×

Secure internet user state creation method and system with user supplied key and seeding

  • US 6,601,170 B1
  • Filed: 04/07/2000
  • Issued: 07/29/2003
  • Est. Priority Date: 12/30/1999
  • Status: Expired due to Term
First Claim
Patent Images

1. A method for creating secure Internet user states between one or more servers and one or more Internet users, a server comprising an operable Internet connection, a server memory, server software, cryptography software, and a CPU for executing said server software and said cryptography software, wherein said server CPU, said server memory and said server Internet connection are operatively connected to each other by at least one bus, associated with each of said one or more users, a remote computer comprising an operable Internet connection, Internet software, one or more computer memories, one or more input devices and a CPU for executing said Internet software, wherein said computer Internet connection, each of said one or more computer memories, each of said one or more input devices and said computer CPU are operatively connected to each other by at least one bus, said method comprising the steps of:

  • a) sending by a user initial private data relating to said user over the Internet to a first server by one or more user inputs via one or more of said input devices connected to a remote computer of said user;

    b) receiving said initial private data from the Internet by said first server, said first server storing said initial private data in said first server memory;

    c) sending by said user a user key associated with said user over the Internet to said first server by one or more user inputs via one or more of said input devices, said user key having a size of U bits, where U>

    0;

    d) receiving said user key from the Internet by said first server, said first server storing said user key in said first server memory;

    e) creating by said first server an encryption key having a size of E bits from said user key, wherein said step of creating comprises inserting one or more bits into said user key at a position K of said user key, where 1≧

    K≧

    U+1 and E>

    0;

    f) encrypting said initial private data by said first server by input of said initial private data and said encryption key into said cryptography software, the output of said cryptography software being encrypted private data;

    g) assigning by said first server said encrypted private data to the value field of a cookie and a name to the name field of said cookie;

    h) sending by said first server said cookie over the Internet to said remote computer;

    i) receiving by said remote computer said cookie from the Internet, wherein said remote computer stores said cookie in a first computer memory;

    j) sending by said remote computer said cookie over the Internet to said first server;

    k) receiving by said first server said cookie from the Internet, wherein said first server extracts said encrypted private data from said cookie and stores said encrypted private data in said first server memory;

    l) resending by said user said user key over the Internet to said first server;

    m) receiving said user key from the Internet by said first server, said first server storing said user key in said first server memory;

    n) recreating by said first server said encryption key from said user key, wherein said step of recreating comprises inserting said one or more bits into said user key at said position K of said user key;

    o) decrypting said encrypted private data by said first server by input of said encrypted private data and said encryption key into said cryptography software, the output of said cryptography software being said initial private data; and

    p) establishing a state between said first server and said user by said first server based on said initial private data.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×