WO2015188151A1 - Securely sharing information via a public key- value data store - Google Patents

Securely sharing information via a public key- value data store Download PDF

Info

Publication number
WO2015188151A1
WO2015188151A1 PCT/US2015/034565 US2015034565W WO2015188151A1 WO 2015188151 A1 WO2015188151 A1 WO 2015188151A1 US 2015034565 W US2015034565 W US 2015034565W WO 2015188151 A1 WO2015188151 A1 WO 2015188151A1
Authority
WO
WIPO (PCT)
Prior art keywords
client device
shared secret
public key
key
data
Prior art date
Application number
PCT/US2015/034565
Other languages
French (fr)
Inventor
Farid FADAIE
Lars Arvid NORBERG
Original Assignee
Bittorrent, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bittorrent, Inc. filed Critical Bittorrent, Inc.
Publication of WO2015188151A1 publication Critical patent/WO2015188151A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Definitions

  • the present embodiments generally relates to the sharing of information and more specifically to securely sharing information via a public key-value data store.
  • client devices e.g., mobile phones, tablets, and desktops
  • client devices e.g., mobile phones, tablets, and desktops
  • Some of these communications protocols provide enhanced security features. For example, some may provide end-to-end encryption between the client devices engaging in the communications . Others may not require that the user provide a significant amount of personally identifiable information.
  • a common aspect of current communications protocols is that they typically need to use a centralized server or cluster of servers (e.g., a cloud) in order to facilitate communications between two parties.
  • the centralized server is typically involved in performing handshake and maintenance activities between client devices using the communications protocol.
  • the centralized server may also assist users in searching for other users as well as transfer messages between client devices. Without a centralized server, the client devices executing the communications protocol may not be able to easily find each other and send data to each other.
  • each client device in the network has a persistent key pair that includes a private key and a public key. For two client devices to securely exchange information, each client device obtains the other client device's public key. Each client device computes a shared secret based on its own private key and the other client's public key. Both client devices obtain the same shared secret which is unique to the two client devices. In some embodiments, the shared secret is computed using a Diffie-Hellman key exchange.
  • the client devices use the resulting shared secret to generate a shared secret key pair that includes a shared secret public key and a shared secret private key.
  • the shared secret public key is used as a key to store information in a public key-value data store.
  • the public key-value data store is a storage system that stores information under different keys and is publicly accessible by multiple client devices.
  • the public key- value data store is a decentralized distributed storage system, such as a distributed hash table (DHT).
  • the key-value data store is a centralized storage, such as a server.
  • each of the two client devices stores shared data in the public key-value data store that the user of the client device wishes to share with the user of the other client device.
  • the shared data is signed using the shared secret key pair.
  • the shared data may also be encrypted using the shared secret key pair.
  • the client device uses the shared secret public key to retrieve the data from the public key-value data store.
  • the client device uses the shared secret public key to verify the digital signature of the shared data and may use the shared secret private key to decrypt the data.
  • the data shared by each client device through public key- value data store includes status information and/or contact information of that client device.
  • Status information is an indication as to whether the client device is online (i.e., currently available to communicate).
  • Contact information is information that can be used to establish a connection between two client devices for communication.
  • the contact information may include, for example, the public IP address of the client device, internal IP address of the client device (e.g., if the client device is on a local network), a relay server token (e.g., if the client device is behind a network address translation (NAT)), and a unique identifier of the client device.
  • NAT network address translation
  • the client devices use the shared data stored in the public key-value data store under the shared secret public key to communicate with each other. For example, a first client device can retrieve the shared data stored by a second client device under the shared secret public key in the public key-value data store and determine whether the second client device is online. If the second client device is online, the first client device can use the second client device's contact information stored under the shared secret public key to establish a connection between the two client devices to communicate with the second client device.
  • the client device can stop storing its information under the shared secret public key in the public key-value data store. By not sharing its information with the other client device in the public key-value data store, the other client device will not be able to communicate with it.
  • the rejoining client device may determine which of the client devices with which it has created shared secret key pairs are online (e.g., determines which friends are online). To make such a determination, for each shared secret key pair that it has created with another client device, the rejoining client device may recreate the shared secret key pair (shared secret public key and private key) using the other client device's persistent public key. The rejoining client device checks under the shared secret public key in the public key-value data store for the shared data stored by other client device. Based on the shared data, the rejoining client device determines whether the other client device is online.
  • the information obtained by the rejoining client device as to which client devices are online can be presented to a user of the rejoining client device. If the user requests to communicate with an online client device, the rejoining client device can access the appropriate contact information from the shared data in the public key-value store for communicating with the online client device. In one embodiment, while online, a client device periodically determines which other client devices are online, and may do this by accessing the shared data in the public key-value data store.
  • the public key-value data store is publicly accessible by other client devices, the data shared between two client devices is safe because a third client device will not know which shared secret public key is being used by the two client devices to share the data. Even if the third client device is able to obtain the shared secret public key, the third client device will not be able to deduce the real identity of the client devices that stored the shared data under the public key. Further, if the information is encrypted using the shared secret key pair unique to the two client devices, the third client device would not be able to decrypt the shared data. Additionally, two client devices with shared data in the key-value store under a key can be certain that the shared data stored is valid and authentic because of the shared secret key pair used to sign the shared data. Only the two client devices have access to the shared secret private key needed to produce a valid signature. Therefore, the client devices are able to use the public key-value data store to securely store information.
  • FIG. 1 is a high-level block diagram illustrating an environment for securely sharing data via a public key-value data store according to one embodiment.
  • FIG. 2 is a high-level block diagram illustrating a detailed view of a client device according to one embodiment
  • FIG. 3 is an interaction diagram illustrating the sharing of data via a public key- value data store according to one embodiment.
  • FIG. 4 is a high-level block diagram illustrating an example of a computer for use as a component in the client device or the public key-value data store, in accordance with one embodiment
  • FIG. 1 is a high-level block diagram illustrating an environment 100 for securely sharing data via a public key-value data store according to one embodiment
  • the environment 100 includes the client devices 1 10a and 1 10b and a public key-value data store 120 connected through a network 102. Only two client devices 1 10 and one public key- value data store 120 are illustrated in FIG. 1 in order to simplify and clarify the present description. However, embodiments can have millions of client devices 1 10 and multiple public key- value data stores 120. There can be other entities in the environment 100 as well.
  • the network 102 enables communications between each client device 1 10 and the public key-value data store 120.
  • the network 102 uses standard communications technologies and/or protocols and can include the Internet as well as mobile telephone networks.
  • the network 102 can include links using technologies such as Ethernet, 802.1 1, worldwide interoperability for microwave access (WiMAX), 2G/3G/4G mobile communications protocols, digital subscriber line (DSL), asynchronous transfer mode (ATM), InfiniBand, PCI Express Advanced Switching, etc.
  • the networking protocols used on the network 102 can include multiprotocol label switching (MPLS), the transmission control protocol/Internet protocol (TCP/IP), the User Datagram Protocol (UDP), the hypertext transport protocol (HTTP), the simple mail transfer protocol (SMTP), the file transfer protocol (FTP), etc.
  • the data exchanged over the network 102 can be represented using technologies and/or formats including image data in binary form (e.g. Portable Network Graphics (PNG)), the hypertext markup language (HTML), the extensible markup language (XML), etc.
