Authenticated exchange of public information using electronic mail
First Claim
Patent Images
1. A method for authenticating a sender of a digital object on a peer-to-peer (P2P) communication, comprising:
- recognizing P2P communication between a first client and a second client, said first client attempting to exchange information securely with said second client via the P2P communication without a third party mediation, said third party mediation including certificate authorities;
in response to the recognized P2P communication, establishing an electronic mail protocol communication between the first client and the second client after the P2P communication is recognized, said e-mail protocol communication being a separate connection from the P2P communication, said e-mail protocol communication being established by Simple Mail Transport Protocol (SMTP);
generating a first unique identifier (UID);
transmitting from the first client to a previously known address of the second client, via the established electronic mail protocol communication, a first electronic mail (e-mail) message comprising the first UID;
receiving from the second client, via the electronic mail protocol communication, a second e-mail message directed to the first client, said second e-mail message comprising a second UID and a copy of the first UID;
verifying the copy of the first UID is identical to the first UID at the first client; and
transmitting from the first client to the previously known address of the second client, via the electronic mail protocol communication, a third e-mail message to the second client comprising a copy of the second UID;
wherein at least one of the e-mail messages transmitted to the previously known address between the first client and the second client further comprises the digital object, said digital object authenticating the information to be exchanged between the first client and the second client via the P2P communication and not authenticating the first e-mail message, the second e-mail message, or the third e-mail message.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are provided for using an existing email transfer protocol, such as SMTP, to exchange digital objects in an authenticated manner. The provided methods and systems solve the bootstrapping problem of computer identities for P2P communication by authenticating the exchange of public information. If the electronic mail protocols are strong, in that sending an email message to a given address results in the message reaching that address with a high degree of confidence, then the exchange of public information performed in accordance with embodiments of the invention is confidently authenticated.
40 Citations
18 Claims
-
1. A method for authenticating a sender of a digital object on a peer-to-peer (P2P) communication, comprising:
-
recognizing P2P communication between a first client and a second client, said first client attempting to exchange information securely with said second client via the P2P communication without a third party mediation, said third party mediation including certificate authorities; in response to the recognized P2P communication, establishing an electronic mail protocol communication between the first client and the second client after the P2P communication is recognized, said e-mail protocol communication being a separate connection from the P2P communication, said e-mail protocol communication being established by Simple Mail Transport Protocol (SMTP); generating a first unique identifier (UID); transmitting from the first client to a previously known address of the second client, via the established electronic mail protocol communication, a first electronic mail (e-mail) message comprising the first UID; receiving from the second client, via the electronic mail protocol communication, a second e-mail message directed to the first client, said second e-mail message comprising a second UID and a copy of the first UID; verifying the copy of the first UID is identical to the first UID at the first client; and transmitting from the first client to the previously known address of the second client, via the electronic mail protocol communication, a third e-mail message to the second client comprising a copy of the second UID; wherein at least one of the e-mail messages transmitted to the previously known address between the first client and the second client further comprises the digital object, said digital object authenticating the information to be exchanged between the first client and the second client via the P2P communication and not authenticating the first e-mail message, the second e-mail message, or the third e-mail message. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for authenticating a sender of a digital object, comprising:
-
recognizing a peer-to-peer (P2P) communication between a first client and a second client, said first client attempting to exchange information securely with said second client via the P2P communication without a third party mediation, said third party mediation including certificate authorities; in response to the recognized P2P communication, establishing an electronic mail protocol communication between the first client and the second client, said e-mail protocol communication being a separate connection from the P2P communication, said e-mail protocol communication being established by Simple Mail Transport Protocol (SMTP); receiving from the first client, via the established electronic mail protocol communication, a first electronic mail (e-mail) message comprising a first unique identifier (UID); generating a second UID at the second client; transmitting from the second client to a previously known address of the first client, via the electronic mail protocol communication, a second e-mail message comprising the second UID and a copy of the first UID; verifying the copy of the first UID is identical to the first UID at the first client; and receiving at the second client, via the electronic mail protocol communication, a third e-mail message comprising a copy of the second UID from the first client after the first client has verified the copy of the first UID; wherein at least one of the e-mail messages received further comprises the digital object, said digital object authenticating the information to be exchanged between the first client and the second client via the P2P communication and not authenticating the first e-mail message, the second e-mail message, or the third e-mail message. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer storage medium including computer-executable instructions facilitating authenticating a sender of a digital object on a peer-to-peer (P2P) communication, computer-executable instructions executing the steps of:
-
recognizing a peer-to-peer (P2P) communication between a first client and a second client, said first client attempting to exchange information securely with said second client via the P2P communication without a third party mediation, said third party mediation including certificate authorities; in response to the recognized P2P communication, establishing an electronic mail protocol communication between the first client and the second client, said e-mail protocol communication being a separate connection from the P2P communication, said e-mail protocol communication being established by Simple Mail Transport Protocol (SMTP); generating a first unique identifier (UID); transmitting from the first client to a previously known address of the second client, via the established electronic mail protocol communication, a first electronic mail (e-mail) message comprising the first UID; receiving from the second client, via the electronic mail protocol communication, a second e-mail message directed to the first client comprising a second UID and a copy of the first UID; verifying the copy of the first UID is identical to the first UID at the first client; and transmitting from the first client to the previously known address, via the electronic mail protocol communication, a third e-mail message to the second client comprising a copy of the second UID; wherein at least one of the messages transmitted to the previously known address further comprises the digital object, said digital object including the-information to be exchanged between the first client and the second client via the P2P communication and not authenticating the first e-mail message, the second e-mail message, or the third e-mail message. - View Dependent Claims (16, 17)
-
-
18. An apparatus for securely exchanging a public key without third party mediation, comprising:
-
a random number generator generating a first unique identifier (UID); a network interface recognizing a peer-to-peer (P2P) communication between a first client and a second client, said first client attempting to exchange a public key securely with said second client via the P2P communication; wherein, in response to the recognized P2P communication, the network interface establishes an electronic mail protocol communication between the first client and the second client, said e-mail protocol communication being a separate connection from the P2P communication, said e-mail protocol communication being established by Simple Mail Transport Protocol (SMTP); wherein the network interface transmits to a previously known address associated with the second client, via the established electronic mail (e-mail) protocol communication, a first e-mail message comprising the first UID; wherein the network interface receives, via the electronic mail protocol communication, a second e-mail message transmitted to a previously known address associated with the first client, said second e-mail message comprising a second UID and a copy of the first UID, wherein the copy of the first UID is compared to the first UID for verification thereof wherein the network interface transmits to the previously known address associated with the second client, via the electronic mail protocol communication, a third e-mail message comprising a copy of the second UID, wherein the copy of the second UID is compared to the second UID for verification thereof; and wherein at least one of the e-mail messages transmitted to the previously known address associated with the second client further comprises the key by which the information to be exchanged between the first client and the second client via the P2P communication is secured and not authenticating the first e-mail message, the second e-mail message, or the third e-mail message.
-
Specification