Traceable anonymous transactions

US 5,812,670 A
Filed: 02/28/1996
Issued: 09/22/1998
Est. Priority Date: 12/28/1995
Status: Expired due to Term

First Claim

Patent Images

1. A method of communication between a sender and a recipient with the assistance of at least one trustee, wherein the recipient does not know the identity of the sender, comprising:

having the sender send to a trustee a digital signature of information identifying the sender and a message encrypted with an encryption key of the recipient;

having a trustee send the recipient the message encrypted with the recipient key and the sender'"'"'s signature encrypted with at least a trustee'"'"'s encryption key; and

under predetermined circumstances, having a least a trustee take action to identify the sender.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Encryption is a common tool to achieve privacy of communication in networks whose lines are not physically protected. In most communication networks, however, having a sender S send an encrypted message to a recipient R does not hide the very fact that S has sent a message to R, and this may in itself constitute valuable information that the parties would rather keep confidential. A transmission method is described that (1) keeps the identities of senders and receivers confidential, but (2) can trace senders and receivers under certain given circumstances.

298 Citations

76 Claims

1. A method of communication between a sender and a recipient with the assistance of at least one trustee, wherein the recipient does not know the identity of the sender, comprising:
- having the sender send to a trustee a digital signature of information identifying the sender and a message encrypted with an encryption key of the recipient;
  
  having a trustee send the recipient the message encrypted with the recipient key and the sender'"'"'s signature encrypted with at least a trustee'"'"'s encryption key; and
  
  under predetermined circumstances, having a least a trustee take action to identify the sender.
- View Dependent Claims (2, 3, 4, 5, 6, 40)
- - 2. The method as described in claim 1, wherein there is exactly one trustee, and the trustee makes use of secure hardware.
  - 3. The method as described in claim 1, wherein there are at least two trustees further comprising:
    - having a trustee receiving data from the sender send data to another trustee; and
      
      having the trustee that receives data from the sender be different from the trustee that sends the encrypted message to the recipient.
  - 4. The method as described in claim 3, where at least one trustee must take action to identify the sender.
  - 5. The methods as described in claims 1, 2, 3 or 4, wherein the identity of the sender is provably bound to the message.
  - 6. The method as described in claim 5, wherein if the predetermined circumstances occur about a given message, then the sender of that message is identified while keeping secret the identity of the same sender with respect to at least some other messages.
  - 40. The method as described in claim 1, 7, 15, 16 or 38 wherein the sender is a bidder and the recipient is an auctioneer.

7. An electronic communications method between a sender and a recipient with the assistance of at least first and second trustees, wherein at least one of the sender and recipient does not know the identity of the other party, by:
- establishing and maintaining an anonymous communications channel between the sender and the recipient during a communications session in which sender and recipient exchange messages and replies, wherein information is provided to the recipient that is guaranteed to be sufficient to trace the identity of the sender with assistance from at least one trustee and yet does not reveal the sender'"'"'s identity to the recipient without such assistance.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
- - 8. The method as described in claim 7 wherein at least one trustee does not understand the messages and replies exchanged by sender and recipient.
  - 9. The method as described in claim 7 or 8 wherein the trustees hold information that is guaranteed to identify the sender.
  - 10. The method as described in claim 9 wherein the trustees do not provide such information to the recipient.
  - 11. The method as described in claim 7 wherein the first and second trustees provide assistance to determine the identity of the sender under predetermined circumstances.
  - 12. The method as described in claim 7 wherein the anonymous communications channel includes a communications path between the sender and a trustee and a communications path between said trustee and the recipient.
  - 13. The method as described in claim 12 wherein the reply is transmitted backwards from the recipient to the trustee, and from said trustee to the sender.
  - 14. The method as described in claim 7 wherein at least part of the anonymous communications channel makes use of broadcasing.

15. A method of enabling a sender to provide a message to a recipient with the assistance of at least a first trustee, wherein the recipient does not know the identity of the sender, comprising:
- having the sender and the at least the first trustee participate in a communications protocol by which information is provided to the recipient, wherein the information includes the message and data that is sufficient to trace the identity of the sender yet does not reveal the sender'"'"'s identity to the recipient; and
  
  having the recipient take action to determine the message.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 16. The method as described in claim 15 wherein at least first and second trustees are used, and further comprising having the first and second trustees assist in determining the identity of the sender.
  - 17. The method as described in claim 16 wherein at least one of the sender, the recipient and the first and second trustees communicate electronically over a communications channel.
  - 18. The method as described in claim 17 wherein the communications channel is a computer network.
  - 19. The method as described in claim 17 wherein at least some of the communications occur by broadcasting.
  - 20. The method as described in claim 16 wherein the first and second trustees are separate entities.
  - 21. The method as described in claim 16 wherein the first and second trustees are parts of a single organization.
  - 22. The method as described in claim 15 further comprising having the recipient provide the sender with a reply to the message.
  - 23. The method as described in claim 22 wherein the reply is guaranteed to be traceable to the message by at least one trustee.
  - 24. The method as described in claim 23 wherein the reply cannot be understood by the at least one trustee.
  - 25. The method as described in claim 15 wherein at least a trustee comprises a secure hardware device.

