Confidential mail with tracking and authentication
First Claim
1. A method of verifying that an electronic communication received by an intended recipient is authentic, the method comprising:
- creating a session content encryption key and encrypting a message of a sender with the session content encryption key;
encrypting the session content encryption key with a public key of the sender of the encrypted message;
creating a message envelope including at least the encrypted message and a confidential mail token;
storing the encrypted session content encryption key within the confidential mail token;
generating a hash of the electronic message and signing the hash with a private key of the sender;
storing the signed hash in the message envelope;
encrypting an email address of the intended recipient and storing the encrypted recipient email address in the confidential email token;
transmitting the message envelope from the sender to the intended recipient for processing, wherein at least a portion of data within the message envelope is processed to generate a certificate that includes an email address of the recipient of the message envelope;
transmitting, by the recipient, the certificate including the email address of the recipient;
receiving, by the sender, the certificate that includes the transmitted email address from the recipient of the message envelope and the encrypted session content encryption key;
decrypting, via the sender, the session content encryption key extracted from the certificate using the public key and then decrypting the stored encrypted email address of the intended recipient using the decrypted session content encryption key;
comparing the transmitted email address received from the recipient of the message envelope to the decrypted email address of the intended recipient to verify that the message envelope that reached the intended recipient is authentic; and
in response to verifying that the message envelope that reached the intended recipient is authentic as a result of the email address received from the intended recipient matching the email address stored in the confidential mail token, establishing a connection with server infrastructure of the intended recipient and the sender transmitting the session content encryption key to the intended recipient for decrypting the encrypted message within the message envelope previously sent to the recipient'"'"'s server infrastructure.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for confidential electronic communication between a sender workstation and a receiver workstation is provided, whereby privacy is guaranteed for the electronic communications transmitted over the public Internet. The method of confidential communication is equipped with message tracking and message receipt verification. The system for implementing the method includes a sender server that creates a session content encryption key along with a message envelope that includes a content encryption key encrypted message and a confidential mail token. The content encryption key is stored securely inside the sender organization'"'"'s system which transmits the message envelope to an intended recipient. The intended recipient processes the message envelope in order to generate a message receipt verification, which is transmitted to the sender. The message receipt verification is processed by the sender server to verify that the message envelope reached the intended recipient. The message receipt verification, which is comprised of the confidential mail token and unique verification data generated by the intended recipient allows the sender server to verify that the message envelope reached the intended receiver and that the message envelope identified as received is authentic. Following verification that the message transmitted by the sender reached the intended receiver and is authorized, the sender transmits the content encryption key to the intended receiver.
21 Citations
20 Claims
-
1. A method of verifying that an electronic communication received by an intended recipient is authentic, the method comprising:
-
creating a session content encryption key and encrypting a message of a sender with the session content encryption key; encrypting the session content encryption key with a public key of the sender of the encrypted message; creating a message envelope including at least the encrypted message and a confidential mail token; storing the encrypted session content encryption key within the confidential mail token; generating a hash of the electronic message and signing the hash with a private key of the sender; storing the signed hash in the message envelope; encrypting an email address of the intended recipient and storing the encrypted recipient email address in the confidential email token; transmitting the message envelope from the sender to the intended recipient for processing, wherein at least a portion of data within the message envelope is processed to generate a certificate that includes an email address of the recipient of the message envelope; transmitting, by the recipient, the certificate including the email address of the recipient; receiving, by the sender, the certificate that includes the transmitted email address from the recipient of the message envelope and the encrypted session content encryption key; decrypting, via the sender, the session content encryption key extracted from the certificate using the public key and then decrypting the stored encrypted email address of the intended recipient using the decrypted session content encryption key; comparing the transmitted email address received from the recipient of the message envelope to the decrypted email address of the intended recipient to verify that the message envelope that reached the intended recipient is authentic; and in response to verifying that the message envelope that reached the intended recipient is authentic as a result of the email address received from the intended recipient matching the email address stored in the confidential mail token, establishing a connection with server infrastructure of the intended recipient and the sender transmitting the session content encryption key to the intended recipient for decrypting the encrypted message within the message envelope previously sent to the recipient'"'"'s server infrastructure. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for authenticating confidential email communications transmitted from a sender to an intended recipient, the system comprising:
