Secure messaging using a trusted third party

US 8,726,009 B1
Filed: 01/24/2011
Issued: 05/13/2014
Est. Priority Date: 01/26/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A method for sending a secure encrypted message from a sender to a recipient over a network comprising:

at a sender,creating a message to be sent to a recipient;

creating a set of at least one question involving known or shared information for identification of the recipient;

creating random salt for use with the recipient identification questions;

creating a set of salted hashes corresponding to correct answers for each of the questions;

creating a first symmetric encryption key;

creating a random symmetric key salt;

creating a salted version of the created first symmetric key using the random symmetric key salt;

encrypting the message using the salted version of the first symmetric key;

computing, using a computer, a message digest of the encrypted message;

requesting a message serial number and a public key for the recipient from a third party by use of a secure data package including a recipient identifier, the message digest of the encrypted message, a hash of the first symmetric key, control data, the salted hashes corresponding to correct answers for the created questions, and identification criteria;

at the third party,receiving the secure data package from the sender;

generating a new message serial number;

storing the new message serial number, the recipient identifier, the message digest of the encrypted message, the hash of the first symmetric key, the control data, the salted hashes corresponding to correct answers for the recipient identification questions, and the identification criteria for later use;

accessing or creating a public/private key pair for the recipient identifier;

returning to the sender a response that includes the new message serial number and the public key for the recipient identifier, wherein the response is digitally-signed by the third party;

at the sender,receiving from the third party the response that includes the message serial number and the public key for the recipient;

confirming the correctness of the digital signature for the third party response;

creating an encrypted first data package, using the received public key for the recipient, that contains the received message serial number and the first symmetric key;

creating a second data package, digitally-signed by sender'"'"'s private key, that contains the message serial number, the message digest of the encrypted message, and the encrypted first data package;

sending to the recipient, a recipient data package containing the encrypted message, the second data package, the random symmetric key salt, the set of recipient identification questions, and the random salt for use with the recipient identification questions along with embedded instructions and processes allowing for a successful identification of the recipient by the third party and for decryption of the encrypted message by the recipient after the successful identification by the third party of the recipient;

at the recipient,receiving the recipient data package from the sender;

providing an answer by recipient to each of the recipient identification questions in accordance with the embedded instructions and processes;

using the random salt associated with the questions to produce a hashed salted answer for each of the questions;

uploading securely to the third party, the second data package and the produced hashed salted answers for the questions;

at the third party,receiving securely from the recipient the second data package;

confirming the validity of the digital signature by the sender for the second data package;

retrieving the stored information for the message serial number including the recipient identifier, the message digest of the encrypted message, the hash of the first symmetric key, the control data, and the identification criteria;

retrieving the private key for the recipient;

decrypting part of the second data package using the recipient'"'"'s private key in order to retrieve the message serial number and the first symmetric key;

computing the hash of the decrypted first symmetric key and comparing it to the stored hash of the first symmetric key received from the sender;

determining a success or a failure condition based upon the identification criteria and upon the control data restraints;

creating a response to the recipient that, based upon a success condition, would include the first symmetric key for use by the recipient in creating a decryption key or, based upon a failure condition, would include instructions on additional permitted attempts or alternatives to create a success condition, or would include access denial information to the recipient based upon the control data and the identification criteria;

sending the created response to the recipient;

at the recipient,receiving the response from the third party;

determining the success or the failure condition from the received response;

recreating, if the success condition is determined, the salted version of first symmetric key used in the original encryption of the encrypted message by combining the first symmetric key received from the third party with the random key salt received from the sender and then use the recreated salted version of the first symmetric key to decrypt the encrypted message; and

following alternate instructions included in the response when the failure condition is determined.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method to send a secure message from a sender to a recipient using strong encryption protocols without the need for the recipient to create a public/private key pair and by using a third party to appropriately identify the recipient without revealing actual identification information to the third party. Upon successful identification, the third party is able to provide a recipient with information that enables recipient to create and use the actual decryption key without revealing the actual decryption key to the third party.

Citations

16 Claims

1. A method for sending a secure encrypted message from a sender to a recipient over a network comprising:
- at a sender,creating a message to be sent to a recipient;
  
  creating a set of at least one question involving known or shared information for identification of the recipient;
  
  creating random salt for use with the recipient identification questions;
  
  creating a set of salted hashes corresponding to correct answers for each of the questions;
  
  creating a first symmetric encryption key;
  
  creating a random symmetric key salt;
  
  creating a salted version of the created first symmetric key using the random symmetric key salt;
  
  encrypting the message using the salted version of the first symmetric key;
  
  computing, using a computer, a message digest of the encrypted message;
  
  requesting a message serial number and a public key for the recipient from a third party by use of a secure data package including a recipient identifier, the message digest of the encrypted message, a hash of the first symmetric key, control data, the salted hashes corresponding to correct answers for the created questions, and identification criteria;
  
  at the third party,receiving the secure data package from the sender;
  
  generating a new message serial number;
  
