CA2296631C - Broadcasting encrypted messages using session keys - Google Patents
Broadcasting encrypted messages using session keys Download PDFInfo
- Publication number
- CA2296631C CA2296631C CA 2296631 CA2296631A CA2296631C CA 2296631 C CA2296631 C CA 2296631C CA 2296631 CA2296631 CA 2296631 CA 2296631 A CA2296631 A CA 2296631A CA 2296631 C CA2296631 C CA 2296631C
- Authority
- CA
- Canada
- Prior art keywords
- session key
- message
- encrypted
- secret
- encrypting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
- H04L2209/601—Broadcast encryption
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
A device and method for sending encrypted data to multiple recipients is provided.
The device comprises a message recorder, an encryptor, and a transmitter. The message recorder is operative to store a message to be sent to multiple recipients.
The encryptor is operative to encrypt the message thereby generating a first encrypted message.
The encryptor is also operative to: select a session key, encrypt the message using the session key thereby generating the first encrypted message, encrypt the session key with a first secret thereby generating a first encrypted session key, encrypt the session key with a second secret thereby generating a second encrypted session key, and generate a second encrypted message comprising the first encrypted session key, the second encrypted session key and the first encrypted message. The transmitter is operative to transmit the second encrypted message.
The method comprises the steps of: acquiring a session key; encrypting the message using the session key to generate a first encrypted message; encrypting the session key using a first secret thereby generating a first encrypted session key; encrypting the session key using a second secret thereby generating a second encrypted session key;
encrypting the session key using a third, fourth, , n-th secret thereby generating a third, fourth, , n-th encrypted session key, respectively; and broadcasting an outgoing message comprising the first encrypted message, the first encrypted session key, and, the second, third, fourth,, n-th encrypted session keys. Also, in accordance with the present invention, a method for retrieving a message is provided. The method comprises the steps of acquiring an encrypted message; searching the encrypted message for a first encrypted session key;
decrypting the first encrypted session key to retrieve a session key; and decrypting a message block in the encrypted message using the retrieved session key.
The device comprises a message recorder, an encryptor, and a transmitter. The message recorder is operative to store a message to be sent to multiple recipients.
The encryptor is operative to encrypt the message thereby generating a first encrypted message.
The encryptor is also operative to: select a session key, encrypt the message using the session key thereby generating the first encrypted message, encrypt the session key with a first secret thereby generating a first encrypted session key, encrypt the session key with a second secret thereby generating a second encrypted session key, and generate a second encrypted message comprising the first encrypted session key, the second encrypted session key and the first encrypted message. The transmitter is operative to transmit the second encrypted message.
The method comprises the steps of: acquiring a session key; encrypting the message using the session key to generate a first encrypted message; encrypting the session key using a first secret thereby generating a first encrypted session key; encrypting the session key using a second secret thereby generating a second encrypted session key;
encrypting the session key using a third, fourth, , n-th secret thereby generating a third, fourth, , n-th encrypted session key, respectively; and broadcasting an outgoing message comprising the first encrypted message, the first encrypted session key, and, the second, third, fourth,, n-th encrypted session keys. Also, in accordance with the present invention, a method for retrieving a message is provided. The method comprises the steps of acquiring an encrypted message; searching the encrypted message for a first encrypted session key;
decrypting the first encrypted session key to retrieve a session key; and decrypting a message block in the encrypted message using the retrieved session key.
Description
Broadcasting Encrypted Messages Using Session Keys FIELD OF THE INVENTION
The present invention relates generally to the field of data encryption. In particular, the invention relates to a system for broadcasting encrypted data to multiple recipients.
BACKGROUND OF THE INVENTION
Encryption involves encoding a message using a small secret in such a way that an entity knowing the secret can recover the message, while an entity that does not know the secret cannot recover the message in a reasonable amount of time. There are well-known encryption schemes that enable a single sender to encrypt a message for a single recipient provided the sender and the recipient share a secret. These schemes, however, are not well adapted to situations where a single sender desires to send an encrypted message to multiple recipients.
PGP and SMIME are the most common email techniques used for encrypting Internet email messages. The usual approach taken when the same message is sent to more than one recipient is to encrypt the message multiple times. First, the message is encrypted using a secret shared between the sender and the first recipient and then the encrypted message is sent to the first recipient. Next, the sender encrypts the message a second time for a second recipient using a secret shared between the sender and the second recipient and sends the second encrypted message. This process is repeated until the message has been encrypted for each intended recipient using the unique secret shared between that intended recipient and the sender and the encrypted messages have been transmitted. In a communication environment where bandwidth (information channel capacity) is limited, such as in a wireless communications environment, sending multiple versions of the same message wastes resources, is very costly, highly inefficient and very slow. Additionally, data terminals, such as cellphones, PDAs and two-way pagers, communicating via wireless communications networks tend to have considerably less processing power than typical data terminals, such desktops and workstations, connected to the Internet;
hence, multiple re-encryption associated with traditional encryption methodologies pose significant processing power demand on wireless data terminals - which is undesirable.
Therefore, there remains a need in this art for a more efficient method for sending the same encrypted message to multiple recipients. There remains a more particular need for a system that allows a sender to broadcast an encrypted message a single time for receipt by multiple intended recipients whereby each intended recipients can decrypt the message and an unintended recipients will be impeded in its effort to decrypt the message.
SUMMARY OF THE INVENTION
The present invention overcomes the problems noted above and satisfies the need in this field for a system that allows a sender to broadcast an encrypted message a single time for receipt and decryption by multiple intended recipients.
The present invention has many advantageous features. Not all of these features are simultaneously required to practice the invention as claimed, and the following list is merely illustrative of the types of benefits that may be provided, alone or in combination, by the present invention. These advantages include: (1) bandwidth savings through the use of the system; (2) the system's adaptability to different mail address types; (3) providing a mechanism by which all intended recipients can decrypt the message while impeding the efforts of unintended recipients from decrypting the message; (4) providing a system in which information about an intended recipient's secret or decryption key is not leaked to another intended recipient or to any other individual; and (5) the system's flexibility which allows its use with both public key (asymmetric), private key (symmetric) encryption schemes or some hybrid combination thereof.
In accordance with the present invention, a device for sending encrypted data to multiple recipients is provided. The description in this paragraph assumes a sender aims to transmit a message to two intended recipients. A more general description is provided in the case when sending to more than two intended recipients. The device comprises a message recorder, an encryptor, and a transmitter. The message recorder is operative to store a message to be sent to a first recipient and to a second recipient. The encryptor is operative to encrypt the message thereby generating a first encrypted message. The encryptor is also operative to: select a session key, encrypt the message using the session key thereby generating the first encrypted message, encrypt the session key with a first secret thereby generating a first encrypted session key, encrypt the session key with a second secret thereby generating a second encrypted session key, and generate a second encrypted message comprising the first encrypted session key, the second encrypted session key and the first encrypted message. The transmitter is operative to transmit the second encrypted message.
Also, provided is a method for encrypting a message to be sent by a sender to multiple recipients. The method comprises the steps of acquiring a session key;
encrypting the message using the session key to generate a first encrypted message; encrypting the session key using a first secret thereby generating a first encrypted session key; encrypting the session key using a second secret thereby generating a second encrypted session key; encrypting the session key using a third, fourth, , n-th secret thereby generating a third, fourth, , n-th encrypted session key, respectively; and broadcasting an outgoing message comprising the first encrypted message, the first encrypted session key, and , the second, third, fourth, , n-th encrypted session keys.
Also, in accordance with the present invention, a method for retrieving a message is provided. The method comprises the steps of: acquiring an encrypted message;
searching the encrypted message for a first encrypted session key; decrypting the first encrypted session key to retrieve a session key; and decrypting a message block in the encrypted message using the retrieved session key. In one embodiment the "decrypting the first encrypted session key" step comprises the step of using a secret shared with the sender of the message to decrypt the first encrypted session key. In another embodiment the "searching the encrypted message step"
comprises the steps of locating a globally unique identification that corresponds to the recipient and locating a first encrypted session key that corresponds to the globally unique identification.
The present invention relates generally to the field of data encryption. In particular, the invention relates to a system for broadcasting encrypted data to multiple recipients.
