| CPC G06F 21/10 (2013.01) [H04L 9/0866 (2013.01); H04L 9/0894 (2013.01); H04L 9/3278 (2013.01); H04L 63/0428 (2013.01); H04L 2463/101 (2013.01)] | 12 Claims |
|
1. A system for developing a trust relationship between a first party device and a second party device to effect secure communication therebetween, comprising:
the first party device having:
a first hardware storage device for storing a plurality of predetermined and distinct entropy stores,
an input interface for receiving from an external host a unique host factor of a plurality of host factors that are generated by the external host for a user selected entropy store and a unique Personal Identification Number (PIN) for a user, wherein each host factor of the plurality of host factors is used with the user selected entropy store and the unique PIN for the user to generate a different private key,
a user input interface for receiving from a user the unique PIN for the user and a selection input for selecting one of the plurality of stored entropy stores as the user selected entropy store,
a first private key generator operating within a defined session for generating a first session dependent private key using a predetermined key generation algorithm that requires as an input for the key generation algorithm the selected entropy store, the unique host factor and the unique user PIN, and
a communication interface for communicating with the second party device via a proximity-based communication link for transmitting thereto the received user PIN and an indication of the user selected entropy store in addition to facilitating secure transmission using the first session dependent private key; and
the second party device having:
a second hardware storage device for storing a plurality of predetermined and distinct entropy stores corresponding to at least a portion of the entropy stores stored in the first storage device,
an input interface for receiving the unique host factor as received by the first party device,
a communication interface for communicating with the first party device via the proximity-based communication link and receiving from the first party device the user PIN and the indication of the user selected entropy store,
a second private key generator operating within the defined session as the first party device for generating a second session dependent private key using the predetermined key generation algorithm with the user PIN received from the first party device, the unique host factor, and an extracted one of the entropy stores stored in the second storage device corresponding to a particular entropy store associated with the received indication of the user selected entropy store, wherein the first session dependent private key generated by the first private key generator and the second session dependent private key generated by the second private key generator are identical and independently generated, and the communication interface for communicating with the first party device facilitating secure transmission using the generated second session dependent private key;
wherein the session is initiated with a predetermined session trigger to cause the generation of the first session dependent private key at the first private key generator and the generation of the second session dependent private key at the second private key generator and allow secure communication between the first party device and the second party device via the proximity-based communication link; and
wherein at least one of the first session dependent private key at the first party device or the second session dependent private key at the second party device is deleted at the end of the session.
|