公开(公告)号：US10084761B1

公开(公告)日：2018-09-25

申请号：US15874009

申请日：2018-01-18

Applicant: Wickr Inc

Inventor： Christopher Howell ,  Robert Statica ,  Kara Lynn Coppa

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/0442 ,  G06F21/32 ,  G06F21/606 ,  G06F21/6245 ,  G06F21/73 ,  G06F2221/2107 ,  G06F2221/2137 ,  G06K9/00087 ,  G06T11/60 ,  H04L9/0643 ,  H04L9/3242 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/062 ,  H04L63/0861 ,  H04L63/123 ,  H04L63/126 ,  H04W12/06

Abstract: A variety of techniques for performing identity verification are disclosed. As one example, a verification request is received from a remote user. The verification request pertains to a cryptographic key. In response to receiving a confirmation from a local user of the local device, a verification process is initiated. A result of the verification process is transmitted to the remote user. As a second example, a verification request can be received at the local device, from a local user of the device. A verification process with respect to the local user is initiated, and a result of the verification process is transmitted to a remote user that is different from the local user.

公开(公告)号：US09805212B1

公开(公告)日：2017-10-31

申请号：US15381065

申请日：2016-12-15

Applicant: Wickr Inc.

Inventor： Christopher A. Howell ,  Thomas Michael Leavy ,  David A. Sugar ,  Dipakkumar R. Kasabwala ,  Ernest W. Grzybowski

IPC: G06F21/62 ,  H04L9/32 ,  H04L29/06

CPC classification number: G06F21/6218 ,  H04L9/3234 ,  H04L12/1827 ,  H04L63/0435 ,  H04L63/061 ,  H04L63/0853 ,  H04L63/0876 ,  H04W12/02 ,  H04W12/04

Abstract: The present disclosure describes techniques for storing encrypted files in a secure file repository and transferring those encrypted files to one or more recipients. A user selects a file to upload to a secure file repository. A secure collaboration app on the user's device generates a first encryption key that is used to encrypt the file. The encrypted file is then uploaded to the secure file repository, which provides the secure collaboration app with a random file name and a location of the encrypted file. The secure collaboration app updates locally stored metadata of the first encrypted file. To securely transfer the file, the user generates a second encryption key, encrypts the metadata with the second encryption key, and transmits the encrypted metadata to one or more receivers. The one or more receivers decrypt the encrypted metadata and use the decrypted metadata to retrieve the file and decrypt it.

公开(公告)号：US09729315B2

公开(公告)日：2017-08-08

申请号：US14791198

申请日：2015-07-02

Applicant: Wickr Inc.

Inventor： Robert Statica ,  Kara Lynn Coppa ,  Christopher A. Howell

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/30 ,  H04L9/32 ,  G06F3/0488

CPC classification number: H04L63/061 ,  G06F3/0488 ,  H04L9/08 ,  H04L9/0816 ,  H04L9/0822 ,  H04L9/0825 ,  H04L9/0869 ,  H04L9/30 ,  H04L9/3236 ,  H04L63/04 ,  H04L63/0435 ,  H04L63/0442 ,  H04L63/08 ,  H04L63/0853 ,  H04L2209/24

Abstract: A public/private key pair is generated on a client device for an application. A device identifier for the client device is generated. An application identifier for the application is generated on the client device. At least one of the public key, the device identifier, and the application identifier are transmitted to a server.

公开(公告)号：US09584493B1

公开(公告)日：2017-02-28

申请号：US15056938

申请日：2016-02-29

Applicant: Wickr Inc.

Inventor： Thomas Michael Leavy ,  Gerard Ryan

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  G06F17/30312 ,  G06F21/602 ,  H04L9/0637 ,  H04L9/0822 ,  H04L9/0861 ,  H04L9/0894 ,  H04L51/04 ,  H04L51/10 ,  H04L51/24 ,  H04L51/38 ,  H04L63/0471 ,  H04L63/06 ,  H04L63/065 ,  H04L63/104 ,  H04L65/403 ,  H04L67/146

Abstract: A secure chat client is described that allows users to exchange encrypted communications via secure chat rooms, as well as one-to-one communications. In particular, the secure chat client allows users to create, configure, and manage secure chat rooms. Furthermore, the secure chat client provides users with the ability to recover secure messages when they obtain a new device or otherwise lose communications.

公开(公告)号：US11425122B2

公开(公告)日：2022-08-23

申请号：US16102136

申请日：2018-08-13

Applicant: Wickr Inc.

Inventor： Christopher Dowd ,  Christopher Lalonde ,  Thomas Michael Leavy ,  Arjun Bhatnagar ,  Dipakkumar R. Kasabwala ,  David Lautz ,  Matthew Downs

IPC: H04L9/40 ,  H04L41/0813 ,  H04L67/141

Abstract: A solution for circumventing censorship is disclosed. A first device connects to a first server hosted in a content delivery network (CDN). The CDN routes the first device's connection request to the first server. The first server responds by providing the first device with a configuration file that contains a plurality of second servers for the first device to access. The first device disconnects from the first server and hops between one or more of the plurality of second servers contained in the configuration file. By distributing the configuration file from a first server hosted in a CDN, the first device obfuscates the true endpoint of the connection. Thus, the first device obtains the configuration file without drawing the ire of censors. By hopping from server-to-server, the first device stays one step ahead of censors. Accordingly, a multi-prong approach to staying a step ahead of eavesdroppers, sniffers, and censors is described.