  • all or some of links can be encrypted using conventional encryption technologies such as secure sockets layer (SSL), transport layer security (TLS), virtual private networks (VPNs), Internet Protocol security (IPsec), etc.
  • the entities on the network 102 can use custom and/or dedicated data communications technologies instead of, or in addition to, the ones described above.
  • the public key-value data store 120 is a data store that is used to store data (shared data 122) shared between different entities such as client devices. Shared data 122 is stored and retrieved from the public key-value data store using a key.
  • the public key-value data store 120 may be structured in various different formats, such as a lookup table, a hash table, tree, graph, or relational database. It may reside at a centralized location on one or more computing devices (e.g., server end stations).
  • the public key-value data store 120 is decentralized among many nodes in a distributed network, such as a peer-to-peer network.
  • the public key-value data store 120 may take the form of a distributed hash table.
  • the values e.g., the data
  • the hash function is designed such that the lookup costs for each value in the hash table stays relatively consistent regardless of the number of items being stored in the table.
  • the hash table is distributed, it is split into multiple chunks that may be duplicated among the many nodes in the distributed network such that each node may store a copy of a portion of the hash table.
  • Each node may also link to other nodes and know the key value ranges that the other connected nodes store. Nodes may be connected to those other nodes that have keys that are close in "distance" to their own keys based on a formula that calculates the "distance" between two keys.
  • two client devices 1 10 exchange public keys and subsequently generate a unique shared secret key pair to communicate shared data 122 with each other.
  • the public key of the shared secret key pair is used as the key value in the public key-value data store 120.
  • the shared data 122 is then stored as the value associated with that key.
  • client device 110a and client device 1 10b are assumed to share data with each other for the purposes of this description. Although a particular client device 1 10a or 1 10b will be referred to in the description, it should be noted that they may be used interchangeably with each other.
  • the shared data 122 may include contact information, status information, and/or other data.
  • Contact information may include but is not limited to the Internet Protocol (IP) addresses of one or both of the client devices 1 10, a relay server token in the case where one or both of the client devices 1 10 are behind a firewall or cannot be directly routed to (e.g., behind a router performing network address translation), a unique identifier, port numbers, and an authentication token.
  • IP Internet Protocol
  • Contact information may be used to establish a connection between two client devices 110. For example, contact information may be used by the client device 1 10a to determine the IP address of client device 110b and establish a connection with client device 110b.
  • Status information may include information about the status of each of the client devices 110, such as whether the client device 110 is online, offline, away, and busy.
  • Other data may include offline messages, voice messages, images, videos, and additional data that one client device 1 10a sends to the other client device 110b. This data may be data that the user of one of the client devices 1 10 wishes to send to the user of the paired client device 110.
  • the shared data 122 is also encrypted using the shared secret key pair between the two client devices 110, preventing third parties from reading the shared data 122.
  • Shared data 122 may also be digitally signed using the shared secret key pair in order to be able to determine if the data 122 has be altered by an unauthorized entity.
  • the data (both keys and values) in the public key-value data store 120 is periodically purged or cleaned.
  • the determination for which data items are purged may be based upon time since last modification, time since last access, size of data, remaining storage, and other factors.
  • the public key-value data store 120 may receive a request from one of the client devices 1 10 to purge the data for a particular key.
  • the public key-value data store 120 may request authentication before such a request is granted.
  • the client devices 1 10 are electronic devices that can be used by users to exchange information in the environment 100.
  • client devices 1 10 can be used to send or receive private communications . These communications may include telephone calls, video calls, data messages between telephone numbers, instant messages, emails, and other forms of data or voice communication.
  • client devices 110 include desktop computers, smartphones, portable digital assistants (PDAs), notebooks, and tablet computers.
  • PDAs portable digital assistants
  • client devices 110a and 1 10b are referred to specifically in this description, it should be understood that other client devices 1 10 in network 102 may perform the same functions as the client devices 110a and 110b.
  • the client devices 1 10a and 1 10b are each associated with a public and private key pair 1 12a and 1 12b respectively.
  • the client devices 1 10 associate a more user-friendly piece of contact information (e.g., email address or phone number) with their public key 112. This association may be stored by a directory service or a database.
  • a key pair 1 12 is unique to each user and a user may be able to migrate or copy his or her key pair 112 to different client devices.
  • a key pair 112 can be unique to a user rather than a client device, for ease of understanding, a key pair 1 12 will be referred to as being associated with a client device 1 10 and not a user in this description.
  • a key pair 1 12 may be also be referred to a user key pair or a client key pair.
  • a user of one client device 1 10a may wish to have a private communication with the user of another client device 110b.
  • the client device 1 10a identifies the client device's 110b public key of the key pair 112b.
  • the client device 1 10a obtains the public key by searching the directory service or the database for the user-friendly contact information in order to find the public key for the client device 110b.
  • the public keys for each client device 1 10 are exchanged without using a directory service (e.g., offline or through another communications channel).
  • the client device 1 10a is able to generate a shared secret using a key exchange protocol.
  • the client device 1 10b uses the same key exchange protocol with its own private key and the public key of the client device 1 10a to generate the same shared key pair.
  • the client device 110a uses the shared secret as a seed to generate a shared secret key pair. It then uses the shared secret public key of the shared secret key pair as a key for the public key-value data store 120 to store the shared data 122 for the other client device 110b.
  • the shared data 122 is signed and may also be encrypted with the shared secret key pair.
  • the client device 1 10b may then be able to retrieve this shared data 122 from the public key-value data store 120 and determine how to contact the client device 110a, to read any offline messages, or to retrieve any other data.
  • the client device 1 10b is able to verify the authenticity of the shared data 122 (and decrypt the shared data 122) as it has also generated the same shared secret key pair.
  • each shared data 122 value is associated with a unique shared secret public key and that shared secret public key is not linked with each client device 1 10, a third party cannot easily track which client device 100 is part of which communications.
  • FIG. 2 is a high-level block diagram illustrating a detailed view of a client device 1 10 according to one embodiment.
  • the client device 1 10 includes multiple modules.
  • the functions are distributed among the modules in a different manner than described herein.
  • the functions are performed by other entities in some embodiments.
  • the client device 1 10 includes a key generation module 212.
  • the key generation module 212 generates the different keys for the client device 1 10 to be used for exchanging information with different client devices.
  • the key generation module 212 may first generate the public and private key pair 1 12 for the client device 110. These key may be generated using well-known public key cryptography methods, such as RSA or elliptic curve cryptography.
  • the key generation module 212 identifies the public key of the other client device 110.
  • the key generation module 212 takes the identified public key of the other client device 1 10 and the private key from the key pair 1 12 (its own private key) as a seed to generate a shared secret.
  • the other client device 1 10 can generate the same shared secret using its own private key and the public key from the key pair 1 12 when using the same generation method.
  • This method used to generate the shared secret ensures that it is unique to the two client devices 110 that generated it. Although the public keys of each client device 1 10 may be visible to the public, a third party is not able to generate this shared secret without knowing the private key for the client devices 110.
  • the generation method used is a key agreement protocol.
  • this key agreement protocol is Diffie-Hcllman key exchange.
  • an example of possible values to use for the Diffie-Hellman method may be to use the public keys of the client devices 1 10 to generate the prime number and base in the Diffie-Hellman key exchange and to generate each client device's secret integer in the Diffie-Hellman key exchange using each client device's private key.
  • one method of generating the values in the Diffie-Hellman key exchange is shown here, other embodiments may generate the values using all, a portion, or none of one or more of the private and public keys of the client devices 110.
  • MQV Mesezes-Qu - Vanstone
