Method and apparatus for recovering encryption session keys
First Claim
1. An apparatus for encrypting at least one message and at least one session key, the message being transmitted to at least one intended recipient by a sender, wherein the at least one intended recipient and the sender are different entities, the apparatus having an input and an output and comprising:
- a cypher text encryptor having a first input coupled to the apparatus input to receive the at least one message, and having a second input coupled to receive the at least one session key, the cypher text encryptor for encrypting the message responsive to the session key to create cypher text provided at an output coupled to the apparatus output;
an encrypted KRF generator having a first input coupled to receive the session key, a second input coupled to receive a public key of a party that is not an intended recipient of the message, the encrypted KRF generator for producing a key recovery field for the at least one intended recipient comprising the session key and at least one identifier of the at least one intended recipient of the message, for encrypting the key recovery field responsive to the public key received at the second encrypted KRF generator input to produce an encrypted key recovery field provided at an output coupled to the apparatus output;
a session key encryptor having a first input for receiving the session key and a second input for receiving a public key of the at least one intended recipient of the message, the session key encryptor for encrypting the session key received at the session key encryptor first input responsive to the public key received at the session key encryptor second input to produce an encrypted session key provided at an output coupled to the apparatus output; and
a packet generator for generating a data transmission packet to the at least one intended recipient, the packet comprising the cypher text, the encrypted key recovery field and the encrypted session key provided at the apparatus output.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus allows a session key for a encrypted message to be recovered even if the recipient loses or forgets his private key. A session key encrypted using the public key of a party other than the intended recipient of the message is transmitted to the third party such as a certificate authority, who uses an identifier to retrieve private information known to the intended recipient of the message. The third party can compare the private information with private information provided by the party claiming to be the intended recipient. If the private information retrieved matches or nearly matches the private information provided, the third party can decrypt the session key using the third party'"'"'s private key and provide the session key to the intended recipient. The intended recipient can then use the session key to decrypt the message, without making available the intended recipient'"'"'s private key to any party other than the intended recipient, or storing the intended recipient'"'"'s public key on the third party'"'"'s system. Law enforcement agencies can intercept the message and the session key encrypted with the third party'"'"'s public key and can provide to the third party a court order to retrieve the session key to decrypt the message without notifying the intended recipient.
76 Citations
33 Claims
-
1. An apparatus for encrypting at least one message and at least one session key, the message being transmitted to at least one intended recipient by a sender, wherein the at least one intended recipient and the sender are different entities, the apparatus having an input and an output and comprising:
-
a cypher text encryptor having a first input coupled to the apparatus input to receive the at least one message, and having a second input coupled to receive the at least one session key, the cypher text encryptor for encrypting the message responsive to the session key to create cypher text provided at an output coupled to the apparatus output;
an encrypted KRF generator having a first input coupled to receive the session key, a second input coupled to receive a public key of a party that is not an intended recipient of the message, the encrypted KRF generator for producing a key recovery field for the at least one intended recipient comprising the session key and at least one identifier of the at least one intended recipient of the message, for encrypting the key recovery field responsive to the public key received at the second encrypted KRF generator input to produce an encrypted key recovery field provided at an output coupled to the apparatus output;
a session key encryptor having a first input for receiving the session key and a second input for receiving a public key of the at least one intended recipient of the message, the session key encryptor for encrypting the session key received at the session key encryptor first input responsive to the public key received at the session key encryptor second input to produce an encrypted session key provided at an output coupled to the apparatus output; and
a packet generator for generating a data transmission packet to the at least one intended recipient, the packet comprising the cypher text, the encrypted key recovery field and the encrypted session key provided at the apparatus output. - View Dependent Claims (2, 3)
-
-
4. A method of encrypting a message and a session key, the message being transmitted to at least one intended recipient by a sender, wherein the at least one intended recipient and the sender are different entities, the method comprising:
-
receiving by the sender a session key;
encrypting by the sender the message responsive to the session key to generate an encrypted message;
receiving by the sender a trustee key associated with a trustee that is not the same entity as the sender or the at least one intended recipient;
receiving by the sender a recipient key associated with the intended recipient;
generating by the sender a key recovery field for the at least one intended recipient, the key recovery field comprising the session key and at least one identifier of the at least one intended recipient of the message;
encrypting by the sender the key recovery field responsive to a trustee key to generate an encrypted key recovery field;
encrypting the session key by the sender responsive to the recipient key to generate an encrypted session key;
generating by the sender a data transmission packet comprising the encrypted message, the encrypted key recovery field and the encrypted session key; and
transmitting by the sender the data transmission packet to the at least one intended recipient. - View Dependent Claims (5, 6, 7)
-
-
8. A computer program product having a computer useable medium having computer readable program code embodied therein for encrypting a message and a session key, the message being transmitted to at least one intended recipient by a sender, wherein the at least one intended recipient and the sender are different entities, the computer program product comprising:
-
computer readable program code devices configured to cause a computer to receive a session key;
computer readable program code devices configured to cause a computer to encrypt the message responsive to the session key to generate an encrypted message;
