Secure email communication system

US 8,379,867 B2
Filed: 09/24/2008
Issued: 02/19/2013
Est. Priority Date: 09/24/2007
Status: Active Grant

First Claim

Patent Images

1. A method of securing a digital data stream, the method comprising:

receiving, at a host node, a first key of a first asymmetric key pair from a key store remote from the host node;

deciphering, at the host node, the first key of the first asymmetric key pair with a first key of a second asymmetric key pair;

receiving a dynamically generated key;

enciphering the digital data stream with the dynamically generated key;

enciphering the dynamically generated key with the first key of the first asymmetric key pair; and

storing the enciphered digital data stream and the enciphered dynamically generated key remotely from the host node and the key store.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a method and system for securing a digital data stream. A first key of a first asymmetric key pair from a key store remote from a host node is received at the host node. A dynamically generated key is received at the host node, which is used to encipher the digital data stream. The dynamically generated key is enciphered with the first key of the first asymmetric key pair. The enciphered digital data stream and the enciphered dynamically generated key are stored remotely from the host node and the key store.

82 Citations

View as Search Results

43 Claims

1. A method of securing a digital data stream, the method comprising:
- receiving, at a host node, a first key of a first asymmetric key pair from a key store remote from the host node;
  
  deciphering, at the host node, the first key of the first asymmetric key pair with a first key of a second asymmetric key pair;
  
  receiving a dynamically generated key;
  
  enciphering the digital data stream with the dynamically generated key;
  
  enciphering the dynamically generated key with the first key of the first asymmetric key pair; and
  
  storing the enciphered digital data stream and the enciphered dynamically generated key remotely from the host node and the key store.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 further comprising:
    - sampling a random number source; and
      
      generating the dynamically generated encipher key based on the sampling.
  - 3. The method of claim 1 wherein enciphering the digital data stream comprises enciphering the digital data stream with a symmetric encipher algorithm.
  - 4. The method of claim 1 further comprising, after the storing, deleting all copies of the dynamically generated key at the host node.
  - 5. The method of claim 1 wherein the storing comprises associating, using a database, the enciphered digital data stream with the enciphered dynamically generated key.
  - 6. The method of claim 1 further comprising compressing the digital data stream.
  - 7. The method of claim 1 further comprising:
    - receiving the digital data stream; and
      
      correlating the digital data stream with the first asymmetric key pair based on an identified recipient for the digital data stream.

8. A method of securing a digital data stream, the method comprising:
- enciphering, at a key store, a first key of a first asymmetric key pair with a second key of a second asymmetric key pair;
  
  receiving, at a host node remote from the key store, the first key of the first asymmetric key pair from the key store;
  
  deciphering, at the host node, the first key of the first asymmetric key pair with a first key of a second asymmetric key pair;
  
  receiving a dynamically generated key;
  
  enciphering the digital data stream with the dynamically generated key;
  
  enciphering the dynamically generated key with the first key of the first asymmetric key pair; and
  
  storing the enciphered digital data stream and the enciphered dynamically generated key remotely from the host node and the key store.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8 further comprising:
    - sampling a random number source; and
      
      generating the dynamically generated encipher key based on the sampling.
  - 10. The method of claim 8 wherein enciphering the digital data stream comprises enciphering the digital data stream with a symmetric encipher algorithm.
  - 11. The method of claim 8 further comprising, after the storing, deleting all copies of the dynamically generated key at the host node.
  - 12. The method of claim 8 wherein the storing comprises associating, using a database, the enciphered digital data stream with the enciphered dynamically generated key.
  - 13. The method of claim 8 further comprising compressing the digital data stream.
  - 14. The method of claim 8 further comprising:
    - receiving the digital data stream; and
      
      correlating the digital data stream with the first asymmetric key pair based on an identified recipient for the digital data stream.

15. A method of securing a digital data stream, the method comprising:
- receiving, at a host node, a first key of a first asymmetric key pair from a key store remote from the host node;
  
  deciphering, at the host node, the first key of the first asymmetric key pair with a first key of a second asymmetric key pair;
  
  receiving a dynamically generated key;
  
  enciphering the digital data stream with the dynamically generated key;
  
  enciphering the dynamically generated key with the first key of the first asymmetric key pair;
  
  storing the enciphered digital data stream and the enciphered dynamically generated key remotely from the host node and the key store;
  
  receiving a credential from a user;
  
  generating a credential indicia using a one-way operation on the credential; and
  
  identifying, at the key store, a second key of the first asymmetric key pair using the credential indicia.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The method of claim 15 further comprising:
    - sampling a random number source; and
      
      generating the dynamically generated encipher key based on the sampling.
  - 17. The method of claim 15 wherein enciphering the digital data stream comprises enciphering the digital data stream with a symmetric encipher algorithm.
  - 18. The method of claim 15 further comprising, after the storing, deleting all copies of the dynamically generated key at the host node.
  - 19. The method of claim 15 wherein the storing comprises associating, using a database, the enciphered digital data stream with the enciphered dynamically generated key.
  - 20. The method of claim 15 further comprising compressing the digital data stream.
  - 21. The method of claim 15 further comprising:
    - receiving the digital data stream; and
      
      correlating the digital data stream with the first asymmetric key pair based on an identified recipient for the digital data stream.