  • the key generation module 212 After the key generation module 212 generates the shared secret, it then generates a shared secret key pair that is seeded by the shared secret. The generation of the shared secret key pair may use the same or different public key cryptography method as the one used to generate the key pair 1 12.
  • the key generation module 212 stores the shared secret key pair for use when sharing data with the other client device 1 10 or when retrieving data shared by the other client device 1 10.
  • the key generation module 212 includes a storage (not shown) that stores shared secret key pairs generated for sharing data with other client devices 1 10.
  • the parameters e.g., prime numbers for RSA or domain parameters for elliptic curve cryptography
  • the public key cryptography method used to generate the shared secret key pair is seeded or modified by a portion or all of the shared secret value. This allows the two client devices 1 10a and 1 10b to generate the same shared secret key pair.
  • the storing module 214 stores the shared data 122 in the public key-value data store 120 for other client devices 1 10 to retrieve the shared data 122.
  • the storing module 214 identifies the shared secret public key created by the key generation module 212 for the other client device 110.
  • the storing module 214 stores the shared data 122 in the public key- value data store 120 using the shared secret public key as the key.
  • the shared data 122 may include contact information, status information, and other data as described previously. This shared data 122 may then be retrieved by the other client device 1 10 that has also generated the same shared secret public key using the same shared secret.
  • the storing module 214 signs the shared data 122 that it stores in the public key value-data store 120 using the shared secret key pair. This allows the other client device 1 10 that retrieves the shared data 122 to verify the authenticity of the data. For example, the storing module 214 may sign the shared data 122 using the shared secret private key, and the other client device 1 10 would be able to verify the signature using the shared secret public key. Since no other client devices 1 10 have the shared secret private key, the authenticity of the data is verified. [0042] In some embodiments, the storing module 214 also encrypts the shared data 122 that it stores in the public key-value data store 120 using the shared secret key pair.
  • the data may be encrypted using the shared secret public key, such that the data can only be decrypted by the shared secret private key (which the other client device 1 10 has).
  • the data may also be encrypted using the shared secret private key so that the encrypted data can only be decrypted by the shared secret private key.
  • This encryption allows the shared data 122 between two client devices 1 10 to be private and not readable by any third party. For ex ample, if the client device 1 10 stores encrypted contact inform ation as shared data 122, only the other client device can decrypt and read this information.
  • the storing module 214 periodically stores contact information and/or status information in the public key-value data store 120 using the shared secret public key shared with the other client device. The information is periodically stored so that the other client device 1 10 can continuously establish a connection with the client device 1 10. However, if the user of the client device 1 10 no longer wishes for the other client device 1 10 to be able to communicate with it, the storing module 214 ceases storing shared data 122 under the shared secret public key shared with the other device 1 10.
  • client devices 1 10 may initiate a group conversation.
  • each client device 1 10 may generate a shared secret key pair with each other client device 1 10 in the group, and a client device 1 10 may broadcast any shared data 122 to all the client devices 1 10 in the group.
  • the retrieval module 216 retrieves shared data 122 from the public key-value data store 120.
  • the storing module 214 identifies the shared secret public key created by the key generation module 212 and shared with the other client device 1 10.
  • the retrieval module 216 uses the shared secret public key to retrieve the shared data 122 from the public key-value data store 120.
  • the retrieved shared data 122 is contact information of the other client device 1 10.
  • the retrieval module 216 attempts to establish a connection with the other client device 1 10 (e.g., a peer-to-peer connection). If the retrieval module 216 is able to establish the connection with the other client device 1 10, the user can then exchange communications with the other client device 1 10 via the connection. Hence, after establishing the connection, the two client devices 1 10 can communicate with each other directly without having to communicate through the public key-value data store 120. In this embodiment, the public key-value data store 120 is only used to establish the connection.
  • the retrieval module 216 checks the public key-value data store 120 for shared data 122 stored under the shared secret public key. In one embodiment, if the shared data 122 includes contact information, the retrieval module 216 attempts to establish a connection with the other client device 1 10. In one embodiment, if the shared data 122 includes status information, the retrieval module 216 displays to the user in a user interface a status indicated by the status information. In some embodiments, when client device 1 10 return from being offline, the key generation module 212 regenerates each shared secret public key using the public key of each of the other client devices 1 10.
  • the retrieval module 216 periodically checks the public key-value data store 120 for changes in shared data 122. For example, the retrieval module 216 may check whether status or contact information for another client device 110 has changed.
  • FIG. 3 is an interaction diagram illustrating the sharing of data via a public key- value data store according to one embodiment.
  • the interaction diagram illustrates the steps performed by client device 110a, client device 110b, and the public key-value data store 120.
  • client device 110a client device 110a
  • client device 110b client device 110b
  • public key-value data store 120 public key-value data store
  • client device 110a has its own key pair that includes a private key and a public key.
  • client device 1 10b has its own key pair that includes a private key and a public key.
  • Client device 110a and the client device 110b exchange 350 public keys.
  • client device 110a and the client device 1 10b each generates 312 the shared secret based on its own private key and the other client device's public key. As noted previously, this shared secret is unique to these two client devices 110.
  • the client device 1 10a and the client device 110b each generate 314 the shared secret public key and the shared secret private key.
  • the shared secret key pair is comprised of the shared secret public key and the shared secret private key.
  • the client device 1 10b stores 352 shared data 122 in the public key-value data store 120 using the shared secret public key as the key.
  • the shared data 122 may include contact information, status information, or other data as described previously.
  • the client device 1 10a retrieves 354 the shared data 122 from the public key- value data store 120 using the shared secret public key. After the client device 1 10a retrieves the shared data 122, it verifies 320 the authenticity of the shared data 122 confirming that the other client device 1 10b had stored that shared data 122. The verification is done using the shared secret private key.
  • the client device 1 10a also stores shared data 122 in the public key-value data store 120 using the shared secret public key.
  • the data may be stored in response to the shared data 122 stored by the client device 1 10b.
  • FIG. 4 is a high-level block diagram illustrating an example of a computer 400 for use as a component in the client device 1 10 or the public key-value data store 120, in accordance with one embodiment. Illustrated are at least one processor 402 coupled to a chipset 404.
  • the chipset 404 includes a memory controller hub 450 and an input/output (I/O) controller hub 455.
  • a memory 406 and a graphics adapter 413 are coupled to the memory controller hub 450, and a display device 418 is coupled to the graphics adapter 413.
  • a storage device 408, keyboard 410, pointing device 414, and network adapter 416 may be coupled to the I/O controller hub 455.
  • Other embodiments of the computer 400 have different architectures.
  • the memory 406 is directly coupled to the processor 402 in some embodiments.
  • some embodiments of the computer 400 may have different I/O devices, such as a touchscreen, camera, gyroscope, etc.
  • the storage device 408 is a non-transitory computer-readable storage medium such as a hard drive, compact disk read-only memory (CD-ROM), DVD, or a solid-state memory device.
  • the memory 406 holds instructions and data used by the processor 402.
  • the pointing device 414 is used in combination with the keyboard 410 to input data into the computer system 400.
  • the graphics adapter 413 displays images and other information on the display device 418.
  • the display device 418 includes a touch screen capability for receiving user input and selections.
  • the network adapter 416 couples the computer system 400 to the network 102.
  • Some embodiments of the computer 400 have different and/or other components than those shown in FIG. 4.
  • the public key- value data store 120 can be formed of multiple blade servers and lack a display device, keyboard, and other components.
  • the computer 400 is adapted to execute computer program modules for providing functionality described herein.
  • module refers to computer program instructions and other logic used to provide the specified functionality.
  • a module can be implemented in hardware, firmware, and/or software.
  • program modules formed of executable computer program instructions are stored on the storage device 408, loaded into the memory 406, and executed by the processor 402.

