Methods and systems for authenticating electronic messages using client-generated encryption keys
First Claim
1. A computer-implemented method of authenticating an electronic message by a sender of the electronic message, the method comprising:
- sending, by the sender, a first message to a recipient address associated with a recipient, wherein the first message comprises first content;
storing a record of association between the first content and the recipient address in memory;
receiving, by the sender, a second message from the recipient in response to the first message, wherein the second message comprises a request for confirmation that the sender sent the first content to the recipient; and
in response to the request for confirmation;
determining, by the sender, that the sender has the record of association between the first content and the recipient address;
confirming, by the sender without third-party authentication, that the sender sent the first content to the recipient; and
sending, by the sender, a third message to the recipient address, wherein the third message communicates an acknowledgement confirming that the sender sent the first content to the recipient address.
6 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for authenticating electronic messages using client-generated encryption keys provide for a sender transmitting an original message to a recipient device that includes a digital signature of the original message content and the key used to generate the digital signature. The sender may store an association between the digital signature, the key, and the recipient'"'"'s address. The recipient may verify the integrity of the original message using the received digital signature and may further verify the authenticity of the message by transmitting a confirmation request message back to the sender that includes the original digital signature and a second digital signature of the confirmation request message using the received key. The sender may either confirm or deny that it sent the original message by determining whether a record exists that associates the digital signature and the key received from the recipient as well as the recipient'"'"'s address.
24 Citations
23 Claims
-
1. A computer-implemented method of authenticating an electronic message by a sender of the electronic message, the method comprising:
-
sending, by the sender, a first message to a recipient address associated with a recipient, wherein the first message comprises first content; storing a record of association between the first content and the recipient address in memory; receiving, by the sender, a second message from the recipient in response to the first message, wherein the second message comprises a request for confirmation that the sender sent the first content to the recipient; and in response to the request for confirmation; determining, by the sender, that the sender has the record of association between the first content and the recipient address; confirming, by the sender without third-party authentication, that the sender sent the first content to the recipient; and sending, by the sender, a third message to the recipient address, wherein the third message communicates an acknowledgement confirming that the sender sent the first content to the recipient address. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method for performing sender-authentication of an electronic message received by a recipient, the method comprising:
-
receiving, by the recipient, a first message at a recipient address associated with the recipient, wherein the first message comprises first content and a putative sender address from which the first message purportedly originated; sending, by the recipient, a second message directly to the putative sender address in response to the first message, wherein the second message comprises; information reflecting the first content; and a request for confirmation that a sender associated with the putative sender address sent the first content to the recipient; and determining, by the recipient without third-party authentication, whether the first message is authentic based on whether a third message is received directly from the putative sender address acknowledging or repudiating that the sender sent the first content to the recipient. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A system for authenticating an electronic message by a sender of the electronic message, the system comprising:
-
a processing system comprising one or more processors; and a memory system comprising one or more computer-readable media, wherein the one or more computer-readable media contain instructions stored thereon that, if executed by the processing system, cause the system to perform operations comprising; sending, by the sender, a first message to a recipient address associated with a recipient, wherein the first message comprises first content; storing a record of association between the first content and the recipient address in the memory system; receiving, by the sender, a second message from the recipient in response to the first message, wherein the second message comprises a request for confirmation that the sender sent the first content to the recipient; and in response to the request for confirmation; determining, by the sender, that the sender has the record of association between the first content and the recipient address; confirming, by the sender without third-party authentication, that the sender sent the first content to the recipient; and sending, by the sender, a third message to the recipient address, wherein the third message communicates an acknowledgement confirming that the sender sent the first content to the recipient address.
-
-
23. A system for performing sender-authentication of an electronic message received by a recipient, the system comprising:
-
a processing system comprising one or more processors; and a memory system comprising one or more computer-readable media, wherein the one or more computer-readable media contain instructions stored thereon that, if executed by the processing system, cause the system to perform operations comprising; receiving, by the recipient, a first message at a recipient address associated with the recipient, wherein the first message comprises first content and a putative sender address from which the first message purportedly originated; sending, by the recipient, a second message directly to the putative sender address in response to the first message, wherein the second message comprises; information reflecting the first content; and a request for confirmation that a sender associated with the putative sender address sent the first content to the recipient; and determining, by the recipient without third-party authentication, whether the first message is authentic based on whether a third message is received directly from the putative sender address acknowledging or repudiating that the sender sent the first content to the recipient.
-
Specification