26. A method of communication between a sender and a recipient with the assistance of at least first and second trustees, wherein the recipient does not know the identity of the sender and each trustee has a key, comprising:
- having the sender send the first trustee a digital signature of a string identifying the sender and a message encrypted with a recipient key and an address of the recipient;
  
  having the first trustee send the second trustee an encryption with its own key of the digital signature, the encrypted message and the encrypted recipient'"'"'s address;
  
  having the second trustee send the recipient the encrypted message and information that is sufficient to trace the identity of the sender yet does not reveal the sender'"'"'s identity.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
- - 27. The method as described in claim 26 further comprising:
    - having the recipient take action to determine the message.
  - 28. The method as described in claim 27 further comprising having the recipient provide the sender with a reply to the message.
  - 29. The method as described in claim 28 wherein the information sent by the second trustee to the recipient includes an encryption key and a return address encrypted with the key of a trustee to facilitate the reply.
  - 30. The method as described in claim 28 wherein the reply is guaranteed to be traceable to the message and is delivered from the recipient to the second trustee, from the second trustee to the first trustee, and from the first trustee to the sender.
  - 31. The method as described in claim 28 wherein the reply is guaranteed to be traceable to the message and is delivered from the recipient to the first trustee, from the first trustee to the second trustee, and from the second trustee to the sender.
  - 32. The method as described in claim 27 further comprising:
    - having at least one trustee take action to identify the sender.
  - 33. The method as described in claim 26 further comprising having at least one trustee take action under given circumstances to determine the identity of the sender.
  - 34. The method as described in claim 33 wherein at least one trustee takes action by removing its own encryption layer from a ciphertext encrypting information identifying the sender.
  - 35. The method as described in claim 34 wherein the sender'"'"'s digital signature reveals the sender'"'"'s identity in a way that is provable to other parties.
  - 36. The method as described in claim 26 wherein at least one of the sender, the recipient and the first and second trustees communicate electronically over a communications channel.
  - 37. The method as described in claim 36 wherein the communications channel is a computer network.

38. A method of communication between a sender and a recipient with the assistance of at least first and second trustees, wherein the recipient does not know the identity of the sender and each trustee has a key, comprising:
- having the sender send the first trustee a digital signature of a string identifying the sender and an encryption, with the second trustee key, of a message intended for the recipient and an address of the recipient;
  
  having the first trustee send the second trustee an encryption with its own key of the sender'"'"'s digital signature and the encryption of the message and the recipient'"'"'s address;
  
  having the second trustee send the recipient the message and information that is sufficient to trace the identity of the sender yet does not reveal the sender'"'"'s identity.
- View Dependent Claims (39)
- - 39. The method as described in claim 38 wherein message of the sender also includes a return address encrypted with a trustee key to facilitate a reply to the message.

41. A method of enabling a sender to provide a message to a recipient and the recipient to provide a reply, with the assistance of at least a first trustee, wherein the recipient does not know the identity of the sender, comprising:
- having the sender and the at least first trustee participate in a communications protocol by which a first transmission label is provided to the first trustee and information is provided to the recipient, wherein the information includes the message and data that is sufficient to trace the identity of the sender yet does not reveal the sender'"'"'s identity to the recipient; and
  
  having the recipient take action to reply to the message by which a second transmission label is provided to the first trustee and a reply is provided to the sender;
  
  wherein the second transmission label is obtained by applying a given linking function to the first transmission label.
- View Dependent Claims (42, 45)
- - 42. The method as described in claim 41 wherein the first and second transmission labels are used to facilitate billing.
  - 45. The method as described in claim 41 wherein the first and second trustees are part of the same organization.