22. A method of securing a digital data stream, the method comprising:
- receiving, at a host node, a first key of a first asymmetric key pair from a key store remote from the host node;
  
  deciphering, at the host node, the first key of the first asymmetric key pair with a first key of a second asymmetric key pair;
  
  receiving a dynamically generated key;
  
  enciphering the digital data stream with the dynamically generated key;
  
  enciphering the dynamically generated key with the first key of the first asymmetric key pair;
  
  storing the enciphered digital data stream and the enciphered dynamically generated key remotely from the host node and the key store;
  
  receiving a second key of the first asymmetric key pair from the key store;
  
  deciphering the dynamically generated key with the second key of the first asymmetric key pair; and
  
  deciphering the digital data stream with the deciphered dynamically generated key.
- View Dependent Claims (23, 24, 25, 26, 27, 28)
- - 23. The method of claim 22 further comprising:
    - sampling a random number source; and
      
      generating the dynamically generated encipher key based on the sampling.
  - 24. The method of claim 22 wherein enciphering the digital data stream comprises enciphering the digital data stream with a symmetric encipher algorithm.
  - 25. The method of claim 22 further comprising, after the storing, deleting all copies of the dynamically generated key at the host node.
  - 26. The method of claim 22 wherein the storing comprises associating, using a database, the enciphered digital data stream with the enciphered dynamically generated key.
  - 27. The method of claim 22 further comprising compressing the digital data stream.
  - 28. The method of claim 22 further comprising:
    - receiving the digital data stream; and
      
      correlating the digital data stream with the first asymmetric key pair based on an identified recipient for the digital data stream.

29. A method of processing a digital data stream, the method comprising:
- receiving, at a host node, a credential indicia corresponding to a user;
  
  receiving an enciphered digital data stream and an enciphered session key from a database node remote from the host node;
  
  receiving a first key of a first asymmetric key pair from a key store remote from the host node and the database node;
  
  deciphering, at the host node, the first key of the first asymmetric key pair with a first key of a second asymmetric key pair;
  
  deciphering the session key with the first key of the first asymmetric key pair; and
  
  deciphering the digital data stream with the deciphered session key.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36)
- - 30. The method of claim 29 further comprising identifying, at the key store, the first key of the first asymmetric key pair using the credential indicia.
  - 31. The method of claim 29 further comprising:
    - receiving a credential from the user; and
      
      generating the credential indicia using a one-way operation on the credential.
  - 32. The method of claim 29 further comprising enciphering, at the key store, the first key of the first asymmetric key pair with a second key of a second asymmetric key pair.
  - 33. The method of claim 29 wherein deciphering the digital data stream comprises deciphering the digital data stream with a symmetric decipher algorithm.
  - 34. The method of claim 29 further comprising enciphering the digital data stream for transmission to the user.
  - 35. The method of claim 29 further comprising decompressing the digital data stream.
  - 36. The method of claim 29 further comprising:
    - dynamically generating the session key;
      
      receiving a second key of the first asymmetric key pair from the key store;
      
      enciphering the digital data stream with the session key;
      
      enciphering the session key with the second key of the first asymmetric key pair; and
      
      storing the enciphered digital data stream and the enciphered session key at the database node.

37. A communications security system comprising:
- a key store comprising a paired key list relating a first asymmetric key pair with a user indicia and a credential indicia;
  
  a database node, remote from the key store, wherein the database node comprises a database containing an enciphered message and an enciphered session key; and
  
  a host node remotely coupled to the key store through a key port and the database node through a database port, wherein the host node is configured to receive a first key of the first asymmetric key pair from the key store, wherein the host node comprises;
  
  a data stream port;
  
  a dynamic key generation module;
  
  a first encipher module coupled to the key generation module, the data stream port, and the database port;
  
  a second encipher module coupled to the key generation module, the key port, and the database port; and
  
  a decipher module coupled between the second encipher module and the key port, wherein the decipher module is configured to decipher the first key of the first asymmetric key pair with a first key of a second asymmetric key pair.
- View Dependent Claims (38, 39, 40, 41, 42, 43)
- - 38. The system of claim 37 wherein the first encipher module comprises a symmetric encipher module.
  - 39. The system of claim 37 wherein the second encipher module comprises an asymmetric encipher module.
  - 40. The system of claim 37 wherein the host node further comprises a compression module coupled between the first encipher module and the data stream port.
  - 41. The system of claim 37 further comprising a hardware random number generator coupled to the key generation module.
  - 42. The system of claim 37 wherein the decipher module coupled between the second encipher module and the key port is an asymmetric decipher module.
  - 43. The system of claim 42 wherein the key store further comprises an asymmetric encipher module coupled between the paired key list and the key port.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Baimmt, LLC
Original Assignee
MyMail Technology, LLC
Inventors
Selgas, Thomas D., Cutrer, Jonathan
Primary Examiner(s)
Dinh, Minh

Application Number

US12/237,258
Publication Number

US 20090080650A1
Time in Patent Office

1,609 Days
Field of Search

None
US Class Current

380/282
CPC Class Codes

H04L 2463/061   applying further key deriva...

H04L 2463/062   applying encryption of the ...

H04L 63/045   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0861   Generation of secret inform...

H04L 9/0894   Escrow, recovery or storing...

Secure email communication system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

82 Citations

43 Claims

Specification

Use Cases

Quick Links

Others

Secure email communication system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

82 Citations

43 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others