US2021184860A1PendingUtilityA1

System, method, and computer program product for zero round trip secure communications based on noisy secrets

54
Assignee: DIGITAL 14 LLCPriority: Mar 13, 2019Filed: Mar 2, 2021Published: Jun 17, 2021
Est. expiryMar 13, 2039(~12.7 yrs left)· nominal 20-yr term from priority
H04L 9/0819H04L 63/123H04W 12/04G09C 1/00H04L 2209/34H04L 9/0866H04L 63/0428H04L 9/0869H04L 9/3242
54
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A system, method, and computer program product are provided for implementing zero round trip secure communications based on a noisy secret. In operation, a sender system utilizes a randomly generated message key for encrypting a message to send to a receiver system. The sender system selects a plurality of different sub-keys from a negotiated noisy secret to encrypt the randomly generated message key. The sender system encrypts the message utilizing the randomly generated message key. The sender system sends the encrypted message, all encrypted message keys, and a message MAC that is calculated and added for every sub-key, to the receiver system such that the receiver system is able to perform a MAC-based verification to test sub-key validity of the plurality of different sub-keys.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A system, comprising:
 utilizing, by a sender system, a randomly generated message key for encrypting a message to send to a receiver system;   selecting, by the sender system, a plurality of different sub-keys from a negotiated noisy secret to encrypt the randomly generated message key;   encrypting, by the sender system, the message utilizing the randomly generated message key; and   sending, by the sender system, the encrypted message, all encrypted message keys, and a message MAC that is calculated and added for every sub-key, to the receiver system such that the receiver system is able to perform a MAC-based verification to test sub-key validity of the plurality of different sub-keys.   
     
     
         2 . The method of  claim 1 , wherein the sender system selects the plurality of different sub-keys from the negotiated noisy secret utilizing a deterministic algorithm. 
     
     
         3 . The method of  claim 2 , wherein the receiver system obtains the plurality of different sub-keys from the negotiated noisy secret utilizing the deterministic algorithm. 
     
     
         4 . The method of  claim 1 , wherein the sender system selects the plurality of different sub-keys from the negotiated noisy secret utilizing random selection. 
     
     
         5 . The method of  claim 4 , wherein the sender system includes sub-key masks that indicate selected bits from the negotiated noisy secret in the encrypted message. 
     
     
         6 . The method of  claim 5 , wherein the receiver system obtains the plurality of different sub-keys from the negotiated noisy secret utilizing the sub-key masks. 
     
     
         7 . The method of  claim 1 , wherein the sender system calculates a required number of sub-keys to be selected based on an acceptable level of message loss. 
     
     
         8 . The method of  claim 1 , wherein the sender system utilizes a key derivation function to derive a key encryption key and a key MAC key. 
     
     
         9 . The method of  claim 8 , wherein the sender system encrypts the randomly generated message key with the derived key encryption key. 
     
     
         10 . The method of  claim 9 , wherein the sender system calculates an encrypted message key MAC using a derived key MAC key. 
     
     
         11 . The method of  claim 10 , wherein the sender system includes the encrypted message key and an associated MAC in the encrypted message. 
     
     
         12 . The method of  claim 1 , wherein the receiver system obtains a number of the plurality of different sub-keys from the encrypted message. 
     
     
         13 . The method of  claim 12 , wherein the receiver system uses a key derivation function to derive a key encryption key and a key MAC key. 
     
     
         14 . The method of  claim 13 , wherein the receiver system calculates an encrypted message key MAC using the derived key MAC key. 
     
     
         15 . The method of  claim 14 , wherein if a calculated MAC matches a received MAC for a common sub-key, the receiver system determines that the common sub-key does not have any noise. 
     
     
         16 . The method of  claim 14 , wherein if a calculated MAC does not match a received MAC for a common sub-key, the receiver system determines that the common sub-key has some noise and proceeds with a next sub-key. 
     
     
         17 . The method of  claim 16 , wherein the receiver system uses a key encryption key derived from a noiseless key to decrypt the randomly generated message key. 
     
     
         18 . The method of  claim 17 , wherein the receiver system uses the randomly generated message key to decrypt the encrypted message. 
     
     
         19 . A non-transitory computer readable medium storing computer code executable by a processor to perform a method comprising:
 utilizing, by a sender system, a randomly generated message key for encrypting a message to send to a receiver system;   selecting, by the sender system, a plurality of different sub-keys from a negotiated noisy secret to encrypt the randomly generated message key;   encrypting, by the sender system, the message utilizing the randomly generated message key; and   sending, by the sender system, the encrypted message, all encrypted message keys, and a message MAC that is calculated and added for every sub-key, to the receiver system such that the receiver system is able to perform a MAC-based verification to test sub-key validity of the plurality of different sub-keys.   
     
     
         20 . A sender system, comprising:
 a memory storing instructions, and   a computer processor executing the instructions for:   utilizing, by the sender system, a randomly generated message key for encrypting a message to send to a receiver system;   selecting, by the sender system, a plurality of different sub-keys from a negotiated noisy secret to encrypt the randomly generated message key;   encrypting, by the sender system, the message utilizing the randomly generated message key; and   sending, by the sender system, the encrypted message, all encrypted message keys, and a message MAC that is calculated and added for every sub-key, to the receiver system such that the receiver system is able to perform a MAC-based verification to test sub-key validity of the plurality of different sub-keys.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.