Key distribution for secure messaging

US 8,135,645 B2
Filed: 03/03/2006
Issued: 03/13/2012
Est. Priority Date: 12/06/2005
Status: Expired due to Fees

First Claim

Patent Images

1. At least one computer-readable storage medium having executable instructions that, when executed, cause one or more processors to:

secure, by a communications gateway implemented as at least one domain name server of a domain, an electronic message for a sending agent associated with the domain, wherein the sending agent is a source of the electronic message, and wherein to secure the electronic message comprises;

retrieving a public encryption key associated with at least one other domain of a receiving agent that is an intended recipient of the electronic message;

generating a symmetric key associated with the domain associated with the sending agent;

encrypting the electronic message using the symmetric key to provide an encrypted version of the electronic message; and

encrypting the symmetric key using the public encryption key to provide an encrypted symmetric key;

transmit, by the communications gateway on behalf of the sending agent, the encrypted version of the electronic message to at least one other communications gateway implemented as at least one other domain server of at least one other domain;

receive, at the at least one other communications gateway on behalf of the receiving agent, the encrypted version of the electronic message;

provide, by the at least one other communications gateway, a decrypted version of the electronic message to the receiving agent, wherein to provide the decrypted version of the electronic message comprises;

retrieving a public verification key corresponding to the domain associated with the sending agent;

utilizing the public verification key in combination with a private key corresponding to the at least one other domain to decrypt the encrypted symmetric key to provide a decrypted symmetric key, wherein the private key corresponding to the at least one other domain is stored locally at the at least one other domain and is a private counterpart to the public encryption key retrieved by the communications gateway; and

decrypting the encrypted version of the electronic message using the decrypted symmetric key to provide the decrypted version of the electronic message; and

forwarding the decrypted version of the electronic message to the receiving agent.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A transmitting gateway may utilize a retrieved domain-specific key to secure an outbound message, and a receiving gateway may utilize another retrieved domain-specific key to authenticate and validate the secured message.

Citations

13 Claims

1. At least one computer-readable storage medium having executable instructions that, when executed, cause one or more processors to:
- secure, by a communications gateway implemented as at least one domain name server of a domain, an electronic message for a sending agent associated with the domain, wherein the sending agent is a source of the electronic message, and wherein to secure the electronic message comprises;
  
  retrieving a public encryption key associated with at least one other domain of a receiving agent that is an intended recipient of the electronic message;
  
  generating a symmetric key associated with the domain associated with the sending agent;
  
  encrypting the electronic message using the symmetric key to provide an encrypted version of the electronic message; and
  
  encrypting the symmetric key using the public encryption key to provide an encrypted symmetric key;
  
  transmit, by the communications gateway on behalf of the sending agent, the encrypted version of the electronic message to at least one other communications gateway implemented as at least one other domain server of at least one other domain;
  
  receive, at the at least one other communications gateway on behalf of the receiving agent, the encrypted version of the electronic message;
  
  provide, by the at least one other communications gateway, a decrypted version of the electronic message to the receiving agent, wherein to provide the decrypted version of the electronic message comprises;
  
  retrieving a public verification key corresponding to the domain associated with the sending agent;
  
  utilizing the public verification key in combination with a private key corresponding to the at least one other domain to decrypt the encrypted symmetric key to provide a decrypted symmetric key, wherein the private key corresponding to the at least one other domain is stored locally at the at least one other domain and is a private counterpart to the public encryption key retrieved by the communications gateway; and
  
  decrypting the encrypted version of the electronic message using the decrypted symmetric key to provide the decrypted version of the electronic message; and
  
  forwarding the decrypted version of the electronic message to the receiving agent.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The at least one computer-readable storage medium of claim 1, wherein to transmit the encrypted version of the electronic message comprises transmitting the electronic message to the at least one other communications gateway in accordance with simple mail transfer protocol (SMTP).
  - 3. The at least one computer-readable storage medium of claim 1, wherein the electronic message comprises an e-mail message.
  - 4. The at least one computer-readable storage medium of claim 1, wherein the electronic message comprises an instant message.
  - 5. The at least one computer-readable storage medium of claim 1, wherein the electronic message comprises a stream of data or a stream of one or more audio packets.

