Method and apparatus for sending encrypted electronic mail through a distribution list exploder
First Claim
1. A method for sending a message that is encrypted through a distribution list exploder that forwards the message to recipients on a distribution list, comprising:
- encrypting the message at a sender using a message key to form an encrypted message, the message key being randomly selected for the message;
encrypting the message key with a group public key to form an encrypted message key, the group public key being associated with a group private key to form a public key-private key pair associated with a group of valid recipients for the message, wherein neither the sender nor the recipients on the distribution list need to know the group private-key to decrypt the encrypted message-key;
sending the encrypted message and the encrypted message key to the distribution list exploder, the distribution list exploder being configured to forward the encrypted message to a plurality of recipients specified in the distribution list;
forwarding the encrypted message and the encrypted message key from the distribution list exploder to the plurality of recipients;
receiving the encrypted message and the encrypted message key at a recipient from the plurality of recipients;
sending the encrypted message key from the recipient to a group server, the group server possessing the group private key;
decrypting the encrypted message key at the group server using the group private key to restore the message key;
communicating the message key to the recipient in a secure manner;
decrypting the encrypted message at the recipient using the message key to restore the message;
wherein the distribution list exploder forwards the encrypted message and the encrypted message key without communicating with the group server;
whereby causing the recipient to contact the group server directly to decrypt the encrypted message key relieves the distribution list exploder of the burden of communicating with the group server to decrypt the encrypted message key.
2 Assignments
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a system for sending an encrypted message through a distribution list exploder in order to forward the encrypted message to recipients on a distribution list. The system operates by encrypting the message at a sender using a message key to form an encrypted message. The system also encrypts the message key with a group public key to form an encrypted message key. The group public key is associated with a group private key to form a public key-private key pair associated with a group of valid recipients for the message. Next, the system sends the encrypted message and the encrypted message key to the distribution list exploder, and the distribution list exploder forwards the encrypted message to a plurality of recipients specified in the distribution list. After receiving the encrypted message and the encrypted message key, the recipient decrypts the encrypted message key to restore the message key. Next, the recipient decrypts the encrypted message using the message key to restore the message. In a variation on the above embodiment, the recipient decrypts the encrypted message key by sending the encrypted message key from the recipient to a group server, which holds the group private key. The group server decrypts the encrypted message key using the group private key to restore the message key, and returns the message key to the recipient in a secure manner.
103 Citations
14 Claims
-
1. A method for sending a message that is encrypted through a distribution list exploder that forwards the message to recipients on a distribution list, comprising:
-
encrypting the message at a sender using a message key to form an encrypted message, the message key being randomly selected for the message;
encrypting the message key with a group public key to form an encrypted message key, the group public key being associated with a group private key to form a public key-private key pair associated with a group of valid recipients for the message, wherein neither the sender nor the recipients on the distribution list need to know the group private-key to decrypt the encrypted message-key;
sending the encrypted message and the encrypted message key to the distribution list exploder, the distribution list exploder being configured to forward the encrypted message to a plurality of recipients specified in the distribution list;
forwarding the encrypted message and the encrypted message key from the distribution list exploder to the plurality of recipients;
receiving the encrypted message and the encrypted message key at a recipient from the plurality of recipients;
sending the encrypted message key from the recipient to a group server, the group server possessing the group private key;
decrypting the encrypted message key at the group server using the group private key to restore the message key;
communicating the message key to the recipient in a secure manner;
decrypting the encrypted message at the recipient using the message key to restore the message;
wherein the distribution list exploder forwards the encrypted message and the encrypted message key without communicating with the group server;
whereby causing the recipient to contact the group server directly to decrypt the encrypted message key relieves the distribution list exploder of the burden of communicating with the group server to decrypt the encrypted message key.