Abstract

In some embodiments, each client device in the network has a private key and a public key. For two client devices to securely exchange information, each computes a shared secret based on its own private key and the other's public key. The client devices use the shared secret to generate a shared secret key pair. The shared secret public key is used as a key by each client device to store data in a public key- value data store to share with the other client device. The shared data is signed using the shared secret key pair. The shared data may also be encrypted using the shared secret key pair. Each client device uses the shared secret public key to retrieve the data from the public key-value data store. Each client device uses the shared secret key pair to verify and decrypt the shared data.

Description

SECURELY SHARING INFORMATION VIA A PUBLIC KEY- VALUE DATA STORE
CROSS REFERENCE TO RELATED APPLICATIONS
[0001] This application claims the benefit of U.S. Provisional Application No.
62/009,079, filed .Tun 6, 2014, which is incorporated by reference in its entirety.
BACKGROUND
1 . FIELD OF ART
[0002] The present embodiments generally relates to the sharing of information and more specifically to securely sharing information via a public key-value data store.
2. BACKGROUND
[0003] Users of client devices (e.g., mobile phones, tablets, and desktops) are able to send and receive communications and data using various communications protocols and associated software applications. Some of these communications protocols provide enhanced security features. For example, some may provide end-to-end encryption between the client devices engaging in the communications . Others may not require that the user provide a significant amount of personally identifiable information.
[0004] A common aspect of current communications protocols is that they typically need to use a centralized server or cluster of servers (e.g., a cloud) in order to facilitate communications between two parties. The centralized server is typically involved in performing handshake and maintenance activities between client devices using the communications protocol. The centralized server may also assist users in searching for other users as well as transfer messages between client devices. Without a centralized server, the client devices executing the communications protocol may not be able to easily find each other and send data to each other.
[0005] However, with a centralized server, there is typically a need to keep at least some record of communications between client devices. Although the actual contents of the communications (e.g., text message, image file, voice records) may not be stored, metadata regarding communications (e.g., IP addresses, timestamps), which may be required for the communications protocol to properly function, need to be logged and stored. By mining this metadata, one may be able to create a detailed record of the communications of an individual user, and in ton, may be able to discover things about the user that the user did not intend others to find out.
SUMMARY
[0006] The above and other issues are addressed by a method, computer-readable storage medium, and computer system for exchanging information via a public key-value data store.
[0007] In some embodiments, each client device in the network has a persistent key pair that includes a private key and a public key. For two client devices to securely exchange information, each client device obtains the other client device's public key. Each client device computes a shared secret based on its own private key and the other client's public key. Both client devices obtain the same shared secret which is unique to the two client devices. In some embodiments, the shared secret is computed using a Diffie-Hellman key exchange.
[0008] The client devices use the resulting shared secret to generate a shared secret key pair that includes a shared secret public key and a shared secret private key. The shared secret public key is used as a key to store information in a public key-value data store. The public key-value data store is a storage system that stores information under different keys and is publicly accessible by multiple client devices. In one embodiment, the public key- value data store is a decentralized distributed storage system, such as a distributed hash table (DHT). In another embodiment, the key-value data store is a centralized storage, such as a server.
[0009] Using the shared secret public key, each of the two client devices stores shared data in the public key-value data store that the user of the client device wishes to share with the user of the other client device. The shared data is signed using the shared secret key pair. The shared data may also be encrypted using the shared secret key pair. When one of the client devices wishes to retrieve the data shared by the other device, the client device uses the shared secret public key to retrieve the data from the public key-value data store. The client device uses the shared secret public key to verify the digital signature of the shared data and may use the shared secret private key to decrypt the data.
[0010] In one embodiment, the data shared by each client device through public key- value data store includes status information and/or contact information of that client device. Status information is an indication as to whether the client device is online (i.e., currently available to communicate). Contact information is information that can be used to establish a connection between two client devices for communication. The contact information may include, for example, the public IP address of the client device, internal IP address of the client device (e.g., if the client device is on a local network), a relay server token (e.g., if the client device is behind a network address translation (NAT)), and a unique identifier of the client device.
[0011] The client devices use the shared data stored in the public key-value data store under the shared secret public key to communicate with each other. For example, a first client device can retrieve the shared data stored by a second client device under the shared secret public key in the public key-value data store and determine whether the second client device is online. If the second client device is online, the first client device can use the second client device's contact information stored under the shared secret public key to establish a connection between the two client devices to communicate with the second client device.
[0012] If at any point one of the client devices no longer wishes for the other client device to be able to communicate with it, the client device can stop storing its information under the shared secret public key in the public key-value data store. By not sharing its information with the other client device in the public key-value data store, the other client device will not be able to communicate with it.
[0013] In one embodiment, when a client device leaves the network (goes offline) and rejoins the network at a later time, the rejoining client device may determine which of the client devices with which it has created shared secret key pairs are online (e.g., determines which friends are online). To make such a determination, for each shared secret key pair that it has created with another client device, the rejoining client device may recreate the shared secret key pair (shared secret public key and private key) using the other client device's persistent public key. The rejoining client device checks under the shared secret public key in the public key-value data store for the shared data stored by other client device. Based on the shared data, the rejoining client device determines whether the other client device is online. The information obtained by the rejoining client device as to which client devices are online can be presented to a user of the rejoining client device. If the user requests to communicate with an online client device, the rejoining client device can access the appropriate contact information from the shared data in the public key-value store for communicating with the online client device. In one embodiment, while online, a client device periodically determines which other client devices are online, and may do this by accessing the shared data in the public key-value data store.
[0014] Although the public key-value data store is publicly accessible by other client devices, the data shared between two client devices is safe because a third client device will not know which shared secret public key is being used by the two client devices to share the data. Even if the third client device is able to obtain the shared secret public key, the third client device will not be able to deduce the real identity of the client devices that stored the shared data under the public key. Further, if the information is encrypted using the shared secret key pair unique to the two client devices, the third client device would not be able to decrypt the shared data. Additionally, two client devices with shared data in the key-value store under a key can be certain that the shared data stored is valid and authentic because of the shared secret key pair used to sign the shared data. Only the two client devices have access to the shared secret private key needed to produce a valid signature. Therefore, the client devices are able to use the public key-value data store to securely store information.
BRIEF DESCRIPTION OF DRAWINGS
[0015] FIG. 1 is a high-level block diagram illustrating an environment for securely sharing data via a public key-value data store according to one embodiment.
[0016] FIG. 2 is a high-level block diagram illustrating a detailed view of a client device according to one embodiment
[0017] FIG. 3 is an interaction diagram illustrating the sharing of data via a public key- value data store according to one embodiment.
[0018] FIG. 4 is a high-level block diagram illustrating an example of a computer for use as a component in the client device or the public key-value data store, in accordance with one embodiment
DETAILED DESCRIPTION
[0019] The Figures (FIGS.) and the following description describe certain embodiments by way of illustration only. One skilled in the art will readily recognize from the following description that alternative embodiments of the structures and methods illustrated herein may be employed without departing from the principles described herein. Reference will now be made to several embodiments, examples of which are illustrated in the accompanying figures. The figures use like reference numerals to identify like elements. A letter after a reference numeral, such as "110a," indicates that the text refers specifically to the element having that particular reference numeral. A reference numeral in the text without a following letter, such as "110," refers to any or all of the elements in the figures bearing that reference numeral.
[0020] FIG. 1 is a high-level block diagram illustrating an environment 100 for securely sharing data via a public key-value data store according to one embodiment As shown, the environment 100 includes the client devices 1 10a and 1 10b and a public key-value data store 120 connected through a network 102. Only two client devices 1 10 and one public key- value data store 120 are illustrated in FIG. 1 in order to simplify and clarify the present description. However, embodiments can have millions of client devices 1 10 and multiple public key- value data stores 120. There can be other entities in the environment 100 as well.
