System and method for embedding user authentication information in encrypted data

US 7,606,769 B2
Filed: 10/12/2005
Issued: 10/20/2009
Est. Priority Date: 10/12/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A system for secure document transmission comprising:

a processor;

a memory storing computer readable instructions which when executed by the processor cause the processor to perform the steps of;

receiving, with an initial encrypted electronic document transmission to a document processing device, an encrypted key into a data storage associated with the document processing device, which key has first and second key portions, the second key portion being associated with source data corresponding to a source of at least the initial electronic document directed for transmission to the document processing device;

decrypting the encrypted key;

extracting the first key portion from the decrypted key;

storing the extracted first key portion in a data storage of the document processing device associatively with the source data corresponding thereto;

receiving at least a second encrypted electronic document into the document processing device, wherein the electronic document includes an encrypted header including the second key portion without the first key portion;

receiving login data at the document processing device;

extracting the second key portion from the second electronic document by decrypting, via the computer, the header of the second encrypted electronic document at the document processing device using a private key;

identifying a user via an association of the second key portion decrypted from the header with the first key portion data in the data storage corresponding thereto and received login data;

decrypting a received electronic document inclusive of identification thereof using a reconstructed symmetric key formed by combining the second key portion from the decrypted header and the first key portion retrieved from the data storage corresponding to an output of the identifying means;

commencing a document processing operation on a decrypted electronic document from the decrypting means; and

generating an output document from the document processing device based on the document processing operation and the decrypted electronic document.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention is directed to a system and method for secure document transmission. The method begins by receiving first and second key portions into a data storage associated with a document processing device. The first key portion suitably includes data representing a user of the document processing device and the second key portion suitably includes data representing a source of at least one electronic document directed for transmission to the document processing device. Next, at least one encrypted electronic document is received into the document processing device, wherein the document includes the second key portion. The received electronic document is then decrypted using the second key portion and the first key portion, which was retrieved from the data storage. Following decryption, a document processing operation is commenced on the decrypted electronic document.

13 Citations

View as Search Results

12 Claims

1. A system for secure document transmission comprising:
- a processor;
  
  a memory storing computer readable instructions which when executed by the processor cause the processor to perform the steps of;
  
  receiving, with an initial encrypted electronic document transmission to a document processing device, an encrypted key into a data storage associated with the document processing device, which key has first and second key portions, the second key portion being associated with source data corresponding to a source of at least the initial electronic document directed for transmission to the document processing device;
  
  decrypting the encrypted key;
  
  extracting the first key portion from the decrypted key;
  
  storing the extracted first key portion in a data storage of the document processing device associatively with the source data corresponding thereto;
  
  receiving at least a second encrypted electronic document into the document processing device, wherein the electronic document includes an encrypted header including the second key portion without the first key portion;
  
  receiving login data at the document processing device;
  
  extracting the second key portion from the second electronic document by decrypting, via the computer, the header of the second encrypted electronic document at the document processing device using a private key;
  
  identifying a user via an association of the second key portion decrypted from the header with the first key portion data in the data storage corresponding thereto and received login data;
  
  decrypting a received electronic document inclusive of identification thereof using a reconstructed symmetric key formed by combining the second key portion from the decrypted header and the first key portion retrieved from the data storage corresponding to an output of the identifying means;
  
  commencing a document processing operation on a decrypted electronic document from the decrypting means; and
  
  generating an output document from the document processing device based on the document processing operation and the decrypted electronic document.
- View Dependent Claims (2, 3, 4)
- - 2. The system for secure document transmission of claim 1, wherein the means for receiving the first and second key portions include means for receiving the first and second key portions along with an initial document transmission from a user of the document processing device, wherein the means for receiving include means for receiving a subsequent document from the user which such document need only include the second key portion.
  - 3. The system for secure document transmission of claim 2, wherein the first key portion and the second key portion are derived from a symmetric key.
  - 4. The system for secure document transmission of claim 2, wherein the header further includes authentication data.

