Approach for managing access to messages using encryption key management policies

US 7,333,616 B1
Filed: 11/14/2002
Issued: 02/19/2008
Est. Priority Date: 11/14/2001
Status: Active Grant

First Claim

Patent Images

1. A method for managing access to messages, the method comprising the computer-implemented steps of:

a first client,generating a message key,encrypting a message with the message key to generate an encrypted message;

a policy server generating and providing to the first client;

a user key that is generated based upon a user key descriptor that includes user identification data that uniquely identifies the user associated with the first client, anda user recovery key that is generated based upon both a server recovery key and user identification data that uniquely identifies a user associated with the first client;

the policy server generating and deleting the server recovery key in accordance with an encryption key management policy;

the first client,generating an encrypted message key by encrypting the message key with at least the user recovery key and the user key,deleting the message key,transmitting the encrypted message and the encrypted message key from the first client to the second client;

the second client transmitting the encrypted message key to the policy server;

the policy server receiving the encrypted message key from the second client;

the policy server decrypting the encrypted message key using both the user recovery key and the user key to recover the message key that was used to generate the encrypted message that was received by the second client from the first client; and

providing the message key to the second client to enable the second client to decrypt the encrypted message and recover the message.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Controlling access to disseminated messages includes implementing one or more key management policies that specify how various encryption keys are maintained and in particular, when encryption keys are made inaccessible. Deleting a particular key renders inaccessible all copies of messages, known or unknown, associated with the particular key, regardless of the location of the associated messages. A message may be directly associated with a deleted key. For example, a message may be directly associated with a deleted key by having been encrypted using the deleted key. A message may also be indirectly associated with a deleted key. For example, a message may be indirectly associated with a deleted key by being encrypted with a key that in turn was encrypted using the deleted key. Any number of levels are indirection are possible and either situation makes the message unrecoverable. The approach is applicable to any type of data in any format and the invention is not limited to any type of data or any type of data format. Examples of data include, but are not limited to, text data, voice data, graphics data and email. Although embodiments of the invention are described hereinafter in the context of controlling access to email, the invention is not limited to the email context and is applicable to controlling access to any type of messages or data.

85 Citations

View as Search Results

27 Claims

1. A method for managing access to messages, the method comprising the computer-implemented steps of:
- a first client,generating a message key,encrypting a message with the message key to generate an encrypted message;
  
  a policy server generating and providing to the first client;
  
  a user key that is generated based upon a user key descriptor that includes user identification data that uniquely identifies the user associated with the first client, anda user recovery key that is generated based upon both a server recovery key and user identification data that uniquely identifies a user associated with the first client;
  
  the policy server generating and deleting the server recovery key in accordance with an encryption key management policy;
  
  the first client,generating an encrypted message key by encrypting the message key with at least the user recovery key and the user key,deleting the message key,transmitting the encrypted message and the encrypted message key from the first client to the second client;
  
  the second client transmitting the encrypted message key to the policy server;
  
  the policy server receiving the encrypted message key from the second client;
  
  the policy server decrypting the encrypted message key using both the user recovery key and the user key to recover the message key that was used to generate the encrypted message that was received by the second client from the first client; and
  
  providing the message key to the second client to enable the second client to decrypt the encrypted message and recover the message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method as recited in claim 1, wherein the user key descriptor further includes a key validity period that indicates a time period during which the user key may be used.
  - 3. The method as recited in claim 2, wherein the user key descriptor further includes a random number seed value.
  - 4. The method as recited in claim 1, wherein the user key is further generated by a server long term key.
  - 5. The method as recited in claim 1, further comprising the computer-implemented steps of:
    - the first client generating and providing to the second client, metadata associated with the encrypted message received by the second client from the first client, wherein the metadata includes a message creation time associated with the message and a user key validity period that specifies a valid time period for using the first recovery key;
      
      the server receiving the metadata from the second client; and
      
      the server examining the metadata and if the message creation time did not occur within the key validity period, then the server generating and providing to the second client data that indicates that the message is invalid.
  - 6. The method as recited in claim 1, further comprising the computer-implemented steps of:
    - receiving, from the second client, metadata associated with the encrypted message received by the second client from the first client;
      
      receiving, from the second client, first signature data that is uniquely associated with the metadata and a user associated with the first client;
      
