System and method for protecting privacy and anonymity of parties of network communications
First Claim
1. A method for a Web server, the method comprising:
- receiving a cryptographic key from a routing control server for use inrouting messages passed during a communication session between a client and a target server;
receiving a message associated with the communication session from an upstream node of a routing chain for the communication session in which the Web server is a node;
decrypting the message from the upstream Web server with the cryptographic key; and
forwarding the decrypted message to a downstream node of the routing chain.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method is provided for handling network communications between a client and a target server on the Internet to protect the privacy and anonymity of the client.
For a session between the client and the target server, a routing control server sets up a routing chain using a plurality of Web servers randomly selected from a pool of participating Web servers as routers for routing messages between the client and the target server. To prevent traffic analysis, an “onion encryption” scheme is applied to the messages as they are forwarded along the routing chain.
A payment service cooperating with the routing control server allows a user to pay for the privacy protection service without revealing her real identity.
-
Citations
10 Claims
-
1. A method for a Web server, the method comprising:
-
receiving a cryptographic key from a routing control server for use in routing messages passed during a communication session between a client and a target server; receiving a message associated with the communication session from an upstream node of a routing chain for the communication session in which the Web server is a node; decrypting the message from the upstream Web server with the cryptographic key; and forwarding the decrypted message to a downstream node of the routing chain. - View Dependent Claims (2)
-
-
3. A computer-readable medium having stored thereon a secure message data structure, the secure message data structure comprising:
-
a first data field containing data representing an ordered chain of Web servers, the ordered chain comprising identifications of a plurality of Web servers; a second data field containing data representing a plurality of cryptographic keys; a third data field containing data representing a message; and a fourth data field containing data representing an encrypted version of the message, the encrypted message formed by encrypting the message with the plurality of cryptographic keys according to an order of the Web servers in the ordered chain of Web servers.
-
-
4. A system for protecting a message sent from a client over the Internet to a target server, the system comprising:
-
the message; the client configured for sending a request to a routing control server for a secure routing chain of Web servers, for receiving from the routing control server routing information identifying a plurality of Web servers in the secure routing chain, for receiving from the routing control server a plurality of cryptographic keys each corresponding to a Web server in the secure routing chain, for formatting the message according to a protocol for accessing Web services, for encrypting the message with the plurality of cryptographic keys according to an order of the Web servers in the secure routing chain, and for forwarding the encrypted message to a first Web server in the secure routing chain; and the routing control server. - View Dependent Claims (5, 6, 7, 8)
-
-
9. A system for securely transmitting a message sent from a client over the Internet to a target server, the system comprising:
-
a Web server configured for receiving a cryptographic key from a routing control server for use in routing the message, for receiving an encrypted version of the message from an upstream node of a secure routing chain, for decrypting the message received from the upstream node with the cryptographic key, and for forwarding the decrypted message to a downstream node of the secure routing chain; and the routing control server. - View Dependent Claims (10)
-
Specification