PATENTSCOPE will be unavailable a few hours for maintenance reason on Tuesday 19.11.2019 at 4:00 PM CET
Search International and National Patent Collections
Some content of this application is unavailable at the moment.
If this situation persists, please contact us atFeedback&Contact
1. (WO2017130200) SYSTEM AND METHOD FOR SECURING A COMMUNICATION CHANNEL
Note: Text based on automatic Optical Character Recognition processes. Please use the PDF version for legal matters

CLAIMS

1. A computer-implemented method of securing a communication channel, the method comprising:

obtaining, by first and second devices, a first value;

randomly selecting a second value, by the first device, and providing the second value to the second device;

independently, by the first and second devices, applying a function to the first and second values; and

using, by the first and second devices, a result of the function to secure and authenticate a communication channel between the first and second devices.

2. The method of claim 1, comprising:

generating a third value based on the first and second values;

using the third value to define an encryption key; and

using the encryption key to encrypt data communicated over the communication channel.

3. The method of claim 1, comprising authenticating the second device, by the first device based on determination that the second device possesses the first and second values.

4. The method of claim 1, comprising:

providing the first value to at least the first device over an out-of-band channel; and providing the second value over an in-band channel.

5. The method of claim 1, comprising:

randomly selecting a set of two or more values, by at least one of the first and second devices;

selecting at least two different routes in a network;

sending the set of values from one of the first and second devices to the other over the at least two different routes, such that no single entity on the network obtains more than a predefined number of values included in the set; and

using the first value and the set of values, by the first and second devices, to secure the communication channel between the first and second devices.

6. The method of claim 1, wherein obtaining the first value by the first and second devices includes selecting the first value, by the second device, and providing the first value to the first device.

7. The method of claim 1, wherein the first value is sent over a first communication channel and the second value is sent over a second communication channel.

8. The method of claim 1, comprising encrypting the first and second values.

9. The method of claim 1, comprising:

sending at least one of the first and second values, from the first device to a third device over a secured communication channel between the first and third devices; and

using the third device to provide the at least one of the first and second values to the second device.

10. The method of claim 1, wherein:

the first value includes a first pair of input and output values of a polynomial and the second value includes a second pair of input and output values of the polynomial and wherein the method includes:

using the first and second pairs to identify the polynomial; and

generating the third value based on a function applied to at least one coefficient of the polynomial.

11. The method of claim 10, comprising:

randomly selecting a degree K of the polynomial;

randomly generating a set of at least K+l pairs of input and output values of the polynomial; sharing the at least K+l pairs over at least two different network routes, such that no single entity on a network obtains more than K+l pairs included in the set of at least K+l pairs; and after constructing the polynomial from the at least K+l pairs, applying a function to one of: the first and last coefficients of the polynomial and using a result of the function to secure and authenticate the communication channel between the first and second devices.

12. The method of claim 1, comprising:

independently using the first and second values, by the first and second devices, to define at least a third value; and

using the at least third value to secure and authenticate a communication channel between the first and second devices.

13. A system comprising first and second computing devices configured to:

obtaining, by the first and second devices, a first value;

randomly selecting a second value, by the first device, and providing the second value to the second device;

independently, by the first and second devices, applying a function to the first and second values; and

using, by the first and second devices, a result of the function to secure and authenticate a communication channel between the first and second devices.

14. The system of claim 13, wherein the computing devices are configured to:

generating a third value based on the first and second values;

using the third value to define an encryption key; and

using the encryption key to encrypt data communicated over the communication channel.

15. The system of claim 13, wherein the first computing device is configured to authenticate the second device based on determination that the second device possesses the first and second values.

16. The system of claim 13, wherein the computing devices are configured to:

provide the first value to at least the first device over an out-of-band channel; and provide the second value over an in-band channel.

17. The system of claim 13, wherein the computing devices are configured to:

randomly select a set of two or more values, by at least one of the first and second devices; select at least two different routes in a network;

send the set of values from one of the first and second devices to the other over the at least two different routes, such that no single entity on the network obtains more than a predefined number of values included in the set; and

use the first value and the set of values, by the first and second devices, to secure the communication channel between the first and second devices.

18. The system of claim 13, wherein obtaining the first value by the first and second devices includes selecting the first value, by the second device, and providing the first value to the first device.

19. The system of claim 13, wherein the first value is sent over a first communication channel and the second value is sent over a second communication channel.

20. The system of claim 13, wherein the first and second values are encrypted.

21. The system of claim 13, wherein the first computing device is configured to:

send at least one of the first and second values, from the first device to a third device over a secured communication channel between the first and third devices; and

the third device is configured to provide the at least one of the first and second values to the second device.

22. The system of claim 13, wherein:

the first value includes a first pair of input and output values of a polynomial and the second value includes a second pair of input and output values of the polynomial and wherein the first computing device is configured to:

use the first and second pairs to identify the polynomial; and

generate the third value based on a coefficient of the polynomial.

23. The system of claim 22, wherein the computing devices are configured to:

randomly select a degree K of the polynomial;

randomly generate a set of at least K+l pairs of input and output values of the polynomial; share the at least K+l pairs over at least two different network routes, such that no single entity on a network obtains more than K+l pairs included in the set of at least K+l pairs; and after constructing the polynomial from the at least K+l pairs, securing the communication channel between the first and second devices base on a function of at least one of the first and last coefficients of the polynomial.