Methods and systems for authenticating electronic messages using client-generated encryption keys

US 9,065,842 B2
Filed: 12/22/2011
Issued: 06/23/2015
Est. Priority Date: 12/22/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method of authenticating an electronic message by a sender of the electronic message, the method comprising:

sending, by the sender, a first message to a recipient address associated with a recipient, wherein the first message comprises first content;

storing a record of association between the first content and the recipient address in memory;

receiving, by the sender, a second message from the recipient in response to the first message, wherein the second message comprises a request for confirmation that the sender sent the first content to the recipient; and

in response to the request for confirmation;

determining, by the sender, that the sender has the record of association between the first content and the recipient address;

confirming, by the sender without third-party authentication, that the sender sent the first content to the recipient; and

sending, by the sender, a third message to the recipient address, wherein the third message communicates an acknowledgement confirming that the sender sent the first content to the recipient address.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for authenticating electronic messages using client-generated encryption keys provide for a sender transmitting an original message to a recipient device that includes a digital signature of the original message content and the key used to generate the digital signature. The sender may store an association between the digital signature, the key, and the recipient'"'"'s address. The recipient may verify the integrity of the original message using the received digital signature and may further verify the authenticity of the message by transmitting a confirmation request message back to the sender that includes the original digital signature and a second digital signature of the confirmation request message using the received key. The sender may either confirm or deny that it sent the original message by determining whether a record exists that associates the digital signature and the key received from the recipient as well as the recipient'"'"'s address.

24 Citations

View as Search Results

23 Claims

1. A computer-implemented method of authenticating an electronic message by a sender of the electronic message, the method comprising:
- sending, by the sender, a first message to a recipient address associated with a recipient, wherein the first message comprises first content;
  
  storing a record of association between the first content and the recipient address in memory;
  
  receiving, by the sender, a second message from the recipient in response to the first message, wherein the second message comprises a request for confirmation that the sender sent the first content to the recipient; and
  
  in response to the request for confirmation;
  
  determining, by the sender, that the sender has the record of association between the first content and the recipient address;
  
  confirming, by the sender without third-party authentication, that the sender sent the first content to the recipient; and
  
  sending, by the sender, a third message to the recipient address, wherein the third message communicates an acknowledgement confirming that the sender sent the first content to the recipient address.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the first message comprises a cryptographic key and a first digital signature of the first content that was generated using the cryptographic key, and wherein sending the first message further comprises:
    - sending the first message to the recipient address via a non-secure communication.
  - 3. The method of claim 1, wherein the first message comprises a digest of the first content, and wherein the record of association comprises:
    - the recipient address; and
      
      the digest of the first content.
  - 4. The method of claim 1, further comprising:
    - generating, by the sender, a cryptographic key, wherein the first message comprises a first digital signature of the first content that was generated using the cryptographic key.
  - 5. The method of claim 4, wherein the first message further comprises the cryptographic key.
  - 6. The method of claim 5, wherein the record of association further associates the first content and the recipient address with the first digital signature and the cryptographic key.
  - 7. The method of claim 6, wherein the second message from the recipient further comprises the first digital signature.
  - 8. The method of claim 7, wherein the second message from the recipient further comprises:
    - second content generated by the recipient;
      
      a second digital signature of the second content that was generated by the recipient using the cryptographic key; and
      
      the cryptographic key.
  - 9. The method of claim 8, wherein the second content generated by the recipient further comprises:
    - the first digital signature; and
      
      the request for confirmation that the sender sent the first content to the recipient.
  - 10. The method of claim 8, further comprising:
    - verifying integrity of the second content using the cryptographic key.

