METHOD OF AND SYSTEM FOR ENCRYPTION AND AUTHENTICATION

US 20090034725A1
Filed: 06/09/2006
Published: 02/05/2009
Est. Priority Date: 06/10/2005
Status: Active Grant

First Claim

Patent Images

1. :

A method of secured communication over a networked system comprising the steps of;

a first party;

splitting a secure message into two or more separate messages, each separate message including at least some unique portion of said secure data message, and all of said two or more separate messages collectively preserving all of the information contained in said secure message; and

transmitting each of said two or more separate messages to a separate gatekeeper;

each of said separate gatekeepers;

receiving a respective one of said separate messages;

securely processing said separate message, andtransmitting said processed separate message to a second party;

said second party;

receiving said processed separate messages from each of said separate gatekeepers; and

re-assembling said processed, separate messages.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention provides a method of and system for networked security, involving multiple clients and servers. Rather than relying on single server based authentication and/or single stream based data transmission, the invention breaks apart information before if leaves the User'"'"'s computer so that intercepting any single electronic message does not provide the hacker with sufficient information to gain access. The invention splits the values (i.e. password, User name, card number for authorization; enrypted text for encryption, etc.) at the point of sender/external authorization client. These split values are encrypted with different keys and transmitted to multiple external authorization servers. The invention can be applied to any secure transmission, storage or authentication of data over a data network.

39 Citations

View as Search Results

24 Claims

1. :
- A method of secured communication over a networked system comprising the steps of;
  
  a first party;
  
  splitting a secure message into two or more separate messages, each separate message including at least some unique portion of said secure data message, and all of said two or more separate messages collectively preserving all of the information contained in said secure message; and
  
  transmitting each of said two or more separate messages to a separate gatekeeper;
  
  each of said separate gatekeepers;
  
  receiving a respective one of said separate messages;
  
  securely processing said separate message, andtransmitting said processed separate message to a second party;
  
  said second party;
  
  receiving said processed separate messages from each of said separate gatekeepers; and
  
  re-assembling said processed, separate messages.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 18, 19, 20, 21, 22)
- - 2. :
    - The method of claim 1 wherein said secure message is split using a partitioning algorithm.
  - 3. :
    - The method of claim 2 wherein said partitioning algorithm comprises a sliding algorithm.
  - 4. :
    - The method of claim 2 wherein said partitioning algorithm comprises a non-sliding algorithm.
  - 5. :
    - The method of claim 2 wherein the contents of said two or more separate messages overlap.
  - 6. :
    - The method of claim 2 wherein the contents of said two or more separate messages do not overlap.
  - 7. :
    - The method of claim 1 wherein said secure message comprises a request for access to data held by said second party.
  - 8. :
    - The method of claim 7 wherein said request for access includes data selected from the group consisting of a Username, User ID, password, passphrase or other User identifier.
  - 9. :
    - The method of claim 1 wherein said first party is selected from the group consisting of;
      
      a personal computer;
      
      a cellular telephone;
      
      a personal digital assistant (PDA);
      
      a portable music player;
      
      a wireless email device;
      
      a portable video player;
      
      orother similar electronic communication device.
  - 10. :
    - The method of claim 1 wherein said secure message comprises an encrypted text message, each separate message being encrypted with a different key.
  - 11. :
    - The method of claim 1 wherein said secure-message comprises an email message.
  - 12. :
    - The method of claim 1 wherein said transmitted separate messages further comprise decoy messages.
  - 13. :
    - The method of claim 1 wherein said second party comprises a secure server.
  - 14. :
    - The method of claim 1 wherein said second party comprises a firewalled server which will only communicate with said separate gatekeepers.
  - 18. :
    - The method of claim 1 wherein said secure message is of a type selected from the group consisting of;
      
      high security documents;
      
      digital media files (such as movies or music);
      
      financial transaction data;
      
      authentication codes;
      
      any document needing absolute verifiable sources;
      
      live video transmission (e.g. corporate digital conferences, CCTV, or subscription or fee based broadcast);
      
      electronic voting;
      
      RFID tags; and
      
      transmission of biometric authentication date.
  - 19. :
    - The method of claim 1 wherein said secured communication is applied to a systems selected from the group consisting of;
      
      unencrypted file transmission with enhanced error correction;
      
      automatic protection against server level viruses via checksum matching;
      
      use of multiple routing in protected server to counter DOS attacks;
      
      network authentication for Financial transactions or Network logons;
      
      wireless Data Transmission for Modified WEP encryption or Multiple broadcast point transmission;
      
      secure networked storage and retrieval of data;
      
      use of splitting via multiple processors in addition to multiple servers;
      
      orsplitting via multiple processors applied to a single computer rather than a network of computers or servers.
  - 20. :
    - The method of claim 1 wherein said secure message comprises a data message to be securely stored, and said step of securely processing comprises the step of separately protecting and storing each of said two or more separate messages.
  - 21. :
    - The method of claim 7 wherein said second party is an authentication server and said authentication server responds to a received request for access being accepted by;
      
      generating an authentication code;
      
      splitting up said authentication code into two or more parts;
      
      separately encrypting said two or more parts; and
      
      transmitting said two or more parts to separate gateways who may forward the encrypted parts to the User so that it may be re-assembled and decrypted.
  - 22. :
    - The method of claim 1 wherein said secure message comprises a data message being securely stored at said first party, said first party being a storage server, and said second party being a User retrieving said stored message.

15. (canceled)

16. :
- A method of authentication comprising the steps of;
  
  generating identification data for a User;
  
  dividing said identification data into two or more separate sets;
  
  protecting each of said two or more separate sets; and
  
  transmitting each of said two or more separate protected sets of data to two or more intermediate servers;
  
  said two or more intermediate servers forwarding said two or more separate protected sets of data to an authentication server;
  
  said authentication server re-assembling said two or more separate protected sets of data and considering whether access should be granted to said User.

23. (canceled)

24. :
- A system for secured communication comprising;
  
  a first device operable to;
  
  split a secure message into two or more separate messages, each separate message including at least some unique portion of said secure data message, and all of said two or more separate messages collectively preserving all of the information contained in said secure message; and
  
  transmit each of said two or more separate messages to a separate gatekeeper;
  
  each of said separate gatekeepers being operable to;
  
  receive a respective one of said separate messages;
  
  securely process said separate message, andtransmit said processed separate message to a second device;
  
  said second device being operable to;
  
  receive said processed separate messages from each of said separate gatekeepers; and
  
  re-assemble said processed, separate messages;
  
  said first device, second device and separate gatekeepers being interconnected via a communication network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Elevator Software Corporation
Original Assignee
Elevator Software Corporation
Inventors
MacLeod, Jordan Bruce, Davies, Traverse A. SR.

Granted Patent

US 8,775,792 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/255
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 63/02   for separating internal fro...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/18   using different networks or...

H04L 9/3215   using a plurality of channe...

H04L 9/3226   using a predetermined code,...

METHOD OF AND SYSTEM FOR ENCRYPTION AND AUTHENTICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

39 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD OF AND SYSTEM FOR ENCRYPTION AND AUTHENTICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links