AU2003235035A1

AU2003235035A1 - A secure data transfer system

Info

Publication number: AU2003235035A1
Application number: AU2003235035A
Authority: AU
Inventors: Rodney Perkins
Original assignee: VIACODE Ltd
Current assignee: Royal Mail Group Ltd
Priority date: 1998-09-21
Filing date: 2003-08-15
Publication date: 2003-09-11
Anticipated expiration: 2019-09-21
Also published as: AU2003235035B2

Description

-1-

AUSTRALIA

PATENTS ACT 1990 COMPLETE SPECIFICATION FOR A STANDARD PATENT

ORIGINAL

Name of Applicant: Actual Inventor: Address for Service:

CCN:

Viacode Limited Rodney Perkins Baldwin Shelston Waters MARGARET STREET SYDNEY NSW 2000 3710000352 Invention Title: A SECURE DATA TRANSFER SYSTEM Details of Original Application No. 62111/99 dated 21 September, 1999.

The following statement is a full description of this invention, including the best method of performing it known to us:- File: 31133AUP01 500211842_1.DOC5844 At SCR DATA& ThANSFR SYSTEMA This invention relates to secure data transfer systeMs5- The invention is particularly applicable to secure data transfer invol'ving a trusted third party

(TII')-

Encryption of mes~ages for reasons of secur-ity and authenticity has been practised in many forms. In the context of digital communications, encryption based on mathataical algorithmns is under continual development. A discussion of encryption techniques cadn bc found in many tex books. for example Applied Cryptography by 8. Schneier. John Wiley Sons Inc., 1996.

Symnmetric cryptography involves thc use of a single key xvbich is known to both the Tncs5age sender andirecipient. The key is used to encrypt the message and the same keY is used at thc messagc destination for decryption- It is'viiLal to the i4ntegrity of such a systema that the key remains the secret of the sender and The recipient. A-ny doubt as Lo the security in -which the key is held by either parry undermines the intfegrity' of the system as any other party having knowledze of the key can use it to decrypt the message- An example of a symnmetric key cryptography system is the w;ell-knowvr Data Encryption Standard (DES).- To address the security problem associared with 5yinrnctric key systemns. public key (asymmetric) cryptog-raphy was developed, In this arrangement the key sharing problem of symmetric cryptography -is avoided by using an algorithm whibch has two kevs. One key is used to encrypT the mcszsaze and the other key is used to decrypt it. Thus, there is no need to trar, mit and share one key between correspon dents. Any party is able to entrypt a muessage using the intended recipiet's Public key, but only the holder of the uthei- (private) k ey as well is able to decrypt it. For multi-user systems, asymmetrxic key encryption techniq ues; are commonly employed. Such public/private key systems have been. developed- by, for examnple, RSA Laboratories of RedwocAl City, California, USA.

In practice asymmetric key algorithms are too slow to use for the encryption and decrypion of large quantities of data. To address this problem a unique symnmetric key is generated for each data transfer and this symmetric key is transferred from one party to the other using an asymmetric (public) key method, This provides the speed advantage of symnmetric keys while retaining The advantages of an asymmietric (public) key, In an e-xtenis.ion of the asymmetric key system, it is possible to develop a digital signiat ure by -which to verify that the sender of the message -was the party put-porttig to have done so. To do this the sender -encrypts; a diest of The message (called a 'hash') using the private key. The di gcst is now decipherable by anyone using the public key. but, the so-nder is verificd because only the scader knew the private key Nvith which it was encrypted. This provides authent Ication, of the sender to the user. The fact that the private key of the asymmxetric key systemn i. kept ouly by the sender provides a usefful form of auubenication known as 'rion-rcpudiation' as there is only one custodian of the privatc key f6r decryptio upoes. The sender cannot deny being the source: of the message, Assurances as to the identity of the decrypter, i~e. the rcipients are just as ni~ay as t.sciarmed t te drypter. To adres this it is ImwA to em~ploy the serices of a trvsted third party CLIP) or certificate authority. The role of the TI? is to cerdfy to either orboth partics that the other is wbo they to be. Certification H63k a particular key with the identity of a paty.

Clealy.. -he se-it~y of the TI? is vital to its standing as issuer of certificates.

The cartificate typically includes ide-ntificatiozi data as vvell as identification of theq certification authority and thr duration for which the certificate is valid. A so-cld distinguished name provides authentication of an identity linked to a spvcifc capacty, e.g. rank i an organisational hL-rarchy. This can bc used in addition to the certificate associated with the w~ansactiing site.

