Method and device for establishing a communication session

摘要

Devices are provided with secret information to indicate which other devices are eligible to establish communication sessions. Information leaks about the eligibility of devices are prevented when no communication sessions are established. Each device makes a set of preference information items publicly available. Each preference information item selects an eligible device in cloaked way. Each protected information item contains protected information such as an encrypted random number that can be decrypted only by the eligible device. When a request to establish a communication is processed by a first and second device, the first and second device indicate which of their preference information items should be used. The devices then each attempt to decrypt the protected information from the other one's indicated preference information item and each combines the result with the protected information used to make the preference information item that it indicated to the other. The results from the first and second device are compared and when a match is detected, establishment of the communication session is enabled. If no match is detected a first device that did not make the second device eligible is unable to detect whether it was made eligible by the second device.

主权项

1. A method of establishing a communication session using a first and second device from a plurality of more than two devices in a communication system, wherein each device of the plurality is enabled to use a respective decryption key that is not available to other devices in the plurality, the method comprising:
selecting, for each particular device of the plurality, a subset of eligible devices in the plurality that are eligible for establishing communication sessions; providing, for each particular device of the plurality, protected information items associated with the selected subset of eligible devices of the particular device, each of the protected information items being selectively retrievable in the particular device only; providing, for each particular device of the plurality, a respective set of preference information items for the selected subset of eligible devices of the particular device, each preference information item in the respective set of preference items comprising a respective protected information item associated with a respective eligible device in the selected subset of eligible devices, each of the respective protected information items being only accessible by means of the respective decryption key of the respective eligible device; making the respective sets of preference information items of at least the first and second device available to all of the devices in the plurality; triggering a communication session establishment process between the first and second device; indicating a first one of the available preference information items to the first device from the set of preference information items provided for the second device; indicating a second one of the available preference information items to the second device from the set of preference information items provided for the first device; decrypting protected information items from the first and second one of the preference information items in the first and second device using the decryption keys of the first and second device respectively; retrieving the retrievable protected information item associated with the indicated second and first one of the preference information items in the first and second device respectively; deriving match data from a computation of a one way function of a combination of the decrypted and retrieved protected information item in each of the first and second device; comparing the match data from the first and second devices; and enabling establishment of the communication session if the match data from the first and second devices match with each other.