Systems and methods for encryption and authentication

US 10,454,906 B1
Filed: 01/31/2019
Issued: 10/22/2019
Est. Priority Date: 01/31/2019
Status: Active Grant

First Claim

Patent Images

1. An authentication and encryption computer system, the authentication and encryption computer system comprising:

one or more processing devices;

a network interface;

non-transitory memory that stores instructions that when executed by the one or more processing devices are configured to cause the computer system to perform operations comprising;

perform an authentication using at least an identifier associated with an instantiation of a first application hosted on a first user computer system associated with a first user;

receive a request for a first document over a network via the network interface from the first application hosted on the first user computer system, the first document comprising a form including a plurality of fields configured to receive input data and the first document comprising static text associated with the form;

provide, over the network via the network interface, the first document to the first application hosted on the first user computer system;

receive from the first application hosted on the first user computer system;

the first document including form field input data, wherein the form field input data is associated with respective form field identifiers, andcontext data, the context data comprising textual data separate from data of the first document;

generate an encryption key;

encrypt;

the form field input data and respective form field identifiers as name-field input data sets, wherein at least a portion of the static text, associated with the form included in the first document, is excluded from encryption, andthe context data;

receive an indication that a Portable Document Format of the first document is to be provided to a second user computer system, the Portable Document Format including respective depictions of the form field input data;

provide a Portable Document Format of the first document comprising a payload to the second user computer system, the payload file comprising the encrypted form name-field input data sets, the encrypted context data, and a non-encrypted identifier assigned to the first document and/or a non-encrypted identifier assigned to a transaction associated with the first document, wherein the Portable Document Format of the first document is viewable using a standard Portable Document Format viewer;

receive a request for a key to decrypt the encrypted form name-field input data sets and the encrypted context data;

provide the key to decrypt the encrypted form name-field input data sets and the encrypted context data, wherein the decrypted form name-field input data sets and the decrypted context data are viewable using the standard Portable Document Format viewer and/or are computer readable as plaintext.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for encryption and authentication are disclosed. A system receives a document request over a network from a first computer system, the document comprising a plurality of fields configured to receive input data. The document is transmitted to the first computer system. Context data and the document, including field input data, are received from the first computer system. An encryption key is generated and used to encrypt the document field input data and the context data. A payload is generated including the encrypted document field input data, the encrypted context data, and a non-encrypted identifier linked to the key. The payload and an image of the document are provided to a second computer system. The document image is viewable using a portable document format viewer. A decryption key request including the identifier linked to the key is received. The decryption key is provided to the second computer system to decrypt the encrypted field input data and the encrypted context data.

34 Citations

View as Search Results

30 Claims

1. An authentication and encryption computer system, the authentication and encryption computer system comprising:
- one or more processing devices;
  
  a network interface;
  
  non-transitory memory that stores instructions that when executed by the one or more processing devices are configured to cause the computer system to perform operations comprising;
  
  perform an authentication using at least an identifier associated with an instantiation of a first application hosted on a first user computer system associated with a first user;
  
  receive a request for a first document over a network via the network interface from the first application hosted on the first user computer system, the first document comprising a form including a plurality of fields configured to receive input data and the first document comprising static text associated with the form;
  
  provide, over the network via the network interface, the first document to the first application hosted on the first user computer system;
  
  receive from the first application hosted on the first user computer system;
  
  the first document including form field input data, wherein the form field input data is associated with respective form field identifiers, andcontext data, the context data comprising textual data separate from data of the first document;
  
  generate an encryption key;
  
  encrypt;
  
  the form field input data and respective form field identifiers as name-field input data sets, wherein at least a portion of the static text, associated with the form included in the first document, is excluded from encryption, andthe context data;
  
  receive an indication that a Portable Document Format of the first document is to be provided to a second user computer system, the Portable Document Format including respective depictions of the form field input data;
  
  provide a Portable Document Format of the first document comprising a payload to the second user computer system, the payload file comprising the encrypted form name-field input data sets, the encrypted context data, and a non-encrypted identifier assigned to the first document and/or a non-encrypted identifier assigned to a transaction associated with the first document, wherein the Portable Document Format of the first document is viewable using a standard Portable Document Format viewer;
  
  receive a request for a key to decrypt the encrypted form name-field input data sets and the encrypted context data;
  
