Opaque message archives

US 8,230,517 B2
Filed: 11/12/2007
Issued: 07/24/2012
Est. Priority Date: 08/07/2002
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a server, at least a first unencrypted portion of a message from a sending client device;

generating, by the server, a split encryption key comprising at least a first key portion and a second key portion;

encrypting, by the server, at least the received first unencrypted portion of the message, using the split encryption key to produce an encrypted portion of the message;

providing, by the server, the first key portion to the sending client device, and thereafter, discarding the first key portion from the server;

storing, by the server, the encrypted portion of the message and the second key portion in storage accessible to the server;

receiving back, by the server, the first key portion; and

decrypting, by the server, the stored encrypted portion of the message for provision to a recipient client device using the received-back first key portion and the stored second key portion to recover the first unencrypted portion of the message.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system includes a server equipped to generate a split encryption key having at least a first key portion and a second key portion, that is used by the server to encrypt at least a portion of a message. Additionally, the first key portion of the split encryption key is retained by the server, while the second key portion of the split encryption key is delivered to a sending client and is discarded from the server. The sending client in turn provides the second key portion to one or more recipients of the message to facilitate recipient access to the message.

45 Citations

View as Search Results

9 Claims

1. A method comprising:
- receiving, by a server, at least a first unencrypted portion of a message from a sending client device;
  
  generating, by the server, a split encryption key comprising at least a first key portion and a second key portion;
  
  encrypting, by the server, at least the received first unencrypted portion of the message, using the split encryption key to produce an encrypted portion of the message;
  
  providing, by the server, the first key portion to the sending client device, and thereafter, discarding the first key portion from the server;
  
  storing, by the server, the encrypted portion of the message and the second key portion in storage accessible to the server;
  
  receiving back, by the server, the first key portion; and
  
  decrypting, by the server, the stored encrypted portion of the message for provision to a recipient client device using the received-back first key portion and the stored second key portion to recover the first unencrypted portion of the message.

2. A method comprising:
- sending to a server, by a client device, at least a first unencrypted part of a message generated by the sending client device for secured storage and subsequent provision to a recipient client device;
  
  receiving from the server, by the client device, a first key portion of a split encryption key used in conjunction with a second key portion of the split encryption key by the server to encrypt the first unencrypted part of the message, wherein the second key portion is retained in storage accessible to the server while the first portion is discarded from the server;
  
  wherein;
  
  encryption of the first unencrypted part of the message on the server using the split encryption key generates an encrypted part of the message;
  
  the encrypted part of the message is stored in the storage accessible to the server; and
  
  the discarded first key portion is subsequently provided back to the server for use in conjunction with the retained second key portion to recover the first unencrypted part of the message for provision to the recipient client device; and
  
  sending the first key portion to the recipient client device to facilitate access by the recipient client device to the first unencrypted part of the message from the server.
- View Dependent Claims (3, 4, 5, 6)
- - 3. The method of claim 2, wherein the first key portion is generated by the server based at least in part upon a randomized seed value.
  - 4. The method of claim 3, wherein the randomized seed value is generated by the sending client device.
  - 5. The method of claim 3, wherein the randomized seed value is generated by the server.
  - 6. The method of claim 2, further comprising:
    - depositing, by the sending client device, the first key portion into a mail folder on the sending client device.

7. A system comprising:
- a server equipped to;
  
  receive an unencrypted message from a sending client device;
  
  generate a split encryption key comprising at least a first key portion and a second key portion;
  
  encrypt the received unencrypted message, using the split encryption key to produce an encrypted message;
  
  store an encrypted version of the unencrypted message and the first key portion;
  
  provide the second key portion to the sending client device;
  
  discard the second key portion from the server;
  
  receive back the second key portion; and
  
  decrypt the stored encrypted version of the unencrypted message for provision to a recipient client device using the received-back second key portion and the stored first key portion to recover the unencrypted message; and
  
  the sending client device equipped to;
  
  receive the second key portion from the server; and
  
  provide the second key portion to a recipient client device to facilitate access to the unencrypted message by the recipient client device.

8. An article comprising:
- a non-transitory computer-readable storage medium having stored therein programming instructions that, in response to being executed by a computing device, cause the computing device to;
  
  generate a split encryption key comprising at least a first key portion and a second key portion;
  
  receive, from the sending client device, at least a first unencrypted portion of a message;
  
  encrypt at least the received first unencrypted portion of the message, using the split encryption key to generate an encrypted portion of the message;
  
  provide the first key portion to the sending client device, and thereafter, discarding the first key portion from the device;
  
  store the encrypted portion of the message and the second key portion;
  
  receive back the first key portion; and
  
  decrypt the stored encrypted portion of the message for provision to a recipient client device using the received-back first key portion and the stored second key portion to recover the first unencrypted portion of the message.

9. An article comprising:
- a non-transitory computer-readable storage medium having stored therein programming instructions that, in response to being executed by a computing device, cause the computing device to;
  
  send, to a server, at least a first unencrypted part of a message generated by the apparatus for secured storage and subsequent provision to a recipient client device;
  
  receive, from the server, a first key portion of a split encryption key used in conjunction with a second key portion of the split encryption key by the server to encrypt the first unencrypted part of the message, wherein the second key portion is retained in the server while the first portion is discarded from the server;
  
  wherein;
  
  encryption of the first unencrypted part of the message on the server using the split encryption key generates an encrypted part of the message;
  
  the encrypted part of the message is stored on the server; and
  
  the discarded first key portion is subsequently provided back to the server for use in conjunction with the retained second key portion to recover the first unencrypted part of the message for provision to the recipient client device; and
  
  send the first key portion to the recipient client device to facilitate access by the recipient client device to the first unencrypted part of the message from the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Surescripts, LLC (SureScripts-RxHub LLC)
Original Assignee
Enli Health Intelligence Corp. (Cedar Gate Partners Holdings LLC)
Inventors
Karamchedu, Murali M., Sponaugle, Jeffrey B.
Primary Examiner(s)
Perungavoor, Venkat

Application Number

US11/938,524
Publication Number

US 20080065891A1
Time in Patent Office

1,716 Days
Field of Search

380278-279, 380/286, 380/44, 380/45, 380/47, 713/171, 713/185, 726 4- 5, 726/9, 726/20, 726 28- 29
US Class Current

726/29
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 2221/2107   File encryption

G06F 2221/2115   Third party

G06Q 10/107   Computer-aided management o...

H04L 51/224   providing notification on i...

H04L 9/083   involving central third par...

Opaque message archives

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

45 Citations

9 Claims

Specification

Use Cases

Quick Links

Others

Opaque message archives

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

45 Citations

9 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others