Secure instant messaging system
First Claim
1. A method comprising:
- caching, for access by a first client device used by a first user, a first security certificate for a second user;
sending a request, by the first client device, to a messaging service to obtain updated certificate information for the second user;
after sending the request, receiving the updated certificate information for the second user from the messaging service, wherein the updated certificate information is based on a second security certificate published by the second user, wherein the updated certificate information includes an abbreviated value determined from the second security certificate;
comparing the abbreviated value of the second security certificate with an abbreviated value of the first security certificate for the second user;
in response to the abbreviated value of the second security certificate not matching the abbreviated value of the first security certificate, requesting the second security certificate from the messaging service;
receiving the second security certificate for the second user from the messaging service;
using the second security certificate to encrypt an electronic message and produce an encrypted message; and
sending the encrypted message to the messaging server to be sent to a second client device of the second user.
7 Assignments
0 Petitions
Accused Products
Abstract
A secure instant messaging (IM) system integrates secure instant messaging into existing instant messaging systems. A certificate authority (CA) issues security certificates to users binding the user'"'"'s IM screen name to a public key, used by sending users to encrypt messages and files for the user. The CA uses a subscriber database to keep track of valid users and associated information, e.g. user screen names, user subscription expiration dates, and enrollment agent information. A user sends his certificate to an instant messaging server which publishes the user'"'"'s certificate to other users. Users encrypt instant messages and files using an encryption algorithm and the recipient'"'"'s certificate. A sending user can sign instant messages using his private signing key. The security status of received messages is displayed to recipients.
-
Citations
20 Claims
-
1. A method comprising:
-
caching, for access by a first client device used by a first user, a first security certificate for a second user; sending a request, by the first client device, to a messaging service to obtain updated certificate information for the second user; after sending the request, receiving the updated certificate information for the second user from the messaging service, wherein the updated certificate information is based on a second security certificate published by the second user, wherein the updated certificate information includes an abbreviated value determined from the second security certificate; comparing the abbreviated value of the second security certificate with an abbreviated value of the first security certificate for the second user; in response to the abbreviated value of the second security certificate not matching the abbreviated value of the first security certificate, requesting the second security certificate from the messaging service; receiving the second security certificate for the second user from the messaging service; using the second security certificate to encrypt an electronic message and produce an encrypted message; and sending the encrypted message to the messaging server to be sent to a second client device of the second user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
a cache at a first client device of a first user storing a first security certificate for a second user, the certificate sent by a second messaging client via a messaging server; at least one processor configured to access the cache and configured to; send a request to a messaging service to obtain updated certificate information for the second user; after sending the request, receive the updated certificate information for the second user from the messaging service, wherein the updated certificate information is based on a second security certificate published by the second user, wherein the updated certificate information includes an abbreviated value determined from the second security certificate; compare the abbreviated value of the second security certificate with an abbreviated value of the first security certificate for the second user; in response to the abbreviated value of the second security certificate not matching the abbreviated value of the first security certificate, request the second security certificate from the messaging service; receive the second security certificate for the second user from the messaging service; use the second security certificate to encrypt an electronic message and produce an encrypted message; and send the encrypted message to the messaging server to be sent to a second client device of the second user. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A method comprising:
-
caching, for access by a first client device used by a first user, a first security certificate for a second user; sending a request, by the first client device, to a messaging service to obtain updated certificate information for the second user; after sending the request, receiving the updated certificate information for the second user from the messaging service, wherein the updated certificate information is based on a second security certificate published by the second user, wherein the updated certificate information includes a hash value determined from the second security certificate, wherein the second security certificate associates a screen name with a public key value, the screen name being associated with the second user; comparing the hash value of the second security certificate with a hash value of the first security certificate for the second user; in response to the hash value of the second security certificate not matching the hash value of the first security certificate, requesting the second security certificate from the messaging service; receiving the second security certificate for the second user from the messaging service; using the public key value associated with the screen name of the second user to encrypt an electronic message and produce an encrypted message; and sending the encrypted message to the messaging server to be sent to a second client device of the second user. - View Dependent Claims (20)
-
Specification