View All Documents & Correspondence
Methods, Systems And Computer Program Products For Secure Encryption Of Data For Transmission Via An Untrusted Intermediary
Abstract: as uploaded
Notices, Deadlines & Correspondence
Patent Information
Applicants
Epifi Technologies Private Limited
Inventors
1. SABBU, Pruthvi
Specification
We claim:
1. A method for implementing encrypted network data transmission, comprising
performing at a processor implemented secure entity within a terminal device, the steps of:
receiving a request for initiating transmission of data to an authorized recipient;
encrypting at least a cryptographic first handshake key with a cryptographic first public key associated with the authorized recipient;
transmitting the encrypted cryptographic first handshake key to the authorized recipient through an untrusted intermediary;
receiving an encrypted cryptographic secure entity key generated and transmitted by the authorized recipient, wherein generation of the encrypted cryptographic secure entity key comprises performing at the authorized recipient, the steps of:
receiving the encrypted cryptographic first handshake key;
decrypting the encrypted cryptographic first handshake key with a cryptographic first private key associated with the authorized recipient, wherein the cryptographic first public key and the cryptographic first private key comprise a cryptographic first asymmetric key pair; and
encrypting a cryptographic secure entity key with the cryptographic first handshake key to generate the encrypted cryptographic secure entity key;
decrypting the encrypted cryptographic secure entity key with the cryptographic first handshake key;
generating a cryptographic transaction key, wherein the cryptographic transaction key is generated based on:
a shared secret key generation process; and
a cryptographic second private key associated with the secure entity;
encrypting session data with the generated cryptographic transaction key; and
transmitting the encrypted session data and a cryptographic second public key associated with the secure entity to the authorized recipient through the untrusted intermediary, wherein the cryptographic second private key and the cryptographic second public key comprise a cryptographic second asymmetric key pair.
2. The method as claimed in claim 1, wherein the authorized recipient is configured
for:
receiving the encrypted session data and the cryptographic second public key;
generating the cryptographic transaction key, wherein generating the cryptographic transaction key is based on:
the shared secret key generation process; and
the cryptographic second public key;
and decrypting the received encrypted session data with the cryptographic transaction key.
3. The method as claimed in claim 2, wherein the secure entity:
receives encrypted session data that:
has been encrypted by the authorized recipient with the cryptographic transaction key; and
has been transmitted to the secure entity through an untrusted intermediary;
and decrypts the encrypted session data received from the authorized recipient with the cryptographic transaction key.
4. The method as claimed in claim 1, comprising:
encrypting at least a cryptographic second handshake key with the cryptographic first public key;
transmitting the encrypted cryptographic second handshake key to the authorized recipient through the untrusted intermediary, wherein the authorized recipient is configured for:
receiving the encrypted cryptographic second handshake key;
decrypting the encrypted cryptographic second handshake key with the cryptographic first private key; and
transmitting the cryptographic second handshake key to the untrusted intermediary for storage therein and for signing, encryption or decryption of data messages transmitted between the secure entity and the untrusted intermediary.
5. A method for encrypting network data transmission, comprising performing at a
processor implemented authorized recipient of data, the steps of:
receiving from a secure entity within a terminal device, an encrypted cryptographic first handshake key, wherein:
the encrypted cryptographic first handshake key has been generated at the secure entity by encrypting a cryptographic first handshake key with a cryptographic first public key associated with the authorized recipient; and
the encrypted cryptographic first handshake key has been transmitted to the authorized recipient from the secure entity through an untrusted intermediary;
decrypting the encrypted cryptographic first handshake key with a cryptographic first private key associated with the authorized recipient, wherein the cryptographic first public key and the cryptographic first private key comprise a cryptographic first asymmetric key pair;
encrypting a cryptographic secure entity key with the cryptographic first handshake key to generate an encrypted cryptographic secure entity key;
transmitting the encrypted cryptographic secure entity key to the secure entity;
receiving from the secure entity, encrypted session data and a cryptographic second public key associated with the secure entity through the untrusted intermediary, wherein:
the secure entity has:
decrypted the encrypted cryptographic secure entity key with the cryptographic first handshake key;
generated a cryptographic transaction key, wherein the cryptographic transaction key is generated based on:
a shared secret key generation process; and
a cryptographic second private key associated with the secure entity;
and encrypted session data with the generated cryptographic transaction key;
and the cryptographic second private key and the cryptographic second public key comprise a cryptographic second asymmetric key pair.