5. A method for secure document transmission to a document processing device comprising the steps of:
- receiving, with an initial encrypted electronic document transmission to a document processing device, an encrypted key into a data storage associated with the document processing device, which key has first and second key portions, the second key portion being associated with source data corresponding to a source of at least the initial electronic document directed for transmission to the document processing device;
  
  decrypting the encrypted key in a computer having a processor operating in conjunction with associated memory;
  
  extracting, via the computer, the first key portion from the decrypted key;
  
  storing the extracted first key portion in a data storage of the document processing device associatively with the source data corresponding thereto;
  
  receiving at least a second encrypted electronic document into the document processing device, wherein the electronic document includes an encrypted header including the second key portion without the first key portion;
  
  receiving login data at the document processing device;
  
  extracting the second key portion from the second electronic document by decrypting, via the computer, the header of the second encrypted electronic document at the document processing device using a private key;
  
  identifying, at the document processing device, a user via an association of the second key portion decrypted from the header with the first key portion data in the data storage corresponding thereto and received login data;
  
  decrypting, via the computer, a received electronic document inclusive of identification thereof using a reconstructed symmetric key formed by combining the second key portion from the decrypted header and the first key portion retrieved from the data storage corresponding to an output of the identifying;
  
  commencing a document processing operation on the decrypted electronic document at the document processing device; and
  
  generating an output document from the document processing device based on the document processing operation and the decrypted electronic document.
- View Dependent Claims (6, 7, 8)
- - 6. The method for secure document transmission of claim 5, wherein the first and second key portions are received along with an initial document transmission from a user of the document processing device, wherein the step of receiving at least one encrypted electronic document includes receiving a subsequent document from the user, wherein such document need only include the second key portion.
  - 7. The method for secure document transmission of claim 6, wherein the first key portion and the second key portion are derived from a symmetric key.
  - 8. The method for secure document transmission of claim 7, wherein the header further includes authentication data.

9. A computer-readable medium encoded with a computer program which when executed causes a computer to perform the steps of:
- receiving, with an initial encrypted electronic document transmission to a document processing device, an encrypted key into a data storage associated with the document processing device, which key has first and second portions, the second key portion being associated with source data corresponding to a source of at least the initial electronic document directed for transmission to the document processing device;
  
  decrypting the encrypted key;
  
  extracting the first key portion from the decrypted key;
  
  storing the extracted first key portion in a data storage of the document processing device associatively with the source data corresponding thereto;
  
  receiving at least a second encrypted electronic document into the document processing device, wherein the electronic document includes an encrypted header including the second key portion without the first key portion;
  
  receiving login data;
  
  extracting the second key portion from the second electronic document by decrypting, via the computer, the header of the second encrypted electronic document at the document processing device using a private key;
  
  identifying a user via an association of the second key portion decrypted from the header with the first key portion data in the data storage corresponding thereto and received login data;
  
  decrypting, via the computer, a received electronic document inclusive of identification thereof using a reconstructed symmetric key formed by combining the second key portion from the decrypted header and the first key portion retrieved from the data storage corresponding to an output of the identifying;
  
  commencing a document processing operation on the decrypted electronic document; and
  
  generating an output document from the document processing device based on the document processing operation and the decrypted electronic document.
- View Dependent Claims (10, 11, 12)
- - 10. The computer-readable medium encoded with a computer program for secure document transmission of claim 9, wherein the receiving first and second key portions include receiving first and second key portions along with an initial document transmission from a user of the document processing device, wherein the receiving at least one encrypted electronic document includes receiving a subsequent document from the user, wherein such document need only include the second key portion.
  - 11. The computer-readable medium encoded with a computer program for secure document transmission of claim 10, wherein the first key portion and the second key portion are derived from a symmetric key.
  - 12. The computer-readable medium encoded with a computer program for secure document transmission of claim 10, wherein the first key portion and the second key portion are derived from a symmetric key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation), Toshiba Tec Corporation (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation), Toshiba Tec Corporation (Toshiba Corporation)
Inventors
Shahindoust, Amir, Yeung, Michael, Yami, Sameer
Primary Examiner(s)
Hewitt, II; Calvin L
Assistant Examiner(s)
Nigh; James D

Application Number

US11/248,037
Publication Number

US 20070143210A1
Time in Patent Office

1,469 Days
Field of Search

713168-181, 380259-269, 380277-286, 705 50- 51
US Class Current

705/51
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 21/6209   to a single file or object,...

H04L 2463/062   applying encryption of the ...

H04L 63/0428   wherein the data content is...

H04L 63/0478   applying multiple layers of...

System and method for embedding user authentication information in encrypted data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for embedding user authentication information in encrypted data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links