Secure transfer of information

US 8,484,459 B2
Filed: 08/15/2008
Issued: 07/09/2013
Est. Priority Date: 08/17/2007
Status: Active Grant

First Claim

Patent Images

1. A method for secure transfer of information through a centralized system, the method taking place in said centralized system and the method comprising:

maintaining in said centralized system user account information, a user account of a certain user comprising at least a user id and associated public and private keys, the private key being retrievable by utilizing a password of said certain user,via a communication link, receiving identification information relating to a recipient,retrieving the public key of said recipient from said user account information by utilizing said identification information,receiving information content addressed to said recipient,storing in said centralized system said information content for said recipient in encrypted form, wherein said information content is symmetrically encrypted with a random key, and the random key is asymmetrically encrypted with said retrieved public key,storing in the centralized system the random key in encrypted form, andnotifying said recipient of said encrypted information content stored in said centralized system, whereinonly part of the private key is stored in the user account information, and a combination of the stored part of the private key and the password forming a full private key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a method for secure transfer of information through a centralized system. The method comprising: maintaining user account information, a user account of a certain user comprising at least a user id and associated public and private keys, the private key being retrievable by means of a password of said certain user; receiving (411) identification information relating to a recipient; retrieving public key of said recipient from said user account information by means of said identification information; receiving (412) information content addressed to said recipient; storing (415) said information content for said recipient in encrypted form, said retrieved public key having been used in connection with encrypting said information content; and notifying (416) said recipient of the stored information content.

Citations

16 Claims

1. A method for secure transfer of information through a centralized system, the method taking place in said centralized system and the method comprising:
- maintaining in said centralized system user account information, a user account of a certain user comprising at least a user id and associated public and private keys, the private key being retrievable by utilizing a password of said certain user,via a communication link, receiving identification information relating to a recipient,retrieving the public key of said recipient from said user account information by utilizing said identification information,receiving information content addressed to said recipient,storing in said centralized system said information content for said recipient in encrypted form, wherein said information content is symmetrically encrypted with a random key, and the random key is asymmetrically encrypted with said retrieved public key,storing in the centralized system the random key in encrypted form, andnotifying said recipient of said encrypted information content stored in said centralized system, whereinonly part of the private key is stored in the user account information, and a combination of the stored part of the private key and the password forming a full private key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprisingreceiving said information content in unencrypted form, andencrypting said information content in said centralized system.
  - 3. The method of claim 1, further comprisingproviding said retrieved public key to an external device, andreceiving said information content in encrypted form from said external device.
  - 4. The method of claim 1, wherein the private key in the user account information is encrypted with said password.
  - 5. The method of claim 1, wherein said identification information is an id stored in said user information, an email address of the recipient, phone number of the recipient, or some other address of the recipient.
  - 6. The method of claim 1, further comprisingresponsive to being unable to find said user account information by utilizing said identification information, creating a user account for said recipient, andinforming the recipient of the created user account.
  - 7. The method of claim 1, further comprisingallowing a user to log in by utilizing login information comprising a user id and a password,verifying validity of the login information,receiving a pointer to encrypted information content and retrieving said encrypted information content,retrieving private key associated with the user by utilizing the password,decrypting said encrypted information content by utilizing the private key, andproviding to the user the information content in decrypted form.
  - 8. The method of claim 7, further comprisingconfirming that the login information is valid, if the password can be used for retrieving the private key relating to the user id.

9. An apparatus, comprising:
- a storage area configured to store user account information, a user account of a certain user comprising at least a user id and the associated public and private keys, the private key being retrievable by utilizing a password of said certain user,an input configured to receive identification information relating to a recipient and information content addressed to said recipient,a processor configured to retrieve public key of said recipient from said user account information by utilizing said identification information, anda second storage area configured to store said information content for said recipient in encrypted form, wherein said information content is symmetrically encrypted with a random key, and the random key is asymmetrically encrypted with said retrieved public key, the storage area being configured to store the random key in encrypted form, whereinthe processor being further configured to notify said recipient of said encrypted information content stored in said apparatus, whereinthe storage area is configured to store only part of the private key, and a combination of the stored part of the private key and the password forming a full private key.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The apparatus of claim 9, wherein the processor is further configuredto receive said information content in unencrypted form, andto encrypt said information content in said apparatus.
  - 11. The apparatus of claim 9, wherein the processor is further configuredto provide said retrieved public key to an external device, andto receive said information content in encrypted form from said external device.
  - 12. The apparatus of claim 9, wherein the storage area is configured to store the private key encrypted with said password.
  - 13. The apparatus of claim 9, wherein the processor is further configuredto create a user account for said recipient responsive to being unable to find said user account information by utilizing said identification information, andto inform the recipient of the created user account.
  - 14. The apparatus of claim 9, wherein the processor is further configuredto allow a user to log in by utilizing login information comprising a user id and a password,to verify validity of the login information,to receive a pointer to encrypted information content and retrieving said encrypted information content,to retrieve private key associated with the user by utilizing the password,to decrypt said encrypted information content by utilizing the private key, andto provide to the user the information content in decrypted form.
  - 15. The apparatus of claim 14, wherein the processor is further configuredto confirm that the login information is valid, if the password can be used for retrieving the private key relating to the user id.

16. A memory embodying a computer executable program code, which when executed by a processor of a centralized system is configured to control the centralized system to performmaintaining in said centralized system user account information, a user account of a certain user comprising at least a user id and the associated public and private keys, the private key being retrievable by utilizing password of said certain user,receiving identification information relating to a recipient,retrieving public key of said recipient from said user account information by utilizing said identification information,receiving information content addressed to said recipient,storing in said centralized system said information content for said recipient in encrypted form, wherein said information content is symmetrically encrypted with a random key, and the random key is asymmetrically encrypted with said retrieved public key,storing in the centralized system the random key in encrypted form, andnotifying said recipient of said encrypted information content stored in said centralized system, whereinonly part of the private key is stored in the user account information, and combination of the stored part of the private key and the password forming a full private key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Exove OY
Original Assignee
Exove OY
Inventors
Kalliola, Janne, Kaikkonen, Erno, Virta, Kalle, Salo, Janne, Pundamale, Sundeep
Primary Examiner(s)
LE, CHAU D

Application Number

US12/672,422
Publication Number

US 20110099366A1
Time in Patent Office

1,789 Days
Field of Search

713/153, 713/155
US Class Current

713/155
CPC Class Codes

G06F 21/606   by securing the transmissio...

H04L 2209/60   Digital content management,...

H04L 51/00   User-to-user messaging in p...

H04L 63/0442   wherein the sending and rec...

H04L 63/06   for supporting key manageme...

H04L 9/0869   involving random numbers or...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

Secure transfer of information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Secure transfer of information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links