BACKGROUND OF THE INVENTION
Encryption involves encoding a message using a small secret in such a way that an entity knowing the secret can recover the message, while an entity that does not know the secret cannot recover the message in a reasonable amount of time. There are well-known encryption schemes that enable a single sender to encrypt a message for a single recipient provided the sender and the recipient share a secret. These schemes, however, are not well adapted to situations where a single sender desires to send an encrypted message to multiple recipients.
PGP and SMIME are the most common email techniques used for encrypting Internet email messages. The usual approach taken when the same message is sent to more than one recipient is to encrypt the message multiple times. First, the message is encrypted using a secret shared between the sender and the first recipient and then the encrypted message is sent to the first recipient. Next, the sender encrypts the message a second time for a second recipient using a secret shared between the sender and the second recipient and sends the second encrypted message. This process is repeated until the message has been encrypted for each intended recipient using the unique secret shared between that intended recipient and the sender and the encrypted messages have been transmitted. In a communication environment where bandwidth (information channel capacity) is limited, such as in a wireless communications environment, sending multiple versions of the same message wastes resources, is very costly, highly inefficient and very slow. Additionally, data terminals, such as cellphones, PDAs and two-way pagers, communicating via wireless communications networks tend to have considerably less processing power than typical data terminals, such desktops and workstations, connected to the Internet;
hence, multiple re-encryption associated with traditional encryption methodologies pose significant processing power demand on wireless data terminals - which is undesirable.
Therefore, there remains a need in this art for a more efficient method for sending the same encrypted message to multiple recipients. There remains a more particular need for a system that allows a sender to broadcast an encrypted message a single time for receipt by multiple intended recipients whereby each intended recipients can decrypt the message and an unintended recipients will be impeded in its effort to decrypt the message.
SUMMARY OF THE INVENTION
The present invention overcomes the problems noted above and satisfies the need in this field for a system that allows a sender to broadcast an encrypted message a single time for receipt and decryption by multiple intended recipients.
The present invention has many advantageous features. Not all of these features are simultaneously required to practice the invention as claimed, and the following list is merely illustrative of the types of benefits that may be provided, alone or in combination, by the present invention. These advantages include: (1) bandwidth savings through the use of the system; (2) the system's adaptability to different mail address types; (3) providing a mechanism by which all intended recipients can decrypt the message while impeding the efforts of unintended recipients from decrypting the message; (4) providing a system in which information about an intended recipient's secret or decryption key is not leaked to another intended recipient or to any other individual; and (5) the system's flexibility which allows its use with both public key (asymmetric), private key (symmetric) encryption schemes or some hybrid combination thereof.
In accordance with the present invention, a device for sending encrypted data to multiple recipients is provided. The description in this paragraph assumes a sender aims to transmit a message to two intended recipients. A more general description is provided in the case when sending to more than two intended recipients. The device comprises a message recorder, an encryptor, and a transmitter. The message recorder is operative to store a message to be sent to a first recipient and to a second recipient. The encryptor is operative to encrypt the message thereby generating a first encrypted message. The encryptor is also operative to: select a session key, encrypt the message using the session key thereby generating the first encrypted message, encrypt the session key with a first secret thereby generating a first encrypted session key, encrypt the session key with a second secret thereby generating a second encrypted session key, and generate a second encrypted message comprising the first encrypted session key, the second encrypted session key and the first encrypted message. The transmitter is operative to transmit the second encrypted message.
Also, provided is a method for encrypting a message to be sent by a sender to multiple recipients. The method comprises the steps of acquiring a session key;
encrypting the message using the session key to generate a first encrypted message; encrypting the session key using a first secret thereby generating a first encrypted session key; encrypting the session key using a second secret thereby generating a second encrypted session key; encrypting the session key using a third, fourth, , n-th secret thereby generating a third, fourth, , n-th encrypted session key, respectively; and broadcasting an outgoing message comprising the first encrypted message, the first encrypted session key, and , the second, third, fourth, , n-th encrypted session keys.
Also, in accordance with the present invention, a method for retrieving a message is provided. The method comprises the steps of: acquiring an encrypted message;
searching the encrypted message for a first encrypted session key; decrypting the first encrypted session key to retrieve a session key; and decrypting a message block in the encrypted message using the retrieved session key. In one embodiment the "decrypting the first encrypted session key" step comprises the step of using a secret shared with the sender of the message to decrypt the first encrypted session key. In another embodiment the "searching the encrypted message step"
comprises the steps of locating a globally unique identification that corresponds to the recipient and locating a first encrypted session key that corresponds to the globally unique identification.
According to another aspect of the invention, there is provided a device for sending encrypted data to multiple recipients comprising: a message recorder that is operative to store a message to be sent to a plurality of recipients; an encryptor that is operative to:
select a random session key, encrypt the message using the random session key thereby generating a first encrypted message, produce a plurality of encrypted session keys each of which comprises the random session key encrypted with a secret unique to a respective recipient, and generate a second encrypted message comprising the plurality of encrypted session keys and the first encrypted message; and a transmitter that is operative to transmit the second encrypted message.
According to another aspect of the invention, there is provided a method for encrypting a message to be sent by a sender to multiple recipients comprising the steps of acquiring a session key; encrypting the message using said session key to generate a first encrypted message; encrypting said session key using a first secret thereby generating a first encrypted session key; encrypting said session key using a second secret thereby generating a second encrypted session key; generating an outgoing message comprising said first encrypted message, said first encrypted session key, and said second encrypted session key; and broadcasting the outgoing message comprising said first encrypted message, said first encrypted session key, and said second encrypted session key.
According to yet another aspect of the invention, there is provided a method for encrypting a message to be sent by a sender to multiple recipients comprising the steps of acquiring a first globally unique identification for a first intended recipient; acquiring a first secret wherein said first secret is a secret shared between the sender and the first intended recipient; acquiring a second globally unique identification for a second intended recipient;
acquiring a second secret wherein said second secret is a secret shared between the sender and the second intended recipient; acquiring a random session key; encrypting the message using said session key to generate a first encrypted message; encrypting said session key using a first secret thereby generating a first encrypted session key;
encrypting said session key using a second secret thereby generating a second encrypting session key;
generating an outgoing message comprising said first globally unique identification, said first encrypted session key, said second globally unique identification, said second encrypted session key, and said first encrypted message; and broadcasting the outgoing message According to yet another aspect of the present invention, there is provided a method for retrieving a message by a recipient comprising the steps of acquiring an encrypted message; searching said encrypted message for a first encrypted session key;
decrypting -3a-said first encrypted session key to retrieve a session key; and decrypting a message block in said encrypted message using said retrieved session key.
According to a further aspect of the invention, there is provided a method for a single recipient to decrypt a message broadcasted to multiple recipients comprising the steps of acquiring the broadcasted message; locating in the message a globally unique identification that corresponds to the recipient; locating a first encrypted session key that corresponds to said globally unique identification; decrypting said first encrypted session key to retrieve a session key using a secret shared with a sender of the broadcasted message; and decrypting a message block in the broadcasted message using said retrieved session key.
According to a further aspect of the present invention, there is provided a method for exchanging encrypted messages between a sender and a first intended recipient and the sender and a second intended recipient comprising the steps of acquiring a random session key; encrypting a message using said session key to generate a first encrypted message;
encrypting said session key using a first secret shared between the sender and the first intended recipient thereby generating a first encrypted session key;
encrypting said session key using a second secret shared between the sender and the second intended recipient thereby generating a second encrypted session key; generating an outgoing message comprising a first globally unique identification for the first intended recipient, said first encrypted session key, a second globally unique identification for the second intended recipient, said second encrypted session key, and said first encrypted message;
broadcasting the outgoing message; acquiring said broadcasted outgoing message by the first intended recipient; locating in the broadcast message said first globally unique identification; locating said first encrypted session key that corresponds to said first globally unique identification; decrypting said first encrypted session key to retrieve said session key using said first secret; and decrypting a message block in said broadcasted message using said retrieved session key.
According to a fizrther aspect of the present invention, there is provided a device for sending encrypted data to multiple recipients comprising: a message recorder that is operative to store a message to be sent to at least a first recipient and a second recipient; an encryptor that is operative to select a random session key, encrypt the message using the random session key thereby generating a first encrypted message, encrypt the session key with a first secret thereby generating a first encrypted session key, encrypt the session key with a second secret thereby -3b-generating a second encrypted session key, and generate a second encrypted message comprising the first encrypted session key, the second encrypted session key and the first encrypted message; and a transmitter that is operative to transmit the second encrypted message.
