Public key cryptosystem with roaming user capability
First Claim
1. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
- a client computer operable to access an Enabler computer program, said client computer comprising;
a client memory operable to store said Enabler computer program;
a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to;
allow said user to enter a user identifier;
transmit said user identifier to said encryption server to verify identity of said user;
receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair;
use said passphrase to decrypt said encrypted private key at said client computer;
retrieve a user recipient'"'"'s public key;
encrypt a digital message with said user recipient'"'"'s public key; and
transmit said encrypted digital message to said user recipient;
an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising;
a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and
a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to;
receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user;
retrieve said encrypted private key from said encryption server database; and
transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and
a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and
wherein said network comprises a plurality of client computers and encryption servers, further wherein each encryption server can communicate with every other encryption server on said network.
1 Assignment
0 Petitions
Reexamination
Accused Products
Abstract
A public key cryptosystem with roaming user capability within a network that allows secure communication between users of the system, client machines, and encryption servers. A client machine generates and stores an encrypted private key on an encryption server. A user may then access the encrypted private key from any client machine located on the network and decrypt it using a passphrase, thus giving the user roaming capability. The private key may then be used to decrypt any encrypted messages received. A user can generate a digital message, encrypt it with a client recipient'"'"'s public key, and transmit it to the encryption server from any client machine on the network.
144 Citations
59 Claims
-
1. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
-
a client computer operable to access an Enabler computer program, said client computer comprising; a client memory operable to store said Enabler computer program; a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising; a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to; receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user; retrieve said encrypted private key from said encryption server database; and transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and
wherein said network comprises a plurality of client computers and encryption servers, further wherein each encryption server can communicate with every other encryption server on said network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A method for sending an encrypted digital message from a client sender machine to a client recipient machine comprising the steps of:
-
at said client sender machine; entering a user identifier; and transmitting said user identifier to an encryption server; at said encryption server; receiving said user identifier; comparing said user identifier against a plurality of user identifiers located in a database on said encryption server to verify the identity of said user; retrieving a private key encrypted with a passphrase from said database of said encryption server, said private key having a corresponding public key, thereby forming a public/private key pair; and transmitting said encrypted private key from said encryption server to said user'"'"'s client machine; at said client sender machine; receiving said encrypted private key from said encryption server; decrypting said encrypted private key with said passphrase; generating a digital message; retrieving a user recipient'"'"'s public key from said encryption server database; encrypting said digital message with said user recipient'"'"'s public key; and transmitting said encrypted digital message to said client recipient machine; and
wherein said method employs a network comprised of a plurality of client computers and encryption servers, further wherein each encryption server can communicate with every other encryption server on said network. - View Dependent Claims (30, 31, 32, 33, 34, 35)
-
-
36. A method for sending an encrypted digital message from a client sender machine to a client recipient machine comprising the steps of:
-
entering a user identifier; and transmitting said user identifier to an encryption server to verify identity of said user; and downloading an Enabler computer program from said encryption server to said client sender'"'"'s machine, wherein said Enabler computer program is executable to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key, thereby forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key from said encryption server database; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; and
wherein said method employs a network comprised of a plurality of client computers and encryption servers, further wherein each encryption server can communicate with every other encryption server on said network. - View Dependent Claims (37, 38, 39, 40, 41)
-
-
42. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
-
a client computer operable to access an Enabler computer program, said client computer comprising; a client memory operable to store said Enabler computer program; a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising; a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to; receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user; retrieve said encrypted private key from said encryption server database; and transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and wherein said user passphrase remains on said client server computer for the duration of time said user is logged-in to said encryption server, further wherein said user passphrase is never transmitted to said encryption server and is erased from said client computer when said user logs-off said network.
-
-
43. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
-
a client computer operable to access an Enabler computer program, said client computer comprising; a client memory operable to store said Enabler computer program; a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising; a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to; receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user; retrieve said encrypted private key from said encryption server database; and transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and wherein said user passphrase or private key may not be erased after logging-off said network.
-
-
44. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
-
a client computer operable to access an Enabler computer program, said client computer comprising; a client memory operable to store said Enabler computer program; a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising; a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to; receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user; retrieve said encrypted private key from said encryption server database; and transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and wherein said encrypted digital message resides on said encryption server and may not be accessed by anyone but an intended user recipient.
-
-
45. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
-
a client computer operable to access an Enabler computer program, said client computer comprising; a client memory operable to store said Enabler computer program; a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising; a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to; receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user; retrieve said encrypted private key from said encryption server database; and transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and
wherein a secure socket layer exists between said client sender computer and said encryption server, andwherein said secure socket layer also exists between said encryption server and said client recipient computer.
