What technology area does this patent fall under?

Primary CPC classification H04L63/0442. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Jul 14 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Provisioning ephemeral key pools for sending and receiving secure communications

US10715504B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10715504-B2
Application number	US-201715647577-A
Country	US
Kind code	B2
Filing date	Jul 12, 2017
Priority date	Jul 12, 2017
Publication date	Jul 14, 2020
Grant date	Jul 14, 2020

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A method, system, and non-transitory computer readable medium are described for providing a sender a plurality of ephemeral keys such that a sender and receiver can exchange encrypted communications. Accordingly, a sender may retrieve information, such as a public key and a key identifier, for the first receiver from a local storage. The retrieved information may be used to generate a key-encrypting key that is used to generate a random communication encryption key. The random communication encryption key is used to encrypt a communication, while the key-encrypting key encrypts the random communication key. The encrypted communication and the encrypted random communication key are transmitted to the first receiver.

First claim

Opening claim text (preview).

What is claimed is: 1. A method comprising: receiving, at a first device, an encrypted communication from a second device; decrypting, at the first device, the encrypted communication received from the second device to obtain a plurality of ephemeral public keys, their unique identifiers, and a signature for each public key of the plurality of ephemeral public keys; validating, by the first device, the signature of each public key in the plurality of the plurality ephemeral public keys; storing, in a storage medium of the first device, the plurality of ephemeral public keys when the signature of each public key in the plurality of ephemeral public keys is valid; transmitting, from the first device, a request for a user profile of the second device to a first server; determining, at the first device, whether a response to the request has been received from the first server; retrieving a first ephemeral public key and a key identifier from the storage medium when no response has been received from the first server; generating, by the first device, a first encryption key; deriving, by the first device, a key-encrypting key using at least the first ephemeral public key; encrypting, by the first device, a first communication to the second device using the first encryption key; encrypting, by the first device, the first encryption key using the key-encrypting key; and transmitting, by the first device, the first encrypted communication, the key identifier, and the encrypted first encryption key to the second device. 2. The method of claim 1 , comprising: encrypting the plurality of ephemeral public keys with a local storage device key; and storing the encrypted plurality of ephemeral public keys on the first device. 3. The method of claim 2 , further comprising: decrypting, by the first device, the first ephemeral public key prior to deriving the key-encrypting key. 4. The method of claim 1 , wherein the first encrypted communication, the key identifier, and the encrypted first encryption key to the second device are transmitted to the second device using a peer-to-peer communication protocol. 5. The method of claim 1 , wherein the first encryption key is derived from a first set of pseudorandom bytes. 6. The method of claim 1 , wherein deriving the key-encrypting key comprises using the first ephemeral public key and a second ephemeral private key. 7. A system comprising: an interface configured to receive device an encrypted communication from a second device and transmit a request for a user profile of the second device to a first server; a processor configured to decrypt the encrypted communication received from the second device to obtain a plurality of ephemeral public keys, their unique identifiers, and a signature for each public key of the plurality of ephemeral public keys; validate the signature of each public key in the plurality of the plurality ephemeral public keys; determine whether a response to the request has been received from the first server; retrieve a first ephemeral public key and a key identifier from a memory when no response has been received from the first server; generate a first encryption key; derive a key-encrypting key using at least the first ephemeral public key; encrypt a first communication to the second device using the first encryption key; and encrypt the first encryption key using the key-encrypting key; and the memory configured to store the plurality of ephemeral public keys when the signature of each public key in the plurality of ephemeral public keys is valid. 8. The system of claim 7 , wherein the processor is further configured to encrypt the plurality of ephemeral public keys with a local storage device key. 9. The system of claim 8 , wherein the memory is configured to store the encrypted plurality of ephemeral public keys on the first device. 10. The system of claim 7 , wherein the interface is configured to transmit the first encrypted communication, the key identifier, and the encrypted first encryption key to the second device. 11. The system of claim 9 , wherein the processor is further configured to decrypt the first ephemeral public key prior to deriving the key-encrypting key. 12. The system of claim 7 , wherein the first encrypted communication, the key identifier, and the encrypted first encryption key to the second device are transmitted to the second device using a peer-to-peer communication protocol. 13. The system of claim 7 , wherein the first encryption key is derived from a first set of pseudorandom bytes. 14. The system of claim 7 , wherein deriving the key-encrypting key comprises using the first ephemeral public key and a second ephemeral private key. 15. A non-transitory computer-readable medium comprising instructions that when, executed by at least one processor, perform the steps of: receiving an encrypted communication from a second device; decrypting the encrypted communication received from the second device to obtain a plurality of ephemeral public keys, their unique identifiers, and a signature for each public key of the plurality of ephemeral public keys; validating the signature of each public key in the plurality of the plurality ephemeral public keys; storing, in a storage medium, the plurality of ephemeral public keys when the signature of each public key in the plurality of ephemeral public keys is valid; transmitting a request for a user profile of the second device to a first server; determining whether a response to the request has been received from the first server; retrieving, from the storage medium, a first ephemeral public key and a key when no response has been received from the first server; generating a first encryption key; deriving a key-encrypting key using at least the first ephemeral public key; encrypting a first communication to the second device using the first encryption key; encrypting the first encryption key using the key-encrypting key; and transmitting the first encrypted communication, the key identifier, and the encrypted first encryption key to the second device. 16. The non-transitory computer-readable medium of claim 15 , comprising instructions for: encrypting the plurality of ephemeral public keys with a local storage device key; and storing the encrypted plurality of ephemeral public keys on the first device. 17. The non-transitory computer-readable medium of claim 16 , comprising instructions for: decrypting the first ephemeral public key prior to deriving the key-encrypting key. 18. The non-transitory computer-readable medium of claim 15 , wherein the first encrypted communication, the key identifier, and the encrypted first encryption key to the second device are transmitted to the second device using a peer-to-peer communication protocol. 19. The non-transitory computer-readable medium of claim 15 , wherein the first encryption key is derived from a first set of pseudorandom bytes. 20. The non-transitory computer-readable medium of claim 15 , wherein deriving the key-encrypting key comprises using the first ephemeral public key and a second ephemeral private key.

Assignees

Wickr Inc

Inventors

Classifications

H04W12/047
without using a trusted network node as an anchor · CPC title
H04L9/0819
Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) (network architectures or network communication protocols for key distribution in a packet data network H04L63/062) · CPC title
H04L63/061
for key exchange, e.g. in peer-to-peer networks (cryptographic mechanisms or cryptographic arrangements for key agreement H04L9/0838) · CPC title
H04L9/0841
involving Diffie-Hellman or related key agreement protocols · CPC title
H04L9/088
Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms (network architectures or network communication protocols for using time-dependent keys in a packet data network H04L63/068) · CPC title

Patent family

Related publications grouped by family.

View patent family 65000176

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10715504B2 cover?: A method, system, and non-transitory computer readable medium are described for providing a sender a plurality of ephemeral keys such that a sender and receiver can exchange encrypted communications. Accordingly, a sender may retrieve information, such as a public key and a key identifier, for the first receiver from a local storage. The retrieved information may be used to generate a key-encry…
Who is the assignee on this patent?: Wickr Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/0442. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Jul 14 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).