-
-
2. A method for sending a message that is encrypted through a distribution list exploder that forwards the message to recipients on a distribution list, comprising:
-
encrypting the message at a sender using a message key to form an encrypted message;
encrypting the message key with a group public key to form an encrypted message key, the group public key being associated with a group private key to form a public key-private key pair associated with a group of valid recipients for the message, wherein neither the sender nor the recipients on the distribution list need to know the group private-key to decrypt the encrypted message-key; and
sending the encrypted message and the encrypted message key to the distribution list exploder, the distribution list exploder being configured to forward the encrypted message to a plurality of recipients specified in the distribution list;
wherein the distribution list exploder forwards the encrypted message and the encrypted message key without communicating with a group server;
whereby causing the recipient to contact a group server directly to decrypt the encrypted message key relieves the distribution list exploder of the burden of communicating with the group server to decrypt the encrypted message key. - View Dependent Claims (3, 4, 5)
-
-
6. A computer readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for sending a message that is encrypted through a distribution list exploder that forwards the message to recipients on a distribution list, comprising:
-
encrypting the message at a sender using a message key to form an encrypted message;
encrypting the message key with a group public key to form an encrypted message key, the group public key being associated with a group private key to form a public key-private key pair associated with a group of valid recipients for the message, wherein neither the sender nor the recipients on the distribution list need to know the group private-key to decrypt the encrypted message-key; and
sending the encrypted message and the encrypted message key to the distribution list exploder, the distribution list exploder being configured to forward the encrypted message to a plurality of recipients specified in the distribution list;
wherein the distribution list exploder forwards the encrypted message and the encrypted message key without communicating with a group server;
whereby causing the recipient to contact a group server directly to decrypt the encrypted message key relieves the distribution list exploder of the burden of communicating with the group server to decrypt the encrypted message key.
-
-
7. An apparatus that facilitates sending a message that is encrypted through a distribution list exploder that forwards the message to recipients on a distribution list, comprising:
-
an encryption mechanism, that is configured to, encrypt the message using a message key to form an encrypted message, and to encrypt the message key with a group public key to form an encrypted message key, the group public key being associated with a group private key to form a public key-private key pair associated with a group of valid recipients for the message, wherein neither the sender nor the recipients on the distribution list need to know the group private-key to decrypt the encrypted message-key; and
a sending mechanism that is configured to send the encrypted message and the encrypted message key to the distribution list exploder, the distribution list exploder being configured to forward the encrypted message to a plurality of recipients specified in the distribution list;
wherein the distribution list exploder forwards the encrypted message and the encrypted message key without communicating with a group server;
whereby causing the recipient to contact a group server directly to decrypt the encrypted message key relieves the distribution list exploder of the burden of communicating with the group server to decrypt the encrypted message key. - View Dependent Claims (8)
-
-
9. A method for receiving a message that is encrypted through a distribution list exploder that forwards the message to recipients on a distribution list, comprising:
-
receiving an encrypted message and an encrypted message key from the distribution list exploder at a recipient;
wherein the encrypted message contains the message that is encrypted using a message key;
wherein the encrypted message key contains the message key that is encrypted using a group public key, the group public key being associated with a group private key to form a public key-private key pair associated with a group of valid recipients for the message, wherein neither the sender nor the recipients on the distribution list need to know the group private-key to decrypt the encrypted message-key;
sending the encrypted message key from the recipient to a group server, the group server possessing the group private key;
allowing the group server to decrypt the encrypted message key using the group private key to restore the message key; and
receiving the message key from the group server in a secure manner;
decrypting the encrypted message key at the recipient to restore the message key; and
decrypting the encrypted message at the recipient using the message key to restore the message;
wherein the distribution list exploder forwards the encrypted message and the encrypted message key without communicating with a group server;
whereby causing the recipient to contact the group server directly to decrypt the encrypted message key relieves the distribution list exploder of the burden of communicating with the group server to decrypt the encrypted message key. - View Dependent Claims (10, 11, 12, 13, 14)
-
Specification