Method to authenticate peers in an infrastructure-less peer-to-peer network
US-2016135045-A1 · May 12, 2016 · US
End-to-end encryption for personal communication nodes
US11095624B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11095624-B2 |
| Application number | US-201916519754-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 23, 2019 |
| Priority date | Aug 25, 2016 |
| Publication date | Aug 17, 2021 |
| Grant date | Aug 17, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems, methods, software and apparatus enable end-to-end encryption of group communications by implementing a pairwise encryption process between a pair of end user devices that are members of a communication group. One end user device in the pairwise encryption process shares a group key with the paired end user device by encrypting the group key using a message key established using the pairwise encryption process. The group key is shared among group members using the pairwise process. When a transmitting member of the group communicates with members, the transmitting member generates a stream key, encrypts stream data using the stream key, encrypts the stream key with the group key, then transmits the encrypted stream key and encrypted stream data to group members. The group key can be updated through the pairwise encryption process. A new stream key can be generated for each transmission of streaming data such as voice communications.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: performing end-to-end encryption of streaming group audio communications, the method comprising: a first end user device obtaining an encrypted group key, wherein the encrypted group key is generated by encrypting an unencrypted group key with a message key, the message key being generated from a chain key, the chain key being generated using a pairwise encryption process implemented by the first end user device and a second end user device, wherein; the first and second end user devices are members of a communication group comprising a plurality of end user devices; the pairwise encryption process implemented by the first and second end user devices comprises using identity key pairs and respective signed ore keys for each of the first and second end user devices to generate a root key, the chain key based on the root key, and the message key based on the chain key; the first end user device updating the chain key each time a new message key is needed, such that the message key and chain key are ephemeral; and engaging in one-to-many audio streaming communications with the plurality of end user devices in the communication group using the encrypted group key. 2. The method of claim 1 wherein the first end user device obtains the encrypted group key by one of the following: generating the unencrypted group key and encrypting the unencrypted group key using the message key; or receiving the encrypted group key from the second end user device and decrypting the encrypted group key using the message key, wherein the second end user device: generates the unencrypted group key; generates the encrypted group key by encrypting the unencrypted group key using the message key; and transmits the encrypted group key to the first end user device. 3. The method of claim 1 wherein the unencrypted group key comprises a symmetric encryption key. 4. The method of claim 1 wherein each end user device communicates with other members of the communication group using an intermediate communication device. 5. The method of claim 4 wherein each end user device comprises a wearable personal communication device configured to wirelessly communicate with a linked intermediate communication device. 6. The method of claim 4 wherein each intermediate communication device comprises one of the following: a smartphone, a tablet, a cellphone, a laptop computer, a gaming device, or a personal computer. 7. The method of claim 1 further comprising: generating, at the first end user device, an unencrypted stream key; encrypting, at the first end user device, streaming data using the unencrypted stream key to generate encrypted stream data; encrypting, at the first end user device, the unencrypted stream key with the unencrypted group key to generate an encrypted stream key; and performing the stream group communications by transmitting the encrypted stream data and the encrypted stream key to the communication group. 8. The method of claim 7 further comprising: the first end user device receiving encrypted second stream data and an encrypted second stream key from a third end user device, wherein the encrypted second stream key comprises an unencrypted stream key encrypted using the unencrypted group key and further wherein the encrypted second stream data comprises unencrypted second stream data encrypted using the unencrypted second stream key; and decrypting the encrypted second stream data using the unencrypted second stream key. 9. A memory device storing instructions that, when executed, cause a processor of a first computing system to perform a method comprising: performing end-to-end encryption of streaming group audio communications, including: obtaining an encrypted group key, wherein the encrypted group key is generated by encrypting an unencrypted group key with a message key, the message key being generated from a chain key, the chain key being generated using a pairwise encryption process implemented by the first computing system and a second computing system, wherein: the first and second computing systems are members of a communication group comprising a plurality of end user devices; the pairwise encryption process implemented by the first and second end user devices comprises using identity key pairs and respective signed ore keys for each of the first and second end user devices to generate a root key, the chain key based on the root key, and the message key based on the chain key; updating the chain key each time a new message key is needed, such that the message key and chain key are ephemeral; and engaging in one-to-many audio streaming communications with the plurality of end user devices in the communication group using the encrypted group key. 10. The memory device of claim 9 wherein the unencrypted group key comprises a symmetric encryption key. 11. The memory device of claim 9 wherein an end user device comprises a wearable personal communication device configured to wirelessly communicate with other members of the communication group via an intermediate communication device linked to the end user device. 12. The memory device of claim 9 storing instructions that, when executed, cause the processor to perform the method further comprising: generating an unencrypted first stream key; encrypting stream data using the unencrypted stream key to generate encrypted stream data; encrypting the unencrypted stream key using the unencrypted group key to generate an encrypted stream key; and transmit the encrypted stream key and the encrypted stream data to the plurality of end user devices. 13. A method for end-to-end encryption of streaming group communications, the method comprising: implementing, by a first end user device with a second end user device, a pairwise encryption process, the first and second end user devices being members of a communication group, wherein the pairwise encryption process includes: using identity key pairs and respective signed pre keys for each of the first and second end user devices to generate a root key; generating a chain key based on the root key; generating a message key based on the chain key; generating a chain key using the pairwise encryption process; obtaining, at the first end user device, an encrypted group key, wherein the encrypted group key is generated by encrypting an unencrypted group key with the message key derived from the chain key; updating the chain key each time a new message key is needed, such that the message key and chain key are ephemeral; and engaging in one-to-many audio streaming communications with a plurality of end user devices in the communication group using the encrypted group key. 14. The method of claim 13 wherein the first end user device obtaining the encrypted group key comprises: the first end user device receiving the encrypted group key from the second end user device. 15. The method of claim 13 wherein the first end user device obtaining the encrypted group key comprises the first end user device: generating the unencrypted group key; encrypting the unencrypted group key; and transmitting the encrypted group key to the second end user device. 16. The method of claim 13 wherein: an end user device is linked to an intermediate communication device; and the intermediate communication device is linked to a network linking the end user device to the communication group. 17. The method of claim 13 further comprising: using, by the first end user device, the pairwise encryption process to establish a root key; ge
Assignees
Inventors
Classifications
involving conference or group key (network architectures or network communication protocols for key management in group communication in a packet data network H04L63/065) · CPC title
- H04L63/0435Primary
wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for symmetric key encryption H04L9/06) · CPC title
using key encryption key · CPC title
Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM] · CPC title
Hash functions, e.g. MD5, SHA, HMAC or f9 MAC · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11095624B2 cover?
- Systems, methods, software and apparatus enable end-to-end encryption of group communications by implementing a pairwise encryption process between a pair of end user devices that are members of a communication group. One end user device in the pairwise encryption process shares a group key with the paired end user device by encrypting the group key using a message key established using the pai…
- Who is the assignee on this patent?
- Orion Labs, Orion Labs Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0435. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 17 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).