43. A method of communicating a message between a first party and a second party with the assistance of at least one trustee, comprising:
- sending the message from a first party to the second party with the assistance of at least one trustee, wherein the second party does not know the content of the message or the identity of the first party and the trustee contributes action to trace the first party'"'"'s identity under a predetermined circumstance.
- View Dependent Claims (44, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61)
- - 44. The method as described in claim 43 wherein the message is communicated with the assistance of first and second trustees, and wherein the first and second trustees collaborate to trace the first party'"'"'s identity under the predetermined circumstance.
  - 46. The method as described in claim 43 wherein the identity of the first party is provably bound to the message.
  - 47. The method as described in claim 43 wherein if the predetermined circumstance occurs, the identity of the first party is traced but only with respect to the message.
  - 48. The method as described in claim 43 wherein the trustee makes use of secure hardware.
  - 49. The method as described in claim 43 wherein the second party is an information provider having a database of information and the message includes a request to retrieve information from the database.
  - 50. The method as described in claim 49 further comprising having the second party provide a reply to the message.
  - 51. The method as described in claim 50 wherein the reply includes at least the information requested by the first party.
  - 52. The method as described in claim 51 wherein an open communication connection is maintained between the first party and the second party, through at least one trustee, while the message is communicated.
  - 53. The method as described in claim 52 wherein the open communication connection is maintained at least until the reply is sent from the second party.
  - 54. The method as described in claim 53 wherein the reply travels backwards along the open communication connection.
  - 55. The method as described in claim 53 wherein the communication occurs in a computer network and the open communication connection is a sequence of open computer connections.
  - 56. The method as described in claim 55 wherein the first party is billed for a period of time during which the communication connection is open.
  - 57. The method as described in claim 55 wherein the first party is billed via the open communication connection.
  - 58. The method as described in claim 57 wherein the second party is an information provider and the reply is information retrieved from a database.
  - 59. The method as described in claim 50 wherein the reply is guaranteed to be traceable to the message by at least one trustee.
  - 60. The method as described in claim 43 wherein the second party is an auctioneer and the message is a bid.
  - 61. The method as described in claim 60 wherein the first party is a successful bidder and the predetermined circumstance is an auction award.

62. A method for providing an electronic auction involving an auctioneer and at least first and second bidders, comprising:
- having each of the bidders communicate bidding information to the auctioneer in an anonymous manner with the assistance of at least one trustee, wherein the auctioneer uses the bidding information to conduct the electronic auction; and
  
  having the trustee contribute action to trace the identity of at least one of the bidders upon completion of the electronic auction.
- View Dependent Claims (63, 64)
- - 63. The method as described in claim 62 wherein the trustee does not trace the identity of the other bidder.
  - 64. The method as described in claim 62 wherein the bidder whose identity is traced by the trustee is the winning bidder.

65. A method of communicating between a first party and a second party with the assistance of at least one trustee, wherein the second party does not know the identity of the first party, comprising:
- maintaining an open communications connection between the first and second parties through the at least one trustee during at least the transmission of a message; and
  
  having the trustee contribute action to trace the first party'"'"'s identity under a predetermined circumstance.
- View Dependent Claims (66, 67, 68, 69, 70, 71)
- - 66. The method as described in claim 65 wherein the open communication connection is maintained when a reply to the message is sent from the second party.
  - 67. The method as described in claim 66 wherein the reply travels backwards along the open communication connection.
  - 68. The method as described in claim 66 wherein the communication occurs in a computer network and the open communication connection is a sequence of open computer connections.
  - 69. The method as described in claim 66 wherein the first party is billed for a period of time during which the communication connection is open.
  - 70. The method as described in claim 66 wherein the first party is billed for the reply via the open communication connection.
  - 71. The method as described in claim 70 wherein the second party is an information provider and the reply is information retrieved from a database.

72. A method of communication between a first party and a second party with the assistance of at least one trustee, comprising:
- establishing an open communication connection between the first party and the second party via the at least one trustee; and
  
  having the first and second parties exchange messages and replies forwards and backwards over the open communication connection without revealing the first party'"'"'s identity to the second party unless a predetermined circumstance occurs.
- View Dependent Claims (74, 75, 76)
- - 74. The method as described in claim 72 or 73 wherein there are at least first and second trustees, wherein at least the first trustee does not know the identity of the second party and at least the second trustee does not know the identity of the first party.
  - 75. The method as described in claim 74 wherein at least one of the two trustees contributes action to trace the first party'"'"'s identity when the predetermined circumstance occurs.
  - 76. The method as described in claim 74 wherein the second party is an information provider and at least one trustee contributes action to bill the first party.

73. A method of communication between a first party and a second party with the assistance of at least one trustee, comprising:
- establishing an open communication connection between the first party and the second party via the at least one trustee; and
  
  having the first and second parties exchange messages and replies forwards and backwards over the open communication connection without proving the first party'"'"'s identity to the second party unless a predetermined circumstance occurs, and wherein the second party does not know a priori the content of the messages of the first party.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Silvio Micali
Original Assignee
Silvio Micali
Inventors
Micali, Silvio
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US08/608,134
Time in Patent Office

937 Days
Field of Search

380/9, 380/23, 380/25, 380/29, 380/30, 380/49, 380/24, 380/50, 380/59
US Class Current

705/74
CPC Class Codes

G06Q 20/0855   involving a third party

G06Q 20/383   Anonymous user system

H04L 2209/42   Anonymization, e.g. involvi...

H04L 2209/466   Electronic auction

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3247   involving digital signatures

Traceable anonymous transactions

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

298 Citations

76 Claims

Specification

Solutions

Use Cases

Quick Links

Traceable anonymous transactions

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

298 Citations

76 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links