6. The method as claimed in claim 5, wherein the authorized recipient performs the
steps of:
generating the cryptographic transaction key, wherein generating the cryptographic transaction key is based on:
the shared secret key generation process; and
the cryptographic second public key;
and decrypting the received encrypted session data with the cryptographic transaction key.
7. The method as claimed in claim 6, wherein the secure entity:
receives encrypted session data that:
has been encrypted by the authorized recipient with the cryptographic transaction key; and
has been transmitted to the secure entity through an untrusted intermediary;
and decrypts the encrypted session data received from the authorized recipient with the cryptographic transaction key.
8. The method as claimed in claim 5, comprising:
receiving from the secure entity, an encrypted cryptographic second handshake key that has been encrypted with the cryptographic first public key;
decrypting the encrypted cryptographic second handshake key with the cryptographic first private key; and
transmitting the cryptographic second handshake key to the untrusted intermediary for storage therein and for signing, encryption or decryption of data messages transmitted between the secure entity and the untrusted intermediary.
9. A system for implementing encrypted network data transmission, comprising a
processor implemented secure entity within a terminal device, wherein the processor implemented secure entity is configured to perform the steps of:
receiving a request for initiating transmission of data to an authorized recipient;
encrypting at least a cryptographic first handshake key with a cryptographic first public key associated with the authorized recipient;
transmitting the encrypted cryptographic first handshake key to the authorized recipient through an untrusted intermediary;
receiving an encrypted cryptographic secure entity key generated and transmitted by the authorized recipient, wherein generation of the encrypted cryptographic secure entity key comprises performing at the authorized recipient, the steps of:
receiving the encrypted cryptographic first handshake key;
decrypting the encrypted cryptographic first handshake key with a cryptographic first private key associated with the authorized recipient, wherein the cryptographic first public key and the cryptographic first private key comprise a cryptographic first asymmetric key pair; and
encrypting a cryptographic secure entity key with the cryptographic first handshake key to generate the encrypted cryptographic secure entity key;
decrypting the encrypted cryptographic secure entity key with the cryptographic first handshake key;
generating a cryptographic transaction key, wherein the cryptographic transaction key is generated based on:
a shared secret key generation process; and
a cryptographic second private key associated with the secure entity;
encrypting session data with the generated cryptographic transaction key; and
transmitting the encrypted session data and a cryptographic second public key associated with the secure entity to the authorized recipient through the untrusted intermediary, wherein the cryptographic second private key and the cryptographic second public key comprise a cryptographic second asymmetric key pair.
10. The system as claimed in claim 9, wherein the authorized recipient is configured
for:
receiving the encrypted session data and the cryptographic second public key;
generating the cryptographic transaction key, wherein generating the cryptographic transaction key is based on:
the shared secret key generation process; and
the cryptographic second public key;
and decrypting the received encrypted session data with the cryptographic transaction key.
11. The system as claimed in claim 10, wherein the secure entity is configured for:
receiving encrypted session data that:
has been encrypted by the authorized recipient with the cryptographic transaction key; and
has been transmitted to the secure entity through an untrusted intermediary;
and decrypting the encrypted session data received from the authorized recipient with the cryptographic transaction key.
12. The system as claimed in claim 9, wherein the processor implemented secure
entity is configured for:
encrypting at least a cryptographic second handshake key with the cryptographic first public key;
transmitting the encrypted cryptographic second handshake key to the authorized recipient through the untrusted intermediary, wherein the authorized recipient is configured for:
receiving the encrypted cryptographic second handshake key;
decrypting the encrypted cryptographic second handshake key with the cryptographic first private key; and
transmitting the cryptographic second handshake key to the untrusted intermediary for storage therein and for signing, encryption or decryption of data messages transmitted between the secure entity and the untrusted intermediary.