According to yet a further aspect of the present invention, there is provided a method for encrypting a message to be sent by a sender to n recipients comprising the steps of (1) acquiring a session key; (2) encrypting the message using the session key to generate a first encrypted message; (3) encrypting the session key using a secret associated with a recipient thereby generating an encrypted session key; (4) repeating step (3) n-1 times thereby generating a plurality of unique encrypted session keys;
(5) generating an outgoing message comprising the encrypted session keys and the encrypted message; and (6) broadcasting the outgoing message comprising the encrypted session keys and the encrypted message.
According to yet a further aspect of the present invention, there is provided a system for sending encrypted information to multiple recipients, comprising:
means for selecting a session key; information encrypting means for encrypting information using the session key to thereby generate an encrypted message; key encrypting means for generating a plurality of encrypted session keys by encrypting the session key using each of a plurality of unique keys associated with the multiple recipients; means for assembling the encrypted message and the plurality of encrypted session keys into a transmission message; and a transmitter for transmitting the transmission message.
According to still another aspect of the present invention, there is provided a device for decrypting a message broadcasted to a plurality of receivers, comprising:
means for receiving the broadcasted message; means for searching a plurality of encrypted session keys in the broadcasted message to locate a particular encrypted session key; key decrypting means for decrypting the particular encrypted session key;
and information decrypting means for decrypting a portion of the received message using the session key.
According to a yet another aspect of the present invention there is provided a computer-readable program code stored in a computer readable medium, said computer readable program code executable on a computer to instruct the computer to execute the steps of selecting a session key; encrypting information using the session key to thereby generate encrypted information; for each of a plurality of intended receivers to which the information is to be sent, encrypting the session key using a unique secret associated with -3c-each intended receiver to thereby generate a plurality of encrypted session keys; and combining the encrypted information and the plurality of encrypted session keys into a single message for transmission to the plurality of intended receivers.
According to an aspect of the present invention, there is provided a computer readable program code stored in a computer-readable program medium said computer readable program code executable on a computer to instruct the computer to execute the steps of searching a plurality of encrypted session keys in a received message for a particular encrypted session key; upon detecting the particular encrypted session key, decrypting the particular encrypted session key; and decrypting a portion of the received message using the session key.
-3d-BRIEF DESCRIPTION OF THE DRAWINGS
The present invention will become apparent from the following description when read in conjunction with the accompanying drawings wherein:
FIG. 1 illustrates in block diagram form a system in which the principles of the present invention may be practiced;
FIG. 2 illustrates in flow diagram form a preferred algorithm for implementing an encryption method according to present invention;
FIG. 3 illustrates in flow diagram form a preferred algorithm for implementing a decryption method according to present invention;
FIG. 4 illustrates an exemplary generalized encrypted message block generated in accordance with the present invention;
FIG. 5 illustrates a more specific exemplary encrypted message block generated in accordance with the present invention;
FIG. 6 illustrates another example of the application of the present invention in a pay-per-use data communication broadcast; and, FIG. 7 illustrates in flow diagram form a preferred algorithm for the method of FIG. 2 as applicable for an n-plurality of recipients.
select a random session key, encrypt the message using the random session key thereby generating a first encrypted message, produce a plurality of encrypted session keys each of which comprises the random session key encrypted with a secret unique to a respective recipient, and generate a second encrypted message comprising the plurality of encrypted session keys and the first encrypted message; and a transmitter that is operative to transmit the second encrypted message.
According to another aspect of the invention, there is provided a method for encrypting a message to be sent by a sender to multiple recipients comprising the steps of acquiring a session key; encrypting the message using said session key to generate a first encrypted message; encrypting said session key using a first secret thereby generating a first encrypted session key; encrypting said session key using a second secret thereby generating a second encrypted session key; generating an outgoing message comprising said first encrypted message, said first encrypted session key, and said second encrypted session key; and broadcasting the outgoing message comprising said first encrypted message, said first encrypted session key, and said second encrypted session key.
According to yet another aspect of the invention, there is provided a method for encrypting a message to be sent by a sender to multiple recipients comprising the steps of acquiring a first globally unique identification for a first intended recipient; acquiring a first secret wherein said first secret is a secret shared between the sender and the first intended recipient; acquiring a second globally unique identification for a second intended recipient;
acquiring a second secret wherein said second secret is a secret shared between the sender and the second intended recipient; acquiring a random session key; encrypting the message using said session key to generate a first encrypted message; encrypting said session key using a first secret thereby generating a first encrypted session key;
encrypting said session key using a second secret thereby generating a second encrypting session key;
generating an outgoing message comprising said first globally unique identification, said first encrypted session key, said second globally unique identification, said second encrypted session key, and said first encrypted message; and broadcasting the outgoing message According to yet another aspect of the present invention, there is provided a method for retrieving a message by a recipient comprising the steps of acquiring an encrypted message; searching said encrypted message for a first encrypted session key;
decrypting -3a-said first encrypted session key to retrieve a session key; and decrypting a message block in said encrypted message using said retrieved session key.
According to a further aspect of the invention, there is provided a method for a single recipient to decrypt a message broadcasted to multiple recipients comprising the steps of acquiring the broadcasted message; locating in the message a globally unique identification that corresponds to the recipient; locating a first encrypted session key that corresponds to said globally unique identification; decrypting said first encrypted session key to retrieve a session key using a secret shared with a sender of the broadcasted message; and decrypting a message block in the broadcasted message using said retrieved session key.
According to a further aspect of the present invention, there is provided a method for exchanging encrypted messages between a sender and a first intended recipient and the sender and a second intended recipient comprising the steps of acquiring a random session key; encrypting a message using said session key to generate a first encrypted message;
encrypting said session key using a first secret shared between the sender and the first intended recipient thereby generating a first encrypted session key;
encrypting said session key using a second secret shared between the sender and the second intended recipient thereby generating a second encrypted session key; generating an outgoing message comprising a first globally unique identification for the first intended recipient, said first encrypted session key, a second globally unique identification for the second intended recipient, said second encrypted session key, and said first encrypted message;
broadcasting the outgoing message; acquiring said broadcasted outgoing message by the first intended recipient; locating in the broadcast message said first globally unique identification; locating said first encrypted session key that corresponds to said first globally unique identification; decrypting said first encrypted session key to retrieve said session key using said first secret; and decrypting a message block in said broadcasted message using said retrieved session key.
According to a fizrther aspect of the present invention, there is provided a device for sending encrypted data to multiple recipients comprising: a message recorder that is operative to store a message to be sent to at least a first recipient and a second recipient; an encryptor that is operative to select a random session key, encrypt the message using the random session key thereby generating a first encrypted message, encrypt the session key with a first secret thereby generating a first encrypted session key, encrypt the session key with a second secret thereby -3b-generating a second encrypted session key, and generate a second encrypted message comprising the first encrypted session key, the second encrypted session key and the first encrypted message; and a transmitter that is operative to transmit the second encrypted message.
According to yet a further aspect of the present invention, there is provided a method for encrypting a message to be sent by a sender to n recipients comprising the steps of (1) acquiring a session key; (2) encrypting the message using the session key to generate a first encrypted message; (3) encrypting the session key using a secret associated with a recipient thereby generating an encrypted session key; (4) repeating step (3) n-1 times thereby generating a plurality of unique encrypted session keys;
(5) generating an outgoing message comprising the encrypted session keys and the encrypted message; and (6) broadcasting the outgoing message comprising the encrypted session keys and the encrypted message.
According to yet a further aspect of the present invention, there is provided a system for sending encrypted information to multiple recipients, comprising:
means for selecting a session key; information encrypting means for encrypting information using the session key to thereby generate an encrypted message; key encrypting means for generating a plurality of encrypted session keys by encrypting the session key using each of a plurality of unique keys associated with the multiple recipients; means for assembling the encrypted message and the plurality of encrypted session keys into a transmission message; and a transmitter for transmitting the transmission message.
According to still another aspect of the present invention, there is provided a device for decrypting a message broadcasted to a plurality of receivers, comprising:
means for receiving the broadcasted message; means for searching a plurality of encrypted session keys in the broadcasted message to locate a particular encrypted session key; key decrypting means for decrypting the particular encrypted session key;
and information decrypting means for decrypting a portion of the received message using the session key.