  storing the new message serial number, the recipient identifier, the message digest of the encrypted message, the hash of the first symmetric key, the control data, the salted hashes corresponding to correct answers for the recipient identification questions, and the identification criteria for later use;
  
  accessing or creating a public/private key pair for the recipient identifier;
  
  returning to the sender a response that includes the new message serial number and the public key for the recipient identifier, wherein the response is digitally-signed by the third party;
  
  at the sender,receiving from the third party the response that includes the message serial number and the public key for the recipient;
  
  confirming the correctness of the digital signature for the third party response;
  
  creating an encrypted first data package, using the received public key for the recipient, that contains the received message serial number and the first symmetric key;
  
  creating a second data package, digitally-signed by sender'"'"'s private key, that contains the message serial number, the message digest of the encrypted message, and the encrypted first data package;
  
  sending to the recipient, a recipient data package containing the encrypted message, the second data package, the random symmetric key salt, the set of recipient identification questions, and the random salt for use with the recipient identification questions along with embedded instructions and processes allowing for a successful identification of the recipient by the third party and for decryption of the encrypted message by the recipient after the successful identification by the third party of the recipient;
  
  at the recipient,receiving the recipient data package from the sender;
  
  providing an answer by recipient to each of the recipient identification questions in accordance with the embedded instructions and processes;
  
  using the random salt associated with the questions to produce a hashed salted answer for each of the questions;
  
  uploading securely to the third party, the second data package and the produced hashed salted answers for the questions;
  
  at the third party,receiving securely from the recipient the second data package;
  
  confirming the validity of the digital signature by the sender for the second data package;
  
  retrieving the stored information for the message serial number including the recipient identifier, the message digest of the encrypted message, the hash of the first symmetric key, the control data, and the identification criteria;
  
  retrieving the private key for the recipient;
  
  decrypting part of the second data package using the recipient'"'"'s private key in order to retrieve the message serial number and the first symmetric key;
  
  computing the hash of the decrypted first symmetric key and comparing it to the stored hash of the first symmetric key received from the sender;
  
  determining a success or a failure condition based upon the identification criteria and upon the control data restraints;
  
  creating a response to the recipient that, based upon a success condition, would include the first symmetric key for use by the recipient in creating a decryption key or, based upon a failure condition, would include instructions on additional permitted attempts or alternatives to create a success condition, or would include access denial information to the recipient based upon the control data and the identification criteria;
  
  sending the created response to the recipient;
  
  at the recipient,receiving the response from the third party;
  
  determining the success or the failure condition from the received response;
  
  recreating, if the success condition is determined, the salted version of first symmetric key used in the original encryption of the encrypted message by combining the first symmetric key received from the third party with the random key salt received from the sender and then use the recreated salted version of the first symmetric key to decrypt the encrypted message; and
  
  following alternate instructions included in the response when the failure condition is determined.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 wherein additional versions of the first symmetric key, encrypted by a public key belonging to an owner of a domain name to which the encrypted message is being sent or by a public key belonging to an owner of a domain from which the message is being sent, is included as part of the second data package sent to the recipient.
  - 3. The method of claim 1 wherein upon the third party having successfully performed all appropriate identification and integrity tests on the uploaded data received from the recipient and the third party provides the first symmetric key to the recipient, the third party sends a notice to the sender that the message has been opened by the recipient and further stores the notice with the other stored data associated with the message serial number.
  - 4. The method of claim 1 wherein the message is viewed by the recipient using a web browser and the instructions for decrypting the message are implemented as code running in the web browser including at least one of a script, an applet, a plug-in, or other code method supported by the browser.
  - 5. The method of claim 1 wherein the message is viewed by the recipient using a PDF reader and the instructions for decrypting the message are implemented as code running in the PDF reader including at least one of a script, an applet, a plug-in, or other code method supported by the PDF reader.
  - 6. The method of claim 1 wherein the message is viewed by the recipient using a mobile device enabled with code or applications capable of decrypting and displaying the secure message supported by the mobile device.
  - 7. The method of claim 1 wherein when a failure condition is determined by the third party, additional information regarding the failure including too many attempts to open, the message serial number has expired, been locked, or revoked, the time window for opening has expired, a failure to identify recipient has occurred, or non-matching of critical data such as message serial number, is provided to the recipient.
  - 8. The method of claim 1 wherein when a failure condition is determined by the third party, additional information regarding the failure including too many attempts to open, the message serial number has expired, been locked, or revoked, the time window for opening has expired, a failure to identify recipient has occurred, or non-matching of critical data such as message serial number, is provided to the sender.

