×

System, method and computer product for sending encrypted messages to recipients where the sender does not possess the credentials of the recipient

  • US 7,996,673 B2
  • Filed: 05/12/2004
  • Issued: 08/09/2011
  • Est. Priority Date: 05/12/2004
  • Status: Active Grant
First Claim
Patent Images

1. A method of exchanging PKI compliant messages between a sender and one or more recipients, whereby the sender uses a sender computer and each of the one or more recipients uses a recipient computer, whereby the sender does not have access to the PKI credentials of at least one of the one or more recipients, said at least one of the one or more recipients corresponding to a non-credentialed recipient, the method comprising the steps of:

  • (a) activating a Public Key Cryptography utility linked to a browser or a client communication program, or forming part of the browser or the client communication program, the Public Key Cryptography utility performing one or more cryptographic operations including encrypting/decrypting data, authenticating data, and/or authenticating a sender, decrypting and/or verifying data, the Public Key Cryptography utility thereby performing one or more of such cryptographic operations so as to create an encrypted message;

    (b) the sender sending the encrypted message to the non-credentialed recipient;

    (c) the Public Key Cryptography utility configured on the sender computer for;

    (i) identifying that the sender does not have access to the PKI credentials of the non-credentialed recipient; and

    (ii) thereby initiating the creation of a secret shared between the sender and the non-credentialed recipient; and

    (d) the non-credentialed recipient using the shared secret to either;

    (i) obtain the encrypted message in a decrypted form in a secure session with a trusted intermediary;

    or(ii) activate a further Public Key Cryptography utility on the recipient computer of the non-credentialed recipient or on a server computer, so as to access a private key linked to the encrypted message thereby enabling the Public Key Cryptography utility to decrypt the encrypted message;

    whereby the encrypted message is decrypted and displayed to the recipient by;

    (e) obtaining a shared secret question;

    (f) providing the shared secret; and

    (g) in response to (f) either (i) authenticating the recipient to the server computer and thereby obtaining the encrypted message in a decrypted form in a secure session or (ii) authenticating the recipient to the Public Key Cryptography utility on the recipient computer or the server computer and thereby releasing the private key for decryption of the encrypted message.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×