Encrypted message communication

US 10,356,058 B2
Filed: 10/01/2015
Issued: 07/16/2019
Est. Priority Date: 10/01/2015
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for communicating message data from a sender computer to a receiver computer via a network, the method comprising, at the sender computer:

encrypting, by a processor, the message data in dependence on a cryptographic key to produce a ciphertext;

establishing, by the processor, an access password for the ciphertext with a host computer connected to the network and sending the access password to the host computer with the ciphertext;

sending, by the processor, the ciphertext via the network to the host computer for storage in association with the access password by the host computer; and

sending, by the processor, over the network, an email message containing said cryptographic key in cleartext, to the receiver computer via the network without requiring said processor to encrypt said cryptographic key;

wherein the cryptographic key comprises a random cryptographic value which is independent of the access password, said receiver computer configured to decrypt the ciphertext using said cryptographic key to obtain said message data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Computer-implemented methods are provided for communicating message data from a sender computer to a receiver computer via a network. The sender computer encrypts the message data in dependence on a cryptographic key to produce a ciphertext, and establishes an access password for the ciphertext with a host computer connected to the network. The sender computer sends the ciphertext via the network to the host computer, and sends an email, containing the cryptographic key in cleartext, to the receiver computer via the network. The cryptographic key comprises a random cryptographic value which is independent of the access password. The host computer receives the ciphertext from the sender computer and stores the ciphertext in association with the access password. The receiver computer receives the email from the sender computer and sends an access request for the ciphertext, and an input password, to the host computer via the network. The host computer, on receiving the access request and the input password, sends the ciphertext to the receiver computer via the network if the input password equals the access password. The receiver computer decrypts the received ciphertext using the cryptographic key to obtain the message data.

Citations

22 Claims

1. A computer-implemented method for communicating message data from a sender computer to a receiver computer via a network, the method comprising, at the sender computer:
- encrypting, by a processor, the message data in dependence on a cryptographic key to produce a ciphertext;
  
  establishing, by the processor, an access password for the ciphertext with a host computer connected to the network and sending the access password to the host computer with the ciphertext;
  
  sending, by the processor, the ciphertext via the network to the host computer for storage in association with the access password by the host computer; and
  
  sending, by the processor, over the network, an email message containing said cryptographic key in cleartext, to the receiver computer via the network without requiring said processor to encrypt said cryptographic key;
  
  wherein the cryptographic key comprises a random cryptographic value which is independent of the access password, said receiver computer configured to decrypt the ciphertext using said cryptographic key to obtain said message data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method as claimed in claim 1 including, at the sender computer:
    - receiving from the host computer a link to the stored ciphertext; and
      
      sending the link to the receiver computer.
  - 3. The method as claimed in claim 2 including sending said link to the receiver computer by sending an email, containing the link in cleartext, via the network.
  - 4. The method as claimed in claim 3 including, at the sender computer, generating the cryptographic key as a unique key for the message data.
  - 5. The method as claimed in claim 3 including, at the sender computer:
    - sending the ciphertext to the host computer via a secure communications channel established with the host computer; and
      
      sending the email containing the cryptographic key to the receiver computer via a secure communications channel established with an email-provider computer connected to the network.
  - 6. The method as claimed in claim 3 including, at the sender computer, producing the ciphertext by encrypting the message data using one of an authenticated encryption protocol and a non-malleable encryption protocol.
  - 7. The method as claimed in claim 1 wherein said email is communicated between the sender computer and the receiver computer via an email-provider system connected to the network, and wherein the method includes, at the sender computer, sending the access password to the receiver computer via a communications channel which is independent of the email-provider system.
  - 8. The method as claimed in claim 1 wherein said random cryptographic value is a strong cryptographic value.
  - 9. The method as claimed in claim 1 wherein the cryptographic key is independent of the access password.

10. A computer-implemented method for communicating message data between a sender computer and a receiver computer via a network, the method comprising, at a host computer connected to the network:
- receiving, at a hardware processor of said host computer, a ciphertext encrypting the message data using a cryptographic key, from the sender computer via the network;
  
  establishing, by the hardware processor, an access password for the ciphertext with the sender computer, said cryptographic key comprising a random cryptographic value which is independent of the access password;
  
  receiving, by the hardware processor, the access password from the sender computer with the ciphertext; and
  
  storing the ciphertext in association with the access password in a memory associated with said host computer;
  
  receiving, at the hardware processor, an access request for the ciphertext, and an input password, from the receiver computer via the network; and
  
