System and Method for End-to-End Electronic Mail-Encryption
First Claim
1. An email encryption system, the system comprising:
- an email transmission module configured for sending an email;
a payload-encryption-packet creation module operating remotely from the email transmission module, the payload-encryption-packet creation module being configured for producing a payload-encryption-packet in response to a request for creating a payload-encryption-packet, wherein the payload-encryption-packet is produced as a function of an encryption key;
a payload-encryption-packet creation trigger module connectable to the payload-encryption-packet creation module, the payload-encryption-packet creation trigger module being configured for, contemporaneously with the sending of the email;
generating the request for creating the payload-encryption-packet,causing the generation of an encrypted email, wherein the encrypted email is produced as a function of the email and the encryption key, andcausing the substitution of the email with the encrypted email;
a payload-encryption-packet processing module configured for returning the encryption key in response to a request for processing the payload-encryption-packet; and
a payload-encryption-packet processing trigger module connectable to the payload-encryption-packet processing module, the payload-encryption-packet processing trigger module being configured for triggering the request for processing the payload-encryption-packet contemporaneously with the reception of the payload-encryption-packet and receiving the encryption key, thereby enabling the decryption of the encrypted email.
1 Assignment
0 Petitions
Accused Products
Abstract
The present disclosure provides a system and method for end-to-end electronic mail encryption. In one embodiment, the sender contacts a payload-encryption-packet creation server which receives the message the sender would like to encrypt, generates an encrypted message and a payload-encryption-packet, and returns both to the sender. The sender then uses his regular email infrastructure to transmit to the recipient the encrypted message and the payload-encryption-packet as a single email. Upon receiving the sender'"'"'s email, the recipient contacts a payload-encryption-packet processing server and sends it the payload-encryption-packet and authorization information. Depending on the validity of the authorization information, said server processes the payload-encryption-packet and provides the recipient with information usable for extracting the original message from the encrypted message.
71 Citations
32 Claims
-
1. An email encryption system, the system comprising:
-
an email transmission module configured for sending an email; a payload-encryption-packet creation module operating remotely from the email transmission module, the payload-encryption-packet creation module being configured for producing a payload-encryption-packet in response to a request for creating a payload-encryption-packet, wherein the payload-encryption-packet is produced as a function of an encryption key; a payload-encryption-packet creation trigger module connectable to the payload-encryption-packet creation module, the payload-encryption-packet creation trigger module being configured for, contemporaneously with the sending of the email; generating the request for creating the payload-encryption-packet, causing the generation of an encrypted email, wherein the encrypted email is produced as a function of the email and the encryption key, and causing the substitution of the email with the encrypted email; a payload-encryption-packet processing module configured for returning the encryption key in response to a request for processing the payload-encryption-packet; and a payload-encryption-packet processing trigger module connectable to the payload-encryption-packet processing module, the payload-encryption-packet processing trigger module being configured for triggering the request for processing the payload-encryption-packet contemporaneously with the reception of the payload-encryption-packet and receiving the encryption key, thereby enabling the decryption of the encrypted email.
-
-
2. A system for email encryption, the system comprising:
-
an email transmission module configured for sending an email; a payload-encryption-packet creation module operating remotely from the email transmission module, the payload-encryption-packet creation module being configured for producing a payload-encryption-packet in response to a request for creating the payload-encryption-packet, wherein the payload-encryption-packet is produced as a function of data identifying the recipient; a payload-encryption-packet creation trigger module connectable to the payload-encryption-packet creation module, the payload-encryption-packet creation trigger module being configured for generating the request for creating the payload-encryption-packet contemporaneously with the sending of the email and configured for causing the email to be substituted with an encrypted email, wherein the encrypted email is produced as a function of the email and cryptographic information found in the payload-encryption-packet; a payload-encryption-packet processing module configured for returning cryptographic information necessary for decrypting the encrypted email in response to a request for processing the payload-encryption-packet; an email reception module configured for receiving the email; and a payload-encryption-packet processing trigger module connectable to the payload-encryption-packet processing module, the payload-encryption-packet processing trigger module being configured for triggering the request for processing the payload-encryption-packet contemporaneously with the reception of the payload-encryption-packet, whereby the cryptographic information returned by the payload-encryption-packet processing module is used to decrypt the encrypted email received by the email reception module. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A method for email encryption, the method comprising:
-
a) generating a request for producing a payload-encryption-packet contemporaneously with the sending of an email, wherein the email is sent by an email transmission module; b) producing a payload-encryption-packet remotely from the email transmission module in response to the request for producing a payload-encryption-packet; c) producing an encrypted email as a function of the email and cryptographic information contained in the payload-encryption-packet; d) substituting the email with the encrypted email; e) generating a request for processing the payload-encryption-packet contemporaneously with the reception of the payload-encryption-packet; and extracting the cryptographic information found in the payload-encryption-packet for use in decrypting the encrypted email received by the email reception module.
-
-
32. A method for email encryption, the method comprising:
-
a) generating a request for producing a payload-encryption-packet contemporaneously with the sending of an email, wherein the email is sent by an email transmission module; b) generating a symmetric key remotely from the email transmission module in response to the request for producing a payload-encryption-packet, wherein the content of the payload-encryption-packet can only be accessed by authorized recipients; c) encrypting the email using the symmetric key, thereby obtaining an encrypted email; d) encrypting the symmetric key using a public key, thereby obtaining an encrypted symmetric key; e) substituting the email with an email in payload-encryption format, wherein the email in payload-encryption format is produced as a function of the encrypted email and the encrypted symmetric key; f) generating a request for processing the payload-encryption-packet contemporaneously with the reception of the email in payload-encryption format by an email reception module; g) authenticating the recipient on whose behalf the request for processing the payload-encryption-packet is generated; h) decrypting the encrypted symmetric key found in the email in payload-encryption format using a private key, thereby obtaining a decrypted symmetric key; and i) decrypting the encrypted email found in the email in payload-encryption format using the decrypted symmetric key.
-
Specification