According to a yet another aspect of the present invention there is provided a computer-readable program code stored in a computer readable medium, said computer readable program code executable on a computer to instruct the computer to execute the steps of selecting a session key; encrypting information using the session key to thereby generate encrypted information; for each of a plurality of intended receivers to which the information is to be sent, encrypting the session key using a unique secret associated with -3c-each intended receiver to thereby generate a plurality of encrypted session keys; and combining the encrypted information and the plurality of encrypted session keys into a single message for transmission to the plurality of intended receivers.
According to an aspect of the present invention, there is provided a computer readable program code stored in a computer-readable program medium said computer readable program code executable on a computer to instruct the computer to execute the steps of searching a plurality of encrypted session keys in a received message for a particular encrypted session key; upon detecting the particular encrypted session key, decrypting the particular encrypted session key; and decrypting a portion of the received message using the session key.
-3d-BRIEF DESCRIPTION OF THE DRAWINGS
The present invention will become apparent from the following description when read in conjunction with the accompanying drawings wherein:
FIG. 1 illustrates in block diagram form a system in which the principles of the present invention may be practiced;
FIG. 2 illustrates in flow diagram form a preferred algorithm for implementing an encryption method according to present invention;
FIG. 3 illustrates in flow diagram form a preferred algorithm for implementing a decryption method according to present invention;
FIG. 4 illustrates an exemplary generalized encrypted message block generated in accordance with the present invention;
FIG. 5 illustrates a more specific exemplary encrypted message block generated in accordance with the present invention;
FIG. 6 illustrates another example of the application of the present invention in a pay-per-use data communication broadcast; and, FIG. 7 illustrates in flow diagram form a preferred algorithm for the method of FIG. 2 as applicable for an n-plurality of recipients.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
Refernng now to the drawings, Figure 1 sets forth generally a system 2 in which the present invention is useful. The inventive method allows a sender S to transmit a single encrypted message to multiple intended recipients through normal communication channels and provides each intended recipient with the ability to decrypt the encrypted message using a unique secret that that intended recipient shares with the sender S. A typical system for which the present invention is useful is a low bandwidth system such as one that utilizes an RF
link in the communication path. Email or data communication systems having message packaging and redirection management being operative may also utilize the present invention.
An example of such a system is set forth in co-pending United States Patent Application No.
09/087,623 titled "System and Method for Pushing Information From a Host System to a Mobile Data Communication Device". This application is hereby incorporated into this disclosure by reference. The system and method for pushing information from a host system to a mobile device described in the application is a preferred system and method for the present invention herein; however, it is to be understood other types of systems and methods could be implemented that utilizes the present invention.
In accordance with a preferred embodiment of the present invention, a sender S
transmits an encrypted message once using a transmission device 4, such as a cellphone, PDA or two-way pager, to a base station 6 that is part of a communication network 8. The message is forwarded through the communication network 8 to a gateway device 10. The gateway device 10 transfers the message from the network 8 to a wide area network 12 such as the Internet.
Intended recipients A and B through their respective Internet connection method receive the message transmitted by the sender S. The intended recipients A and B then, using the decryption method of the present invention, decrypt the message. An unintended recipient C, who may intercept the message, however is impeded from deciphering the message because the unintended recipient C lacks a secret to decrypt the message. An important advantage of the inventive method is that by only sending the message once bandwidth is saved. It is be understood that although the description herein generally refers to the present invention in application with messages, specifically email messages ,the present invention in no way is limited to the application of such messages, but may include any form of data communication or datagram that require secures transmission to the intended recipients.
The preferred transmission device 4 comprises a message recorder, an encryptor, and a transmitter. The device circuit is preferably configured to operate as a wireless transceiver, such as a two paging computer, a portable electronic messaging device or a hand-held email client.
An example of such a device is set forth in co-pending United States Patent Application No.
09/106,585 titled "Hand-Held Electronic Device With A Keyboard Optimized for Use With the Thumbs". This application is hereby incorporated into this disclosure by reference. Although this is the preferred circuit for such a device, other types of circuits could be utilized in the present invention.
The message recorder is operative to store the message that is to be sent to a plurality of intended message recipients. The message recorder could comprise a memory element such as RAM, a tape storage element, a disk storage medium, CD ROM storage medium or other mediums capable of use for storing a message entered by a sender. The message could be in a number of forms such as text, voice or others.
The encryptor is operative to encrypt the message thereby generating a first encrypted message. The encryptor could be composed of a number of different devices such as a microprocessor or other digital circuit, or could reside in programming that performs the encryption steps. In a preferred embodiment of the present invention, the encryptor is software residing in the device 4. The encryptor performs the encryption function by (1) selecting a session key, (2) encrypting the message using the session key thereby generating the first encrypted message and (3) encrypting the session key multiple times. This latter step (3) involves the encryptor encrypting the session key once using each secret that the sender shares with the intended recipients thereby generating multiple encrypted session keys. The encryptor also at step (4) performs another encryption step thereby generating a second encrypted message which comprises all encrypted session keys and the first encrypted message. A
more detailed description of the encryption algorithm is discussed below.
The transmitter is operative to transmit the second encrypted message. The transmitter could comprise a number of different devices such as an rf transmitter, a modem, an optical transmitter, and others that are capable of forwarding the encrypted message to a network so that it can be routed to the intended recipients.
An exemplary transmission device 4 is a two-way communications device such as a cell phone, two-way pager or PDA but other devices such a pay-per-view television broadcast station or satellite could be used as shown in Figure 6. In the pay-per-view television broadcast embodiment, a television show 60 to be broadcasted is encrypted once with a single randomly generated session key. Sometime before the encrypted show is to be broadcast, the session key is encrypted once for each paying customer and these (suitably labeled) encrypted session keys 62, 64 broadcast. Paying customers would be able to acquire the session key by monitoring the list of encrypted versions of the session key, identifying the version encrypted using their master key, then decrypting the value. Hence, the show could then be broadcast once in encrypted form.
An exemplary algorithm for sending an encrypted message according to one aspect of the invention is illustrated in flow chart form in Figure 2. In the preferred system, the sender S and a first intended recipient A share a secret K, and the sender S and a second intended recipient B
share a secret L. In this preferred system, the first intended recipient A
does not know the secret L and the second intended recipient B does not know the secret K. Finally, in this preferred system an unintended recipient C does not know the secret K or the secret L.
First, the sender S generates a random number to use as a session key R at step 20. At this point the randomly chosen session key R is only known to the sender S.
The sender S, then, encrypts a message M once using the randomly chosen session key R to generate an encoded _7_ message Ml at step 22. Next, the sender S encrypts the session key R
repeatedly using each intended recipient's secret. The sender S, first, encrypts the session key R
using the secret K to generate a first encoded session key Rl at step 24 and then encrypts the session key R using the secret L to generate a second encoded session key R2 at step 26. Finally, the sender S transmits an encoded message MZ which comprises a single copy of the encoded message Ml, a copy of the first encoded session key Rl, and a copy of the second encoded session key R2 at step 28.
Optionally, a sender S could also include in the encoded message M2 a copy of an ID for each intended recipient to assist each intended recipient in identifying the encoded session key generated for the specific intended recipient. This system has been described in terms of a single sender S and two intended recipients A and B. However, one skilled in the art could modify the system for use with any number of recipients as illustrated in Fig. 7.
An exemplary algorithm for decrypting the message Ml according to another aspect of the invention is illustrated in flow chart form in Figure 3. To decrypt the message Ml, the intended recipients A and B use their secrets, K and L, respectively, to decrypt the encrypted session keys Rl and R2, respectively, to decrypt and recover the session key R. The intended recipients A and B then use the randomly chosen session key R to decrypt and recover the message M. Specifically, recipient A identifies the encrypted session key Rl at step 30.
Recipient A then uses the shared secret K to decrypt and recover the randomly chosen session key R from the first encoded session key Rl at step 32. Recipient A then uses the randomly chosen session key R to decrypt the message Ml to generate the original message M at step 34.
Recipient B decrypts the message Ml in a similar manner. First, recipient B
identifies the encrypted session key R2 at step 30. Recipient B then uses the shared secret L
to recover the randomly chosen session key R from the second encoded session key R2 at step 32. Recipient B then uses the randomly chosen session key R to decrypt the message Ml to generate the original message M at step 34.