  sending, by the hardware processor, the ciphertext via the network to the receiver computer if the input password equals the access password, said receiver computer obtaining said cryptographic key from said sender computer without requiring said sender computer to encrypt said cryptographic key, and said receiver computer configured to decrypt the ciphertext using said cryptographic key to obtain said message data.
- View Dependent Claims (11, 12, 13)
- - 11. The method as claimed in claim 10 including, at the host computer:
    - sending, by the hardware processor, a link to the stored ciphertext to the sender computer via the network.
  - 12. The method as claimed in claim 11 including, at the host computer, implementing a throttling mechanism for access requests for the ciphertext in dependence on whether the input password equals the access password.
  - 13. The computer-program product for communicating message data between a sender computer and a receiver computer via a network, the computer-program product comprising a computer-readable storage medium having program instructions embodied therein, the program instructions being executable by a host computer connected to the network to cause the host computer to perform a method as claimed in claim 12.

14. A computer-implemented method for receiving message data from a sender computer via a network, wherein the message data is encrypted, in dependence on a cryptographic key comprising a random cryptographic value, in a ciphertext produced by the sender computer and the ciphertext is stored by a host computer connected to the network in association with an access password established at said sender computer and communicated to said host computer by said sender computer, said cryptographic key comprising a random cryptographic value which is independent of the access password, the method comprising, at a receiver computer connected to the network:
- receiving, at a hardware processor of said receiver computer, an email containing said cryptographic key in cleartext, from the sender computer via the network, said email is communicated between the sender computer and the receiver computer via an email-provider system connected to the network, and said sender computer communicating said cryptographic key to the receiver computer in said e-mail without requiring said sender computer to encrypt said cryptographic key;
  
  receiving, at the receiver computer, from said sender computer, said access password independently of said email-provider system;
  
  sending, by the hardware processor, an access request for the ciphertext, and the access password, to the host computer via the network;
  
  receiving, by the hardware processor, the ciphertext from the host computer via the network; and
  
  decrypting, by the hardware processor, the ciphertext using said cryptographic key to obtain said message data.
- View Dependent Claims (15, 16)
- - 15. The method as claimed in claim 14 including, at the receiver computer:
    - receiving from the sender computer a link to the stored ciphertext; and
      
      in said access request, requesting access to the ciphertext via said link.
  - 16. The method as claimed in claim 15 including receiving said link in cleartext in an email from the sender computer.

17. A computer-implemented method for communicating message data from a sender computer to a receiver computer via a network, the method comprisingat the sender computer:
- encrypting the message data in dependence on a cryptographic key to produce a ciphertext;
  
  establishing an access password for the ciphertext with a host computer connected to the network;
  
  sending the ciphertext via the network to the host computer;
  
  sending, by the sender computer, the established access password to the host computer with the ciphertext; and
  
  sending an email, containing said cryptographic key in cleartext, to the receiver computer via the network without requiring said sender computer to encrypt said cryptographic key, wherein the cryptographic key comprises a random cryptographic value which is independent of the access password,at the host computer, receiving the ciphertext from the sender computer and storing the ciphertext in association with the access password,at the receiver computer, receiving said email from the sender computer and sending an access request for the ciphertext, and an input password, to the host computer via the network,at the host computer, receiving said access request and the input password from the receiver computer and sending the ciphertext to the receiver computer via the network if the input password equals the access password, andat the receiver computer, receiving the ciphertext from the host computer and decrypting the ciphertext using said cryptographic key to obtain said message data.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The method as claimed in claim 17 wherein said email is communicated between the sender computer and the receiver computer via an email-provider system connected to the network, and wherein the method includes, at the receiver computer, receiving said access password independently of said email-provider system.
  - 19. The method as claimed in claim 17 including:
    - at the host computer, sending a link to the stored ciphertext to the sender computer via the network; and
      
      at the sender computer, sending the link to the receiver computer.
  - 20. The method as claimed in claim 19 including, at the sender computer, sending said link to the receiver computer by sending an email, containing the link in cleartext, via the network.
  - 21. The method as claimed in claim 20 including, at the sender computer, generating the cryptographic key as a unique key for the message data.
  - 22. The method as claimed in claim 21 including, at the host computer, implementing a throttling mechanism for access requests from the receiver computer in dependence on whether the input password equals the access password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Camenisch, Jan L., Lehmann, Anja, Neven, Gregory, Samelin, Kai
Primary Examiner(s)
Kim, Tae K

Application Number

US14/872,695
Publication Number

US 20170099268A1
Time in Patent Office

1,384 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0435   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/083   using passwords cryptograph...

H04L 63/18   using different networks or...

H04L 9/3226   using a predetermined code,...

Encrypted message communication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Encrypted message communication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links