Secure electronic message transport protocol
First Claim
1. A method comprising:
- encrypting in a client device flow control information associated with an electronic message, the flow control information including identities of a sender and an intended recipient, the encryption using an encryption key unique to the intended recipient;
transmitting a separately encrypted electronic message with the encrypted flow control information from a client device associated with the sender to a group mailbox server associated with the intended recipient, wherein the group mailbox server receives a plurality of electronic messages for a plurality of different recipients including the intended recipient,transmitting to the intended recipient, independently of the transmission of the electronic message, a first decryption key for decrypting the flow control information associated with an electronic message; and
downloading, by the intended recipient, at least the flow control information of a plurality of messages from said group mailbox server associated with the intended recipient, wherein the messages and encrypted flow control information are retrievable by all members associated with said group mailbox server;
applying, by the recipient, the first decryption key to the plurality of electronic messages received by the group e-mail server to identify the electronic messages for the intended recipient at least in part according to whether at least a part of the electronic message or the encrypted flow control information can be decrypted by the decryption key; and
using information from the portion of the electronic message that can be decrypted by the first decryption key to obtain a second decryption key from a key server, the second decryption key used by the recipient of the message to decrypt at least a second portion of the electronic message.
1 Assignment
0 Petitions
Accused Products
Abstract
An electronic message transport protocol applies two distinct sub-protocols, a message transport protocol and an encryption key management protocol, which operate in tandem to provide enhanced security. The protocol may employ an existing SMTP infrastructure to transport secure email messages, and a key server implementing the key management protocol to transport key packets associated with the secure email message. However, the protocol need not be limited to email, and may be applicable to other electronic message applications. The message transport protocol permits communicating parties to obscure their identities to enhance security. The key management protocol supports message security, and allows senders to control access to messages even after they have been transmitted. The message transport protocol permits the sender to encrypt the entire message and utilizes the key management protocol for exchange of necessary keys. The message transport protocol relies on a group addressing scheme to obscure individual sender and recipient identities.
47 Citations
20 Claims
-
1. A method comprising:
-
encrypting in a client device flow control information associated with an electronic message, the flow control information including identities of a sender and an intended recipient, the encryption using an encryption key unique to the intended recipient; transmitting a separately encrypted electronic message with the encrypted flow control information from a client device associated with the sender to a group mailbox server associated with the intended recipient, wherein the group mailbox server receives a plurality of electronic messages for a plurality of different recipients including the intended recipient, transmitting to the intended recipient, independently of the transmission of the electronic message, a first decryption key for decrypting the flow control information associated with an electronic message; and downloading, by the intended recipient, at least the flow control information of a plurality of messages from said group mailbox server associated with the intended recipient, wherein the messages and encrypted flow control information are retrievable by all members associated with said group mailbox server; applying, by the recipient, the first decryption key to the plurality of electronic messages received by the group e-mail server to identify the electronic messages for the intended recipient at least in part according to whether at least a part of the electronic message or the encrypted flow control information can be decrypted by the decryption key; and using information from the portion of the electronic message that can be decrypted by the first decryption key to obtain a second decryption key from a key server, the second decryption key used by the recipient of the message to decrypt at least a second portion of the electronic message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
a sender client device that generates an encrypted electronic message, separately encrypts flow control information that includes identities of the sender client device and a recipient client device associated with the electronic message using an encryption key selected according to an intended recipient associated with the recipient client device, and transmits the electronic message with the encrypted flow control information to a group mailbox server associated with multiple recipients, the group mailbox server also selected according to the intended recipient; a group mailbox server that receives the electronic message with the encrypted flow control information from the sender client device, wherein the recipient group mailbox server receives a plurality of electronic messages for a plurality of different recipients including the intended recipient; a recipient client device that receives at least the encrypted flow control information of a plurality of electronic messages from said group mailbox server, wherein the recipient client device is associated with an intended recipient of the electronic message, applies a decryption key to the downloaded portion of the plurality of messages, and uses information from the portion of the electronic message that can be decrypted by the first decryption key to obtain a second decryption key from a key server, the second decryption key used by the recipient of the message to decrypt at least a second portion of the electronic message; wherein the messages and encrypted flow control information are retrievable by all members associated with said group mailbox server; a key server transmitting to the intended recipient, independently of the transmission of the electronic message, a decryption key for decrypting the electronic message; and wherein the recipient client device executes a stored program to download the plurality of electronic messages from the group e-mail server and apply the decryption key to the plurality of electronic messages received by the group e-mail server to identify the electronic message for the intended recipient as an electronic message that can be decrypted by the decryption key. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification