APPARATUS, METHOD, AND COMPUTER PROGRAM PRODUCT FOR SECURED COMMUNICATION CHANNEL
First Claim
1. In a communication network with user access via a plurality of communications devices, a secure distribution system for communications transmitted between the devices comprising:
- a first process local to a first one device of said plurality of communications device for encrypting a message using a public key of a private/public encryption key pair associated with an intended recipient of said message, said public key generated in response to a key generation request from said first one device wherein said encrypted message is transmitted using an electronic distribution protocol of the communications network;
a second process local to a second one device of said plurality of communications device for decrypting said encrypted message using a private key of said private/public encryption key pair wherein said second one device is associated with said intended recipient of said message, said second process automatically generating said private/public encryption key pair responsive to said key generation request from said first one device using a dynamic machine-derived signature of said second one device wherein said encrypted message is received using said electronic distribution protocol of the communications network; and
an intermediary server for exchanging said key generation request between said processes and for exchanging said public key between said processes using a second communications protocol.
0 Assignments
0 Petitions
Accused Products
Abstract
A secure electronic mail distribution system for a network, e.g. Encrypted Internet E-Mail transmitted between interactive display terminals. The system offers a solution to the disclosed problems by providing a display interface at a receiving terminal including the conventional mechanisms of access of an E-Mail distribution server by an E-Mail client; but in addition provides an automatic encryption mechanism that responds to a key request to generate a public key/private key pair enabling a user of the E-Mail distribution system to send secured messages and to have the recipient receive a cleartext version of an encrypted message transmission. The system automatically generates the pair, most preferably at the consuming message recipient though key pairs may be created/issued centrally using machine-derived data so the user does not participate in the key generation and the key pairs are preferably single use meaning that the user does not need to have a passphrase or worry about passwords or other management of the key pair. When they are multiple use, it is preferred that the server maintain the key information and provide the SENDER with the public key and the CLIENT with the private key used for a specific message. The invention further provides, in some implementations, a mechanism to initiate various tests to confirm access and availability of the secure system before sending. This invention is applicable to enable an secure communications between users of virtually any device participating in the communications network (e.g., desktop, laptop, wireless computing systems and wireless devices including cellular telephones and personal digital assistants and other portable messaging systems like Blackberry PDAs).
-
Citations
16 Claims
-
1. In a communication network with user access via a plurality of communications devices, a secure distribution system for communications transmitted between the devices comprising:
-
a first process local to a first one device of said plurality of communications device for encrypting a message using a public key of a private/public encryption key pair associated with an intended recipient of said message, said public key generated in response to a key generation request from said first one device wherein said encrypted message is transmitted using an electronic distribution protocol of the communications network;
a second process local to a second one device of said plurality of communications device for decrypting said encrypted message using a private key of said private/public encryption key pair wherein said second one device is associated with said intended recipient of said message, said second process automatically generating said private/public encryption key pair responsive to said key generation request from said first one device using a dynamic machine-derived signature of said second one device wherein said encrypted message is received using said electronic distribution protocol of the communications network; and
an intermediary server for exchanging said key generation request between said processes and for exchanging said public key between said processes using a second communications protocol. - View Dependent Claims (2, 3, 4)
-
-
5. In a communication network with user access via a plurality of communications devices, a secure distribution system for communications transmitted between the devices comprising:
-
a first process local to a first one device of said plurality of communications device for encrypting a message using a public key of a private/public encryption key pair associated with an intended recipient of said message, said public key generated in response to a key generation request from said first one device wherein said encrypted message is transmitted using an electronic distribution protocol of the communications network; and
a second process local to a second one device of said plurality of communications device for decrypting said encrypted message using a private key of said private/public encryption key pair wherein said second one device is associated with said intended recipient of said message, said second process automatically generating said private/public encryption key pair responsive to said key generation request from said first one device using a dynamic machine-derived signature of said second one device wherein said encrypted message is received using said electronic distribution protocol of the communications network;
wherein said devices exchange said key generation request between said processes and exchange said public key between said processes using a second communications protocol. - View Dependent Claims (6, 7, 8)
-
-
9. In a communication network with user access via a plurality of communications devices, a secure distribution system for communications transmitted between the devices comprising:
-
a first process local to a first one device of said plurality of communications device for encrypting a message using a public key of a private/public encryption key pair associated with an intended recipient of said message, said public key generated in response to a key generation request from said first one device wherein said encrypted message is transmitted using an electronic distribution protocol of the communications network;
a second process local to a second one device of said plurality of communications device for decrypting said encrypted message using a private key of said private/public encryption key pair wherein said second one device is associated with said intended recipient of said message, wherein said encrypted message is received using said electronic distribution protocol of the communications network; and
an intermediary server for automatically generating said private/public encryption key pair responsive to said key generation request from said first one device using a dynamic machine-derived signature, said server, using a second communications protocol, providing said first process with said public key and providing said second process with said private key. - View Dependent Claims (10, 11, 12)
-
-
13. In a distribution network with user access via a plurality of communication devices, a secure distribution method for communications transmitted between said devices, the method comprising:
-
a) encrypting, using a first process local to a first one device of said plurality of communications device, a message using a public key of a private/public encryption key pair associated with an intended recipient of said message, said public key generated in response to a key generation request from said first one device wherein said encrypted message is transmitted using an electronic distribution protocol of the communications network; and
b) decrypting, using a second process local to a second one device of said plurality of communications device, said encrypted message using a private key of said private/public encryption key pair wherein said second one device is associated with said intended recipient of said message, said second process automatically generating said private/public encryption key pair responsive to said key generation request from said first one device using a dynamic machine-derived signature of said second one device wherein said encrypted message is received using said electronic distribution protocol of the communications network;
wherein said devices exchange said key generation request between said processes and exchange said public key between said processes using a second communications protocol.
-
-
14. A computer program having code recorded on a computer readable medium for distribution of secure communications in a distribution network with user access via a plurality of communications devices, said computer program comprising code implementing a communications distribution method, the method comprising:
-
a) encrypting, using a first process local to a first one device of said plurality of communications device, a message using a public key of a private/public encryption key pair associated with an intended recipient of said message, said public key generated in response to a key generation request from said first one device wherein said encrypted message is transmitted using an electronic mail distribution protocol of the communications network; and
b) decrypting, using a second process local to a second one device of said plurality of communications device, said encrypted message using a private key of said private/public encryption key pair wherein said second one device is associated with said intended recipient of said message, said second process automatically generating said private/public encryption key pair responsive to said key generation request from said first one device using a dynamic machine-derived signature of said second one device wherein said encrypted message is received using said electronic mail distribution protocol of the communications network;
wherein said devices exchange said key generation request between said processes and exchange said public key between said processes using a second communications protocol.
-
-
15. A method for sending communications to a device using a communications network, the method comprising:
-
a) determining automatically using a computing system whether the device has a local process active that is capable of using a dynamically generated single-use public/private key pair b) requesting a public key for said local process when said determining step a) indicates said local process is capable of using said dynamically generated single-use public/private key; and
c) sending a cleartext message to said local device when said determining step a) indicates said local process is incapable of using said dynamically generated single-use public/private key.
-
-
16. A method for sending communications to a device using a communications network, the method comprising:
-
a) requesting automatically using a computing system a public key of a dynamically generated single-use public/private key for a local decryption process associated with the device;
b) sending an encrypted message produced from encrypting a cleartext message using said public key when said requesting step a) receives said public key; and
c) sending said cleartext message to said local device when said requesting step a) fails to receive said public key.
-
Specification