted message, wherein said step of repackaging the encrypted message for transmission includes the step of causing the pager proxy server to encrypt, using a secret key, a portion of the packet containing a first session key used by a sending pager unit to encrypt said portion of the packet, wherein said pager proxy server further performs the steps of decrypting said message using said first session key, generating a second session key, and re-encrypting the message using the second session key, wherein said pager proxy server further performs the step of encrypting the second session key by a secret key, wherein said step of encrypting said portion of the packet by a secret key includes the step of re-encrypting the second session key by a public key corresponding to a private key of a destination pager unit, and wherein said step of encrypting said portion of the packet by a secret key further includes the step of, before re-encrypting the second session key by the public key corresponding to a private key of the destination pager, encrypting the second session key and various additional data by a private key of the pager proxy server. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
-
-
44. A system for adding encryption services to an existing pager network, the pager network including a network operations center which provides a means for receiving an alphanumeric message from any of a plurality of handheld pager units and forwarding the alphanumeric message to another of the plurality of handheld pager units, at least two of said pager units comprising:
-
means for inputting an alphanumeric message and a destination address; means for including the alphanumeric message in a packet for transmission to the destination address by wireless transmission via the network operations center; means for receiving an alphanumeric message from the network operations center; and means for displaying the alphanumeric message received from the network operations center; and said system further comprising; a pager proxy server including means for receiving a packet containing the encrypted message that has been sent to the network operations center, decrypting at least a portion of the packet, and re-encrypting said portion of the packet for delivery to said another of said pager units via said network operations center, wherein said handheld pager units are further arranged to utilize a key to encrypt said alphanumeric message before inclusion in said packet. - View Dependent Claims (45, 46, 47, 48, 49, 50, 51)
-
Specification