In addition to traditional Short Message Service (“SMS”)—see e.g., co-pending U.S. patent application Ser. No. 12/940,213 filed Nov. 5, 2010; which claims priority from U.S. Provisional Patent Application No. 61/351,979 filed Jun. 7, 2010, incorporated herein by reference—many computing devices (hand-held, desktop, mobile, tablet, and other) are equipped with multimedia capabilities (such as for example cameras, audio recording devices, microphones, sensors, accelerometers, GPS, etc.). Additional components that are coupled to or are part of the device enable the capture of various data including, but not limited to: images, audio, video, location, time, temperature, acceleration, etc. As an extension to these short messaging services, standards have been developed by many organizations such as The 3rd Generation Partnership Project (3gpp) to allow for the exchange of information captured by these multimedia capabilities between computing devices.
Owners of these devices regularly snap digital photographs, record a video or audio segment, enter in more than a just few words of text, and transfer that information to another device over a network or otherwise using for example Multimedia Messaging Service or “MMS”. See for example the specifications at the following URL that are hereby incorporated by reference: http://www.openmobilealliance.org/Technical/release_program/mm s_v1—3.aspx
Multimedia messaging provides numerous advantages in terms of convenience and cost. In one non-limiting illustrative embodiment, many cellular carriers offer the exchange of multimedia message at no additional cost to a particular consumer's rate plan. Using the multimedia messaging service available to the computing devices over at least one cellular carrier network, may reduce the cost of sending this type of information in lieu of having an expensive carrier Internet access or private data services plan.
However, this multimedia or other information is often communicated without protection or security. Communicating the information with no security allows malicious or nefarious parties to view the contents of the message, forward it to others, and modify the content to something different than what was transmitted.
Therefore it would be highly desirable to develop a system where the multimedia content could be exchanged in a way that would at least allow for the detection of any modification, and at best be protect it from being viewed or tampered with by such nefarious or malicious parties (“attackers”), using existing messaging standards or infrastructure.
While it would be highly desirable to provide secure multimedia messaging, there are challenges to doing so. In particular, many communications service providers render/modify content to match what they perceive the capabilities are of the receiving device(s) as part of their multimedia messaging services. This artifact is based upon the concept that the messaging infrastructure has knowledge (a priori or otherwise) about what a receiving device's capability is. However, with the advancement of technology, many end devices such as smart phones, mobile devices, tablets, computers, or headless sensor devices, etc., can have their capabilities upgraded or changed by modifying/adding software and/or coupling additional hardware components to them, thus expanding their capability beyond the infrastructures' understanding. Therefore, any rendering/translation process may present a problem when transmitting content, as any intermediary nodes on the path(s) between the communicating end node devices may modify the data stream. Therefore, it may be desirable to take steps to allow the information to be exchange in a way that helps reduce the possibility that any intermediary device will overtly or inadvertently modify the content of the multimedia message.
Additional limitations such as size of the content may also be enforced by the intervening infrastructure. It may be desirable to ensure that any security process does not add significantly to the overhead associated with sending a message.
Other difficulties may also exist when sending information securely. As one example, to transfer this information securely, cryptographic transforms may be applied. Given the potential limited processing power of peer or other receiving systems, judicious use of such cryptographic transforms may be considered that mitigate potential attack vectors and do not over burden the end or receiving node device's computing platform.
While much work has been done in the past, there remains a long-felt but unsolved need for effective, robust secure techniques for exchanging multimedia information over cellular, Internet and other messaging services.
The exemplary illustrative non-limiting technology herein describes non-limiting cryptographic processes and algorithms associated with a non-limiting example “protected MMS” that allows for a lightweight peer-to-peer or other exchange of messages or communiqués containing at least one multimedia content over insecure communications links.
One example non-limiting implementation provides methods of exchanging at least one part multimedia information being communicated between a first messaging device and at least one second messaging device involving generating at least one set of cryptographic material used to transform a first message, encrypting the at least one cryptographic set of cryptographic material using a different cryptographic set of cryptographic material, including the at least one set of cryptographic material as part of a second message loosely coupled with the first message, communicating the first transformed message to the peer device, communicating the second message to the peer device, the receiving peer device transforms the information in second message to recover the at least one set of cryptographic material, then using the at least one set of cryptographic material to recover the transformed the at least one part multimedia message.
The exemplary illustrative technology herein can be used to avoid cryptographic collision of data and/or the cryptographic material to increase the level of security. In one example non-limiting illustrative implementation, an at least one ephemeral cryptographic key is associated with the at least one part of multimedia information. In this way, using a one-time pad, even if the same multimedia content were to be communicated again, the transformed ciphered text of the message would be different.