computer readable program code devices configured to cause a computer to receive a trustee key;
computer readable program code devices configured to cause a computer to receive a recipient key;
computer program code devices configured to cause a computer to generate a key recovery field for the at least one intended recipient, the key recovery field comprising the session key and at least one identifier of the at least one intended recipient of the message;
computer program code devices configured to cause a computer to encrypted the key recovery field responsive to a trustee key to generate an encrypted key recovery field;
computer readable program code devices configured to cause a computer to encrypt the session key responsive to the recipient key;
computer readable program code devices configured to cause a computer to generate a data transmission packet comprising the encrypted message, the encrypted key recovery field and the encrypted session key; and
computer readable program code devices configured to transmit the package to at least one intended recipient. - View Dependent Claims (9, 10, 11)
-
-
12. A method of decrypting a session key sent to a recipient by a sender, the method comprising:
-
a) the recipient receiving a data packet from the sender, the data packet comprising a plurality of data subpackets, wherein;
a first data subpacket includes an encrypted session key which is generated by encrypting the session key with a recipient encryption key; and
a second data subpacket includes an encrypted key recovery field, the key recovery field comprising the session key and at least one identifier of the recipient, the key recovery field encrypted with a trustee encryption key;
b) providing a first submethod and a second submethod, wherein the first submethod comprises;
the recipient selecting the first data subpacket; and
the recipient decrypting the session key using a recipient decryption key; and
further wherein the second submethod comprises;
the recipient selecting the second data subpacket;
the recipient forwarding the second data subpacket to a trustee;
the trustee decrypting the session key using a trustee decryption key; and
the trustee sending the recipient the session key in response to the trustee recognizing the recipient at least partially based on the at least one identifier of the recipient; and
c) the recipient then selecting a first submethod or a second submethod. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A computer program product having a computer useable medium having computer readable program code embodied therein for decrypting a session key sent to a recipient by a sender, the computer program product comprising:
-
a) computer readable program code devices configured to cause a computer to receive a data packet from the sender, the data packet comprising a plurality of data subpackets, wherein;
a first data subpacket includes the session key encrypted with a recipient encryption key; and
a second data subpacket includes a key recovery field comprising the session key encrypted with a trustee encryption key;
b) computer program code devices configured to a cause a computer to provide a first submethod and a second submethod;
c) computer readable program code devices configured to cause a computer to permit the recipient to select the first submethod or the second submethod, wherein the first submethod comprises;
the recipient selecting the first data subpacket; and
the recipient decrypting the session key using a recipient decryption key; and
further wherein the second submethod comprises;
the recipient selecting the second data subpacket;
the recipient forwarding the second data subpacket to a trustee;
the trustee decrypting the session key using a trustee decryption key;
the trustee sending the recipient the session key in response to the trustee recognizing the recipient, d) computer program code devices configured to cause a computer to receive a selection from the recipient that indicates the first or second submethod has been selected as a selected submethod; and
e) computer program code devices configured to cause a computer to perform the selected submethod. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
-
26. An apparatus for decrypting a session key sent to a recipient by a sender, the apparatus comprising:
-
a) means for receiving a data packet from the sender, the data packet comprising a plurality of data subpackets, wherein;
a first data subpacket includes the session key encrypted with a recipient encryption key; and
a second data subpacket includes a key recovery field comprising the session key encrypted with a trustee encryption key;
b) means for providing a first subpacket processor and a second subpacket processor;
c) means for permitting the recipient to select said first subpacket processor or said second subpacket processor, wherein the first subpacket processor comprises;
means for selecting the first data subpacket; and
means for decrypting the session key using a recipient decryption key; and
further wherein the second subpacket processor comprises;
means for selecting the second data subpacket;
means for forwarding the second data subpacket to a trustee;
means for decrypting the session key using a trustee decryption key;
means for sending the session key to the recipient in response to the trustee recognizing the recipient. - View Dependent Claims (27, 28, 29, 30, 31, 32)
-
-
33. A method of exchanging a message having at least one intended recipient, a sender, and encrypting a session key, wherein the intended recipient and the sender are different entities, the method comprising:
-
receiving by the sender a session key;
encrypting by the sender the message responsive to the session key to generate an encrypted message;
receiving by the sender a trustee key associated with a trustee that is not the same entity as the sender or the at least one intended recipient;
receiving by the sender a recipient key associated with the intended recipient;
generating by the sender a key recovery field for the at least one intended recipient, the key recovery field comprising the session key and at least one identifier of the at least one intended recipient of the message;
encrypting by the sender the key recovery field responsive to a trustee key to generate an encrypted key recovery field;
encrypting the session key by the sender responsive to the recipient key to generate an encrypted session key;
generating by the sender a data transmission packet comprising the encrypted message, the encrypted key recovery field and the encrypted session key;
transmitting by the sender the data transmission packet to the at least one intended recipient;
receiving by the at least one intended recipient the data transmission packet;
extracting by the at least one intended recipient the encrypted key recovery field from the data transmission packet;
forwarding by the at least one intended recipient the encrypted key recovery field to the trustee;
determining by the trustee at least partially based on the intended recipient key whether the trustee should transmit the session key to the at least one intended recipient; and
transmitting by the trustee the session key to the at least one intended recipient when the determining determines that the trustee should transmit the session key.
-
Specification