13. A system for implementing encrypted network data transmission, comprising a
processor implemented authorized recipient of data, wherein the processor implemented authorized recipient of data is configured to perform the steps of:
receiving from a secure entity within a terminal device, an encrypted cryptographic first handshake key, wherein:
the encrypted cryptographic first handshake key has been generated at the secure entity by encrypting a cryptographic first handshake key with a cryptographic first public key associated with the authorized recipient; and
the encrypted cryptographic first handshake key has been transmitted to the authorized recipient from the secure entity through an untrusted intermediary;
decrypting the encrypted cryptographic first handshake key with a cryptographic first private key associated with the authorized recipient, wherein the cryptographic first public key and the cryptographic first private key comprise a cryptographic first asymmetric key pair;
encrypting a cryptographic secure entity key with the cryptographic first handshake key to generate an encrypted cryptographic secure entity key;
transmitting the encrypted cryptographic secure entity key to the secure entity;
receiving from the secure entity, encrypted session data and a cryptographic second public key associated with the secure entity through the untrusted intermediary, wherein:
the secure entity has:
decrypted the encrypted cryptographic secure entity key with the cryptographic first handshake key;
generated a cryptographic transaction key, wherein the cryptographic transaction key is generated based on:
a shared secret key generation process; and
a cryptographic second private key associated with the secure entity;
and encrypted session data with the generated cryptographic transaction key;
and the cryptographic second private key and the cryptographic second public key comprise a cryptographic second asymmetric key pair.
14. The system as claimed in claim 13, wherein the authorized recipient is configured
to perform the steps of:
generating the cryptographic transaction key, wherein generating the cryptographic transaction key is based on:
the shared secret key generation process; and
the cryptographic second public key;
and decrypting the received encrypted session data with the cryptographic transaction key.
15. The system as claimed in claim 14, wherein the secure entity is configured to:
receive encrypted session data that:
has been encrypted by the authorized recipient with the cryptographic transaction key; and
has been transmitted to the secure entity through an untrusted intermediary;
and decrypt the encrypted session data received from the authorized recipient with the cryptographic transaction key.
16. The system as claimed in claim 13, wherein the authorized recipient is configured
to perform the steps of:
receiving from the secure entity, an encrypted cryptographic second handshake key that has been encrypted with the cryptographic first public key;
decrypting the encrypted cryptographic second handshake key with the cryptographic first private key; and
transmitting the cryptographic second handshake key to the untrusted intermediary for storage therein and for signing, encryption or decryption of data messages transmitted between the secure entity and the untrusted intermediary.
17. A computer program product for implementing encrypted network data
transmission, comprising a non-transitory computer readable medium having a
computer readable program code embodied therein, the computer readable program
code comprising instructions for performing at a processor implemented secure entity
within a terminal device, the steps of:
receiving a request for initiating transmission of data to an authorized recipient;
encrypting at least a cryptographic first handshake key with a cryptographic first public key associated with the authorized recipient;
transmitting the encrypted cryptographic first handshake key to the authorized recipient through an untrusted intermediary;
receiving an encrypted cryptographic secure entity key generated and transmitted by the authorized recipient, wherein generation of the encrypted cryptographic secure entity key comprises performing at the authorized recipient, the steps of:
receiving the encrypted cryptographic first handshake key;
decrypting the encrypted cryptographic first handshake key with a cryptographic first private key associated with the authorized recipient, wherein the cryptographic first public key and the cryptographic first private key comprise a cryptographic first asymmetric key pair; and
encrypting a cryptographic secure entity key with the cryptographic first handshake key to generate the encrypted cryptographic secure entity key;
decrypting the encrypted cryptographic secure entity key with the cryptographic first handshake key;
generating a cryptographic transaction key, wherein the cryptographic transaction key is generated based on:
a shared secret key generation process; and
a cryptographic second private key associated with the secure entity;
encrypting session data with the generated cryptographic transaction key; and
transmitting the encrypted session data and a cryptographic second public key associated with the secure entity to the authorized recipient through the untrusted intermediary, wherein the cryptographic second private key and the cryptographic second public key comprise a cryptographic second asymmetric key pair.
18. A computer program product for implementing encrypted network data
transmission, comprising a non-transitory computer readable medium having a computer readable program code embodied therein, the computer readable program code comprising instructions for performing at a processor implemented authorized recipient of data, the steps of:
receiving from a secure entity within a terminal device, an encrypted cryptographic first handshake key, wherein:
the encrypted cryptographic first handshake key has been generated at the secure entity by encrypting a cryptographic first handshake key with a cryptographic first public key associated with the authorized recipient; and
the encrypted cryptographic first handshake key has been transmitted to the authorized recipient from the secure entity through an untrusted intermediary;
decrypting the encrypted cryptographic first handshake key with a cryptographic first private key associated with the authorized recipient, wherein the cryptographic first public key and the cryptographic first private key comprise a cryptographic first asymmetric key pair;
encrypting a cryptographic secure entity key with the cryptographic first handshake key to generate an encrypted cryptographic secure entity key;
transmitting the encrypted cryptographic secure entity key to the secure entity;
receiving from the secure entity, encrypted session data and a cryptographic second public key associated with the secure entity through the untrusted intermediary, wherein:
decrypted the encrypted cryptographic secure entity key with the cryptographic first handshake key;
generated a cryptographic transaction key, wherein the cryptographic transaction key is generated based on:
a shared secret key generation process; and
a cryptographic second private key associated with the secure entity;
and encrypted session data with the generated cryptographic transaction key;
and the cryptographic second private key and the cryptographic second public key comprise a cryptographic second asymmetric key pair.
