System and method for secure message key caching in a mobile communication device
First Claim
Patent Images
1. A method for processing encrypted e-mail messages at a communication device, the method comprising:
- receiving at the communication device an encrypted e-mail message comprising at least one encrypted session key and encrypted content, the at least one encrypted session key comprising an individual encrypted session key associated with the communication device, the individual encrypted session key encrypted with a public key and usable, when decrypted using a private key associated with the public key, to decrypt the encrypted content of the encrypted e-mail message;
accessing the encrypted e-mail message;
identifying the individual encrypted session key associated with the communication device;
decrypting the individual encrypted session key to obtain a decrypted session key that is unique to the encrypted e-mail message; and
storing the decrypted session key to memory;
wherein, when the encrypted content of the encrypted e-mail message is accessed multiple times, the stored decrypted session key is used each of the multiple times to decrypt the encrypted content of the encrypted e-mail message, andwherein the decrypted session key is removed from the memory based upon a sensitivity level of the encrypted e-mail message.
7 Assignments
0 Petitions
Accused Products
Abstract
A method and system are provided for processing encrypted messages at a mobile device. A mobile device receives an encrypted message that comprises encrypted content as well as encryption information for accessing the encrypted content. At the mobile device, the encryption accessing information is obtained and stored to memory. The encryption accessing information is retrieved from memory in order to decrypt the encrypted content when the encrypted message is subsequently accessed.
144 Citations
45 Claims
-
1. A method for processing encrypted e-mail messages at a communication device, the method comprising:
-
receiving at the communication device an encrypted e-mail message comprising at least one encrypted session key and encrypted content, the at least one encrypted session key comprising an individual encrypted session key associated with the communication device, the individual encrypted session key encrypted with a public key and usable, when decrypted using a private key associated with the public key, to decrypt the encrypted content of the encrypted e-mail message; accessing the encrypted e-mail message; identifying the individual encrypted session key associated with the communication device; decrypting the individual encrypted session key to obtain a decrypted session key that is unique to the encrypted e-mail message; and storing the decrypted session key to memory; wherein, when the encrypted content of the encrypted e-mail message is accessed multiple times, the stored decrypted session key is used each of the multiple times to decrypt the encrypted content of the encrypted e-mail message, and wherein the decrypted session key is removed from the memory based upon a sensitivity level of the encrypted e-mail message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. Non-transitory computer-readable memory encoded with program code for processing an encrypted e-mail message at a communication device when the encrypted e-mail message is accessed, wherein the encrypted e-mail message comprises at least one encrypted session key and encrypted content, the at least one encrypted session key comprising an individual encrypted session key associated with the communication device, the individual encrypted session key encrypted with a public key and usable, when decrypted using a private key associated with the public key, to decrypt the encrypted content of the encrypted e-mail message, wherein execution of the program code results in:
-
identifying the individual encrypted session key associated with the communication device; decrypting the individual encrypted session key to obtain a decrypted session key that is unique to the encrypted e-mail message; storing the decrypted session key to memory; and when the encrypted content of the encrypted e-mail message is accessed multiple times, using the stored decrypted session key each of the multiple times to decrypt the encrypted content of the encrypted e-mail message, wherein the decrypted session key is removed from the memory based upon a sensitivity level of the encrypted e-mail message.
-
-
41. An apparatus on a communication device for handling multiple accesses to encrypted e-mail messages, wherein an encrypted e-mail message comprises at least one encrypted session key and encrypted content, wherein the at least one encrypted session key comprises an individual encrypted session key associated with the communication device, the individual encrypted session key encrypted with a public key and usable, when decrypted using a private key associated with the public key, to decrypt the encrypted content of the encrypted e-mail message, and wherein the encrypted e-mail message is transmitted to the communication device, the apparatus comprising:
-
a storage software module that executes on a data processor of the communication device and that identifies the individual encrypted session key associated with the communication device, decrypts the individual encrypted session key to obtain a decrypted session key that is unique to the encrypted e-mail message, and stores the decrypted session key in memory which is volatile and non-persistent, wherein the stored decrypted session key allows access to the encrypted content; and an accessing software module that executes on the data processor of the communication device and that retrieves from the memory the stored decrypted session key, wherein, when the encrypted content of the encrypted e-mail message is accessed multiple times, the retrieved stored decrypted session key is used each of the multiple times to decrypt the encrypted content of the encrypted e-mail message, wherein the decrypted session key is removed from the memory based upon a sensitivity level of the encrypted e-mail message. - View Dependent Claims (42, 43, 44, 45)
-
Specification