The exemplary illustrative non-limiting light-weight technology herein is able to implement secure multimedia messaging technology using a small amount of additional computational power of the type available on low-cost portable, mobile or any other end-to-end devices (e.g., any embedded processing technology) and while minimizing communication overhead. For example, the exemplary illustrative non-limiting technology provides a reduced or minimal message encapsulation having low consumption of available message payload. As one non-limiting example, some messaging services limit the actual size of the multimedia messaging to be 307,200 bytes of information (300 KB). Adding any additional overhead may cause the messaging service to discard the Multimedia message (MMS). Using a symmetric cryptographic algorithm such as AES (Advanced Encryption Standard) in GCM (Galois/counter) mode of operation allows for no expansion of the original content. However without a priori knowledge of the cryptographic material used to transform the message content, the at least one part transformed multimedia message is of no value. Therefore the cryptographic material is in a non-limiting example transferred to the at least one peer system. For example, by sending an associated loosely coupled secure message via the SMS services, the at least one part secure MMS message can be transferred without increasing the overhead. The peer device can then decode the secure SMS message to recover the cryptographic materials used to encode the MMS message. It can then proceed to recover the at least one part multimedia information. It is to be understood by those skilled in the art, that the loosely coupled messages do not have to be sent together or even through the same path or service. For example, the multimedia message could be sent via standard Internet based email or file transfer utilities which may allow for larger messages to be communicated while the cryptographic material used to encode the secure message may be transferred via an SMS channel. The cryptographic material may also be exchanged through alternate channels such as physically via a secure digital storage card. Many other permutations can be employed, including but not limited to sending the first and second messages in the same communications envelope.
As indicated previously, intermediary attackers and associated devices may attempt to interpolate and/or modify the content of the at least one part multimedia message. If in fact the message is changed, this can present a significant problem, as the transformation process will be unable to be reversed if certain portions of the content are changed or modified in some way. Therefore, the originating system may in some example non-limiting implementations use an alternative encapsulation to a different format that may not require any interpolation of the data, or a format that has a known algorithm of modification. This could involve sending the content as a textual representation of the transformed data instead of the original binary data. Other encapsulations could also provide similar results depending on the behavior of the intervening systems. Obfuscating the data in this manner may allow the data to be communicated efficiently between peers without changes to the intervening messaging service.
Exemplary illustrative non-limiting implementations provides unique combinations of:                technology that works successfully and securely for constrained multimedia message lengths;        ability to exchange secure multimedia content information through a bandwidth-challenged interface in a way that is not onerous on the users who are sending and receiving secure messages;        no additional infrastructure required beyond conventional components already in place for exchanging messages;        low computational requirements enabling security on a wide variety of different platforms including very inexpensive devices;        other.        
In simple terms, an illustrative non-limiting protected MMS embodiment can be used to protect data content in MMS, Skype, or various other messaging methodologies. Furthermore, this technology can be used to protect message oriented communications such as picture messages, email messages, other text documents/attachments, command and control messages, alerts messages, machine to machine messages, video clips, audio clips, etc.
The illustrative non-limiting protected MMS provides a mobile or portable device with an ability to encrypt and decrypt messages exchanged with other users and devices who also have access to the Protected MMS protocols and application algorithms. Non-limiting technical overviews and detailed descriptions of example non-limiting cryptographic technology and techniques employed to secure MMS traffic are provided. One example non-limiting target platform with which the present technology can be useful as of this filing is the Google Android operating system, Apple iPhones and iPads, or any desired MMS or other messaging platforms, but various other existing and/or not-yet-developed platforms can benefit from and use the technology herein to provide advantageous secure messaging.
Thus, given the rise in popularity of communicating personal, private, sensitive, or vital peer-to-peer or peer-to-group information over insecure multimedia messaging infrastructure, it would be highly desirable to provide a lightweight solution that enables the exchange of multimedia information in a secure manner. The non-limiting technology herein provides systems and methods for the exchange of cryptographic material that can be used to encipher multimedia message-oriented communications between at least two peer devices. Once the cryptographic material is exchanged between cooperating peers, this lightweight solution can be used by common off the shelf hardware such as smartphones, tablets, feature phones, or special purpose machine to machine devices for private communications, such as command and control, location services, video, audio, electronic attachments, etc. using insecure voice or data communication paths, such as MMS.