-
a sender server configured to create and transmit an electronic message envelope including at least an encrypted message and a confidential mail token, wherein the encrypted message is forwarded to the intended recipient by the server infrastructure of the sender, and wherein the confidential mail token includes a privacy policy bit; and a certificate pursuant to the privacy policy bit that includes an email address from a recipient of the message envelope, wherein the certificate is forwarded to the sender server within a verification return receipt from the recipient; wherein the sender server is configured to compare the email address that was included in the certificate in the verification return receipt received from the recipient of the electronic message to an email address of the intended recipient, wherein in response to the stored email address matching the email address received from the recipient, stored in the confidential mail token, the sender server is further configured to verify that the message that reached the intended recipient is authentic, and the sender is configured to establish a connection with the intended recipient'"'"'s server infrastructure and transmit a session content encryption key to the intended recipient for decrypting the encrypted message within the message envelope previously sent to the recipient'"'"'s server infrastructure. - View Dependent Claims (15)
-
-
16. A computer-readable storage device which stores a set of instructions which when executed performs a method for providing confidential electronic communication with authentication, the method executed by the set of instructions comprising:
-
creating a message envelope including at least an encrypted message and a confidential mail token, the encrypted message configured to be decrypted only by server infrastructure associated with an intended recipient, wherein the encrypted message is forwarded to the intended recipient by the server infrastructure of a sender, and wherein the confidential mail token includes a privacy policy bit; pursuant to the privacy bit, requiring receipt of a certificate that includes an email address from a recipient of the message envelope; storing an email address of the intended recipient of the encrypted message in the confidential mail token; transmitting the message envelope from the sender to the intended recipient for processing, wherein at least a portion of data within the message envelope is processed to generate a certificate that includes the email address of the recipient of the message envelope pursuant to the privacy policy bit forwarded with the confidential mail token; receiving, by the sender, the certificate that includes the email address from the recipient of the message envelope; comparing the email address that was included in the certificate received from the recipient of the message envelope to the email address of the intended recipient stored in the confidential mail token to verify that the message envelope that reached the intended recipient is authentic; and if the email addresses match, transmitting from the sender a session content encryption key to the intended recipient for decrypting the encrypted message within the message envelope previously sent to the recipient'"'"'s server infrastructure. - View Dependent Claims (17, 18)
-
-
19. A method for providing tracking verification of an electronic communication sent to an intended recipient, the method comprising:
-
creating a message envelope including at least an encrypted message and a confidential mail token, wherein the encrypted message is forwarded to the intended recipient by the server infrastructure of a sender, and wherein the confidential mail token includes a privacy policy bit; requiring, via the privacy policy bit of the confidential mail token, receipt of a certificate that includes an email address from a recipient of the message envelope; storing an email address of the intended recipient of the encrypted message in the confidential mail token; transmitting the message envelope from the sender to the intended recipient for processing, wherein at least a portion of data within the message envelope is processed to generate a verification return receipt including the certificate that includes the email address of the recipient of the message envelope pursuant to the privacy policy bit forwarded with the confidential mail token; receiving, by the sender, the verification return receipt including the certificate that includes the email address from the recipient of the message envelope; processing the verification return receipt by the sender comparing the email address that was included in the certificate in the verification return receipt received from the recipient of the message envelope to the email address of the intended recipient stored in the confidential mail token to verify that the recipient of the message envelope is the intended recipient and that the message envelope reached the intended recipient; and in response to verification by the sender that the recipient of the message envelope is the intended recipient as a result of the stored email address of the intended recipient matching the email address received from the recipient, the sender transmitting a session content encryption key to the intended recipient for decrypting the encrypted message within the message envelope previously sent to the recipient'"'"'s server infrastructure. - View Dependent Claims (20)
-
Specification