Secure electronic transactions using a trusted intermediary
First Claim
1. A system for use with a communication network to securely transmit a message thereover from a sender to a recipient, comprising:
- a transmitter havingfirst logic to receive the message from a user and to form an encrypted inner envelope using a first cryptographic algorithm, the encrypted inner envelope containing the message in an encrypted form decryptable by the recipient;
second logic to form a first information structure associated with the inner envelope, the first information structure containing data identifying the recipient as a destination;
third logic to form an encrypted first information structure using a second cryptographic algorithm, the encrypted first information structure, containing the first information structure in an encrypted form decryptable by the intermediary, wherein the second cryptographic algorithm is different than the first cryptographic algorithm;
fourth logic to receive the encrypted inner envelope and encrypted first information structure and to transmit them as a first package on the communication network;
an intermediary havingfifth logic to receive the first package and to decrypt the encrypted first information structure, using the second cryptographic algorithm, to determine the identifying data;
sixth logic to form a second package, the second package containing the encrypted inner envelope;
seventh logic to inform the recipient of the second package;
a receiver havingeighth logic to obtain the second package; and
ninth logic to decrypt the inner envelope, using the first cryptographic algorithm, to recover the message.
2 Assignments
0 Petitions
Accused Products
Abstract
Secure electronic transactions using a Trusted Intermediary. A system for, and method of, securely transmitting a package from a sender to a recipient, via an intermediary, are described, along with a novel data arrangement, stored in a computer-readable medium. A sender encrypts the message to form an encrypted inner envelope. A waybill is formed that among other things identifies the recipient as the destination and includes information indicating various levels of services desired, e.g., electronic notarization. The waybill and inner envelope are used to form an encrypted outer envelope that is addressed to a trusted intermediary. The intermediary receives the package and decrypts the outer envelope. It is unable to decrypt the inner envelope, due to the keys employed during encryption. The service information is processed, and the package is used to form a second package addressed to the recipient. The recipient decrypts the package and confirms receipt thereof, using a digest of the message. In this way, receipt of the message cannot be properly repudiated by the recipient. An extra level of encryption to form an outer envelope from the intermediary to the recipient may be included, and the various envelopes and confirmation digests may be signed so that the contents and identities may be authenticated.
371 Citations
32 Claims
-
1. A system for use with a communication network to securely transmit a message thereover from a sender to a recipient, comprising:
-
a transmitter having first logic to receive the message from a user and to form an encrypted inner envelope using a first cryptographic algorithm, the encrypted inner envelope containing the message in an encrypted form decryptable by the recipient; second logic to form a first information structure associated with the inner envelope, the first information structure containing data identifying the recipient as a destination; third logic to form an encrypted first information structure using a second cryptographic algorithm, the encrypted first information structure, containing the first information structure in an encrypted form decryptable by the intermediary, wherein the second cryptographic algorithm is different than the first cryptographic algorithm; fourth logic to receive the encrypted inner envelope and encrypted first information structure and to transmit them as a first package on the communication network; an intermediary having fifth logic to receive the first package and to decrypt the encrypted first information structure, using the second cryptographic algorithm, to determine the identifying data; sixth logic to form a second package, the second package containing the encrypted inner envelope; seventh logic to inform the recipient of the second package; a receiver having eighth logic to obtain the second package; and ninth logic to decrypt the inner envelope, using the first cryptographic algorithm, to recover the message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 30)
-
-
17. An arrangement of data stored in a computer-readable medium for containing a message in a secure manner so that it may be transmitted on a communication network from a sender to a recipient, the stored data arrangement comprising:
-
an encrypted inner envelope, containing the message and a digital signature based on the message and the sender; an encrypted outer envelope, containing the encrypted inner envelope; a waybill information structure that includes information identifying the sender as an originator of the message, information identifying the recipient as a destination of the message, and information uniquely identifying the data arrangement; and a digital signature based on the encrypted inner envelope, the waybill information structure and on an identity of an entity transmitting the data arrangement.
-
-
18. A method of securely transmitting a message from a sender to a recipient, via an intermediary, the method comprising the steps of:
-
(a) receiving the message from the sender and using a first cryptographic algorithm to form an encrypted inner envelope, containing the message and decryptable by the recipient; (b) forming a first information structure, associated with the inner envelope, containing data identifying the recipient as a destination; (c) using a second cryptographic algorithm, to form an encrypted information structure, decryptable by the intermediary, wherein the second cryptographic algorithm is different than the first cryptographic algorithm; (d) receiving the encrypted inner envelope and encrypted first information structure and transmitting them as a first package on the communication network; (e) receiving the first package and using the second cryptographic algorithm to decrypt the encrypted first information structure to determine the identifying data; (f) forming a second package, containing the encrypted inner envelope; (g) transmitting the second package on the network; (h) receiving the second package; and (i) decrypting the inner envelope, using the first cryptographic algorithm, to recover the message and to present it to the recipient. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
31. A system for use with a communication network to securely transmit a message thereover from a sender to a recipient, comprising:
-
a first logic to receive the a first package, wherein; the first package includes at least an inner envelope encrypted using a first cryptographic algorithm and decryptable by the receiver and a first information structure containing data identifying the recipient as a destination, the first information structure encrypted using a second cryptographic algorithm; the second cryptographic algorithm is different than the first cryptographic algorithm; and the first logic is capable of decrypting the encrypted first information structure, using the second cryptographic algorithm, to determine the identifying data; a second logic to form a second package, the second package containing the encrypted inner envelope; and a third logic to inform the recipient of the second package.
-
-
32. A method of securely transmitting a message from a sender to a recipient, via an intermediary, the method comprising the steps of:
-
receiving a first package, wherein; the first package includes at least an inner envelope encrypted using a first cryptographic algorithm and decryptable by the receiver and a first information structure containing data identifying the recipient as a destination, the first information structure encrypted using a second cryptographic algorithm; and the second cryptographic algorithm is different than the first cryptographic algorithm; decrypting the encrypted first information structure, using the second cryptographic algorithm, to determine the identifying data; forming a second package, the second package containing the encrypted inner envelope; and informing the recipient of the second package.
-
Specification