  provide the key to decrypt the encrypted form name-field input data sets and the encrypted context data, wherein the decrypted form name-field input data sets and the decrypted context data are viewable using the standard Portable Document Format viewer and/or are computer readable as plaintext.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The authentication and encryption computer system as defined in claim 1, wherein the encryption of the document field input data and respective field identifiers as name-field input data sets and the context data is performed using symmetrical encryption and the same key used to perform the symmetrical encryption is used to perform decryption.
  - 3. The authentication and encryption computer system as defined in claim 1, wherein the generation of the encryption key further comprises:
    - access a context element associated with the first document; and
      
      generate the encryption key using at least the context element.
  - 4. The authentication and encryption computer system as defined in claim 1, the operations further comprising:
    - receive a plurality of documents and associated respective payload files, from the second user computer system to be decrypted, where the plurality of documents are associated with a first transaction and each of the payload files include a same transaction identifier and at least a portion of the encrypted context data is the same, and respective different document identifiers;
      
      generate a decryption key using at least a portion of the context data that is the same for each of the plurality of documents; and
      
      use the corresponding key to decrypt each of the plurality of documents.
  - 5. The authentication and encryption computer system as defined in claim 1, the operations further comprising:
    - access unencrypted version information from the payload file; and
      
      determine other content of the payload file using the version information.
  - 6. The authentication and encryption computer system as defined in claim 1, wherein the payload file further includes an unencrypted link to a network resource that provides dynamically changing data.
  - 7. The authentication and encryption computer system as defined in claim 1, the operations further comprising:
    - provide a plurality of decryption key tokens to an operator of the first user computer system; and
      
      provide the key to decrypt the encrypted name-field input data sets and the encrypted context data at least partly in response to receiving a first of the decryption key tokens.
  - 8. The authentication and encryption computer system as defined in claim 1, the operations further comprising:
    - perform an analysis as to whether the payload file has been tampered with.
  - 9. The authentication and encryption computer system as defined in claim 1, the plurality of fields comprising text entry fields and checkboxes or radio buttons.
  - 10. The authentication and encryption computer system as defined in claim 1, wherein:
    - the first document as provided to the first application hosted on the first user computer system is in a first format, andthe first document as received from the first user computer system is in a second format different than the first format.
  - 11. The authentication and encryption computer system as defined in claim 1, wherein:
    - the non-encrypted identifier assigned to the first document and/or the non-encrypted identifier assigned to a transaction associated with the first document are encoded into a computer readable optical code.

12. A system comprising:
- one or more processing devices;
  
  a network interface;
  
  non-transitory memory that stores instructions that when executed by the one or more processing devices are configured to cause the computer system to perform operations comprising;
  
  authenticate a first user, the first user accessing the system using first user computer system;
  
  provide a first document over a network via the network interface to a first application hosted on the first user computer system, the first document comprising a form including a plurality of fields configured to receive input data and the first document comprising static text;
  
  receive from the first application hosted on the first user computer system;
  
  the first document including form field input data, wherein the form field input data is associated with respective form field identifiers, andcontext data, the context data comprising textual data separate from data of the first document;
  
  generate an encryption key;
  
  encrypt;
  
  the document form field input data and respective form field identifiers as name-field input data sets, andthe context data;
  
  enable a Portable Document Format of the first document to be provided to a second user computer system, the portable Document Format of the first document comprising a payload file,the payload file comprising the encrypted document form name-field input data sets, the encrypted context data, and an item of non-encrypted text associated with the key, wherein the Portable Document Format of the first document is viewable using a standard Portable Document Format viewer;
  
  receive a request for a key, the request comprising the item of non-encrypted text associated with the key included in the payload;
  
  use the item of non-encrypted text associated with the key included in the payload to provide the key to the second user computer system, the key configured to decrypt the encrypted form name-field input data sets and the encrypted context data, wherein the decrypted form field input data is viewable using the standard Portable Document Format viewer and/or is computer readable as plaintext.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The computer system as defined in claim 12, wherein the encryption of the document field input data and the context data is performed using symmetrical encryption and the same key used to perform the symmetrical encryption is used to perform decryption.
  - 14. The computer system as defined in claim 12, wherein the generation of the encryption key further comprises:
    - access a transaction identifier associated with the first document; and
      
      generate the encryption key using the transaction identifier.
  - 15. The computer system as defined in claim 12, the operations further comprising:
    - receive a plurality of documents and associated respective payload files, from the second user computer system to be decrypted, where the plurality of documents are associated with a first transaction and each of the payload files include a same unencrypted item of plaintext;
      