6. A method comprising:
- securing, by a communications gateway implemented as at least one domain name server of a domain, an electronic message for a sending agent associated with the domain that is the source of the electronic message, wherein securing the electronic message comprises;
  
  retrieving a public encryption key associated with at least one other domain of a receiving agent that is an intended recipient of the electronic message;
  
  generating a symmetric key associated with the domain associated with the sending agent;
  
  encrypting the electronic message using the symmetric key to provide an encrypted version of the electronic message that is decryptable by another communications gateway of another domain using the symmetric key; and
  
  encrypting the symmetric key using the public encryption key to provide an encrypted version of the symmetric key that is decryptable by the another communications gateway using a public verification key retrievable by the another communications gateway and a private key stored locally at the another domain, wherein the private key is the private counterpart to the public encryption key; and
  
  transmitting, by the communications gateway on behalf of the sending agent, the encrypted version of the electronic message to a receiving agent via the another communications gateway.
- View Dependent Claims (7, 8, 9)
- - 7. The method of claim 6, wherein transmitting comprises transmitting the electronic message to the at least one other communications gateway in accordance with simple mail transfer protocol (SMTP).
  - 8. The method of claim 6, wherein the electronic message comprises an e-mail message.
  - 9. The method of claim 6, wherein the electronic message comprises an instant message, a stream of data, or a stream of one or more audio packets.

10. A system comprising:
- a communications gateway implemented as at least one domain name server of a domain and configured to;
  
  secure an electronic message for a sending agent associated with the domain that is the source of the electronic message, wherein to secure the electronic message comprises;
  
  retrieving a public encryption key associated with at least one other domain of a receiving agent that is an intended recipient of the electronic message;
  
  generating a symmetric key associated with the domain associated with the sending agent;
  
  encrypting the electronic message using the symmetric key to provide an encrypted version of the electronic message; and
  
  encrypting the symmetric key using the public encryption key to provide an encrypted symmetric key;
  
  transmit, on behalf of the sending agent, the encrypted version of the electronic message;
  
  at least one other communications gateway implemented as at least one other domain server of at least one other domain and configured to;
  
  receive, on behalf of the receiving agent, the encrypted version of the electronic message;
  
  retrieve a public verification key corresponding to the domain associated with the sending agent;
  
  utilize the public verification key in combination with a private key corresponding to the at least one other domain to decrypt the encrypted symmetric key to provide a decrypted symmetric key, wherein the private key corresponding to the at least one other domain is stored locally at the at least one other domain and is the private counterpart to the public encryption key;
  
  decrypt the encrypted version of the electronic message using the decrypted symmetric key to provide a decrypted version of the electronic message; and
  
  forward the decrypted version of the electronic message to the receiving agent.
- View Dependent Claims (11, 12, 13)
- - 11. The system of claim 10, wherein to transmit the encrypted version of the electronic message comprises transmitting the electronic message to the at least one other communications gateway in accordance with simple mail transfer protocol (SMTP).
  - 12. The system of claim 10, wherein the electronic message comprises an e-mail message.
  - 13. The system of claim 10, wherein the electronic message comprises an instant message, a stream of data, or a stream of one or more audio packets.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Kay, Jeffrey B., Tribble, Eric D., Williams, Roy, Freeman, Trevor W., Pearson, Malcolm E.
Primary Examiner(s)
Augustin, Evens J

Application Number

US11/276,534
Publication Number

US 20070130084A1
Time in Patent Office

2,202 Days
Field of Search

713/154, 713/155, 713/167, 705/51, 705/57
US Class Current

705/51
CPC Class Codes

G06Q 20/3674   involving authentication

H04L 2209/60   Digital content management,...

H04L 2209/80   Wireless

H04L 63/06   for supporting key manageme...

H04L 63/12   Applying verification of th...

H04L 9/0822   using key encryption key

H04L 9/3247   involving digital signatures

Key distribution for secure messaging

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Key distribution for secure messaging

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links