_g_ An unintended recipient C who does not know either K or L cannot use either the first encoded session key Rl or the second encoded session key R2 to recover the randomly chosen session key R. Without the knowledge of the randomly chosen session key R, the unintended recipient C will be impeded in its effort to decrypt the message Ml to recover the message M.
The algorithm for decrypting the message Ml optionally could include the following technique to assist recipient A in identifying the encrypted session key Rl and recipient B in identifying the encrypted session key R2. This technique is made clear in the discussion below describing the format of the transmitted message.
Figure 4 illustrates in block diagram form an exemplary, generalized encrypted message block that could be generated using the present invention. The exemplary message block comprises a header section 40 and a data section 42. The exemplary header section comprises a secret identifier block 44 for each intended recipient and a terminator block 46. Each secret identifier block 44 includes an identifier field 48 for the recipient and an encoded session key field 50 for the recipient. The identifier field 48 contains a globally unique identifier for the intended recipient to which that secret identifier block 44 is addressed. The encoded session key field 50 includes the encoded session key that has been encrypted using the secret of the intended recipient to which that block is addressed.
The inclusion of a secret identifier block 44 with each encrypted secret allows each intended recipient to immediately identify which encrypted header block should be decrypted to retrieve the value R used to encrypt the message. An example of a data block that has been generated according to one aspect of the present invention is shown in Figure 5.
While the present invention has been described with reference to a symmetric key scheme, one skilled in the art would recognize that the present invention could be applied in both a symmetric key scheme and in a public key scheme. In a symmetric key scheme, for each pair comprising the sender and a recipient, there is a common master key known to both parties. In a symmetric key implementation, the shared secret referred to in the present invention is the _9_ master key known to both the sender and a single intended recipient. The session key can thus be passed from the sender to the recipient by encrypting the session key with the shared master key (for that recipient) and attaching the encrypted session key to the encrypted message. A
suitable identifier is required so that the recipient can identify which version of the session key should be decrypted with its master key.
The present invention also works when used with a public key scheme. In a public key scheme, each party (sender and recipients) generates a public key/private key pair. The public key is published (made available globally) by placing it into a database (commonly known as a certificate authority). The corresponding private key is kept secret by the party that generated the pair. The fundamental idea behind a public key scheme is that (a) there is no way to derive the private key simply from knowledge of the public key, and (b) data encrypted by one key of the pair can only be decrypted using the other lcey of the pair. In order to exchange a session key, the sender encrypts the session key with the public key of the intended recipient.
The intended recipient is the only party with access to the corresponding private key that can be used to decrypt, and thus recover, the session key. The "shared secret" referred to in the present invention is thus the combination of the senders knowledge of the recipient's public key and the recipient's knowledge of the corresponding private key. This invention only requires the ability to pass a session key from the sender to the intended recipients.
The bandwidth saving the can be achieved through the use of the present invention can be illustrated using the following example. For illustrative purposes, it can be assumed that a piece of encrypted data has the same size as the original (unencrypted) data.
Therefore, a transmitted encrypted message M2 is approximately equal to twice the size of the randomly chosen session key R plus the size of the encrypted message Ml. Using example sizes of randomly chosen session key R being 20 bytes and the encrypted message Ml being 2048 bytes, this yields a transmitted encrypted message M2 of 2 x 20 + 2048 = 2088 bytes.
On the other hand, if the encrypted message Ml were sent twice, once to recipient A and once to recipient B
as is done in the prior art methods, the size of the encrypted messages sent would be 2 x 2048 = 4096 bytes.
The present invention has the following additional advantages. The present invention provides a system whereby an unintended recipient C is impeded from recovering the message M. The present invention provides a system whereby the unintended recipient C
is prevented from learning anything about secrets K or L. The present invention also provides a system whereby recipient A is prevented from learning anything about secret L and recipient B is prevented from learning anything about secret K. The present invention also provides a system with the capability to send an encrypted message to recipients having different address types.
Having described in detail the preferred and alternate embodiments of the present invention, including the preferred modes of operation, it is to be understood that the invention . is capable of other and different embodiments, its several details are capable of modifications in various respects, and its operation could be carried out with different elements and steps, all without departing from the spirit of the invention. The drawings and description of the preferred and alternate embodiments are presently only by way of example and are be regarded as illustrative in nature and are not meant to limit the scope of the present invention which is defined by the following claims.
Refernng now to the drawings, Figure 1 sets forth generally a system 2 in which the present invention is useful. The inventive method allows a sender S to transmit a single encrypted message to multiple intended recipients through normal communication channels and provides each intended recipient with the ability to decrypt the encrypted message using a unique secret that that intended recipient shares with the sender S. A typical system for which the present invention is useful is a low bandwidth system such as one that utilizes an RF
link in the communication path. Email or data communication systems having message packaging and redirection management being operative may also utilize the present invention.
An example of such a system is set forth in co-pending United States Patent Application No.
09/087,623 titled "System and Method for Pushing Information From a Host System to a Mobile Data Communication Device". This application is hereby incorporated into this disclosure by reference. The system and method for pushing information from a host system to a mobile device described in the application is a preferred system and method for the present invention herein; however, it is to be understood other types of systems and methods could be implemented that utilizes the present invention.
In accordance with a preferred embodiment of the present invention, a sender S
transmits an encrypted message once using a transmission device 4, such as a cellphone, PDA or two-way pager, to a base station 6 that is part of a communication network 8. The message is forwarded through the communication network 8 to a gateway device 10. The gateway device 10 transfers the message from the network 8 to a wide area network 12 such as the Internet.
Intended recipients A and B through their respective Internet connection method receive the message transmitted by the sender S. The intended recipients A and B then, using the decryption method of the present invention, decrypt the message. An unintended recipient C, who may intercept the message, however is impeded from deciphering the message because the unintended recipient C lacks a secret to decrypt the message. An important advantage of the inventive method is that by only sending the message once bandwidth is saved. It is be understood that although the description herein generally refers to the present invention in application with messages, specifically email messages ,the present invention in no way is limited to the application of such messages, but may include any form of data communication or datagram that require secures transmission to the intended recipients.
The preferred transmission device 4 comprises a message recorder, an encryptor, and a transmitter. The device circuit is preferably configured to operate as a wireless transceiver, such as a two paging computer, a portable electronic messaging device or a hand-held email client.
An example of such a device is set forth in co-pending United States Patent Application No.
09/106,585 titled "Hand-Held Electronic Device With A Keyboard Optimized for Use With the Thumbs". This application is hereby incorporated into this disclosure by reference. Although this is the preferred circuit for such a device, other types of circuits could be utilized in the present invention.
The message recorder is operative to store the message that is to be sent to a plurality of intended message recipients. The message recorder could comprise a memory element such as RAM, a tape storage element, a disk storage medium, CD ROM storage medium or other mediums capable of use for storing a message entered by a sender. The message could be in a number of forms such as text, voice or others.
The encryptor is operative to encrypt the message thereby generating a first encrypted message. The encryptor could be composed of a number of different devices such as a microprocessor or other digital circuit, or could reside in programming that performs the encryption steps. In a preferred embodiment of the present invention, the encryptor is software residing in the device 4. The encryptor performs the encryption function by (1) selecting a session key, (2) encrypting the message using the session key thereby generating the first encrypted message and (3) encrypting the session key multiple times. This latter step (3) involves the encryptor encrypting the session key once using each secret that the sender shares with the intended recipients thereby generating multiple encrypted session keys. The encryptor also at step (4) performs another encryption step thereby generating a second encrypted message which comprises all encrypted session keys and the first encrypted message. A
more detailed description of the encryption algorithm is discussed below.
The transmitter is operative to transmit the second encrypted message. The transmitter could comprise a number of different devices such as an rf transmitter, a modem, an optical transmitter, and others that are capable of forwarding the encrypted message to a network so that it can be routed to the intended recipients.
An exemplary transmission device 4 is a two-way communications device such as a cell phone, two-way pager or PDA but other devices such a pay-per-view television broadcast station or satellite could be used as shown in Figure 6. In the pay-per-view television broadcast embodiment, a television show 60 to be broadcasted is encrypted once with a single randomly generated session key. Sometime before the encrypted show is to be broadcast, the session key is encrypted once for each paying customer and these (suitably labeled) encrypted session keys 62, 64 broadcast. Paying customers would be able to acquire the session key by monitoring the list of encrypted versions of the session key, identifying the version encrypted using their master key, then decrypting the value. Hence, the show could then be broadcast once in encrypted form.
