System and method for non-replayable communication sessions
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-029/06
H04L-009/08
출원번호
US-0352548
(2016-11-15)
등록번호
US-9832176
(2017-11-28)
발명자
/ 주소
Abbott, Graham
출원인 / 주소
DROPBOX, INC.
대리인 / 주소
DLA Piper LLP US
인용정보
피인용 횟수 :
0인용 특허 :
2
초록▼
Systems, methods, and non-transitory computer-readable storage media for a non-replayable communication system are disclosed. A first device associated with a first user may have a public identity key and a corresponding private identity. The first device may register the first user with an authenti
Systems, methods, and non-transitory computer-readable storage media for a non-replayable communication system are disclosed. A first device associated with a first user may have a public identity key and a corresponding private identity. The first device may register the first user with an authenticator by posting the public identity key to the authenticator. The first device may perform a key exchange with a second device associated with a second user, whereby the public identity key and a public session key are transmitted to the second device. During a communication session, the second device may transmit to the first device messages encrypted with the public identity key and/or the public session key. The first device can decrypt the messages with the private identity key and the private session key. The session keys may expire during or upon completion of the communication session.
대표청구항▼
1. A method comprising: receiving, at a second device, a public identity key and a first public session key corresponding to a first device;generating, by the second device, a first message;generating, by the second device, a first encrypted message based on the first message, the public identity ke
1. A method comprising: receiving, at a second device, a public identity key and a first public session key corresponding to a first device;generating, by the second device, a first message;generating, by the second device, a first encrypted message based on the first message, the public identity key, and the first public session key; andtransmitting, by the second device, the first encrypted message to the first device. 2. The method of claim 1, wherein the second device receives the public identity key corresponding to the first device from a server. 3. The method of claim 1, wherein the second device receives the public identity key corresponding to the first device directly from the first device. 4. The method of claim 1, wherein the second device receives the public session key corresponding to the first device, directly from the first device or via a server. 5. The method of claim 1, wherein the second device transmits the first encrypted message to the first device via a server. 6. The method of claim 1, wherein the second device transmits the first encrypted message to the first device via a peer-to-peer connection. 7. The method of claim 1, further comprising: encrypting the message using the public identity key and the first public session key corresponding to the first device. 8. The method of claim 1, further comprising: discarding the first public session key after sending the first encrypted message to the first device. 9. The method of claim 1, further comprising: discarding the first public session key after a pre-determined time interval. 10. The method of claim 1, further comprising: discarding the first public session key during a communication session between the first device and the second device. 11. The method of claim 1, further comprising: transmitting, by the second device and to the first device, a public session key of the second device; andreceiving, by the second device and from the first device, a third message encrypted with the public session key of the second device. 12. The method of claim 11, further comprising: decrypting, by the second device, the third message with a private session key of the second device corresponding to the public session key of the second device. 13. The method of claim 1, further comprising: discarding the first public session key after a communication session between the first device and the second device ends. 14. The method of claim 1, further comprising: receiving, by the second device, a second public session key corresponding to the first device;generating, by the second device, a second message; andgenerating, by the second device, a second encrypted message based on the second message, the public identity key, and the second public session key. 15. The method of claim 14, wherein the second device receives the second public session key corresponding to the first device after the second device transmits the first encrypted message to the first device. 16. The method of claim 14, wherein the second device receives the second public session key corresponding to the first device after a pre-determined time interval. 17. The method of claim 14, wherein the second device receives the second public session key corresponding to the first device during a communication session between the first device and second device. 18. The method of claim 14, wherein the second device receives the second public session key corresponding to the first device after a communication session between the first device and second device ends. 19. A system comprising: a processor; anda non-transitory computer-readable storage medium storing instructions which, when executed by the processor, cause the processor to:receive a public identity key and a first public session key corresponding to a first device;generate a first message;generate a first encrypted message based on the first message, the public identity key, and the first public session key; andtransmit the first encrypted message to the first device. 20. A non-transitory computer-readable storage device storing instructions which, when executed by a processor, cause the processor to: receive a public identity key and a first public session key corresponding to a first device;generate a first message;generate a first encrypted message based on the first message, the public identity key, and the first public session key; andtransmit the first encrypted message to the first device. 21. A method comprising: generating, at a first device, a first public session key corresponding to the first device;transmitting, the first public session key to a second device where a public identity key corresponding to the first device is stored; andreceiving, by the first device and from the second device, a first encrypted message based on a first message generated by the second device, the public identity key, and the first public session key. 22. The method of claim 21, wherein the first device transmits the first public session key to the second device directly or via a server. 23. The method of claim 21, wherein the second device transmits the first encrypted message to the first device via a server. 24. The method of claim 21, wherein the second device transmits the first encrypted message to the first device via a peer-to-peer connection. 25. The method of claim 21, further comprising: decrypting the first encrypted message using a private identity key associated with the public identity key corresponding to the first device. 26. The method of claim 21, further comprising: discarding, at the first device, the first public session key at a time selected from the group consisting of i) after receiving the first encrypted message from the second device, ii) after a pre-determined time interval, iii) during a communication session between the first device and the second device; and iv) after a communication session between the first device and the second device ends. 27. The method of claim 21, wherein the public identity key is generated by the first device. 28. The method of claim 27, wherein the public identity key is transmitted from the first device to the second device directly or via a server. 29. The method of claim 21, further comprising: generating, by the first device, a new public session key corresponding to the first device. 30. The method of claim 29, wherein the new public session key is transmitted to the second device directly or via a server. 31. The method of claim 29, wherein the new public session key is transmitted to the second device at a time selected from the group consisting of i) after receiving the first encrypted message from the second device, ii) after a pre-determined time interval, iii) during a communication session between the first device and the second device; and iv) after a communication session between the first device and the second device ends. 32. The method of claim 29, further comprising: transmitting, from the first device, the new public session key to the second device; andreceiving, by the first device and from the second device, a new message encrypted with the new public session key of the first device. 33. A system comprising: a processor; anda non-transitory computer-readable storage medium storing instructions which, when executed by the processor, cause the processor to:generate, at a first device, a first public session key corresponding to the first device;transmit, the first public session key to a second device where a public identity key corresponding to the first device is stored; andreceive, by the first device and from the second device, a first encrypted message based on a first message generated by the second device, the public identity key, and the first public session key. 34. A non-transitory computer-readable storage device storing instructions which, when executed by a processor, cause the processor to: generate, at a first device, a first public session key corresponding to the first device;transmit, the first public session key to a second device where a public identity key corresponding to the first device is stored; andreceive, by the first device and from the second device, a first encrypted message based on a first message generated by the second device, the public identity key, and the first public session key.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (2)
Abbott, Graham, System and method for non-replayable communication sessions.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.