[0021] The network 102 enables communications between each client device 1 10 and the public key-value data store 120. In one embodiment, the network 102 uses standard communications technologies and/or protocols and can include the Internet as well as mobile telephone networks. Thus, the network 102 can include links using technologies such as Ethernet, 802.1 1, worldwide interoperability for microwave access (WiMAX), 2G/3G/4G mobile communications protocols, digital subscriber line (DSL), asynchronous transfer mode (ATM), InfiniBand, PCI Express Advanced Switching, etc. Similarly, the networking protocols used on the network 102 can include multiprotocol label switching (MPLS), the transmission control protocol/Internet protocol (TCP/IP), the User Datagram Protocol (UDP), the hypertext transport protocol (HTTP), the simple mail transfer protocol (SMTP), the file transfer protocol (FTP), etc. The data exchanged over the network 102 can be represented using technologies and/or formats including image data in binary form (e.g. Portable Network Graphics (PNG)), the hypertext markup language (HTML), the extensible markup language (XML), etc. In addition, all or some of links can be encrypted using conventional encryption technologies such as secure sockets layer (SSL), transport layer security (TLS), virtual private networks (VPNs), Internet Protocol security (IPsec), etc. In another embodiment, the entities on the network 102 can use custom and/or dedicated data communications technologies instead of, or in addition to, the ones described above.
[0022] The public key-value data store 120 is a data store that is used to store data (shared data 122) shared between different entities such as client devices. Shared data 122 is stored and retrieved from the public key-value data store using a key. The public key-value data store 120 may be structured in various different formats, such as a lookup table, a hash table, tree, graph, or relational database. It may reside at a centralized location on one or more computing devices (e.g., server end stations).
[0023] In some embodiments, the public key-value data store 120 is decentralized among many nodes in a distributed network, such as a peer-to-peer network. In such a case, the public key-value data store 120 may take the form of a distributed hash table. In a distributed hash table, the values (e.g., the data) are searched by executing a hash function against the key and using the result as an index on the value. The hash function is designed such that the lookup costs for each value in the hash table stays relatively consistent regardless of the number of items being stored in the table. Furthermore, as the hash table is distributed, it is split into multiple chunks that may be duplicated among the many nodes in the distributed network such that each node may store a copy of a portion of the hash table. Each node may also link to other nodes and know the key value ranges that the other connected nodes store. Nodes may be connected to those other nodes that have keys that are close in "distance" to their own keys based on a formula that calculates the "distance" between two keys.
[0024] In some embodiments, two client devices 1 10 exchange public keys and subsequently generate a unique shared secret key pair to communicate shared data 122 with each other. The public key of the shared secret key pair is used as the key value in the public key-value data store 120. The shared data 122 is then stored as the value associated with that key. For ease of understanding, client device 110a and client device 1 10b are assumed to share data with each other for the purposes of this description. Although a particular client device 1 10a or 1 10b will be referred to in the description, it should be noted that they may be used interchangeably with each other.
[0025] The shared data 122 may include contact information, status information, and/or other data. Contact information may include but is not limited to the Internet Protocol (IP) addresses of one or both of the client devices 1 10, a relay server token in the case where one or both of the client devices 1 10 are behind a firewall or cannot be directly routed to (e.g., behind a router performing network address translation), a unique identifier, port numbers, and an authentication token. Contact information may be used to establish a connection between two client devices 110. For example, contact information may be used by the client device 1 10a to determine the IP address of client device 110b and establish a connection with client device 110b. Status information may include information about the status of each of the client devices 110, such as whether the client device 110 is online, offline, away, and busy. Other data may include offline messages, voice messages, images, videos, and additional data that one client device 1 10a sends to the other client device 110b. This data may be data that the user of one of the client devices 1 10 wishes to send to the user of the paired client device 110.
[0026] In some embodiments, the shared data 122 is also encrypted using the shared secret key pair between the two client devices 110, preventing third parties from reading the shared data 122. Shared data 122 may also be digitally signed using the shared secret key pair in order to be able to determine if the data 122 has be altered by an unauthorized entity.
[0027] In some embodiments, the data (both keys and values) in the public key-value data store 120 is periodically purged or cleaned. The determination for which data items are purged may be based upon time since last modification, time since last access, size of data, remaining storage, and other factors. In addition, the public key-value data store 120 may receive a request from one of the client devices 1 10 to purge the data for a particular key. The public key-value data store 120 may request authentication before such a request is granted.
[0028] The client devices 1 10 are electronic devices that can be used by users to exchange information in the environment 100. In one embodiment, client devices 1 10 can be used to send or receive private communications . These communications may include telephone calls, video calls, data messages between telephone numbers, instant messages, emails, and other forms of data or voice communication. Examples of client devices 110 include desktop computers, smartphones, portable digital assistants (PDAs), notebooks, and tablet computers. Although the client devices 110a and 1 10b are referred to specifically in this description, it should be understood that other client devices 1 10 in network 102 may perform the same functions as the client devices 110a and 110b.
[0029] In some embodiments, the client devices 1 10a and 1 10b are each associated with a public and private key pair 1 12a and 1 12b respectively. In some embodiments, the client devices 1 10 associate a more user-friendly piece of contact information (e.g., email address or phone number) with their public key 112. This association may be stored by a directory service or a database. In some embodiments, a key pair 1 12 is unique to each user and a user may be able to migrate or copy his or her key pair 112 to different client devices. Although a key pair 112 can be unique to a user rather than a client device, for ease of understanding, a key pair 1 12 will be referred to as being associated with a client device 1 10 and not a user in this description. A key pair 1 12 may be also be referred to a user key pair or a client key pair.
[0030] A user of one client device 1 10a may wish to have a private communication with the user of another client device 110b. To do this, in some embodiments, the client device 1 10a identifies the client device's 110b public key of the key pair 112b. In one embodiment, the client device 1 10a obtains the public key by searching the directory service or the database for the user-friendly contact information in order to find the public key for the client device 110b. In other embodiments, the public keys for each client device 1 10 are exchanged without using a directory service (e.g., offline or through another communications channel). Subsequently, using the private key of the client device 1 10a and the public key of the client device 110b, the client device 1 10a is able to generate a shared secret using a key exchange protocol. The client device 1 10b uses the same key exchange protocol with its own private key and the public key of the client device 1 10a to generate the same shared key pair.
[0031] Using the shared secret as a seed, the client device 110a generates a shared secret key pair. It then uses the shared secret public key of the shared secret key pair as a key for the public key-value data store 120 to store the shared data 122 for the other client device 110b. The shared data 122 is signed and may also be encrypted with the shared secret key pair. The client device 1 10b may then be able to retrieve this shared data 122 from the public key-value data store 120 and determine how to contact the client device 110a, to read any offline messages, or to retrieve any other data. The client device 1 10b is able to verify the authenticity of the shared data 122 (and decrypt the shared data 122) as it has also generated the same shared secret key pair.
[0032] Since each shared data 122 value is associated with a unique shared secret public key and that shared secret public key is not linked with each client device 1 10, a third party cannot easily track which client device 100 is part of which communications.
Furthermore, as only the client devices 1 10 that are part of the communications can sign and decrypt the shared data 122, the shared data 122 between the client devices can be verified to be authentic. Additionally, as the public key-value store does not need to be stored in a centralized location, there is much less of a data trail that can be exploited by a third party to determine unwanted information about different client devices. [0033] FIG. 2 is a high-level block diagram illustrating a detailed view of a client device 1 10 according to one embodiment. As shown in FIG. 2, the client device 1 10 includes multiple modules. In some embodiments, the functions are distributed among the modules in a different manner than described herein. Moreover, the functions are performed by other entities in some embodiments.
[0034] The client device 1 10 includes a key generation module 212. In some embodiments, the key generation module 212 generates the different keys for the client device 1 10 to be used for exchanging information with different client devices. The key generation module 212 may first generate the public and private key pair 1 12 for the client device 110. These key may be generated using well-known public key cryptography methods, such as RSA or elliptic curve cryptography.
[0035] When a user of the client device 1 10 wishes to share information with another client device 1 10, the key generation module 212 identifies the public key of the other client device 110. The key generation module 212 then takes the identified public key of the other client device 1 10 and the private key from the key pair 1 12 (its own private key) as a seed to generate a shared secret. The other client device 1 10 can generate the same shared secret using its own private key and the public key from the key pair 1 12 when using the same generation method.
[0036] This method used to generate the shared secret ensures that it is unique to the two client devices 110 that generated it. Although the public keys of each client device 1 10 may be visible to the public, a third party is not able to generate this shared secret without knowing the private key for the client devices 110.
[0037] In some embodiments, the generation method used is a key agreement protocol. In some embodiments, this key agreement protocol is Diffie-Hcllman key exchange. When using the Diffie-Hellman key exchange method, an example of possible values to use for the Diffie-Hellman method may be to use the public keys of the client devices 1 10 to generate the prime number and base in the Diffie-Hellman key exchange and to generate each client device's secret integer in the Diffie-Hellman key exchange using each client device's private key. Although one method of generating the values in the Diffie-Hellman key exchange is shown here, other embodiments may generate the values using all, a portion, or none of one or more of the private and public keys of the client devices 110. In other embodiments, other key agreement protocols or methods may be used to generate the shared secret, such as MQV (Menezes-Qu - Vanstone). Note that it may be up to the users of each client device 1 10 to ensure that they public key they have obtained of the other client device 1 10 is authentic and does not instead belong to an attacker.
