Efficient encryption, escrow and digital signatures
First Claim
1. A method of operating a user smart communication device to securely communicate email or text messages to another user via a network, comprising:
- retrieving, from a network server, the other user'"'"'s certificate, where the other user'"'"'s certificate includes kpubOU, which is the public key of the other user'"'"'s private/public asymmetric key pair kpriOU/kpubOU;
creating a session key (SK) for securing communications between the user and the other user;
storing the SK;
encrypting the SK with the other user'"'"'s public key, kpubOU;
encrypting the SK with an escrow public key kpubES received from an escrow server;
transmitting, to the network server, the SK encrypted with the other user'"'"'s public key kpubOU and the SK encrypted with the escrow public key kpubES, for forwarding the SK encrypted with the other user'"'"'s public key kpubOU to the other user via the network server and for storing the SK encrypted with the escrow public key kpubES at the network server, the stored SK encrypted with the escrow public key kpubES being accessible at the network server for transmission to an authorized eavesdropper for decrypting messages between the user and the other user;
transmitting, to the other user via the network server, a first email or text message encrypted with the SK;
receiving, from the other user via the network server, a second email or text message encrypted with the SK; and
decrypting the received encrypted second message with the stored SK.
7 Assignments
0 Petitions
Accused Products
Abstract
A network server is operated so as to facilitate legal eavesdropping by receiving, from the first user via a network, a session key (SK) encrypted with a second user'"'"'s public key, kpubU2, and the SK encrypted with an escrow server'"'"'s (ES) public key, kpubES. The kpubU2 key is the public key of the second user asymmetric private/public key pair kpriU2/kpubU2 The kpubES key is the public key of the ES asymmetric private/public key pair kpriES/kpubES. The received SK encrypted with kpubES is stored. The SK encrypted with kpubU2 is transmitted to the second user via the network. A message encrypted with the SK is received from one of the first and the second users via the network, stored, and transmitted to the other of the first and the second users via the network.
-
Citations
4 Claims
-
1. A method of operating a user smart communication device to securely communicate email or text messages to another user via a network, comprising:
-
retrieving, from a network server, the other user'"'"'s certificate, where the other user'"'"'s certificate includes kpubOU, which is the public key of the other user'"'"'s private/public asymmetric key pair kpriOU/kpubOU; creating a session key (SK) for securing communications between the user and the other user; storing the SK; encrypting the SK with the other user'"'"'s public key, kpubOU; encrypting the SK with an escrow public key kpubES received from an escrow server; transmitting, to the network server, the SK encrypted with the other user'"'"'s public key kpubOU and the SK encrypted with the escrow public key kpubES, for forwarding the SK encrypted with the other user'"'"'s public key kpubOU to the other user via the network server and for storing the SK encrypted with the escrow public key kpubES at the network server, the stored SK encrypted with the escrow public key kpubES being accessible at the network server for transmission to an authorized eavesdropper for decrypting messages between the user and the other user; transmitting, to the other user via the network server, a first email or text message encrypted with the SK; receiving, from the other user via the network server, a second email or text message encrypted with the SK; and decrypting the received encrypted second message with the stored SK. - View Dependent Claims (2)
-
-
3. A method of operating a user smart communication device to securely communicate email or text messages to another user via a network, comprising:
-
retrieving, from a network server, the other user'"'"'s certificate, where the other user'"'"'s certificate includes kpubOU, which is the public key of the other user'"'"'s private/public asymmetric key pair kpriOU/kpubOU; creating a session key (SK) for securing communications between the user and the other user; storing the SK; encrypting the SK with the other user'"'"'s public key, kpubOU; encrypting the SK with an escrow public key kpubES received from an escrow server; transmitting, to the network server, the SK encrypted with the other user'"'"'s public key kpubOU and the SK encrypted with the escrow public key kpubES, for forwarding the SK encrypted with the other user'"'"'s public key kpubOU to the other user via the network server and for storing the SK encrypted with the escrow public key kpubES at the network server, the stored SK encrypted with the escrow public key kpubES being accessible at the network server for transmission to an authorized eavesdropper for decrypting messages between the user and the other user; and transmitting, to the other user via the network server, a first email or text message encrypted with the SK. - View Dependent Claims (4)
-
Specification