11. A computer-implemented method for performing sender-authentication of an electronic message received by a recipient, the method comprising:
- receiving, by the recipient, a first message at a recipient address associated with the recipient, wherein the first message comprises first content and a putative sender address from which the first message purportedly originated;
  
  sending, by the recipient, a second message directly to the putative sender address in response to the first message, wherein the second message comprises;
  
  information reflecting the first content; and
  
  a request for confirmation that a sender associated with the putative sender address sent the first content to the recipient; and
  
  determining, by the recipient without third-party authentication, whether the first message is authentic based on whether a third message is received directly from the putative sender address acknowledging or repudiating that the sender sent the first content to the recipient.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 12. The method of claim 11, wherein:
    - the first message comprises a digest of the first content; and
      
      the information reflecting the first content in the second message comprises the digest of the first content.
  - 13. The method of claim 11, wherein the first message comprises a first digital signature of the first content that was generated using a sender-generated cryptographic key.
  - 14. The method of claim 13, wherein the first message further comprises the cryptographic key.
  - 15. The method of claim 14, wherein receiving the first message further comprises:
    - receiving the first message comprising the cryptographic key via a non-secure communication.
  - 16. The method of claim 14, wherein the information reflecting the first content in the second message comprises the first digital signature.
  - 17. The method of claim 16, wherein the second message further comprises:
    - second content generated by the recipient;
      
      a second digital signature of the second content that was generated by the recipient using the cryptographic key; and
      
      the cryptographic key.
  - 18. The method of claim 17, wherein the second content comprises:
    - the first digital signature; and
      
      the request for confirmation that the sender sent the first content to the recipient.
  - 19. The method of claim 11, wherein determining whether the first message is authentic comprises:
    - receiving a third message from the putative sender address acknowledging that the sender sent the first content to the recipient; and
      
      deeming the first message authentic based on receiving the third message.
  - 20. The method of claim 11, wherein determining whether the first message is authentic comprises:
    - receiving a third message from the putative sender address repudiating that the sender sent the first content to the recipient; and
      
      deeming the first message non-authentic based on receiving the third message.
  - 21. The method of claim 11, wherein determining whether the first message is authentic comprises:
    - deeming the first message non-authentic based on receiving no response from the putative sender address in response to the second message within a specified period of time.

22. A system for authenticating an electronic message by a sender of the electronic message, the system comprising:
- a processing system comprising one or more processors; and
  
  a memory system comprising one or more computer-readable media, wherein the one or more computer-readable media contain instructions stored thereon that, if executed by the processing system, cause the system to perform operations comprising;
  
  sending, by the sender, a first message to a recipient address associated with a recipient, wherein the first message comprises first content;
  
  storing a record of association between the first content and the recipient address in the memory system;
  
  receiving, by the sender, a second message from the recipient in response to the first message, wherein the second message comprises a request for confirmation that the sender sent the first content to the recipient; and
  
  in response to the request for confirmation;
  
  determining, by the sender, that the sender has the record of association between the first content and the recipient address;
  
  confirming, by the sender without third-party authentication, that the sender sent the first content to the recipient; and
  
  sending, by the sender, a third message to the recipient address, wherein the third message communicates an acknowledgement confirming that the sender sent the first content to the recipient address.

23. A system for performing sender-authentication of an electronic message received by a recipient, the system comprising:
- a processing system comprising one or more processors; and
  
  a memory system comprising one or more computer-readable media, wherein the one or more computer-readable media contain instructions stored thereon that, if executed by the processing system, cause the system to perform operations comprising;
  
  receiving, by the recipient, a first message at a recipient address associated with the recipient, wherein the first message comprises first content and a putative sender address from which the first message purportedly originated;
  
  sending, by the recipient, a second message directly to the putative sender address in response to the first message, wherein the second message comprises;
  
  information reflecting the first content; and
  
  a request for confirmation that a sender associated with the putative sender address sent the first content to the recipient; and
  
  determining, by the recipient without third-party authentication, whether the first message is authentic based on whether a third message is received directly from the putative sender address acknowledging or repudiating that the sender sent the first content to the recipient.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Xerox Corporation (Xerox Holdings Corp.)
Original Assignee
Xerox Corporation (Xerox Holdings Corp.)
Inventors
Vandervort, David Russell
Primary Examiner(s)
MOORTHY, ARAVIND K

Application Number

US13/334,585
Publication Number

US 20130166914A1
Time in Patent Office

1,279 Days
Field of Search

713/176, 713/168, 713/170
US Class Current

1/1
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/123   received data contents, e.g...

H04L 9/3247   involving digital signatures

Methods and systems for authenticating electronic messages using client-generated encryption keys

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

24 Citations

23 Claims

Specification

Use Cases

Quick Links

Others

Methods and systems for authenticating electronic messages using client-generated encryption keys

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

23 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others