Stateless server-based encryption associated with a distribution list
First Claim
1. A method of decrypting electronic messages, comprising:
- assigning a common public key and a corresponding common private key to an email distribution list, the email distribution list including a plurality of destination clients and the email distribution list identified by an identifier;
receiving, by a message relay server, an encrypted electronic message from a source client, the encrypted electronic message being encrypted using the common public key, being derived from a first electronic message, and being addressed to the plurality of destination clients listed in the email distribution list;
transmitting, by the message relay server, the encrypted electronic message to the plurality of destination clients listed in the distribution list, the distribution list associated with the common private key;
receiving, by a decryption module of a decryptor device, the encrypted electronic message from each of the plurality of destination clients; and
for at least two of the encrypted electronic messages received by the decryption module from different destination clients of the plurality of destination clients;
authenticating each destination client of the different destination clients; and
in response to a successful authentication of a first destination client of the different destination clients;
obtaining by the decryption module, the identifier;
using the identifier to retrieve by the decryption module, the common private key;
decrypting, by the decryption module, at least one of the at least two encrypted electronic message using the common private key; and
transmitting the at least one decrypted encrypted electronic message to the first destination client; and
in response to a failed authentication of a second destination client of the different destination clients, notifying the second destination client of the failed authentication.
1 Assignment
0 Petitions
Accused Products
Abstract
An example method of decrypting electronic messages includes receiving, by an authentication module of a decryptor device, authentication requests from a plurality of destination clients. The method also includes receiving, by a decryption module of the decryptor device, encrypted electronic messages from the plurality of destination clients. The encrypted electronic messages are derived from a common electronic message sent by a common source client. The method further includes authenticating, based on an authentication table, the plurality of destination clients. The authentication table stores user credentials that are used to authenticate destination clients. The method also includes for each encrypted electronic message received from an authenticated destination client of the plurality of destination clients, decrypting the encrypted electronic message using a common private key and providing the decrypted electronic message to the authenticated destination client. The private key is stored at the decryptor device.
35 Citations
18 Claims
-
1. A method of decrypting electronic messages, comprising:
-
assigning a common public key and a corresponding common private key to an email distribution list, the email distribution list including a plurality of destination clients and the email distribution list identified by an identifier; receiving, by a message relay server, an encrypted electronic message from a source client, the encrypted electronic message being encrypted using the common public key, being derived from a first electronic message, and being addressed to the plurality of destination clients listed in the email distribution list; transmitting, by the message relay server, the encrypted electronic message to the plurality of destination clients listed in the distribution list, the distribution list associated with the common private key; receiving, by a decryption module of a decryptor device, the encrypted electronic message from each of the plurality of destination clients; and for at least two of the encrypted electronic messages received by the decryption module from different destination clients of the plurality of destination clients; authenticating each destination client of the different destination clients; and in response to a successful authentication of a first destination client of the different destination clients; obtaining by the decryption module, the identifier; using the identifier to retrieve by the decryption module, the common private key; decrypting, by the decryption module, at least one of the at least two encrypted electronic message using the common private key; and transmitting the at least one decrypted encrypted electronic message to the first destination client; and in response to a failed authentication of a second destination client of the different destination clients, notifying the second destination client of the failed authentication. - View Dependent Claims (2, 3, 4, 16)
-
-
5. A system for decrypting electronic messages, comprising:
-
a memory that stores a distribution list identified by an identifier associated with a common private key and corresponding common public key; a message relay server that receives an encrypted electronic message from a source client and transmits the encrypted electronic message to a plurality of destination clients listed in the distribution list, wherein the encrypted electronic message is encrypted using a common public key, is derived from a first electronic message, and is addressed to the plurality of destination clients; a decryption module that receives the encrypted electronic message from each of at least two destination clients of the plurality of destination clients; and an authentication module that successfully authenticates first and second destination clients of the plurality of destination clients, wherein in response to the authentication module successfully authenticating a respective destination client, the decryption module; obtains the identifier; using the identifier, retrieves the common private key; decrypts the encrypted electronic message using the common private key; and transmits the decrypted electronic message to the respective destination client. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 14, 15, 17, 18)
-
-
13. A non-transitory machine-readable medium comprising a plurality of machine-readable instructions that when executed by one or more processors is adapted to cause the one or more processors to perform a method comprising:
-
assigning a common public key and a corresponding common private key to an email distribution list, the email distribution list including a plurality of destination clients and the email distribution list identified by an identifier; receiving, by a message relay server, an encrypted electronic message from a source client, the encrypted electronic message being encrypted using the common public key, being derived from a first electronic message, and being addressed to the plurality of destination clients listed in the email distribution list; transmitting, by the message relay server, the encrypted electronic message to the plurality of destination clients listed in the distribution list, the distribution list associated with the common private key; receiving, by a decryption module of a decryptor device, the encrypted electronic message from each of the plurality of destination clients; and for at least two of the encrypted electronic messages received by the decryption module from different destination clients of the plurality of destination clients; authenticating each destination client of the different destination clients; and in response to a successful authentication of a first destination client of the different destination clients; obtaining by the decryption module, the identifier; using the identifier to retrieve by the decryption module, the common private key; decrypting, by the decryption module, at least one of the at least two encrypted electronic message using the common private key; and transmitting the at least one decrypted encrypted electronic message to the first destination client; and in response to a failed authentication of a second destination client of the different destination clients, notifying the second destination client of the failed authentication.
-
Specification