Internationally regulated system for one to one cryptographic communications with national sovereignty without key escrow
First Claim
1. An encryption method for generating an encrypted message which is controllably decryptable, the method comprising:
- providing at least one agency public key to at least one decrypting agency entity respectively and to each of a first plurality of subscriber entities and to each of a second plurality of regulator entities;
providing an ID, a public key and a private key for each of the first plurality of subscriber entities and each of the second plurality of regulator entities;
for each subscriber entity and for each regulator entity, employing at least one agency public key to encrypt the entity'"'"'s private key; and
for each individual subscriber entity and for each individual regulator entity, generating a certificate attesting, for all other entities, to the individual entity'"'"'s status, ID, public key and encrypted private key.
5 Assignments
0 Petitions
Accused Products
Abstract
This invention discloses an encryption method for generating an encrypted message which is controllably decryptable, the method including providing at least one agency public key to at least one decrypting agency entity respectively and to each of a first plurality of subscriber entities and to each of a second plurality of regulator entities, providing an ID, a public key and a private key for each of the first plurality of subscribers and each of the second plurality of regulators, for each subscriber entity and for each regulator entity, employing at least one agency public key to encrypt the entity'"'"'s private key, and for each individual subscriber entity and for each individual regulator entity, generating a certificate attesting, for all other entities, to the individual entity'"'"'s status, ID, public key and encrypted private key.
-
Citations
30 Claims
-
1. An encryption method for generating an encrypted message which is controllably decryptable, the method comprising:
-
providing at least one agency public key to at least one decrypting agency entity respectively and to each of a first plurality of subscriber entities and to each of a second plurality of regulator entities; providing an ID, a public key and a private key for each of the first plurality of subscriber entities and each of the second plurality of regulator entities; for each subscriber entity and for each regulator entity, employing at least one agency public key to encrypt the entity'"'"'s private key; and for each individual subscriber entity and for each individual regulator entity, generating a certificate attesting, for all other entities, to the individual entity'"'"'s status, ID, public key and encrypted private key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. An encryption method comprising:
-
providing first and second private keys to first and second agencies, respectively, wherein the first and second private keys are paired with first and second public keys respectively, wherein the first and second private keys are characterized in that when employed in cooperation and only when employed in cooperation, a message double-encrypted using the first and second public keys may be decrypted; and generating a protocol controlling cooperation between the first and second agencies to prevent unlawful decrypting of the double-encrypted message by the first and second agencies. - View Dependent Claims (22, 23, 24, 25, 26)
-
-
27. A system for controlling tapping of a suspect encrypted communication, the system comprising:
-
a multiplicity of security modules each encrypting information using a different session key and each transmitting, in addition to said information, his own secret key, encrypted using at least one agency key wherein information transmitted in the course of a session between a security module A from among said multiplicity of security modules, and another security module B, can only be decrypted by a tapping security module if the at least one agency key retrieves A'"'"'s secret key for the tapping security module; an agency security module which does not store the secret keys and which stores the agency key so as to prevent access thereto by any of the multiplicity of security modules; and an agency access monitoring module monitoring use of the agency key so as to prevent use of the agency key to facilitate unlawful tapping. - View Dependent Claims (28, 29)
-
-
30. A key recovering method comprising:
-
providing a public key of at least one key recovering subscriber entity to each of a plurality of subscriber entities; for at least one of the plurality of subscriber entities, generating a key backup unit on which is stored said subscriber entity'"'"'s secret key encrypted using said public key of said key recovering subscriber entity; and upon loss of the secret key, presenting said key backup unit to the key recovering subscriber entity for recovery of the subscriber entity'"'"'s secret key.
-
Specification