Method of secure anonymous query by electronic messages transported via a public network and method of response
First Claim
1. A method for secure anonymous querying by a user of a provider to whom a public key, private key pair is assigned, the public key of the of the provider being publicly obtainable by the user, the method comprising:
- formulating by the user of a query to be sent to the provider,generating by the user of a random number sequence, a public key of the user, and a corresponding private key of the user for sole use with said formulated query;
forming an electronic encrypted query package by the user by operations including encryption with the public key of the provider obtained by the user, said electronic encrypted query package containing information including the formulated query, the generated random number sequence, the generated public key of the user, and an identification of a public bulletin board for posting a message comprising the random number sequence in association with an encrypted response to the query, and said query package being structured such that the contained information can be obtained by the provider by operations including a decryption with the private key of the provider; and
sending by the user of the query package to the provider via a network in a manner that the user is not identifiable to the provider, wherein the generated private key and the generated random number sequence are retained by the user.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for secure anonymous querying by a user of an information provider by electronic mail and for obtaining a reply uses a public key of the provider to form an electronic encrypted query package containing information including a query, a generated random number sequence, a hash of the query, a generated public key of the user, and an identification of a public bulletin board. The query package is preferably sent to the provider via a network from a public terminal. At the information provider the query package is received and decrypted. If the result of hashing the decrypted query is equal to the decrypted hash, a response R is formulated. A response package is formed therefrom by using a generated symmetric key of the information provider and the public key of the user. The response package is posted to the public bulletin board along with the random number sequence. The public bulletin board is accessed by the user in an anonymous manner and the response package, which is identified by the random number sequence, is downloaded and decrypted to obtain response R.
-
Citations
16 Claims
-
1. A method for secure anonymous querying by a user of a provider to whom a public key, private key pair is assigned, the public key of the of the provider being publicly obtainable by the user, the method comprising:
-
formulating by the user of a query to be sent to the provider, generating by the user of a random number sequence, a public key of the user, and a corresponding private key of the user for sole use with said formulated query; forming an electronic encrypted query package by the user by operations including encryption with the public key of the provider obtained by the user, said electronic encrypted query package containing information including the formulated query, the generated random number sequence, the generated public key of the user, and an identification of a public bulletin board for posting a message comprising the random number sequence in association with an encrypted response to the query, and said query package being structured such that the contained information can be obtained by the provider by operations including a decryption with the private key of the provider; and sending by the user of the query package to the provider via a network in a manner that the user is not identifiable to the provider, wherein the generated private key and the generated random number sequence are retained by the user. - View Dependent Claims (2, 3, 4, 5, 15, 16)
-
-
6. A method for secure response by a provider, to whom a private key, public key pair is assigned, to an anonymous query from a user comprising:
-
receiving by the provider via a network an anonymous electronic encrypted query package containing information including a query, a random number sequence generated by the user for sole use in the query package, a public key of the user generated by the user for sole use in the query package, and an identification of a public bulletin board for posting a message comprising the random number sequence in association with an encrypted response to the query, and said query package being structured such that the contained information can be obtained by the provider by operations including a decryption with the private key of the provider; obtaining by the provider by operations including decryption with the private key of the provider the information in said query package; formulating by the provider of a response to the query, forming an electronic encrypted response package by the provider by operations including encryption with the public key of the user contained in said query package, said electronic encrypted response package containing the formulated response to the query, said response package being structured such that the response to the query can be obtained by the user by operations including a decryption with the private key of the user; and posting by the provider of a message comprising the random number sequence in association with the response package to the identified public bulletin board. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
-
13. A stored message on a public bulletin board responsive to an anonymous query to a provider by a user, said message comprising
a random number sequence provided by the user in the anonymous query for sole use in the anonymous query, and an associated encrypted electronic response package containing a response to the anonymous query, said response package being structured such that the response to the query can be obtained by the user by operations including a decryption with a private key of the user, the corresponding public of the user having been provided by the user in the anonymous query for sole use in the anonymous query.
Specification