      generating second signature data based upon the user identification data; and
      
      if the first signature data does not match the second signature data, then generating and providing to the second policy client data that indicates that the message is invalid.
  - 7. The method as recited in claim 1, further comprising the computer implemented steps of:
    - receiving, from the second client, metadata associated with the encrypted message received by the second client from the first client, wherein the metadata includes an access control list indicating valid recipients of the message;
      
      receiving, from the second client, authentication credentials uniquely associated with the second client;
      
      checking the authentication credentials of the second client against the access control list contained in the message metadata; and
      
      if the authentication credentials do not match data contained in the access control list, then generating and providing to the second policy client data that indicates that access to the message has been denied.
  - 8. The method as recited in claim 1, further comprising the computer implemented steps of:
    - receiving, from the second client, metadata associated with the encrypted message received by the second client from the first client, wherein the metadata contains a message expiration time;
      
      checking the current time against the message expiration time contained in the message metadata; and
      
      if the message has expired, then generating and providing to the second policy client data that indicates that the message has expired.
  - 9. The method as recited in claim 1, further comprising the computer-implemented step of prior to decrypting the encrypted message key using the user recovery key,deleting the user recovery key;
    - andre-generating the user recovery key based upon both the server recovery key and the user identification data.

10. A computer-readable storage medium for managing access to messages, the computer-readable storage medium storing one or more sequences of instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- a first client,generating a message key,encrypting a message with the message key to generate an encrypted message;
  
  a policy server generating and providing to the first client;
  
  a user key that is generated based upon a user key descriptor that includes user identification data that uniquely identifies the user associated with the first client, anda user recovery key that is generated based upon both a server recovery key and user identification data that uniquely identifies a user associated with the first client;
  
  the policy server generating and deleting the server recovery key in accordance with an encryption key management policy;
  
  the first client,generating an encrypted message key by encrypting the message key with at least the user recovery key and the user key,deleting the message key,transmitting the encrypted message and the encrypted message key from the first client to the second client;
  
  the second client transmitting the encrypted message key to the policy server;
  
  the policy server receiving the encrypted message key from the second client;
  
  the policy server decrypting the encrypted message key using both the user recovery key and the user key to recover the message key that was used to generate the encrypted message that was received by the second client from the first client; and
  
  providing the message key to the second client to enable the second client to decrypt the encrypted message and recover the message.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The computer-readable storage medium as recited in claim 10, wherein the user key descriptor further includes a key validity period that indicates a time period during which the user key may be used.
  - 12. The computer-readable storage medium as recited in claim 11, wherein the user key descriptor further includes a random number seed value.
  - 13. The computer-readable storage medium as recited in claim 10, wherein the user key is further generated by a server long term key.
  - 14. The computer-readable medium as recited in claim 10, further comprising one or more sequences of additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of:
    - the first client generating and providing to the second client, metadata associated with the encrypted message received by the second client from the first client, wherein the metadata includes a message creation time associated with the message and a user key validity period that specifies a valid time period for using the first recovery key;
      
      the server receiving the metadata from the second client; and
      
      the server examining the metadata and if the message creation time did not occur within the key validity period, then the server generating and providing to the second client data that indicates that the message is invalid.
  - 15. The computer-readable storage medium as recited in claim 10, further comprising one or more sequences of additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of:
    - receiving, from the second client, metadata associated with the encrypted message received by the second client from the first client;
      
      receiving, from the second client, first signature data that is uniquely associated with the metadata and a user associated with the first client;
      
      generating second signature data based upon the user identification data; and
      
      if the first signature data does not match the second signature data, then generating and providing to the second policy client data that indicates that the message is invalid.
  - 16. The computer-readable storage medium as recited in claim 10, further comprising one or more sequences of additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of:
    - receiving, from the second client, metadata associated with the encrypted message received by the second client from the first client, wherein the metadata includes an access control list indicating valid recipients of the message;
      
      receiving, from the second client, authentication credentials uniquely associated with the second client;
      
      checking the authentication credentials of the second client against the access control list contained in the message metadata; and
      
      if the authentication credentials do not match data contained in the access control list, then generating and providing to the second policy client data that indicates that access to the message has been denied.
  - 17. The computer-readable storage medium as recited in claim 10, further comprising one or more sequences of additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of:
    - receiving, from the second client, metadata associated with the encrypted message received by the second client from the first client, wherein the metadata contains a message expiration time;
      
      checking the current time against the message expiration time contained in the message metadata; and
      
      if the message has expired, then generating and providing to the second policy client data that indicates that the message has expired.
  - 18. The computer-readable storage medium as recited in claim 10, further comprising one or more sequences of additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the step of prior to decrypting the encrypted message key using the user recovery key, deleting the user recovery key;
    - andre-generating the user recovery key based upon both the server recovery key and the user identification data.