公开(公告)号：US11101999B2

公开(公告)日：2021-08-24

申请号：US16800055

申请日：2020-02-25

Applicant: Wickr Inc.

Inventor： Thomas Michael Leavy ,  Joël Alwen ,  Christopher Howell

IPC: H04L9/14 ,  H04L9/32 ,  H04L29/06

Abstract: The present application describes a method, system, and non-transitory computer-readable medium for end-to-end encryption during a secure communication session. According to the present disclosure, a first device initializes a secure communication session with at least one second device. Initializing the secure communication session includes transmitting an invitation to a secure communication session to the at least one second device. The at least one second device may generate a transmission root key, which may be used to derive a first key for encrypting data transmitted to the first device and a second key for decrypting received data from the first device. The at least one second device may transmit the transmission root key to the first device, which may use the transmission root key to derive a first key to encrypt data transmitted to the at least one second device and a second key to decrypt data received from the at least one second device.

公开(公告)号：US11082412B2

公开(公告)日：2021-08-03

申请号：US15647569

申请日：2017-07-12

Applicant: Wickr Inc.

Inventor： Thomas Michael Leavy ,  Christopher Howell ,  Joël Alwen

IPC: H04L9/08 ,  H04L29/06 ,  H04L9/14 ,  G06F21/60

Abstract: A method, system, and non-transitory computer readable medium are described for providing a sender a plurality of ephemeral keys such that a sender and receiver can exchange encrypted communications. Accordingly, a sender may retrieve information, such as a public key and a key identifier, for the first receiver from a local storage. The retrieved information may be used to generate a key-encrypting key that is used to generate a random communication encryption key. The random communication encryption key is used to encrypt a communication, while the key-encrypting key encrypts the random communication key. The encrypted communication and the encrypted random communication key are transmitted to the first receiver.

公开(公告)号：US10944713B1

公开(公告)日：2021-03-09

申请号：US15988228

申请日：2018-05-24

Applicant: Wickr Inc.

Inventor： Christopher Howell ,  Robert Statica ,  Kara Lynn Coppa

IPC: H04L12/58 ,  H04L9/32 ,  H04L9/08 ,  H04L9/00 ,  H04L9/06

Abstract: Secure directory services are disclosed. A cryptographic hash of a foreign identifier associated with a potential user is received. A determination is made that the received cryptographic hash of the foreign identifier matches a representation of a stored entry. In response to the determination, a transmission of a representation of a native identifier associated with the stored entry is transmitted to the sender of the cryptographic hash of the foreign identifier.

公开(公告)号：US20210058240A1

公开(公告)日：2021-02-25

申请号：US17077064

申请日：2020-10-22

Applicant: Wickr Inc.

Inventor： Joël Alwen

IPC: H04L9/08 ,  H04L9/32 ,  H04L9/16 ,  H04L29/06

Abstract: The present application describes a method, system, and non-transitory computer-readable medium for exchanging encrypted communications using hybrid encryption. According to the present disclosure, a first device receives an encrypted communication from a second device. The encrypted communication includes a first encrypted secret, a second encrypted secret, a first signature, and a second signature. The first device verifies the first signature and the second signature, and, when the first and second signatures are valid, decrypts the first encrypted secret using a first encryption algorithm and the second encrypted secret using a second encryption algorithm. The first device combines the first decrypted secret and the second decrypted secret to recover a first communication and provides the first communication to a user of the first device.

公开(公告)号：US10911431B2

公开(公告)日：2021-02-02

申请号：US16106862

申请日：2018-08-21

Applicant: Wickr Inc.

Inventor： Thomas Michael Leavy ,  Joël Alwen ,  Christopher Howell

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  G06F21/60

Abstract: The present disclosure describes techniques that allow for a client-side application, located on a first client device, to generate a random encryption key and encrypt locally-stored application data with the random encryption key. In order to ensure that the client-device application is unable to decrypt the locally-stored encrypted application data prior to authenticating with an external authentication source (i.e., SSO, IdP), the client-side application divides the random encryption key into at least a first share and a second share according to a secret sharing algorithm. The first share is transmitted to a trusted third party, while the second share is encrypted locally and stored in a secure location on the client device. Upon successful authentication, the trusted third party returns the second share to the first client device. The client-side application derives the random encryption key and decrypts the locally-stored encrypted application data to be used by the client-side application. By dividing the key used to encrypt the client-side application data and storing one of the secret shares necessary to deriving the key at a trusted third party, the present disclosure solves the problem of how to encrypt local application data when the login credentials for the application are managed by a trusted third party, such as an SSO system.