EMAIL VERIFICATION

US 20180041335A1
Filed: 08/03/2017
Published: 02/08/2018
Est. Priority Date: 08/08/2016
Status: Active Grant

First Claim

Patent Images

1. Method for verifying an identity of an email-address utilized by a client device, the method being performed by a server and comprising:

receiving a request for verifying the identity of the email-address;

generating a first asymmetric key pair, KP1-S, comprising a private key, PrivK1-S, and a public key, PubK1-S;

calculating a first verification token, VN-1, based on the private key, PrivK1-S, of KP1-S and a known public key, PubK-C, of an asymmetric key pair, KP-C, of the client device;

transmitting a verification email message to the email-address to be verified comprising the public key, PubK1-S, of KP1-S;

receiving a response to the verification email message including a second verification token, VN-2, calculated by the client device based on the private key, PrivK-C, of KP-C and the public key, PubK1-S, transmitted in the verification email message;

verifying the identity of the email-address by verifying that VN-2 is identical to VN-1.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An identity of an email-address utilized by a client device is verified. According to one example, a server receives a request for verifying the identity of the email-address and calculates a first verification token, which is transmitted to the email address to be verified. The first verification token is received by the client device, which in response calculates a second verification token. The second verification token is transmitted to the server. The server verifies the identity of the email-address by verifying that the first and second verification tokens are identical. Other examples are disclosed.

6 Citations

View as Search Results

20 Claims

1. Method for verifying an identity of an email-address utilized by a client device, the method being performed by a server and comprising:
- receiving a request for verifying the identity of the email-address;
  
  generating a first asymmetric key pair, KP1-S, comprising a private key, PrivK1-S, and a public key, PubK1-S;
  
  calculating a first verification token, VN-1, based on the private key, PrivK1-S, of KP1-S and a known public key, PubK-C, of an asymmetric key pair, KP-C, of the client device;
  
  transmitting a verification email message to the email-address to be verified comprising the public key, PubK1-S, of KP1-S;
  
  receiving a response to the verification email message including a second verification token, VN-2, calculated by the client device based on the private key, PrivK-C, of KP-C and the public key, PubK1-S, transmitted in the verification email message;
  
  verifying the identity of the email-address by verifying that VN-2 is identical to VN-1.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 10)
- - 2. The method of claim 1, wherein the verification tokens, VN-1 and VN-2, are calculated based on a Diffie-Hellman key exchange method, in particular based on an elliptic curve Diffie-Hellman key exchange method.
  - 3. The method of claim 1, wherein the public key PubK1-S is comprised in the header of the verification email message.
  - 4. The method of claim 1, wherein the identity of the email address is verified only for a given amount of time before expiration.
  - 5. The method of claim 1, wherein the communication between the server and the client device is performed as signed communication, wherein the server signs its communication by a private key, PrivK2-S, of a second asymmetric key pair, KP2-S, of the server, andwherein the server verifies the received communication of the client device by the known public key PubK-C.
  - 6. The method of claim 1, wherein the method further comprises issuing a certificate in response to verifying that VN-1 is identical to VN-2.
  - 7. The method of claim 1, wherein the method further comprises deleting the first asymmetric key pair KP1-S by the server in response to the verification email being transmitted to the email-address to be verified.
  - 8. The method of claim 1, wherein the communication between the server and the client device is encrypted.
  - 10. The method of claim 8, wherein calculating and transmitting the verification token VN-2 are performed automatically.

9. Method for verifying an email-address utilized by a client device, the method being performed by the client device and comprising:
- receiving a verification email message comprising a public key, PubK1-S, of a first asymmetric key pair, KP1-S, of a server, wherein the verification email message is received by the email-address to be verified;
  
  calculating a verification token, VN-2, based on a private key, PrivK-C, of an asymmetric key pair, KP-C, of the client device and the public key PubK1-S received in the verification email message;
  
  transmitting the verification token VN-2 to the server.
- View Dependent Claims (11)
- - 11. The method of claim 9, further comprising extracting the public key PubK1-S from a header of the received verification email message.

12. Server for verifying an identity of an email-address utilized by a client device, the server comprising:
- one or more processors; and
  
  a memory coupled to the one or more processors, the memory storing data comprising program code that, when executed by the one or more processors, causes the server to;
  
  receive a request for verifying the identity of the email-address;
  
  generate a first asymmetric key pair, KP1-S, comprising a private key, PrivK1-S, and a public key, PubK1-S;
  
  calculate a first verification token, VN-1, based on the private key, PrivK1-S, of KP1-S and a known public key, PubK-C, of an asymmetric key pair, KP-C, of the client device;
  
  transmit a verification email message to the email-address to be verified comprising the public key, PubK1-S, of KP1-S;
  
  receive a response to the verification email message including a second verification token, VN-2, calculated by the client device based on a private key, PrivK-C, of KP-C and the public key, PubK1-S, transmitted in the verification email message;
  
  verify the identity of the email-address by verifying that VN-2 is identical to VN-1.
- View Dependent Claims (13, 14, 15)
- - 13. The server of claim 12, wherein the program code, when executed by the one or more processors, further causes the server to calculate the verification tokens, VN-1 and VN-2, based on a Diffie-Hellman key exchange method, in particular based on an elliptic curve Diffie-Hellman key exchange method.
  - 14. The server of claim 12, wherein the program code, when executed by the one or more processors, further causes the server to include the public key PubK1-S in the header of the verification email message.
  - 15. The server of claim 12, wherein the program code, when executed by the one or more processors, further causes the system to verify the identity of the email address only for a given amount of time before expiration.