An exemplary algorithm for sending an encrypted message according to one aspect of the invention is illustrated in flow chart form in Figure 2. In the preferred system, the sender S and a first intended recipient A share a secret K, and the sender S and a second intended recipient B
share a secret L. In this preferred system, the first intended recipient A
does not know the secret L and the second intended recipient B does not know the secret K. Finally, in this preferred system an unintended recipient C does not know the secret K or the secret L.
First, the sender S generates a random number to use as a session key R at step 20. At this point the randomly chosen session key R is only known to the sender S.
The sender S, then, encrypts a message M once using the randomly chosen session key R to generate an encoded _7_ message Ml at step 22. Next, the sender S encrypts the session key R
repeatedly using each intended recipient's secret. The sender S, first, encrypts the session key R
using the secret K to generate a first encoded session key Rl at step 24 and then encrypts the session key R using the secret L to generate a second encoded session key R2 at step 26. Finally, the sender S transmits an encoded message MZ which comprises a single copy of the encoded message Ml, a copy of the first encoded session key Rl, and a copy of the second encoded session key R2 at step 28.
Optionally, a sender S could also include in the encoded message M2 a copy of an ID for each intended recipient to assist each intended recipient in identifying the encoded session key generated for the specific intended recipient. This system has been described in terms of a single sender S and two intended recipients A and B. However, one skilled in the art could modify the system for use with any number of recipients as illustrated in Fig. 7.
An exemplary algorithm for decrypting the message Ml according to another aspect of the invention is illustrated in flow chart form in Figure 3. To decrypt the message Ml, the intended recipients A and B use their secrets, K and L, respectively, to decrypt the encrypted session keys Rl and R2, respectively, to decrypt and recover the session key R. The intended recipients A and B then use the randomly chosen session key R to decrypt and recover the message M. Specifically, recipient A identifies the encrypted session key Rl at step 30.
Recipient A then uses the shared secret K to decrypt and recover the randomly chosen session key R from the first encoded session key Rl at step 32. Recipient A then uses the randomly chosen session key R to decrypt the message Ml to generate the original message M at step 34.
Recipient B decrypts the message Ml in a similar manner. First, recipient B
identifies the encrypted session key R2 at step 30. Recipient B then uses the shared secret L
to recover the randomly chosen session key R from the second encoded session key R2 at step 32. Recipient B then uses the randomly chosen session key R to decrypt the message Ml to generate the original message M at step 34.
_g_ An unintended recipient C who does not know either K or L cannot use either the first encoded session key Rl or the second encoded session key R2 to recover the randomly chosen session key R. Without the knowledge of the randomly chosen session key R, the unintended recipient C will be impeded in its effort to decrypt the message Ml to recover the message M.
The algorithm for decrypting the message Ml optionally could include the following technique to assist recipient A in identifying the encrypted session key Rl and recipient B in identifying the encrypted session key R2. This technique is made clear in the discussion below describing the format of the transmitted message.
Figure 4 illustrates in block diagram form an exemplary, generalized encrypted message block that could be generated using the present invention. The exemplary message block comprises a header section 40 and a data section 42. The exemplary header section comprises a secret identifier block 44 for each intended recipient and a terminator block 46. Each secret identifier block 44 includes an identifier field 48 for the recipient and an encoded session key field 50 for the recipient. The identifier field 48 contains a globally unique identifier for the intended recipient to which that secret identifier block 44 is addressed. The encoded session key field 50 includes the encoded session key that has been encrypted using the secret of the intended recipient to which that block is addressed.
The inclusion of a secret identifier block 44 with each encrypted secret allows each intended recipient to immediately identify which encrypted header block should be decrypted to retrieve the value R used to encrypt the message. An example of a data block that has been generated according to one aspect of the present invention is shown in Figure 5.
While the present invention has been described with reference to a symmetric key scheme, one skilled in the art would recognize that the present invention could be applied in both a symmetric key scheme and in a public key scheme. In a symmetric key scheme, for each pair comprising the sender and a recipient, there is a common master key known to both parties. In a symmetric key implementation, the shared secret referred to in the present invention is the _9_ master key known to both the sender and a single intended recipient. The session key can thus be passed from the sender to the recipient by encrypting the session key with the shared master key (for that recipient) and attaching the encrypted session key to the encrypted message. A
suitable identifier is required so that the recipient can identify which version of the session key should be decrypted with its master key.
The present invention also works when used with a public key scheme. In a public key scheme, each party (sender and recipients) generates a public key/private key pair. The public key is published (made available globally) by placing it into a database (commonly known as a certificate authority). The corresponding private key is kept secret by the party that generated the pair. The fundamental idea behind a public key scheme is that (a) there is no way to derive the private key simply from knowledge of the public key, and (b) data encrypted by one key of the pair can only be decrypted using the other lcey of the pair. In order to exchange a session key, the sender encrypts the session key with the public key of the intended recipient.
The intended recipient is the only party with access to the corresponding private key that can be used to decrypt, and thus recover, the session key. The "shared secret" referred to in the present invention is thus the combination of the senders knowledge of the recipient's public key and the recipient's knowledge of the corresponding private key. This invention only requires the ability to pass a session key from the sender to the intended recipients.
The bandwidth saving the can be achieved through the use of the present invention can be illustrated using the following example. For illustrative purposes, it can be assumed that a piece of encrypted data has the same size as the original (unencrypted) data.
Therefore, a transmitted encrypted message M2 is approximately equal to twice the size of the randomly chosen session key R plus the size of the encrypted message Ml. Using example sizes of randomly chosen session key R being 20 bytes and the encrypted message Ml being 2048 bytes, this yields a transmitted encrypted message M2 of 2 x 20 + 2048 = 2088 bytes.
On the other hand, if the encrypted message Ml were sent twice, once to recipient A and once to recipient B
as is done in the prior art methods, the size of the encrypted messages sent would be 2 x 2048 = 4096 bytes.
The present invention has the following additional advantages. The present invention provides a system whereby an unintended recipient C is impeded from recovering the message M. The present invention provides a system whereby the unintended recipient C
is prevented from learning anything about secrets K or L. The present invention also provides a system whereby recipient A is prevented from learning anything about secret L and recipient B is prevented from learning anything about secret K. The present invention also provides a system with the capability to send an encrypted message to recipients having different address types.
Having described in detail the preferred and alternate embodiments of the present invention, including the preferred modes of operation, it is to be understood that the invention . is capable of other and different embodiments, its several details are capable of modifications in various respects, and its operation could be carried out with different elements and steps, all without departing from the spirit of the invention. The drawings and description of the preferred and alternate embodiments are presently only by way of example and are be regarded as illustrative in nature and are not meant to limit the scope of the present invention which is defined by the following claims.
Claims (40)
1. A device for sending encrypted data to multiple recipients comprising:
a message recorder that is operative to store a message to be sent to a plug recipients;
an encryptor that is operative to:
select a random session key, encrypt the message using the random session key thereby generatit first encrypted message, produce a plurality of encrypted session keys each of which comprise random session key encrypted with a secret unique to a respective recipient, and generate a second encrypted message comprising the plurality of encrypted session keys and the first enerypted message; and a transmitter that is operative to transmit the second encrypted message
a message recorder that is operative to store a message to be sent to a plug recipients;
an encryptor that is operative to:
select a random session key, encrypt the message using the random session key thereby generatit first encrypted message, produce a plurality of encrypted session keys each of which comprise random session key encrypted with a secret unique to a respective recipient, and generate a second encrypted message comprising the plurality of encrypted session keys and the first enerypted message; and a transmitter that is operative to transmit the second encrypted message
2. The device according to claim 1 wherein the second encrypted message further comprises:
a plurality of globally unique identifications, each of the identifications to associate the encrypted session key to the intended recipient.
a plurality of globally unique identifications, each of the identifications to associate the encrypted session key to the intended recipient.
