US 11,863,541 B2
System and method for end-to-end secure communication in device-to-device communication networks
Zhang Yuting, Winchester, MA (US); Jin Yu, Lexington, MA (US); Dan Jiang, Westford, MA (US); and Dong Han, Newton, MA (US)
Assigned to SIGNIFY HOLDING B.V., Eindhoven (NL)
Appl. No. 16/960,206
Filed by SIGNIFY HOLDING B.V., Eindhoven (NL)
PCT Filed Dec. 21, 2018, PCT No. PCT/EP2018/086690
§ 371(c)(1), (2) Date Jul. 6, 2020,
PCT Pub. No. WO2019/134868, PCT Pub. Date Jul. 11, 2019.
Claims priority of provisional application 62/613,439, filed on Jan. 4, 2018.
Claims priority of application No. 18154579 (EP), filed on Feb. 1, 2018.
Prior Publication US 2021/0067495 A1, Mar. 4, 2021
Int. Cl. H04L 9/40 (2022.01); H04W 12/0431 (2021.01); H04L 9/08 (2006.01); H04L 9/14 (2006.01); H04L 9/30 (2006.01); H04L 9/32 (2006.01); H04L 9/00 (2022.01)
CPC H04L 63/0478 (2013.01) [H04L 9/0894 (2013.01); H04L 9/14 (2013.01); H04L 9/3073 (2013.01); H04L 9/3247 (2013.01); H04L 63/0435 (2013.01); H04L 63/0442 (2013.01); H04W 12/0431 (2021.01); H04L 9/50 (2022.05)] 13 Claims
OG exemplary drawing
 
1. A method of conducting end-to-end secure device-to-device (D2D) communication between a plurality of user devices that includes a sender user device, a recipient user device, and a plurality of relay user devices, comprising the steps of:
providing a public key and a private key for each of the user devices, the private key for each user device arranged to decrypt data encrypted by the public key corresponding to that private key;
creating, by the sender user device, a digital signature using its private key; double-encrypting, by the sender user device, a data transmission using the public key of the recipient user device and the public key of a first one of the relay user devices, the data transmission including the digital signature;
transmitting the data transmission in a chain from the sender user device to the recipient user device through the plurality of relay user devices starting with the first one of the relay user devices, wherein, for each of the relay user devices, the step of transmitting includes:
receiving the data transmission;
decrypting a first layer of encryption of the data transmission with its private key;
encrypting the data transmission with the public key of a subsequent one of the user devices in the chain; and
forwarding the data transmission to the subsequent one of the user devices;
authenticating, by the recipient user device, the digital signature of the sender user device using the public key of the sender user device;
conducting D2D communications between the sender user device and the recipient user device if the digital signature is authenticated;
providing a wireless communication network with a base station;
registering the user devices with a proximity service application server when the user devices are in communication with the proximity service application server over the wireless network; and
managing the public keys, the private keys, or both with a key server module in communication with the proximity service application server at least by not storing the private keys if the private keys are stored by the key server module.