[0038] After the key generation module 212 generates the shared secret, it then generates a shared secret key pair that is seeded by the shared secret. The generation of the shared secret key pair may use the same or different public key cryptography method as the one used to generate the key pair 1 12. The key generation module 212 stores the shared secret key pair for use when sharing data with the other client device 1 10 or when retrieving data shared by the other client device 1 10. In one embodiment, the key generation module 212 includes a storage (not shown) that stores shared secret key pairs generated for sharing data with other client devices 1 10.
[0039] In some embodiments, the parameters (e.g., prime numbers for RSA or domain parameters for elliptic curve cryptography) inputted into the public key cryptography method used to generate the shared secret key pair is seeded or modified by a portion or all of the shared secret value. This allows the two client devices 1 10a and 1 10b to generate the same shared secret key pair.
[004.0] The storing module 214 stores the shared data 122 in the public key-value data store 120 for other client devices 1 10 to retrieve the shared data 122. When the user of the client device 1 10 requests to share data with another client device 1 10, the storing module 214 identifies the shared secret public key created by the key generation module 212 for the other client device 110. The storing module 214 stores the shared data 122 in the public key- value data store 120 using the shared secret public key as the key. The shared data 122 may include contact information, status information, and other data as described previously. This shared data 122 may then be retrieved by the other client device 1 10 that has also generated the same shared secret public key using the same shared secret.
[0041] In some embodiments, the storing module 214 signs the shared data 122 that it stores in the public key value-data store 120 using the shared secret key pair. This allows the other client device 1 10 that retrieves the shared data 122 to verify the authenticity of the data. For example, the storing module 214 may sign the shared data 122 using the shared secret private key, and the other client device 1 10 would be able to verify the signature using the shared secret public key. Since no other client devices 1 10 have the shared secret private key, the authenticity of the data is verified. [0042] In some embodiments, the storing module 214 also encrypts the shared data 122 that it stores in the public key-value data store 120 using the shared secret key pair. The data may be encrypted using the shared secret public key, such that the data can only be decrypted by the shared secret private key (which the other client device 1 10 has). The data may also be encrypted using the shared secret private key so that the encrypted data can only be decrypted by the shared secret private key. This encryption allows the shared data 122 between two client devices 1 10 to be private and not readable by any third party. For ex ample, if the client device 1 10 stores encrypted contact inform ation as shared data 122, only the other client device can decrypt and read this information.
[004.3] in some embodiments, the storing module 214 periodically stores contact information and/or status information in the public key-value data store 120 using the shared secret public key shared with the other client device. The information is periodically stored so that the other client device 1 10 can continuously establish a connection with the client device 1 10. However, if the user of the client device 1 10 no longer wishes for the other client device 1 10 to be able to communicate with it, the storing module 214 ceases storing shared data 122 under the shared secret public key shared with the other device 1 10.
[0044] In some embodiments, client devices 1 10 may initiate a group conversation. In such a case, each client device 1 10 may generate a shared secret key pair with each other client device 1 10 in the group, and a client device 1 10 may broadcast any shared data 122 to all the client devices 1 10 in the group.
[0045] The retrieval module 216 retrieves shared data 122 from the public key-value data store 120. When the user of the client device 1 10 requests to retrieve shared data 122 shared by another client device 1 10 through the public key-value data store 120, the storing module 214 identifies the shared secret public key created by the key generation module 212 and shared with the other client device 1 10. The retrieval module 216 uses the shared secret public key to retrieve the shared data 122 from the public key-value data store 120.
[0046] In one embodiment, the retrieved shared data 122 is contact information of the other client device 1 10. The retrieval module 216 attempts to establish a connection with the other client device 1 10 (e.g., a peer-to-peer connection). If the retrieval module 216 is able to establish the connection with the other client device 1 10, the user can then exchange communications with the other client device 1 10 via the connection. Hence, after establishing the connection, the two client devices 1 10 can communicate with each other directly without having to communicate through the public key-value data store 120. In this embodiment, the public key-value data store 120 is only used to establish the connection.
[0047] in some embodiments, after the client device 110 returns from being offline (e.g., connects to the network 102 after not being connected to the network 102), for each shared secret public key created with another client device 1 10, the retrieval module 216 checks the public key-value data store 120 for shared data 122 stored under the shared secret public key. In one embodiment, if the shared data 122 includes contact information, the retrieval module 216 attempts to establish a connection with the other client device 1 10. In one embodiment, if the shared data 122 includes status information, the retrieval module 216 displays to the user in a user interface a status indicated by the status information. In some embodiments, when client device 1 10 return from being offline, the key generation module 212 regenerates each shared secret public key using the public key of each of the other client devices 1 10.
[0048] In some embodiments, for each shared secret public key created, the retrieval module 216 periodically checks the public key-value data store 120 for changes in shared data 122. For example, the retrieval module 216 may check whether status or contact information for another client device 110 has changed.
[0049] FIG. 3 is an interaction diagram illustrating the sharing of data via a public key- value data store according to one embodiment. The interaction diagram illustrates the steps performed by client device 110a, client device 110b, and the public key-value data store 120. Those of skill in the art will recognize that other embodiments can perform the steps described for FIG. 3 in different orders. Moreover, other embodiments can include different and/or additional steps than the ones described.
[0050] Assume for purposes of this example that client device 110a has its own key pair that includes a private key and a public key. Additionally, assume that client device 1 10b has its own key pair that includes a private key and a public key. Client device 110a and the client device 110b exchange 350 public keys. Subsequently, client device 110a and the client device 1 10b each generates 312 the shared secret based on its own private key and the other client device's public key. As noted previously, this shared secret is unique to these two client devices 110.
[0051] Using the shared secret, the client device 1 10a and the client device 110b each generate 314 the shared secret public key and the shared secret private key. The shared secret key pair is comprised of the shared secret public key and the shared secret private key. The client device 1 10b stores 352 shared data 122 in the public key-value data store 120 using the shared secret public key as the key. The shared data 122 may include contact information, status information, or other data as described previously.
[0052] The client device 1 10a retrieves 354 the shared data 122 from the public key- value data store 120 using the shared secret public key. After the client device 1 10a retrieves the shared data 122, it verifies 320 the authenticity of the shared data 122 confirming that the other client device 1 10b had stored that shared data 122. The verification is done using the shared secret private key.
[0053] In some embodiments, the client device 1 10a also stores shared data 122 in the public key-value data store 120 using the shared secret public key. The data may be stored in response to the shared data 122 stored by the client device 1 10b.
[0054] FIG. 4 is a high-level block diagram illustrating an example of a computer 400 for use as a component in the client device 1 10 or the public key-value data store 120, in accordance with one embodiment. Illustrated are at least one processor 402 coupled to a chipset 404. The chipset 404 includes a memory controller hub 450 and an input/output (I/O) controller hub 455. A memory 406 and a graphics adapter 413 are coupled to the memory controller hub 450, and a display device 418 is coupled to the graphics adapter 413. A storage device 408, keyboard 410, pointing device 414, and network adapter 416 may be coupled to the I/O controller hub 455. Other embodiments of the computer 400 have different architectures. For example, the memory 406 is directly coupled to the processor 402 in some embodiments. As another example, some embodiments of the computer 400 may have different I/O devices, such as a touchscreen, camera, gyroscope, etc.
[0055] The storage device 408 is a non-transitory computer-readable storage medium such as a hard drive, compact disk read-only memory (CD-ROM), DVD, or a solid-state memory device. The memory 406 holds instructions and data used by the processor 402. The pointing device 414 is used in combination with the keyboard 410 to input data into the computer system 400. The graphics adapter 413 displays images and other information on the display device 418. In some embodiments, the display device 418 includes a touch screen capability for receiving user input and selections. The network adapter 416 couples the computer system 400 to the network 102. Some embodiments of the computer 400 have different and/or other components than those shown in FIG. 4. For example, the public key- value data store 120 can be formed of multiple blade servers and lack a display device, keyboard, and other components.
[0056] The computer 400 is adapted to execute computer program modules for providing functionality described herein. As used herein, the term "module" refers to computer program instructions and other logic used to provide the specified functionality. Thus, a module can be implemented in hardware, firmware, and/or software. In one embodiment, program modules formed of executable computer program instructions are stored on the storage device 408, loaded into the memory 406, and executed by the processor 402.
[0057] Upon reading this disclosure, those of skill in the art will appreciate that additional alternative structural and functional designs are possible. Thus, while particular embodiments and applications have been illustrated and described, it is to be understood that the present embodiments are not limited to the precise construction and components disclosed herein and that various modifications, changes and variations which will be apparent to those skilled in the art may be made in the arrangement, operation and details of the method and apparatus disclosed herein without departing from the spirit and scope as defined in the appended claims.