9. A method for sending a secure encrypted message from a sender to a recipient over a network comprising:
- at a sender,creating a message to be sent to a recipient;
  
  creating a first symmetric encryption key;
  
  creating a random symmetric key salt;
  
  creating a salted version of the created first symmetric key using the random symmetric key salt;
  
  encrypting the message using the salted version of the first symmetric key;
  
  computing, using a computer, a message digest of the encrypted message;
  
  requesting a message serial number and a public key for the recipient from a third party by use of a secure data package including a recipient identifier, the message digest of the encrypted message, a hash of the first symmetric key, control data, and identification criteria;
  
  at the third party,receiving the secure data package from the sender;
  
  generating a new message serial number;
  
  storing the new message serial number, the recipient identifier, the message digest of the encrypted message, the hash of the first symmetric key, the control data, and the identification criteria for later use;
  
  accessing or creating a public/private key pair for the recipient identifier;
  
  returning to the sender a response that includes the new message serial number and the public key for the recipient identifier, wherein the response is digitally-signed by the third party;
  
  at the sender,receiving from the third party the response that includes the message serial number and the public key for the recipient;
  
  confirming the correctness of the digital signature for the third party response;
  
  creating an encrypted first data package, using the received public key for the recipient, that contains the received message serial number and the first symmetric key;
  
  creating a second data package, digitally-signed by sender'"'"'s private key, that contains the message serial number, the message digest of the encrypted message, and the encrypted first data package;
  
  sending to the recipient, a recipient data package containing the encrypted message, the second data package, and the random symmetric key salt along with embedded instructions allowing for decryption of the encrypted message by the recipient after the successful identification by the third party of the recipient;
  
  at the recipient,receiving the recipient data package from the sender;
  
  uploading the second data package securely to the third party;
  
  at the third party,receiving securely from the recipient the second data package;
  
  confirming the validity of the digital signature by the sender for the second data package;
  
  retrieving the stored information for the message serial number including the recipient identifier, the message digest of the encrypted message, the hash of the first symmetric key, the control data, and the identification criteria;
  
  retrieving the private key for the recipient;
  
  decrypting part of the second data package using the recipient'"'"'s private key in order to retrieve the message serial number and the first symmetric key;
  
  computing the hash of the decrypted first symmetric key and comparing to the stored hash of the first symmetric key received from the sender;
  
  determining a success or a failure condition based upon the identification criteria and upon the control data restraints;
  
  creating a response to the recipient that, based upon a success condition, would include the first symmetric key for use by the recipient in creating a decryption key or, based upon a failure condition, would include instructions on additional permitted attempts or alternatives to create a success condition, or would include access denial information to the recipient based upon the control data and the identification criteria;
  
  sending the created response to the recipient;
  
  at the recipient,receiving the response from the third party;
  
  determining the success or the failure condition from the received response;
  
  recreating, when the success condition is determined, the salted version of first symmetric key used in the original encryption of the encrypted message by combining the first symmetric key received from the third party with the random key salt received from the sender and then use the recreated salted version of the first symmetric key to decrypt the encrypted message; and
  
  following alternate instructions included in the response when the failure condition is determined.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method of claim 9 wherein additional versions of the first symmetric key, encrypted by a public key belonging to an owner of a domain name to which the encrypted message is being sent or by a public key belonging to an owner of a domain from which the message is being sent, is included as part of the second data package sent to the recipient.
  - 11. The method of claim 9 wherein upon the third party having successfully performed all appropriate identification and integrity tests on the uploaded data received from the recipient and the third party provides the first symmetric key to the recipient, the third party sends a notice to the sender that the message has been opened by the recipient and further stores the notice with the other stored data associated with the message serial number.
  - 12. The method of claim 9 wherein the message is viewed by the recipient using a web browser and the instructions for decrypting the message are implemented as code running in the web browser including at least one of a script, an applet, a plug-in, or other code method supported by the browser.
  - 13. The method of claim 9 wherein the message is viewed by the recipient using a PDF reader and the instructions for decrypting the message are implemented as code running in the PDF reader including at least one of a script, an applet, a plug-in, or other code method supported by the PDF reader.
  - 14. The method of claim 9 wherein the message is viewed by the recipient using a mobile device enabled with code or applications capable of decrypting and displaying the secure message supported by the mobile device.
  - 15. The method of claim 9 wherein when a failure condition is determined by the third party, additional information regarding the failure including too many attempts to open, the message serial number has expired, been locked, or revoked, the time window for opening has expired, a failure to identify recipient has occurred, or non-matching of critical data such as message serial number, is provided to the recipient.
  - 16. The method of claim 9 wherein when a failure condition is determined by the third party, additional information regarding the failure including too many attempts to open, the message serial number has expired, been locked, or revoked, the time window for opening has expired, a failure to identify recipient has occurred, or non-matching of critical data such as message serial number, is provided to the sender.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
David P. Cook, Gary G. Liu
Original Assignee
David P. Cook, Gary G. Liu
Inventors
Cook, David P., Liu, Gary G.
Primary Examiner(s)
Homayounmehr, Farid
Assistant Examiner(s)
Lwin, Maung

Application Number

US13/012,689
Time in Patent Office

1,205 Days
Field of Search

713/155, 726/22
US Class Current

713/155
CPC Class Codes

H04L 63/0442   wherein the sending and rec...

H04L 63/126   the source of the received ...

H04L 9/083   involving central third par...

H04L 9/0869   involving random numbers or...

H04L 9/3236   using cryptographic hash fu...

Secure messaging using a trusted third party

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Secure messaging using a trusted third party

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links