-
-
46. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
-
a client computer operable to access an Enabler computer program, said client computer comprising; a client memory operable to store said Enabler computer program; a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising; a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to; receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user; retrieve said encrypted private key from said encryption server database; and transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and wherein said encryption server allows a limited number of log-on attempts.
-
-
47. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
-
a client computer operable to access an Enabler computer program, said client computer comprising; a client memory operable to store said Enabler computer program; a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising; a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to; receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user; retrieve said encrypted private key from said encryption server database; and transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and wherein said encrypted digital message is transmitted from said client sender computer to a server outside said network, then from said server outside said network to said client recipient computer.
-
-
48. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
-
a client computer operable to access an Enabler computer program, said client computer comprising; a client memory operable to store said Enabler computer program; a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising; a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to; receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user; retrieve said encrypted private key from said encryption server database; and transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and wherein a cyclic redundancy check (CRC) is added to the end of said digital message before encrypting it.
-
-
49. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
-
a client computer operable to access an Enabler computer program, said client computer comprising; a client memory operable to store said Enabler computer program; a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising; a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to; receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user; retrieve said encrypted private key from said encryption server database; and transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and wherein said encryption server is authenticated to said user by industry standard means, such as SSL, using authentication certificates.
-
-
50. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
-
a client computer operable to access an Enabler computer program, said client computer comprising; a client memory operable to store said Enabler computer program; a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising; a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to; receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user; retrieve said encrypted private key from said encryption server database; and transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and wherein said user may optionally sign said digital message with said private key before encrypting and transmitting said digital message to said encryption server.
-
-
51. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
-
a client computer operable to access an Enabler computer program, said client computer comprising; a client memory operable to store said Enabler computer program; a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising; a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to; receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user; retrieve said encrypted private key from said encryption server database; and transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and wherein said digital message contains time or bandwidth sensitive data, and wherein said digital message need not be transmitted through said encryption server, and further wherein said time or bandwidth sensitive data is encrypted and transmitted directly to said client recipient computer.
-
-
52. A system for sending an encrypted digital message from a user at a client sender computer to a client recipient computer over a network, comprising:
-
a client computer operable to access an Enabler computer program, said client computer comprising; a client memory operable to store said Enabler computer program; a client processor electrically connected to said client memory, said client processor operable to execute said Enabler computer program such that said client computer is directed by said Enabler computer program to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; an encryption server, said encryption server operable to process requests from said client computer, said encryption server comprising; a server memory operable to store said Server computer program and a database, said database comprising a plurality of said user identifiers, encrypted private keys, and public keys; and a server processor electronically connected to said server memory, said server processor operable to execute said Server computer program such that said encryption server is directed by said Server computer program to communicate with said Enabler computer program to; receive and compare said user identifier against a plurality of user identifiers located in said database of said encryption server to verify identity of said user; retrieve said encrypted private key from said encryption server database; and transmit said encrypted private key from said encryption server to said user'"'"'s client computer; and a network comprising said client sender computer, said encryption server, and said client recipient computer, wherein said network allows communication between said client sender computer and said encryption server and further between said encryption server and said client recipient computer; and wherein said passphrase, private key, or said user recipient'"'"'s public key is not erased after logging-off said network, and said passphrase, said private key, or said user recipient public key remains on said computer.
-
-
53. A method for sending an encrypted digital message from a client sender machine to a client recipient machine comprising the steps of:
-
at said client sender machine; entering a user identifier; and transmitting said user identifier to an encryption server; at said encryption server; receiving said user identifier; comparing said user identifier against a plurality of user identifiers located in a database on said encryption server to verify the identity of said user; retrieving a private key encrypted with a passphrase from said database of said encryption server, said private key having a corresponding public key, thereby forming a public/private key pair; and transmitting said encrypted private key from said encryption server to said user'"'"'s client machine; at said client sender machine; receiving said encrypted private key from said encryption server; decrypting said encrypted private key with said passphrase; generating a digital message; retrieving a user recipient'"'"'s public key from said encryption server database; encrypting said digital message with said user recipient'"'"'s public key; and transmitting said encrypted digital message to said client recipient machine; and wherein said user identifier is said user'"'"'s passphrase, further wherein said user'"'"'s passphrase is hashed and transmitted to said encryption server and compared against said database of hashed passphrases to verify the identity of said user.
-
-
54. A method for sending an encrypted digital message from a client sender machine to a client recipient machine comprising the steps of:
-
at said client sender machine; entering a user identifier; and transmitting said user identifier to an encryption server; at said encryption server; receiving said user identifier; comparing said user identifier against a plurality of user identifiers located in a database on said encryption server to verify the identity of said user; retrieving a private key encrypted with a passphrase from said database of said encryption server, said private key having a corresponding public key, thereby forming a public/private key pair; and transmitting said encrypted private key from said encryption server to said user'"'"'s client machine; at said client sender machine; receiving said encrypted private key from said encryption server; decrypting said encrypted private key with said passphrase; generating a digital message; retrieving a user recipient'"'"'s public key from said encryption server database; encrypting said digital message with said user recipient'"'"'s public key; and transmitting said encrypted digital message to said client recipient machine; and wherein said user encrypted digital message is transmitted from said client sender machine to said encryption server, then transmitted from said encryption server to said client recipient machine.