Racryptio-a software enables users to communic=t securely by ceryting files and attaching ihem to elctonic manl (C-maiiD messancs. The file canunot be read by anybody other than the intended recipient of proven identity. Ther are many iraplemenzations of such softwaxe,* for examiple that described iii the article by J Linn title 'Privacy Enihamcement for Internet Electronic Mail: Part 1: Message Bncryptioa and Authentication I ocedares". R.FC1421, [Online]f Februay 1993 (1993-02), page* 6-30, X1P002132590 Mesagmg-'. In all cases, however, Ihe recipient -has free access to the message, provide -that the recipient's private key is available.

tn some protocols therc is provision for parties other t2am the sander or specffied recipient to gain access to the contents of a messagc by encryptig a k-ey and decrypting it in special circumstaces. Two cases can distinguishedan escrow capability by a known person or organisatiMn and release of the key(s) of the mecssage to persons not defied when the message is encryptei UJS 5,557,765 describes au example of where a messagc key is divided into Parm which are separately envxypted to escow agvnts so that Law Enforcemet Agencies or authorised bodies can recover them later. In genzral this is done secretly and the sender is not able to detect that the message has been accessed.

EP-A-O,798,892 discloses an example of vb=cr the enytion process is not specific to any defined rrcipient. Thc intention is that any recipient can access. the plaintext (or pift of it) by means of a payment. Th returm for thie payment the message key- is rcleased. It is not aecessarily the case that the sendar can find out the identi es of those recipients Ther is a need for an ele~ctronic cquivalent of the reorded and registered postal systems. In many instances, it is necessary for the =eder of mail at least to ha-ve verification that it has be=n rcived by the authorised recipient (proof of delivery). A re~orded postal letter is signed for by the recipicrrt when it is handed over -by the delivere. A regisicred postal Itr is trackced through the postal system a-ad logged asbhaviug passed various poi up to delivery.

In an e-mail system the verification of delivery is not ncessarily assured becau-se either the acknowledgremcnt software of the rccipient may be disabled or thie recipient is posig as the intended recipient fraudulently, E-mail is not inherently secare. Thus, semnrity of an c-mail message depends eirrely upon ecrmyptiofl of the messagc and the uucrypto Zytm reann uncomprornised.

it Nis b.en proposed that recorded e-mail delivery can be efficted by using an encryption system by which an eicryptod message is transferred to, and hIidd by, a central point associated with a TTP for on-ward delivery to an aixtheniicated user. The message is stored at the. 'TP until it is requested by thr_ intended recipient in iesponse to notification that the message is waitixtg, However, it has been found that there is* a practical limit on the amount of information the TTP can store. Thus. thc system is dependent uponi the storage capacity of the TTP. Furthermore, -not only the encryption system but the nieassage, itself has to conform to the MIT's receptionltraniisiission systtem both in termas of format and transrrission medIim.

Accordingz to the, present invention, there is provided a d, a transfer ystexn as specified in Claim 1. Some preferred features are defined in the dependcnt claims.

The dat~i transfer systema in which the inventiox is embodiod comprises a sender facjity; a rece iver facility and a key facility; the sender- facility comprising: rneons for encrypting data for the intended recipient, means for splitting the- encrypted data into a first 'encrypted part and a remaining encrypted part, the first encrypted part carrying information for decryption of the remaining- paut so that the zrmaining encrypted part cannot be decrypred on its own; means for encrypting the first encrypted part to prod-ace a fturther encrypted part for forwarding to the key facility, medan for combining thIe further encrypted part and the reraining encrypted part to produce a data block. and maeans for sending the, dlata block thre rcceivcr facility comprising: racan s for ruceiving the data block, means for requesting decryption of the further encrypted part by the k-ey facility, and mcans for decryptig the rcmnaiing encrypted part and the decrypted further encrypted part providud by the key facility, the key facility comprjiqingf means for decrypting the furthcr encrypted part, and means for sending the decrypted farthr cnczyptcd part to the receiver facility.

kn one form the iuvention provides a data transfer systein usin~g an asymmetrit ("public") key system, with or Without an undcrlying synunetie data Lncryption, that encrypts and digitally signs data (the "plaintext") to an intendod -recipient A sufficient porTtion of the encrypted data can be remaoved, such that the original teoct canot be recovered from the portion remainingO.

The removed portion is siped and re-enicrypted to a third party. This reencryption should include or produce a uuiquc identifier for the message that will be available to al parties; the sonder, the recciver. and the 'TTP. Both portion-,; the encryption with tho portion ru-moved and the re-encrypted removed portion are then combined and digitally signed- This data is thenl sent to the r-ecipient by any suitable means of electronic or physical delivcry.

The recipient is assured of the intcgrity of the cntire data by the signature.

The recipient then extracts the re-enicrypted portion, digitally signs it and sends it to the third party.

The third party can validate the identity of the recipient floni the recipients signature and can then decrypt the ramoved portionl of the original message.