      use the unencrypted item of plaintext to access or generate a corresponding key; and
      
      use the corresponding key to decrypt each of the plurality of documents.
  - 16. The computer system as defined in claim 12, the operations further comprising:
    - access unencrypted version information from the payload file; and
      
      determine other content of the payload file using the version information.
  - 17. The computer system as defined in claim 12, wherein the payload file further includes an unencrypted link to a network resource that provides dynamically changing data.
  - 18. The computer system as defined in claim 12, the operations further comprising:
    - provide a plurality of decryption key tokens to an operator of the first user computer system; and
      
      provide the key at least partly in response to receiving a first of the decryption key tokens.
  - 19. The computer system as defined in claim 12, the operations further comprising:
    - perform an analysis as to whether the payload file has been tampered with.
  - 20. The computer system as defined in claim 12, wherein the generation of the encryption key is performed using the item of non-encrypted text.
  - 21. The computer system as defined in claim 12, wherein:
    - the non-encrypted identifier assigned to the first document and/or the non-encrypted identifier assigned to a transaction associated with the first document are encoded into a computer readable optical code.

22. A computer-implemented method comprising:
- providing a first document over a network to a first user computer system, the first document comprising a form including a plurality of fields configured to receive input data and the first document comprising static text;
  
  receiving from the first user computer system;
  
  the first document including form field input data, wherein the form field input data is associated with respective form field identifiers, andcontext data, the context data comprising textual data separate from data of the first document;
  
  generating an encryption key;
  
  encrypting;
  
  the document form field input data and respective form field identifiers as name-field input data sets, andthe context data;
  
  enabling a payload and an Portable Document Format of the first document to be provided to a second user computer system, the payload comprising the encrypted document form name-field input data sets, the encrypted context data, and an item of non-encrypted text associated with the key, wherein the Portable Document Format of the first document is viewable using a Portable Document Format viewer;
  
  receiving a request for a key, the request comprising the identifier linked to the key;
  
  providing the key to the second user computer system, the key configured to decrypt the encrypted form name-field input data sets and the encrypted context data, wherein the decrypted form field input data is viewable using the Portable Document Format viewer and/or is computer readable as plaintext.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30)
- - 23. The method as defined in claim 22, wherein the encryption of the document field input data and the context data is performed using symmetrical encryption and the same key used to perform the symmetrical encryption is used to perform decryption.
  - 24. The method as defined in claim 22, wherein the generation of the encryption key further comprises:
    - accessing a transaction identifier associated with the first document; and
      
      generating the encryption key using the transaction identifier.
  - 25. The method as defined in claim 22, the method further comprising:
    - receiving a plurality of documents and associated respective payloads, from the second user computer system to be decrypted, where the plurality of documents are associated with a first transaction and each of the payloads include a same transaction identifier;
      
      using the transaction identifier to access a corresponding key;
      
      using the corresponding key to decrypt each of the plurality of documents.
  - 26. The method as defined in claim 22, the method further comprising:
    - accessing unencrypted version information from the payload; and
      
      determining other content of the payload using the version information.
  - 27. The method as defined in claim 22, wherein the payload further includes an unencrypted link to a network resource that provides dynamically changing data.
  - 28. The method as defined in claim 22, the method further comprising:
    - providing a plurality of decryption key tokens to an operator of the first user computer system; and
      
      providing the key at least partly in response to receiving a first of the decryption key tokens.
  - 29. The method as defined in claim 22, the method further comprising:
    - performing an analysis as to whether the payload has been tampered with.
  - 30. The method as defined in claim 22, wherein the generation of the encryption key is performed using the item of non-encrypted text.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Re Formsnet, LLC (Lone Wolf Real Estate Technologies, Inc.)
Original Assignee
Re Formsnet, LLC (Lone Wolf Real Estate Technologies, Inc.)
Inventors
Zerroug, Mourad, Sharfman, Joshua D. J.
Primary Examiner(s)
Hoffman, Brandon S

Application Number

US16/263,815
Time in Patent Office

264 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6209   to a single file or object,...

G06F 2221/2107   File encryption

G06F 40/174   Form filling; Merging

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/08   for authentication of entit...

Systems and methods for encryption and authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

34 Citations

30 Claims

Specification

Use Cases

Quick Links

Others

Systems and methods for encryption and authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

30 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others