16. Client device for verifying an identity of an email-address utilized by the client device, client device comprising:
- one or more processors; and
  
  a memory coupled to the one or more processors, the memory storing data comprising program code that, when executed by the one or more processors, causes the client device to;
  
  receive a verification email message comprising a public key, PubK1-S, of a first asymmetric key pair, KP1-S, of a server, wherein the verification email message was transmitted to the email-address to be verified;
  
  calculate a verification token, VN-2, based on a private key, PrivK-C, of an asymmetric key pair, KP-C, of the client device and the public key PubK1-S received in the verification email message;
  
  transmit the verification token VN-2 to the server.

17. Method for verifying an identity of an email-address utilized by a client device, comprising:
- receiving, at a server, a request for verifying the identity of the email-address;
  
  generating, at the server, a first asymmetric key pair, KP1-S, comprising a private key, PrivK1-S, and a public key, PubK1-S,calculating, at the server, a first verification token, VN-1, based on the private key, PrivK1-S, of KP1-S and a known public key, PubK-C, of an asymmetric key pair, KP-C, of the client device;
  
  transmitting, from the server to the email-address to be verified, a verification email message comprising the public key, PubK1-S, of KP1-S;
  
  receiving, at the client device, the verification email message;
  
  calculating, at the client device, a second verification token, VN-2, based on a private key, PrivK-C, of the key pair KP-C and the public key PubK1-S received in the verification email message;
  
  transmitting, from the client device to the server, the verification token VN-2;
  
  verifying, at the server, the identity of the email-address by verifying that VN-2 is identical to VN-1.

18. System for verifying an identity of an email-address utilized by a client device, the system comprising the client device and a server both comprising one or more processors and a respective memory coupled to the one or more processors, the memories storing data comprising program code that, when executed by the one or more processors, causes the system toreceive, at the server, a request for verifying the identity of the email-address;
- generate, at the server, a first asymmetric key pair, KP1-S, comprising a private key, PrivK1-S, and a public key, PubK1-S,calculate, at the server, a first verification token, VN-1, based on the private key, PrivK1-S, of KP1-S and a known public key, PubK-C, of an asymmetric key pair, KP-C, of the client device;
  
  transmit, from the server to the email-address to be verified, a verification email message comprising the public key, PubK1-S, of KP1-S;
  
  receive, at the client device, the verification email message;
  
  calculate, at the client device, a second verification token, VN-2, based on a private key, PrivK-C, of the key pair KP-C and the public key PubK1-S received in the verification email message;
  
  transmit, from the client device to the server, the verification token VN-2;
  
  verify, at the server, the identity of the email-address by verifying that VN-2 is identical to VN-1.

19. Computer program product for verifying an identity of an email-address utilized by a client device, the computer program product comprising:
- a non-transitory computer-readable storage medium; and
  
  program code stored on the non-transitory computer-readable storage medium that, when executed by one or more server processors, causes the one or more server processors to;
  
  receive a request for verifying the identity of the email-address;
  
  generate a first asymmetric key pair, KP1-S, comprising a private key, PrivK1-S, and a public key, PubK1-S;
  
  calculate a first verification token, VN-1, based on the private key, PrivK1-S, of KP1-S and a known public key, PubK-C, of an asymmetric key pair, KP-C, of the client device;
  
  transmit a verification email message to the email-address to be verified comprising the public key, PubK1-S, of KP1-S;
  
  receive a response to the verification email message including a second verification token, VN-2, calculated by the client device based on the private key, PrivK-C, of KP-C and the public key, PubK1-S, transmitted in the verification email message;
  
  verify the identity of the email-address by verifying that VN-2 is identical to VN-1.

20. Computer program product for verifying an identity of an email-address utilized by a client device, the computer program product comprising:
- a non-transitory computer-readable storage medium; and
  
  program code stored on the non-transitory computer-readable storage medium that, when executed by one or more client processors, causes the one or more client processors to;
  
  receive a verification email message comprising a public key, PubK1-S, of a first asymmetric key pair, KP1-S, of a server, wherein the verification email message is received by the email-address to be verified;
  
  calculate a verification token, VN-2, based on a private key, PrivK-C, of an asymmetric key pair, KP-C, of the client device and the public key PubK1-S received in the verification email message;
  
  transmit the verification token VN-2 to the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Materna Virtual Solution GmbH
Original Assignee
Virtual Solution AG
Inventors
JAKOBI, Thomas, GRAF VON SPRETI, Christian

Granted Patent

US 10,461,928 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06Q 10/107   Computer-aided management o...

H04L 51/18   Commands or executable codes

H04L 51/212   using filtering or selectiv...

H04L 51/48   Message addressing, e.g. ad...

H04L 63/126   the source of the received ...

H04L 63/1483   service impersonation, e.g....

H04L 9/0844   with user authentication or...

H04L 9/321   involving a third party or ...

H04L 9/3234   involving additional secure...

H04L 9/3263   involving certificates, e.g...

EMAIL VERIFICATION

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

6 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

EMAIL VERIFICATION

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

6 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links