ELECTRONIC DATA COMMUNICATION SYSTEM
First Claim
1. A system for communicating electronic messages to a recipient, the system comprising:
- a communications network having a plurality of network devices connected thereto;
a remote network device in the plurality of network devices;
an encryption key server in the plurality of network devices, wherein in response to a request from the remote network device, the encryption key server is operable to encrypt data provided by the remote network device using a cryptographic key associated with the a user of said remote network device and return the resultant encrypted data to the remote network device, the encryption key server being remotely located from the remote network device, and another network device; and
the other network device in the plurality of network devices operable to i) apply a one-way encryption algorithm to a message for communication to the recipient in order to generate a hash value, ii) transmit the hash value to the encryption key server for encryption using the cryptographic key associated with the sender in order to generate a digital signature, and iii) in response to receiving the digital signature from the encryption key server, to append the digital signature to the original message to form a signed message.
0 Assignments
0 Petitions
Accused Products
Abstract
There is described an electronic data communication system in which encrypted mail messages for a recipient are sent in two parts: message data encrypted by a symmetric encryption algorithm using a session key and session key data encrypted by an asymmetric encryption algorithm using a public key associated with the recipient. If the recipient uses a webmail service to access the encrypted electronic mail message, the encrypted session key data is sent to a trusted third party server which has access to the private key of the user. The trusted third party server decrypts the encrypted session key using the private key of the user, and then sends the decrypted session key to a remote network device for decryption of the encrypted message.
-
Citations
17 Claims
-
1. A system for communicating electronic messages to a recipient, the system comprising:
-
a communications network having a plurality of network devices connected thereto; a remote network device in the plurality of network devices; an encryption key server in the plurality of network devices, wherein in response to a request from the remote network device, the encryption key server is operable to encrypt data provided by the remote network device using a cryptographic key associated with the a user of said remote network device and return the resultant encrypted data to the remote network device, the encryption key server being remotely located from the remote network device, and another network device; and the other network device in the plurality of network devices operable to i) apply a one-way encryption algorithm to a message for communication to the recipient in order to generate a hash value, ii) transmit the hash value to the encryption key server for encryption using the cryptographic key associated with the sender in order to generate a digital signature, and iii) in response to receiving the digital signature from the encryption key server, to append the digital signature to the original message to form a signed message.
-
-
2. A network server comprising:
-
a data store operable to store encrypted electronic messages for a recipient comprising i) encrypted message data corresponding to a message for the recipient encrypted by a symmetric encryption algorithm using a session key and ii) encrypted session key data corresponding to the session key encrypted by an asymmetric encryption algorithm using a public key associated with the recipient; a network interface operable to receive data from and transmit data to remote network devices; and a processor operable, following receipt of a request to access an encrypted message, to extract said encrypted session key data from the requested electronic message and forward the extracted encrypted session key data to a remote network device. - View Dependent Claims (3, 4, 5, 6, 7, 8)
-
-
9. A method comprising:
-
recovering a private key associated with a client in a plurality of clients; decrypting a received encrypted session key data using the recovered private key to recover a session key; and forwarding the recovered session key to a remote network device. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A method comprising:
-
recovering a private key associated with a client in a plurality of clients; encrypting a received hash value using the recovered private key to generate a digital signature; and forwarding the generated digital signature to a remote network device. - View Dependent Claims (15, 16, 17)
-
Specification