Digital security bubble

US 9,667,417 B1
Filed: 07/02/2015
Issued: 05/30/2017
Est. Priority Date: 07/16/2012
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a processor configured to;

receive an encrypted encapsulation from a sender, wherein the encrypted encapsulation includes an encrypted message, an encrypted first key, and a device identifier associated with an intended recipient wherein the processor is further configured to receive notification of the encrypted encapsulation from a security platform and download the encrypted encapsulation from the security platform in response to receiving the notification;

decrypt the encrypted encapsulation;

compare the received device identifier with a local device identifier;

decrypt the encrypted first key in response to a determination that the received device identifier matches the local device identifier;

decrypt the encrypted message using the first key to produce a decrypted message; and

provide the decrypted message to a recipient;

a memory coupled to the processor and configured to provide the processor with instructions.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A digital security bubble encapsulation is received from a sender. The encrypted digital security bubble encapsulation includes an encrypted message, an encrypted first key, and an identifier associated with an intended recipient. The encrypted digital security bubble encapsulation is decrypted. The received identifier and a device identifier are compared. The encrypted first key is decrypted in response to a determination that the identifier received in the digital security bubble encapsulation matches the device identifier. The encrypted message is decrypted using the first key.

371 Citations

20 Claims

1. A system, comprising:
- a processor configured to;
  
  receive an encrypted encapsulation from a sender, wherein the encrypted encapsulation includes an encrypted message, an encrypted first key, and a device identifier associated with an intended recipient wherein the processor is further configured to receive notification of the encrypted encapsulation from a security platform and download the encrypted encapsulation from the security platform in response to receiving the notification;
  
  decrypt the encrypted encapsulation;
  
  compare the received device identifier with a local device identifier;
  
  decrypt the encrypted first key in response to a determination that the received device identifier matches the local device identifier;
  
  decrypt the encrypted message using the first key to produce a decrypted message; and
  
  provide the decrypted message to a recipient;
  
  a memory coupled to the processor and configured to provide the processor with instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system of claim 1 wherein the device identifier is based at least in part on at least one hardware identifier.
  - 3. They system of claim 1, wherein the first key is a symmetric key.
  - 4. The system of claim 1, wherein the encrypted encapsulation includes a plurality of encrypted first keys.
  - 5. The system of claim 4, wherein each of the plurality of encrypted first keys is encrypted with a second key associated with an intended recipient.
  - 6. The system of claim 1, wherein the processor is further configured to decrypt the encrypted first key using a second key.
  - 7. The system of claim 6, wherein the second key is a private key of the recipient.
  - 8. The system of claim 1, wherein the encrypted encapsulation includes at least one message control option.
  - 9. The system of claim 8, wherein the at least one message control option includes a lifetime of the message.
  - 10. The system of claim 9, wherein the processor is further configured to delete the decrypted message after an expiration of the lifetime.
  - 11. The system of claim 1, wherein the at least one message control option is selected from the group consisting of:
    - sharing, saving, forwarding, recalling, and deleting.

12. A method, comprising:
- receiving an encrypted encapsulation from a sender, wherein the encrypted encapsulation includes an encrypted message, an encrypted first key, and a device identifier associated with an intended recipient wherein the processor is further configured to receive notification of the encrypted encapsulation from a security platform and download the encrypted encapsulation from the security platform in response to receiving the notification;
  
  decrypting the encrypted encapsulation;
  
  comparing the received device identifier with a local device identifier;
  
  decrypting the encrypted first key in response to a determination that the received device identifier matches the local device identifier;
  
  decrypting the encrypted message using the first key to produce a decrypted message; and
  
  providing the decrypted message to a recipient.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The method of claim 12 wherein the device identifier is based at least in part on at least one hardware identifier.
  - 14. The method of claim 12, wherein the first key is a symmetric key.
  - 15. The method of claim 12, wherein the encrypted encapsulation includes a plurality of encrypted first keys, wherein each of the plurality of encrypted first keys is encrypted with a second key associated with an intended recipient.
  - 16. The method of claim 12, further comprising:
    - decrypting the encrypted first key using a second key, wherein the second key is a private key of the recipient.
  - 17. The method of claim 12, wherein the encapsulation includes at least one message control option selected from the group consisting of message lifetime, sharing, saving, forwarding, recalling, and deleting.
  - 18. The method of claim 17, further comprising:
    - deleting the decrypted message after an expiration of the lifetime option.

19. A computer program product embodied in a tangible computer readable storage medium and comprising computer instructions for:
- receiving an encrypted encapsulation from a sender, wherein the encrypted encapsulation includes an encrypted message, an encrypted first key, and a device identifier associated with an intended recipient wherein the processor is further configured to receive notification of the encrypted encapsulation from a security platform and download the encrypted encapsulation from the security platform in response to receiving the notification;
  
  decrypting the encrypted encapsulation;
  
  comparing the received device identifier with a local device identifier;
  
  decrypting the encrypted first key in response to a determination that the received device identifier matches the local device identifier;
  
  decrypting the encrypted message using the first key to produce a decrypted message; and
  
  providing the decrypted message to a recipient.
- View Dependent Claims (20)
- - 20. The computer program product of claim 19, further comprising computer instructions for:
    - deleting the decrypted message after an expiration of a lifetime option included in encapsulation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wickr Inc. (Amazon.com, Inc.)
Original Assignee
Wickr Inc. (Amazon.com, Inc.)
Inventors
Coppa, Kara Lynn, Howell, Christopher A., Statica, Robert
Primary Examiner(s)
Reza, Mohammad W

Application Number

US14/791,196
Time in Patent Office

698 Days
Field of Search

713151
US Class Current
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06F 21/84   output devices, e.g. displa...

G06F 2203/04104   Multi-touch detection in di...

G06F 2203/04808   Several contacts: gestures ...

G06F 3/0481   based on specific propertie...

G06F 3/0488   using a touch-screen or dig...

G06F 3/04886   by partitioning the display...

G06V 20/64   Three-dimensional objects

H04L 2209/24   Key scheduling, i.e. genera...

H04L 63/04   for providing a confidentia...

H04L 63/0421   Anonymous communication, i....

H04L 63/0435   wherein the sending and rec...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 9/08   Key distribution or managem...

H04L 9/0816   Key establishment, i.e. cry...

H04L 9/0822   using key encryption key

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0841 : involving Diffie-Hellman or...

H04L 9/0869 : involving random numbers or...

H04L 9/30 : Public key, i.e. encryption...

H04L 9/3066 : involving algebraic varieti...

H04L 9/3236 : using cryptographic hash fu...

View All

Digital security bubble

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

371 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Digital security bubble

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

371 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others