Claims

1. A computer-implemented method for sharing information: storing, by a first client device, a first private key and a first public key associated with the first client device;
identifying, by the first client device, a second public key associated with a second client device;
generating, by the first client device, a shared secret based on the first private key and the second public key using a key exchange protocol;
generating, by the first client device, a shared secret public key using the shared secret;
storing, by the first client device, communication data in a public key-value data store using the shared secret; and
establishing, by the first client device, a connection with the second client device based on the communication data, the communication data retrieved by the second client device from the public key-value data store using a duplicate shared secret public key, the duplicate shared secret public key generated by the second client device using the first public key and a second private key associated with the second client device.
2. The method of claim 1 , wherein the key exchange protocol is a Diffie- Hellman key exchange.
3. The method of claim 1, further comprising:
digitally signing the communication data prior to storing the communication data in the public-key value data store, the signing verified by the second client device using the duplicate shared secret public key.
4. The method of claim 1, wherein a shared secret private key is associated with the shared secret public key and generated using the shared secret, the method further comprising: encrypting the communication data using the shared secret private key prior to storing the communication data in the public-key value data store, the communication data decrypted by the second client device using the duplicate shared secret public key.
5. The method of c laim 1, wherein a duplicate shared secret private key is associated with the duplicate shared secret public key, the method further comprising:
encrypting the communication data using the shared secret public key prior to storing the communication data in the public-key value data store, the communication data decrypted by the second client device using the duplicate shared secret private key.
6. The method of c laim 1, further comprising:
monitoring the public-key value data store for changes in data associated with the shared secret public key.
7. A computer-implemented method for sharing information:
storing, by first client device, a first private key associated with the first client device; generating, by the first client device, a shared secret public key based on the first private key and a second public key associated with a second client device; and
storing, by the first client device, data in a data store in association with the shared secret public key, the data store accessible by the second client device.
8. The method of claim 7, wherein the second client device retrieves the data from the data store using the shared secret public key, the shared secret public key generated by the second client device using a first public key associated with the first client device and a second public key associated with the second client device.
9. The method of claim 7, wherein generating the shared secret public key comprises:
generating, by the first client device, a shared secret based on the first private key and the second public key using a key exchange protocol; and generating, by the first client device, the shared secret public key using the shared secret.
10. The method of claim 9, wherein the key exchange protocol is a Diffie- Hellman key exchange.
11. The method of claim 7, where the stored data is status information indicating whether the first client device is online.
12. The method of claim 7, where the stored data i s connecti on information used to establish a connection with the first client device.
13. The method of claim 7, further comprising:
digitally signing the communication data prior to storing the communication data in the data store, the signing verified by the second client device using the shared secret public key.
14. The method of claim 7, wherein a shared secret private key is associated with the shared secret public key, the method further comprising:
encrypting the communication data using the shared secret private key prior to storing the communication data in the data store, the communication data decrypted by the second client device using the shared secret public key.
15. The method of claim 7, wherein a shared secret private key is associated with the shared secret public key, the method further comprising:
encrypting the communication data using the shared secret public key prior to storing the communication data in the data store, the communication data decrypted by the second client device using the shared secret private key.
16. The method of c laim 7, further comprising:
monitoring the data store for changes in data associated with the shared secret public key.
17. A non-transitory computer-readable storage medium storing executable computer program instructions for sharing information, the computer program instructions comprising instructions for: storing, by first client device, a first private key associated with the first client device; generating, by the first client device, a shared secret public key based on the first private key and a second public key associated with a second client device; and
storing, by the first client device, data in a data store in association with the shared secret public key, the data store accessible by the second client device.
18. The non-transitory computer-readable storage medium of claim 17, wherein the second client device retrieves the data from the data store using the shared secret public key, the shared secret public key generated by the second client device using a first public key associated with the first client device and a second public key associated with the second client device.
19. The non-transitory computer-readable storage medium of claim 17, wherein generating the shared secret public key comprises:
generating, by the first client device, a shared secret based on the first private key and the second public key using a key exchange protocol; and
generating, by the first client device, the shared secret public key using the shared secret.
20. The non-transitory computer-readable storage medium of claim 17, the computer program instructions further comprising instructions for:
digitally signing the communication data prior to storing the communication data in the data store, the signing verified by the second client device using the shared secret public key.
PCT/US2015/034565 2014-06-06 2015-06-05 Securely sharing information via a public key- value data store WO2015188151A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201462009079P 2014-06-06 2014-06-06
US62/009,079 2014-06-06

Publications (1)

Publication Number Publication Date
WO2015188151A1 true WO2015188151A1 (en) 2015-12-10

Family

ID=54767481

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2015/034565 WO2015188151A1 (en) 2014-06-06 2015-06-05 Securely sharing information via a public key- value data store

Country Status (2)

Country Link
US (1) US9887839B2 (en)
WO (1) WO2015188151A1 (en)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3534565A4 (en) * 2016-10-26 2019-10-30 Alibaba Group Holding Limited Data transmission method, apparatus and system
US11120437B2 (en) 2016-02-23 2021-09-14 nChain Holdings Limited Registry and automated management method for blockchain-enforced smart contracts
US11126976B2 (en) 2016-02-23 2021-09-21 nChain Holdings Limited Method and system for efficient transfer of cryptocurrency associated with a payroll on a blockchain that leads to an automated payroll method and system based on smart contracts
US11182782B2 (en) 2016-02-23 2021-11-23 nChain Holdings Limited Tokenisation method and system for implementing exchanges on a blockchain
US11194898B2 (en) 2016-02-23 2021-12-07 nChain Holdings Limited Agent-based turing complete transactions integrating feedback within a blockchain system
US11308486B2 (en) 2016-02-23 2022-04-19 nChain Holdings Limited Method and system for the secure transfer of entities on a blockchain
US11349645B2 (en) 2016-02-23 2022-05-31 Nchain Holdings Ltd. Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
US11356280B2 (en) 2016-02-23 2022-06-07 Nchain Holdings Ltd Personal device security using cryptocurrency wallets
US11373152B2 (en) 2016-02-23 2022-06-28 nChain Holdings Limited Universal tokenisation system for blockchain-based cryptocurrencies
US11410145B2 (en) 2016-02-23 2022-08-09 nChain Holdings Limited Blockchain-implemented method for control and distribution of digital content
US11455378B2 (en) 2016-02-23 2022-09-27 nChain Holdings Limited Method and system for securing computer software using a distributed hash table and a blockchain
US11606219B2 (en) 2016-02-23 2023-03-14 Nchain Licensing Ag System and method for controlling asset-related actions via a block chain
US11621833B2 (en) 2016-02-23 2023-04-04 Nchain Licensing Ag Secure multiparty loss resistant storage and transfer of cryptographic keys for blockchain based systems in conjunction with a wallet management system
US11625694B2 (en) 2016-02-23 2023-04-11 Nchain Licensing Ag Blockchain-based exchange with tokenisation
US11727501B2 (en) 2016-02-23 2023-08-15 Nchain Licensing Ag Cryptographic method and system for secure extraction of data from a blockchain
US11972422B2 (en) 2016-02-23 2024-04-30 Nchain Licensing Ag Registry and automated management method for blockchain-enforced smart contracts