3. The device according to claim 1 wherein the device is a two-way communication device.
4. The device according to claim 1 wherein the device is a pager.
5. The device according to claim 1 wherein the device is a handheld wireless Internet appliance.
6. The device according to claim 1 wherein said transmitter is an rf transmitter.
7. The device according to claim 1 wherein said transmitter is a modem.
8. A method for encrypting a message to be sent by a sender to multiple recipients comprising the steps of acquiring a session key;
encrypting the message using said session key to generate a first encrypted message;
encrypting said session key using a first secret thereby generating a first encrypted session key;
encrypting said session key using a second secret thereby generating a second encrypted session key;
generating an outgoing message comprising said first encrypted message, said first encrypted session key, and said second encrypted session key; and broadcasting the outgoing message comprising said first encrypted message, said first encrypted session key, and said second encrypted session key.
encrypting the message using said session key to generate a first encrypted message;
encrypting said session key using a first secret thereby generating a first encrypted session key;
encrypting said session key using a second secret thereby generating a second encrypted session key;
generating an outgoing message comprising said first encrypted message, said first encrypted session key, and said second encrypted session key; and broadcasting the outgoing message comprising said first encrypted message, said first encrypted session key, and said second encrypted session key.
9. The method according to claim 8 wherein said acquiring a session key step comprises the step of selecting a random number to use as said session key.
10. The method according to claim 8 wherein said first secret is a secret shared between the sender and a first intended recipient of said outgoing message and said second secret is a secret shared between the sender and a second intended recipient of said outgoing message.
11. The method according to claim 8 wherein said outgoing message further comprises:
a first globally unique identification for a first intended recipient; and a second globally unique identification for a second intended recipient.
a first globally unique identification for a first intended recipient; and a second globally unique identification for a second intended recipient.
12. A method for encrypting a message to be sent by a sender to multiple recipients comprising the steps of:
acquiring a first globally unique identification for a first intended recipient;
acquiring a first secret wherein said first secret is a secret shared between the sender and the first intended recipient;
acquiring a second globally unique identification for a second intended recipient;
acquiring a second secret wherein said second secret is a secret shared between the sender and the second intended recipient;
acquiring a random session key;
encrypting the message using said session key to generate a first encrypted message;
encrypting said session key using a first secret thereby generating a first encrypted session key;
encrypting said session key using a second secret thereby generating a second encrypted session key;
generating an outgoing message comprising said first globally unique identification, said first encrypted session key, said second globally unique identification, said second encrypted session key, and said first encrypted message; and broadcasting the outgoing message.
acquiring a first globally unique identification for a first intended recipient;
acquiring a first secret wherein said first secret is a secret shared between the sender and the first intended recipient;
acquiring a second globally unique identification for a second intended recipient;
acquiring a second secret wherein said second secret is a secret shared between the sender and the second intended recipient;
acquiring a random session key;
encrypting the message using said session key to generate a first encrypted message;
encrypting said session key using a first secret thereby generating a first encrypted session key;
encrypting said session key using a second secret thereby generating a second encrypted session key;
generating an outgoing message comprising said first globally unique identification, said first encrypted session key, said second globally unique identification, said second encrypted session key, and said first encrypted message; and broadcasting the outgoing message.
13. A method for retrieving a message by a recipient comprising the steps of acquiring an encrypted message;
searching said encrypted message for a first encrypted session key;
decrypting said first encrypted session key to retrieve a session key; and decrypting a message block in said encrypted message using said retrieved session key.
searching said encrypted message for a first encrypted session key;
decrypting said first encrypted session key to retrieve a session key; and decrypting a message block in said encrypted message using said retrieved session key.
14. The method of claim 13 wherein said decrypting said first encrypted session key step comprises the step of using a secret shared with a sender of the message to decrypt said first encrypted session key.
15. The method of claim 13 wherein said searching said encrypted message step comprises the steps of locating a globally unique identification that corresponds to the recipient and locating a first encrypted session key that corresponds to said globally unique identification.
16. A method for a single recipient to decrypt a message broadcasted to multiple recipients comprising the steps of acquiring the broadcasted message;
locating in the message a globally unique identification that corresponds to the recipient;
locating a first encrypted session key that corresponds to said globally unique identification;
decrypting said first encrypted session key to retrieve a session key using a secret shared with a sender of the broadcasted message; and decrypting a message block in the broadcasted message using said retrieved session key.
locating in the message a globally unique identification that corresponds to the recipient;
locating a first encrypted session key that corresponds to said globally unique identification;
decrypting said first encrypted session key to retrieve a session key using a secret shared with a sender of the broadcasted message; and decrypting a message block in the broadcasted message using said retrieved session key.
17. A method for exchanging encrypted messages between a sender and a first intended recipient and the sender and a second intended recipient comprising the steps of acquiring a random session key;
encrypting a message using said session key to generate a first encrypted message;
encrypting said session key using a first secret shared between the sender and the first intended recipient thereby generating a first encrypted session key;
encrypting said session key using a second secret shared between the sender and the second intended recipient thereby generating a second encrypted session key;
generating an outgoing message comprising a first globally unique identification for the first intended recipient, said first encrypted session key, a second globally unique identification for the second intended recipient, said second encrypted session key, and said first encrypted message;
broadcasting the outgoing message;
acquiring said broadcasted outgoing message by the first intended recipient;
locating in the broadcasted message said first globally unique identification;
locating said first encrypted session key that corresponds to said first globally unique identification;
decrypting said first encrypted session key to retrieve said session key using said first secret; and decrypting a message block in said broadcasted message using said retrieved session key.
encrypting a message using said session key to generate a first encrypted message;
encrypting said session key using a first secret shared between the sender and the first intended recipient thereby generating a first encrypted session key;
encrypting said session key using a second secret shared between the sender and the second intended recipient thereby generating a second encrypted session key;
generating an outgoing message comprising a first globally unique identification for the first intended recipient, said first encrypted session key, a second globally unique identification for the second intended recipient, said second encrypted session key, and said first encrypted message;
broadcasting the outgoing message;
acquiring said broadcasted outgoing message by the first intended recipient;
locating in the broadcasted message said first globally unique identification;
locating said first encrypted session key that corresponds to said first globally unique identification;
decrypting said first encrypted session key to retrieve said session key using said first secret; and decrypting a message block in said broadcasted message using said retrieved session key.
18. The method of claim 17 further comprising the steps of acquiring said broadcasted outgoing message by the second intended recipient;
locating in the message said second globally unique identification;
locating said second encrypted session key that corresponds to said second globally unique identification;
decrypting said second encrypted session key to retrieve said session key using said second secret; and decrypting a message block in said broadcasted message using said retrieved session key.
locating in the message said second globally unique identification;
locating said second encrypted session key that corresponds to said second globally unique identification;
decrypting said second encrypted session key to retrieve said session key using said second secret; and decrypting a message block in said broadcasted message using said retrieved session key.
19. A device for sending encrypted data to multiple recipients comprising:
a message recorder that is operative to store a message to be sent to at least a first recipient and a second recipient;
an encryptor that is operative to select a random session key, encrypt the message using the random session key thereby generating a first encrypted message, encrypt the session key with a first secret thereby generating a first encrypted session key, encrypt the session key with a second secret thereby generating a second encrypted session key, and generate a second encrypted message comprising the first encrypted session key, the second encrypted session key and the first encrypted message; and a transmitter that is operative to transmit the second encrypted message.
a message recorder that is operative to store a message to be sent to at least a first recipient and a second recipient;
an encryptor that is operative to select a random session key, encrypt the message using the random session key thereby generating a first encrypted message, encrypt the session key with a first secret thereby generating a first encrypted session key, encrypt the session key with a second secret thereby generating a second encrypted session key, and generate a second encrypted message comprising the first encrypted session key, the second encrypted session key and the first encrypted message; and a transmitter that is operative to transmit the second encrypted message.
20. A method for encrypting a message to be sent by a sender to n recipients comprising the steps of:
(1) acquiring a session key;
(2) encrypting the message using the session key to generate a first encrypted message;
(3) encrypting the session key using a secret associated with a recipient thereby generating an encrypted session key;
(4) repeating step (3) n-1 times thereby generating a plurality of unique encrypted session keys;
(5) generating an outgoing message comprising the encrypted session keys and the encrypted message; and (6) broadcasting the outgoing message comprising the encrypted session keys and the encrypted message.