Documents
Application Documents
| # | Name | Date |
|---|---|---|
| 1 | 202141010122-STATEMENT OF UNDERTAKING (FORM 3) [10-03-2021(online)].pdf | 2021-03-10 |
| 2 | 202141010122-PROVISIONAL SPECIFICATION [10-03-2021(online)].pdf | 2021-03-10 |
| 3 | 202141010122-FORM FOR STARTUP [10-03-2021(online)].pdf | 2021-03-10 |
| 4 | 202141010122-FORM FOR SMALL ENTITY(FORM-28) [10-03-2021(online)].pdf | 2021-03-10 |
| 5 | 202141010122-FORM 1 [10-03-2021(online)].pdf | 2021-03-10 |
| 6 | 202141010122-FIGURE OF ABSTRACT [10-03-2021(online)].pdf | 2021-03-10 |
| 7 | 202141010122-EVIDENCE FOR REGISTRATION UNDER SSI(FORM-28) [10-03-2021(online)].pdf | 2021-03-10 |
| 8 | 202141010122-EVIDENCE FOR REGISTRATION UNDER SSI [10-03-2021(online)].pdf | 2021-03-10 |
| 9 | 202141010122-DRAWINGS [10-03-2021(online)].pdf | 2021-03-10 |
| 10 | 202141010122-DECLARATION OF INVENTORSHIP (FORM 5) [10-03-2021(online)].pdf | 2021-03-10 |
| 11 | 202141010122-Request Letter-Correspondence [09-03-2022(online)].pdf | 2022-03-09 |
| 12 | 202141010122-FORM28 [09-03-2022(online)].pdf | 2022-03-09 |
| 13 | 202141010122-Form 1 (Submitted on date of filing) [09-03-2022(online)].pdf | 2022-03-09 |
| 14 | 202141010122-Covering Letter [09-03-2022(online)].pdf | 2022-03-09 |
| 15 | 202141010122-DRAWING [10-03-2022(online)].pdf | 2022-03-10 |
| 16 | 202141010122-CORRESPONDENCE-OTHERS [10-03-2022(online)].pdf | 2022-03-10 |
| 17 | 202141010122-COMPLETE SPECIFICATION [10-03-2022(online)].pdf | 2022-03-10 |
| 18 | 202141010122-FORM 18 [25-11-2023(online)].pdf | 2023-11-25 |
| 19 | 202141010122-FER.pdf | 2024-08-30 |
| 20 | 202141010122-FORM 3 [20-09-2024(online)].pdf | 2024-09-20 |
| 21 | 202141010122-Proof of Right [11-10-2024(online)].pdf | 2024-10-11 |
| 22 | 202141010122-PETITION UNDER RULE 137 [11-10-2024(online)].pdf | 2024-10-11 |
| 23 | 202141010122-FORM-26 [11-10-2024(online)].pdf | 2024-10-11 |
| 24 | 202141010122-Request Letter-Correspondence [29-11-2024(online)].pdf | 2024-11-29 |
| 25 | 202141010122-Power of Attorney [29-11-2024(online)].pdf | 2024-11-29 |
| 26 | 202141010122-FORM28 [29-11-2024(online)].pdf | 2024-11-29 |
| 27 | 202141010122-Form 1 (Submitted on date of filing) [29-11-2024(online)].pdf | 2024-11-29 |
| 28 | 202141010122-Covering Letter [29-11-2024(online)].pdf | 2024-11-29 |
| 29 | 202141010122-OTHERS [08-02-2025(online)].pdf | 2025-02-08 |
| 30 | 202141010122-FER_SER_REPLY [08-02-2025(online)].pdf | 2025-02-08 |
| 31 | 202141010122-CLAIMS [08-02-2025(online)].pdf | 2025-02-08 |
| 32 | 202141010122-CERTIFIED COPIES-CERTIFICATE U-S 72 147 & UR 133-2 [18-02-2025(online)].pdf | 2025-02-18 |
Search Strategy
| 1 | search0122E_16-07-2024.pdf |