-
-
55. A method for sending an encrypted digital message from a client sender machine to a client recipient machine comprising the steps of:
-
at said client sender machine; entering a user identifier; and transmitting said user identifier to an encryption server; at said encryption server; receiving said user identifier; comparing said user identifier against a plurality of user identifiers located in a database on said encryption server to verify the identity of said user; retrieving a private key encrypted with a passphrase from said database of said encryption server, said private key having a corresponding public key, thereby forming a public/private key pair; and transmitting said encrypted private key from said encryption server to said user'"'"'s client machine; at said client sender machine; receiving said encrypted private key from said encryption server; decrypting said encrypted private key with said passphrase; generating a digital message; retrieving a user recipient'"'"'s public key from said encryption server database; encrypting said digital message with said user recipient'"'"'s public key; and transmitting said encrypted digital message to said client recipient machine; and wherein said encrypted digital message is transmitted from said client sender machine to a server outside said network then from said server outside said network to said client recipient machine.
-
-
56. A method for sending an encrypted digital message from a client sender machine to a client recipient machine comprising the steps of:
-
at said client sender machine; entering a user identifier; and transmitting said user identifier to an encryption server; at said encryption server; receiving said user identifier; comparing said user identifier against a plurality of user identifiers located in a database on said encryption server to verify the identity of said user; retrieving a private key encrypted with a passphrase from said database of said encryption server, said private key having a corresponding public key, thereby forming a public/private key pair; and transmitting said encrypted private key from said encryption server to said user'"'"'s client machine; at said client sender machine; receiving said encrypted private key from said encryption server; decrypting said encrypted private key with said passphrase; generating a digital message; retrieving a user recipient'"'"'s public key from said encryption server database; encrypting said digital message with said user recipient'"'"'s public key; and transmitting said encrypted digital message to said client recipient machine; and wherein said user may optionally sign said digital message with said private key before encrypting and transmitting said digital message to said encryption server.
-
-
57. A method for sending an encrypted digital message from a client sender machine to a client recipient machine comprising the steps of:
-
entering a user identifier; and transmitting said user identifier to an encryption server to verify identity of said user; and downloading an Enabler computer program from said encryption server to said client sender'"'"'s machine, wherein said Enabler computer program is executable to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key, thereby forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key from said encryption server database; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; and wherein a New User computer program is downloaded from said encryption server to said client sender'"'"'s machine, further wherein said New User computer program is executable to communicate with a Server computer program located on said encryption server to; generate said public/private key pair; generate said user passphrase; generate said user identifier; hash said user passphrase; transmit said hash of said user passphrase to said encryption server to compare against a plurality of hashed English words, common nouns, and popular sayings located on said database of said encryption server; encrypt said private key with said hash of said user passphrase yielding said encrypted private key; and transmit said encrypted private key and public key to said encryption server.
-
-
58. A method for sending an encrypted digital message from a client sender machine to a client recipient machine comprising the steps of:
-
entering a user identifier; and transmitting said user identifier to an encryption server to verify identity of said user; and downloading an Enabler computer program from said encryption server to said client sender'"'"'s machine, wherein said Enabler computer program is executable to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key, thereby forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key from said encryption server database; encrypt a digital message with said user recipient'"'"'s public key; and transmit said encrypted digital message to said user recipient; and wherein said New User computer program and said Enabler computer program are directly loaded onto said client sender'"'"'s machine.
-
-
59. A method for sending an encrypted digital message from a client sender machine to a client recipient machine comprising the steps of:
-
entering a user identifier; and transmitting said user identifier to an encryption server to verify identity of said user; and downloading an Enabler computer program from said encryption server to said client sender'"'"'s machine, wherein said Enabler computer program is executable to communicate with a Server computer program located on said encryption server to; allow said user to enter a user identifier; transmit said user identifier to said encryption server to verify identity of said user; receive a private key encrypted with a passphrase from a database located in a memory of said encryption server, said private key having a corresponding public key, thereby forming a public/private key pair; use said passphrase to decrypt said encrypted private key at said client computer; retrieve a user recipient'"'"'s public key from said encryption server database; encrypt a digital message with said user recipient'"'"'s public key; and
transmit said encrypted digital message to said user recipient; andwherein said encrypted digital message is transmitted from said client sender machine to said encryption server, then transmitted from said encryption server to said client recipient machine.
-
Specification