System and method for secure three-party communications
First Claim
1. A system for processing an encrypted message, comprising:
- a first memory location configured to store an encrypted message associated with a first asymmetric encryption key pair comprising a first public encryption key and a first private encryption key;
a second memory location configured to store a second public encryption key associated with a second asymmetric encryption key pair comprising the second public encryption key and a second private encryption key;
at least one automated processor configured to;
(a) establish an asymmetric cryptographic session key comprising a first session key and a second session key; and
(b) process the encrypted message from a first encrypted form to a second encrypted form, in an integral process substantially without intermediate decryption of the encrypted message to a plaintext message, using a composite key derived at least in part from the first private encryption key, a second public encryption key, and the first session key; and
a communication port configured to communicate information to define the at least one asymmetric cryptographic session key, and to communicate the encrypted message in the second encrypted form.
6 Assignments
0 Petitions
Accused Products
Abstract
A system and method for communicating information between a first party and a second party, comprising the steps of receiving, by an intermediary, an identifier of desired information and accounting information for a transaction involving the information from the first party, transmitting an identifier of the first party to the second party, and negotiating, by the intermediary, a comprehension function for obscuring at least a portion of the information communicated between the first party and the second party. The data transmission may be made secure with respect to the intermediary by providing an asymmetric key or direct key exchange for encryption of the communication between the first and second party. The data transmission may be made secure with respect to the second party by maintaining the information in encrypted format at the second party, with the decryption key held only by the intermediary, and transmitting a secure composite of the decryption key and a new encryption key to the second party for transcoding of the data record, and providing the new decryption key to the first party, so that the information transmitted to the first party can be comprehended by it.
851 Citations
20 Claims
-
1. A system for processing an encrypted message, comprising:
-
a first memory location configured to store an encrypted message associated with a first asymmetric encryption key pair comprising a first public encryption key and a first private encryption key; a second memory location configured to store a second public encryption key associated with a second asymmetric encryption key pair comprising the second public encryption key and a second private encryption key; at least one automated processor configured to; (a) establish an asymmetric cryptographic session key comprising a first session key and a second session key; and (b) process the encrypted message from a first encrypted form to a second encrypted form, in an integral process substantially without intermediate decryption of the encrypted message to a plaintext message, using a composite key derived at least in part from the first private encryption key, a second public encryption key, and the first session key; and a communication port configured to communicate information to define the at least one asymmetric cryptographic session key, and to communicate the encrypted message in the second encrypted form. - View Dependent Claims (2, 3)
-
-
4. A method for processing an encrypted message, comprising:
-
storing an encrypted message associated with a first asymmetric encryption key pair comprising a first public encryption key and a first private encryption key; storing a second public encryption key associated with a second asymmetric encryption key pair comprising the second public encryption key and a second private encryption key; establishing an asymmetric cryptographic session key comprising a first session key and a second session key; and processing the encrypted message, to convert it from a first encrypted form to a second encrypted form, in an integral process substantially without intermediate decryption of the encrypted message to a plaintext message, using a composite key derived at least in part from the first private encryption key, the second public encryption key, and the first session key, wherein the encrypted message in the second encrypted form is decryptable based on at least the second private encryption key and the second session key. - View Dependent Claims (5, 6, 7, 8, 9, 19, 20)
-
-
10. A method of processing an encrypted message, comprising:
-
receiving an encrypted message in a first encrypted form associated with a first asymmetric encryption key pair comprising a first public encryption key and a first private encryption key by a privileged environment executing on an automated server; defining a second public encryption key associated with a second asymmetric encryption key pair comprising the second public encryption key and a second private encryption key; processing the encrypted message in the first encrypted form to produce an encrypted message in a second encrypted form within the privileged environment executing on the automated server, using information representing individually or in composite at least the second public encryption key, and the first private encryption key, and at least one cryptographic session key, substantially without intermediate availability of a plaintext message corresponding to the encrypted message or information sufficient to decrypt the second encrypted form outside the privileged environment within the automated server; and externally communicating, from the privileged environment, the encrypted message in the second encrypted form. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification