End-to-end encryption with distributed key management in a tracking device environment
US-2021092607-A1 · Mar 25, 2021 · US
Reoccuring keying system
US12574359B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12574359-B2 |
| Application number | US-202117536987-A |
| Country | US |
| Kind code | B2 |
| Filing date | Nov 29, 2021 |
| Priority date | Aug 30, 2011 |
| Publication date | Mar 10, 2026 |
| Grant date | Mar 10, 2026 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods, systems, and apparatuses are described for secure communications. One of a plurality of keys with respective key types may be stored in an object and may be used to establish a secure communication between computing devices. Verification of an establishment of the secure communication may be sent to a trusted computing device.
First claim
Opening claim text (preview).
The invention claimed is: 1 . A method comprising: receiving, from a first computing device, a message indicating a key and a type of key usage for the key, wherein the key corresponds to a pairing between the first computing device and a second computing device, wherein the type of key usage identifies a transaction type for communication between the first computing device and the second computing device, and wherein the type of key usage comprises a key-signing key for a higher-level entity to sign keys associated with a lower-level entity; receiving, from a trusted computing device, an indication that the key and the type of key usage for the key are valid and correspond to the pairing between the first computing device and the second computing device; generating, based on the indication, confirmation of successful processing of the key and type of key usage of the key, wherein the confirmation comprises an object indicating that the key was successfully processed; and establishing, based on the confirmation of successful processing of the key and the type of key usage of the key, a secure communication associated with the transaction type between the first computing device and the second computing device. 2 . The method of claim 1 , wherein the generating comprises signing, based on a quantity of previous pairings between the first computing device and the second computing device, a value included in the message. 3 . The method of claim 1 , wherein the generating is after a request to establish the secure communication between the first computing device and the second computing device is approved by the trusted computing device. 4 . The method of claim 1 , wherein: the message further indicates a plurality of previously installed keys, and for each of the plurality of previously installed keys, a corresponding type of key usage; and the plurality of previously installed keys is for establishing the secure communication between the first computing device and the second computing device. 5 . The method of claim 1 , further comprising: sending, to the trusted computing device via the first computing device, a second message indicating a previously installed key and a type of key usage of the previously installed key; and receiving, from the trusted computing device via the first computing device, a third message indicating that the previously installed key and the type of key usage of the previously installed key are valid and correspond to the pairing between the first computing device and the second computing device. 6 . The method of claim 1 , wherein the receiving the message comprises decrypting the message using a communication decryption key for secure communication between the second computing device and the trusted computing device. 7 . The method of claim 1 , wherein the message indicates that the key is for a transaction associated with a predefined application executing on the first computing device or the second computing device. 8 . The method of claim 1 , wherein the key-signing key is associated with a master authority in a key hierarchy, and the key-signing key is a root key for the master authority to sign other keys in the key hierarchy. 9 . A second computing device comprising: one or more processors; and memory storing instructions that, when executed by the one or more processors, cause the second computing device to: receive, from a first computing device, a message indicating a key and a type of key usage for the key, wherein the key corresponds to a pairing between the first computing device and the second computing device, wherein the type of key usage identifies a transaction type for communication between the first computing device and the second computing device, and wherein the type of key usage comprises a key-signing key for a higher-level entity to sign keys associated with a lower-level entity; receive, from a trusted computing device, an indication that the key and the type of key usage for the key are valid and correspond to the pairing between the first computing device and the second computing device; generate, based on the indication, confirmation of successful processing of the key and type of key usage of the key, wherein the confirmation comprises an object indicating that the key was successfully processed; and establish, based on the confirmation of successful processing of the key and the type of key usage of the key, a secure communication associated with the transaction type between the first computing device and the second computing device. 10 . The second computing device of claim 9 , wherein the instructions, when executed by the one or more processors, cause the second computing device to generate the confirmation of successful processing of the key and the type of key usage of the key by signing, based on a quantity of previous pairings between the first computing device and the second computing device, a value included in the message. 11 . The second computing device of claim 9 , wherein the instructions, when executed by the one or more processors, cause the second computing device to generate the confirmation of successful processing of the key and the type of key usage of the key after a request to establish the secure communication between the first computing device and the second computing device is approved by the trusted computing device. 12 . The second computing device of claim 9 , wherein: the message further indicates a plurality of previously installed keys, and for each of the plurality of previously installed keys, a corresponding type of key usage; and the plurality of previously installed keys is for establishing the secure communication between the first computing device and the second computing device. 13 . The second computing device of claim 9 , wherein the instructions, when executed by the one or more processors, cause the second computing device to: send, to the trusted computing device via the first computing device, a second message indicating a previously installed key and a type of key usage of the previously installed key; and receive, from the trusted computing device via the first computing device, a third message indicating that the previously installed key and the type of key usage of the previously installed key are valid and correspond to the pairing between the first computing device and the second computing device. 14 . The second computing device of claim 9 , wherein the instructions, when executed by the one or more processors, cause the second computing device to receive the message by decrypting the message using a communication decryption key for secure communication between the second computing device and the trusted computing device. 15 . A system comprising: a first computing device; and a second computing device; wherein the second computing device comprises: one or more processors; and memory storing instructions that, when executed by the one or more processors, cause the second computing device to: receive, from the first computing device, a message indicating a key and a type of key usage for the key, wherein the key corresponds to a pairing between the first computing device and the second computing device, wherein the type of key usage identifies a transaction type for communication between the first computing device and the second computing device, and wherein the type of key usage comprises a key-signing key for a higher-level entity to sign keys associated with a lower-level entity; receive, from a trusted computing device, an indication that the key and the t
Assignees
Inventors
Classifications
Applying verification of the received information (cryptographic mechanisms or cryptographic arrangements for data integrity or data verification H04L9/32) · CPC title
for controlling access to devices or network resources · CPC title
for supporting key management in a packet data network (cryptographic mechanisms or cryptographic arrangements for key management H04L9/08) · CPC title
Revocation or update of secret information, e.g. encryption key update or rekeying · CPC title
- H04L63/20Primary
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12574359B2 cover?
- Methods, systems, and apparatuses are described for secure communications. One of a plurality of keys with respective key types may be stored in an object and may be used to establish a secure communication between computing devices. Verification of an establishment of the secure communication may be sent to a trusted computing device.
- Who is the assignee on this patent?
- Comcast Cable Comm Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/20. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 10 2026 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).