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9674162B1 (en) * 2015-03-13 2017-06-06 Amazon Technologies, Inc. Updating encrypted cryptographic key pair
US9893885B1 (en) 2015-03-13 2018-02-13 Amazon Technologies, Inc. Updating cryptographic key pair
US10003467B1 (en) 2015-03-30 2018-06-19 Amazon Technologies, Inc. Controlling digital certificate use
US9479340B1 (en) 2015-03-30 2016-10-25 Amazon Technologies, Inc. Controlling use of encryption keys
EP3375129B1 (en) 2015-12-08 2022-09-21 NEC Corporation Method for re-keying an encrypted data file
US10243733B2 (en) * 2016-03-17 2019-03-26 Virginia Tech Intellectual Properties, Inc. Process and system for establishing a moving target connection for secure communications in client/server systems
US10230700B2 (en) * 2016-08-09 2019-03-12 Lenovo (Singapore) Pte. Ltd. Transaction based message security
US10142325B2 (en) * 2016-08-29 2018-11-27 Ivanti, Inc. Systems and methods for credentials distribution
US11140141B2 (en) * 2017-09-18 2021-10-05 Fiske Software Llc Multiparty key exchange
KR102569545B1 (en) * 2017-11-08 2023-08-22 삼성전자 주식회사 Key-value storage device and method of operating the key-value storage device
US11354449B2 (en) * 2018-04-27 2022-06-07 Tesla, Inc. Secure initial provisioning of a system on a chip
US11423178B2 (en) 2018-04-27 2022-08-23 Tesla, Inc. Isolation of subsystems on a system on a chip
CN110858243B (en) * 2018-08-24 2024-04-12 京东科技控股股份有限公司 Page acquisition method and device for gateway
EP3672142B1 (en) * 2018-12-20 2021-04-21 Siemens Healthcare GmbH Method and system for securely transferring a data set
TWI828558B (en) * 2021-01-29 2024-01-01 銓安智慧科技股份有限公司 Message transmitting system, user device and hardware security module for use therein
TWI827906B (en) * 2021-01-29 2024-01-01 銓安智慧科技股份有限公司 Message transmitting system, user device and hardware security module for use therein
US11646869B1 (en) * 2022-08-27 2023-05-09 Uab 360 It Stateless system to restore access

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006000802A2 (en) * 2004-06-28 2006-01-05 Amteus Secure Communications Limited Improvements relating to secure telecommunications
US20070223706A1 (en) * 2005-12-12 2007-09-27 Alexander Gantman Certify and split system and method for replacing cryptographic keys
US20120089519A1 (en) * 2010-10-06 2012-04-12 Prasad Peddada System and method for single use transaction signatures

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6252964B1 (en) * 1995-04-03 2001-06-26 Scientific-Atlanta, Inc. Authorization of services in a conditional access system
US6052466A (en) * 1997-08-28 2000-04-18 Telefonaktiebolaget L M Ericsson (Publ) Encryption of data packets using a sequence of private keys generated from a public key exchange
JP3918448B2 (en) * 2001-04-02 2007-05-23 日本ビクター株式会社 Authentication method in agent system
AU2005228061A1 (en) * 2004-04-02 2005-10-13 Research In Motion Limited Deploying and provisioning wireless handheld devices
US20060153364A1 (en) * 2005-01-07 2006-07-13 Beeson Curtis L Asymmetric key cryptosystem based on shared knowledge
US20090103726A1 (en) * 2007-10-18 2009-04-23 Nabeel Ahmed Dual-mode variable key length cryptography system
US8918648B2 (en) * 2010-02-25 2014-12-23 Certicom Corp. Digital signature and key agreement schemes
US8644515B2 (en) * 2010-08-11 2014-02-04 Texas Instruments Incorporated Display authenticated security association
EP3095210B1 (en) * 2014-01-13 2022-03-23 Visa International Service Association Efficient methods for protecting identity in authenticated transmissions

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006000802A2 (en) * 2004-06-28 2006-01-05 Amteus Secure Communications Limited Improvements relating to secure telecommunications
US20070223706A1 (en) * 2005-12-12 2007-09-27 Alexander Gantman Certify and split system and method for replacing cryptographic keys
US20120089519A1 (en) * 2010-10-06 2012-04-12 Prasad Peddada System and method for single use transaction signatures

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11373152B2 (en) 2016-02-23 2022-06-28 nChain Holdings Limited Universal tokenisation system for blockchain-based cryptocurrencies
US11755718B2 (en) 2016-02-23 2023-09-12 Nchain Licensing Ag Blockchain implemented counting system and method for use in secure voting and distribution
US11120437B2 (en) 2016-02-23 2021-09-14 nChain Holdings Limited Registry and automated management method for blockchain-enforced smart contracts
US11126976B2 (en) 2016-02-23 2021-09-21 nChain Holdings Limited Method and system for efficient transfer of cryptocurrency associated with a payroll on a blockchain that leads to an automated payroll method and system based on smart contracts
US11182782B2 (en) 2016-02-23 2021-11-23 nChain Holdings Limited Tokenisation method and system for implementing exchanges on a blockchain
US11194898B2 (en) 2016-02-23 2021-12-07 nChain Holdings Limited Agent-based turing complete transactions integrating feedback within a blockchain system
US11308486B2 (en) 2016-02-23 2022-04-19 nChain Holdings Limited Method and system for the secure transfer of entities on a blockchain
US11349645B2 (en) 2016-02-23 2022-05-31 Nchain Holdings Ltd. Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
US11972422B2 (en) 2016-02-23 2024-04-30 Nchain Licensing Ag Registry and automated management method for blockchain-enforced smart contracts
US11936774B2 (en) 2016-02-23 2024-03-19 Nchain Licensing Ag Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
US11347838B2 (en) 2016-02-23 2022-05-31 Nchain Holdings Ltd. Blockchain implemented counting system and method for use in secure voting and distribution
US11410145B2 (en) 2016-02-23 2022-08-09 nChain Holdings Limited Blockchain-implemented method for control and distribution of digital content
US11455378B2 (en) 2016-02-23 2022-09-27 nChain Holdings Limited Method and system for securing computer software using a distributed hash table and a blockchain
US11606219B2 (en) 2016-02-23 2023-03-14 Nchain Licensing Ag System and method for controlling asset-related actions via a block chain
US11621833B2 (en) 2016-02-23 2023-04-04 Nchain Licensing Ag Secure multiparty loss resistant storage and transfer of cryptographic keys for blockchain based systems in conjunction with a wallet management system
US11625694B2 (en) 2016-02-23 2023-04-11 Nchain Licensing Ag Blockchain-based exchange with tokenisation
US11727501B2 (en) 2016-02-23 2023-08-15 Nchain Licensing Ag Cryptographic method and system for secure extraction of data from a blockchain
US11356280B2 (en) 2016-02-23 2022-06-07 Nchain Holdings Ltd Personal device security using cryptocurrency wallets
AU2017352361B2 (en) * 2016-10-26 2020-11-26 Advanced New Technologies Co., Ltd. Data transmission method, apparatus and system
EP3534565A4 (en) * 2016-10-26 2019-10-30 Alibaba Group Holding Limited Data transmission method, apparatus and system

Also Published As

Publication number Publication date
US9887839B2 (en) 2018-02-06
US20150358158A1 (en) 2015-12-10

Similar Documents

Publication Publication Date Title
US9887839B2 (en) Securely sharing information via a public key-value data store
US11381398B2 (en) Method for re-keying an encrypted data file
US11843588B2 (en) Sending secure communications using a local ephemeral key pool
GB2560434B (en) Securely transferring user information between applications
US10616186B2 (en) Data tokenization
US10715504B2 (en) Provisioning ephemeral key pools for sending and receiving secure communications
US11316666B2 (en) Generating ephemeral key pools for sending and receiving secure communications
US11457018B1 (en) Federated messaging
US11218296B2 (en) Data de-duplication among untrusted entities
US10805071B2 (en) Method and system for protecting and sharing digital data between users in a network
US11757652B2 (en) Decentralized system for securely resolving domain names
Wang et al. Enhanced instant message security and privacy protection scheme for mobile social network systems
US11349659B2 (en) Transmitting an encrypted communication to a user in a second secure communication network
US10791196B2 (en) Directory lookup for federated messaging with a user from a different secure communication network
US20230108261A1 (en) Management, diagnostics, and security for network communications
US11368442B2 (en) Receiving an encrypted communication from a user in a second secure communication network
CN114765595B (en) Chat message display method, chat message sending device, electronic equipment and media
US11165824B2 (en) Transport layer security extension for hybrid information centric networking
Zahak et al. Collaborative privacy management in P2P online social networks
van der Meer et al. Practical Security and Key Management
DI FEDERICO et al. Snake: a privacy aware online social network providing anonymity of outsourced data at rest
em Nuvens Vitor Hugo Galhardo Moia

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15803579

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15803579

Country of ref document: EP

Kind code of ref document: A1