Method and system for recovering password protected private data via a communication network without exposing the private data
First Claim
1. A method of communicating private data between computers coupled to a data communication network, said method comprising:
- receiving, at a network server, private data encrypted by a first client as a function of a wrapping key unknown to the server, said server and said first client being coupled to the data communication network;
storing the received encrypted private data at the server;
receiving, at the server, a request from a second client for the encrypted private data; and
in response to the received request, transferring the encrypted private data from the server to the second client for decryption as a function of the wrapping key.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for securely roaming private data from a first client computer to a second client computer linked via a communication network. A user of the first client computer executes a home client application and designates private data for roaming. The home client application generates a first key in response to a password, and encrypts the designated private data as a function of the first key. The server receives and stores the encrypted private data. A user of the second computer executes a roaming client application and requests transfer of the encrypted private data from the server. The roaming client application generates the first key in response to the password, and decrypts encrypted private data transferred from the server to obtain the private data. The invention further provides users the ability to retrieve encrypted private from the server even when the user cannot remember the password associated with the first key. Also, the server has no knowledge of the private data nor the keys.
-
Citations
32 Claims
-
1. A method of communicating private data between computers coupled to a data communication network, said method comprising:
-
receiving, at a network server, private data encrypted by a first client as a function of a wrapping key unknown to the server, said server and said first client being coupled to the data communication network;
storing the received encrypted private data at the server;
receiving, at the server, a request from a second client for the encrypted private data; and
in response to the received request, transferring the encrypted private data from the server to the second client for decryption as a function of the wrapping key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for communicating private data on a data communication network, comprising:
-
a server receiving private data encrypted by a first client as a function of a wrapping key unknown to the server, said server and said first client being coupled to the data communication network;
a database associated with the server, said server being configured to store the received encrypted private data in the database and to transfer the stored encrypted private data to a second client also coupled to the data communication network for decryption as a function of a wrapping key in response to a request for the encrypted private data received from the second client. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer readable medium comprising computer-executable instructions for communicating private data between computers coupled to a data communication network, said computer-readable medium comprising:
-
first receiving instructions for receiving, at a network server, private data encrypted by a first client as a function of a wrapping key unknown to the server, said server and said first client being coupled to the data communication network;
storing instructions for storing the received encrypted private data at the server;
second receiving instructions for receiving, at the server, a request from a second client for the encrypted private data; and
transferring instructions for transferring the encrypted private data from the server to the second client for decryption as a function of the wrapping key in response to the received request. - View Dependent Claims (22, 23, 24)
-
-
25. A method of communicating private data between computers coupled to a data communication network, said method comprising:
-
receiving, at a server, a request from a roaming client for encrypted private data, said request including a digest or hashed value of an authentication password, said server and said roaming client being coupled to the data communication network;
determining if a form of the authentication password received from the roaming client is valid;
retrieving, when a form of the authentication password is valid, the encrypted private data, said private data being previously encrypted as a function of an encryption password unknown to the server;
transferring the retrieved encrypted private data from the server to the roaming client for decryption as a function of the wrapping key. - View Dependent Claims (26, 27, 28, 29, 30)
-
-
31. A computer-readable medium having stored thereon a data structure, comprising:
-
a first data field containing private data;
a second data field containing key data representative of an input data stream received from a user; and
a third function field for encrypting the private data as a function of the key data, and for transferring the encrypted private data to a central location for storage. - View Dependent Claims (32)
-
Specification