(1) acquiring a session key;
(2) encrypting the message using the session key to generate a first encrypted message;
(3) encrypting the session key using a secret associated with a recipient thereby generating an encrypted session key;
(4) repeating step (3) n-1 times thereby generating a plurality of unique encrypted session keys;
(5) generating an outgoing message comprising the encrypted session keys and the encrypted message; and (6) broadcasting the outgoing message comprising the encrypted session keys and the encrypted message.
21. The method according to claim 20 wherein the acquiring a session key step comprises the step of selecting a random number to use as the session key.
22. The method according to claim 21 wherein the secret is a secret shared between the sender and the recipient who is an intended decryptor of the encrypted session key.
23. The method according to claim 20 wherein the outgoing message further comprises:
a plurality of globally unique identifications wherein each unique encrypted session key has a globally unique identification associated therewith.
a plurality of globally unique identifications wherein each unique encrypted session key has a globally unique identification associated therewith.
24. A system for sending encrypted information to multiple recipients, comprising:
means for selecting a session key;
information encrypting means for encrypting information using the session key to thereby generate an encrypted message;
key encrypting means for generating a plurality of encrypted session keys by encrypting the session key using each of a plurality of unique keys associated with the multiple recipients;
means for assembling the encrypted message and the plurality of encrypted session keys into a transmission message; and a transmitter for transmitting the transmission message.
means for selecting a session key;
information encrypting means for encrypting information using the session key to thereby generate an encrypted message;
key encrypting means for generating a plurality of encrypted session keys by encrypting the session key using each of a plurality of unique keys associated with the multiple recipients;
means for assembling the encrypted message and the plurality of encrypted session keys into a transmission message; and a transmitter for transmitting the transmission message.
25. The system according to claim 24, wherein each of the plurality of unique keys is a public key generated by one of the multiple recipients.
26. The system according to claim 25, wherein the plurality of unique keys is stored in a central key repository accessible to the means for generating a plurality of encrypted session keys.
27. The system according to claim 25, wherein:
each of the multiple recipients stores a private key corresponding to its unique public key and decrypts one of the plurality of encrypted session keys with its private key corresponding to its unique public key to thereby recover the session key.
each of the multiple recipients stores a private key corresponding to its unique public key and decrypts one of the plurality of encrypted session keys with its private key corresponding to its unique public key to thereby recover the session key.
28. The system according to claim 24, wherein each of the plurality of unique keys is a secret shared between the system for sending encrypted information and one of the multiple recipients.
29. The system according to claim 28, wherein the key encrypting means encrypts the session key by applying a cipher algorithm.
30. The system according to claim 29, wherein the cipher algorithm is a data encryption standard (DES) algorithm.
31. The system according to claim 26, wherein the transmitter is a wireless transmitter.
32. A device for decrypting a message broadcasted to a plurality of receivers, comprising:
means for receiving the broadcasted message;
means for searching a plurality of encrypted session keys in the broadcasted message to locate a particular encrypted session key;
key decrypting means for decrypting the particular encrypted session key; and information decrypting means for decrypting a portion of the received message using the session key.
means for receiving the broadcasted message;
means for searching a plurality of encrypted session keys in the broadcasted message to locate a particular encrypted session key;
key decrypting means for decrypting the particular encrypted session key; and information decrypting means for decrypting a portion of the received message using the session key.
33. The device according to claim 32, wherein the device is a wireless communication device.
34. The device according to claim 32, wherein the device is a modem.
35. The device according to claim 34, wherein the device is a wireless modem.
36. The device according to claim 32, wherein the device is a cellular telephone.
37. The device according to claim 32, implemented in a subscriber receiver in a pay television system.
38. Computer readable program code stored in a computer readable medium, said computer readable program code executable on a computer to instruct the computer to execute the steps of:
selecting a session key;
encrypting information using the session key to thereby generate encrypted information;
for each of a plurality of intended receivers to which the information is to be sent, encrypting the session key using a unique secret associated with each intended receiver to thereby generate a plurality of encrypted session keys; and combining the encrypted information and the plurality of encrypted session keys into a single message for transmission to the plurality of intended receivers.
selecting a session key;
encrypting information using the session key to thereby generate encrypted information;
for each of a plurality of intended receivers to which the information is to be sent, encrypting the session key using a unique secret associated with each intended receiver to thereby generate a plurality of encrypted session keys; and combining the encrypted information and the plurality of encrypted session keys into a single message for transmission to the plurality of intended receivers.
39. The computer readable program code stored in the computer readable medium according to claim 38, wherein:
the information source is operatively associated with a communication signal transmitter coupled to a communication network; and the stored computer program instructions further cause the computer to execute the step of broadcasting the message on the communication network via the transmitter.
the information source is operatively associated with a communication signal transmitter coupled to a communication network; and the stored computer program instructions further cause the computer to execute the step of broadcasting the message on the communication network via the transmitter.
40. Computer readable program code stored in a computer readable medium, said computer readable program code executable on a computer to instruct the computer to execute the steps of:
searching a plurality of encrypted session keys in a received message for a particular encrypted session key;
upon detecting the particular encrypted session key, decrypting the particular encrypted session key; and decrypting a portion of the received message using the session key.
searching a plurality of encrypted session keys in a received message for a particular encrypted session key;
upon detecting the particular encrypted session key, decrypting the particular encrypted session key; and decrypting a portion of the received message using the session key.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA 2296631 CA2296631C (en) | 2000-01-19 | 2000-01-19 | Broadcasting encrypted messages using session keys |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA 2296631 CA2296631C (en) | 2000-01-19 | 2000-01-19 | Broadcasting encrypted messages using session keys |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2296631A1 CA2296631A1 (en) | 2001-07-19 |
CA2296631C true CA2296631C (en) | 2004-05-11 |
Family
ID=4165123
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA 2296631 Expired - Lifetime CA2296631C (en) | 2000-01-19 | 2000-01-19 | Broadcasting encrypted messages using session keys |
Country Status (1)
Country | Link |
---|---|
CA (1) | CA2296631C (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
PT3465976T (en) * | 2016-06-02 | 2020-11-24 | Kobil Systems Gmbh | Secure messaging |
ES2878574T3 (en) * | 2017-05-30 | 2021-11-19 | Be Invest Int Sa | General data protection method for multi-center sensitive data storage and sharing |
-
2000
- 2000-01-19 CA CA 2296631 patent/CA2296631C/en not_active Expired - Lifetime
Also Published As
Publication number | Publication date |
---|---|
CA2296631A1 (en) | 2001-07-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1119132A2 (en) | Broadcasting encrypted messages using session keys | |
US5812671A (en) | Cryptographic communication system | |
CA2224661C (en) | Use of an encryption server for encrypting messages | |
US6912285B2 (en) | Mechanism for efficient private bulk messaging | |
CA2196816C (en) | Circuit and method for generating cryptographic keys | |
CN102088441B (en) | Data encryption transmission method and system for message-oriented middleware | |
HU224303B1 (en) | Method for managing symmetric key in a communication network and device for processing data in a communication network | |
WO2003003772A3 (en) | Method for remote loading of an encryption key in a telecommunication network station | |
CN101883102A (en) | Link generation method | |
Croft et al. | Using an approximated one-time pad to secure short messaging service (SMS) | |
CN102088352A (en) | Data encryption transmission method and system for message-oriented middleware | |
EP1292166B1 (en) | Mobile communication system | |
JPH10107832A (en) | Cipher multi-address mail system | |
US20020116606A1 (en) | Encryption and decryption system for multiple node network | |
CA2296631C (en) | Broadcasting encrypted messages using session keys | |
JP2000059352A (en) | Encryption communication system | |
EP1428403B1 (en) | Communications methods, systems and terminals | |
CN101192918B (en) | A method and system for processing encrypted stream in broadcast network | |
JP2951311B1 (en) | Mobile communication dynamic secure grouping communication method | |
CN113094468A (en) | OT-based multi-data-source relational graph construction and data alignment method | |
Patil | ENCRYPTION FOR SECURE SMS TRANSMISSION | |
JPS61114633A (en) | Multiple address communication system | |
JP2001144798A (en) | System and method for distributing mail and electronic mail equipment | |
Kale et al. | SMS For Android Application By Using 3d-aes, Pgp And Stegnography | |
JPS6190547A (en) | Ciphered digital transmitter |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKEX | Expiry |
Effective date: 20200120 |