19. An apparatus for managing access to messages, the apparatus comprising a memory carrying one or more sequences of instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- a first client,generating a message key,encrypting a message with the message key to generate an encrypted message;
  
  a policy server generating and providing to the first client;
  
  a user key that is generated based upon a user key descriptor that includes user identification data that uniquely identifies the user associated with the first client, anda user recovery key that is generated based upon both a server recovery key and user identification data that uniquely identifies a user associated with the first client;
  
  the policy server generating and deleting the server recovery key in accordance with an encryption key management policy;
  
  the first client,generating an encrypted message key by encrypting the message key with at least the user recovery key and the user key,deleting the message key,transmitting the encrypted message and the encrypted message key from the first client to the second client;
  
  the second client transmitting the encrypted message key to the policy server;
  
  the policy server receiving the encrypted message key from the second client;
  
  the policy server decrypting the encrypted message key using both the user recovery key and the user key to recover the message key that was used to generate the encrypted message that was received by the second client from the first client; and
  
  providing the message key to the second client to enable the second client to decrypt the encrypted message and recover the message.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The apparatus as recited in claim 19 wherein the user key descriptor further includes a key validity period that indicates a time period during which the user key may be used.
  - 21. The apparatus as recited in claim 20, wherein the user key descriptor further includes a random number seed value.
  - 22. The apparatus as recited in claim 19, wherein the user key is further generated by a server long term key.
  - 23. The apparatus as recited in claim 19, wherein the memory further comprises one or more sequences of additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of:
    - the first client generating and providing to the second client, metadata associated with the encrypted message received by the second client from the first client, wherein the metadata includes a message creation time associated with the message and a user key validity period that specifies a valid time period for using the first recovery key;
      
      the server receiving the metadata from the second client; and
      
      the server examining the metadata and if the message creation time did not occur within the key validity period, then the server generating and providing to the second client data that indicates that the message is invalid.
  - 24. The apparatus as recited in claim 19, wherein the memory further comprises one or more sequences of additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of:
    - receiving, from the second client, metadata associated with the encrypted message received by the second client from the first client;
      
      receiving, from the second client, first signature data that is uniquely associated with the metadata and a user associated with the first client;
      
      generating second signature data based upon the user identification data; and
      
      if the first signature data does not match the second signature data, then generating and providing to the second policy client data that indicates that the message is invalid.
  - 25. The apparatus as recited in claim 19, wherein the memory further comprises one or more sequences of additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of:
    - receiving, from the second client, metadata associated with the encrypted message received by the second client from the first client, wherein the metadata includes an access control list indicating valid recipients of the message;
      
      receiving, from the second client, authentication credentials uniquely associated with the second client;
      
      checking the authentication credentials of the second client against the access control list contained in the message metadata; and
      
      if the authentication credentials do not match data contained in the access control list, then generating and providing to the second policy client data that indicates that access to the message has been denied.
  - 26. The apparatus as recited in claim 19, wherein the memory further comprises one or more sequences of additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of:
    - receiving, from the second client, metadata associated with the encrypted message received by the second client from the first client, wherein the metadata contains a message expiration time;
      
      checking the current time against the message expiration time contained in the message metadata; and
      
      if the message has expired, then generating and providing to the second policy client data that indicates that the message has expired.
  - 27. The apparatus as recited in claim 19, wherein the memory further comprises one or more sequences of additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the step of prior to decrypting the encrypted message key using the user recovery key, deleting the user recovery key;
    - andre-generating the user recovery key based upon both the server recovery key and the user identification data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Check Point Software Technologies Incorporated (Check Point Software Technologies Limited)
Original Assignee
Omniva Corp. (Check Point Software Technologies Limited)
Inventors
Brettle, Dean, Zadik, Yair
Primary Examiner(s)
Moise; Emmanuel L.
Assistant Examiner(s)
GERGISO, TECHANE

Application Number

US10/295,083
Time in Patent Office

1,923 Days
Field of Search

380/277, 380/286, 713/193, 713/186, 713/164
US Class Current

380/277
CPC Class Codes

H04L 9/0894 Escrow, recovery or storing...

Approach for managing access to messages using encryption key management policies

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

85 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Approach for managing access to messages using encryption key management policies

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

85 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links