This inicludes the sender's signature and thus validates the sender's identity.

As the recipient should have checked the overall signaturc, fromn the sendur this establishes that the entire messalge was delivered to the recipient. At some point in the process rho unique idenrificr of the: message, the identity of the recipienat and any other pcrtincnt information, can be stored by the third party. Tho removed pox-tioia is then digitaly signed by the third party and sent to the recipient.

The rocipient checks the third pamt's sipature and combines the removed portion with the remainder, retreating the original encrypted text. The recipirmt then validates the signature and decrypts The data; the result is the original plaintwx.

At any later time the sender can apply To the third -part for details of if an~d when the recipient requested dcryption of the removed portion. This is taken to be proof of delivery of Lhc' enitire messag-e. All parties have sufficient proof of authenticity and integrity of all transactions, In the particular example discussed: I/ the encryption method is PrivacY Enhanced Messagirig (PEM), 27/ the portion removcd is the PEM header, 31 the unique id entifiur is the Message Iimegiity Check (MIC) field rm the hcade- of the re-encryption of the portion removed.

4/ the mecssage is transfered from sender- to Te-ipierit by Simple Message Transfet Protocol1 (SiNfTP) 51 the r-equests to and replies from the third parry are In. a formal specified by the third parry using Transport Comtmunication Pi-orocol/rntcmnet Protocol (TCP/qP). -They are signted by privacy enhanced mail (PEM) or, public-key cryptography system (PKCS# 7).

In this form the rcmoved part may convcnienrly be a. key.

The invention can send tlic message directly -to the intended reciplent., This aMows the encrypted data to be stfnt To the recipienti any foriat thti are wth sender. Jn this fonn the key facility is only rcsponsibic for -passing on the furth-er encrypted part in response to the request message. Thre key facility is not required to hold the message iintil it is called for by the intended recipient after transmission by the sender. Thus, the securc. nessage system is not reliant upon the capacity of the key facility for storing and forwsvrding messages from sender to recipiet 1his enables recorded delivery as the TTP Is able to log the roquest for the decrypted farther enacrypted part to decrypt the data, Alter~natively, the encrypted data c;an be sent to the key facility for onward de'livery to- the rocipient. This enables registered mailing as the is able to mordtor'the progress of the data.

In one particular formI of the inv6ention the enacrypted data has a header part. It is convenicnt to split the data so that the header forms the basis of the Rirther encrypted part.

Unless -the coatex~t clearly requires otherwise, thironghoat the description and the clains, the words 'coiaprisc', 'comnpri sing', and the like are to be construed in anl incluIsive sense as opposced to an exclusive or exhaustie se-nse; that Is to. say, in the sense of "including, but not litited to"'.

The inveation can be put into practice in various ways, some of which will now be described by way of uxample with ref 6rence to the aocompanying drawings Ii Which: Figure 1 is a schematic bl~ock diagam of the constituent parts of a data transfer system; Figur 2 is a 53national diagram of the preparation and transfer of a naessa~ge accor-ding to a 5rst emnbodimrent of the invention; Figure 3 is a funactional diagram, of the prieparation and tr-ansfer of a niessage acccrdi-al to a second embodiment of the invention; Figure s 4a) b) and c) ale se queince charts of the message pr-epaxation according to Figurc; 2: and Figure 5 is a sequdence chart of' the message preparation and'transfer of a message according to Figure 3, A data transfer system is shownm in Figure 1. The system comprises a senider site 10. a receiver site 12 and a T site 14 having data processing capability 16. The sender and receiver sites 10 and 12 are each typically a personal computer connected to an intranet or internet for communicating with the receiver site 12 and the TT? site 14. The TTP? site may include a key holding part and a messagc/data mabagemnent part. Together the constituent part of the TTP can be referred to as a key facility whether the different parts are grouped togrether or remote from one another- Referring to Figure 3. a first embodiment of the inventrion includes a Simple Mail Transfer Protocol (SMT1P) connection between the sender ancd receiver sites 10/12 and a direct connection-orienitated ncrwork layer protocol connection, such a5 a transmission control proiocol/internet protocol (TCP/IP) connection bet-ween the sender site 10 and the TTP site 14- and the receiver site 12 and the YT? sitc 14. Thus, this embodiment is based on an c-mail communication systezm Other forms of data communication could use the invention to equal effect.

In this embodiment the 5ender site computer is provided with an e-mail security application plug-in (API). The operation of this plug-in and corresponding equipment of the other parties can be imiplemented in various software formars.

This embodiment mnakes use of a software toolkit produced by Entrust Technologies of Canada- It is used in the privacy enhanced mail (PEM) and PKCS#1 inodd. The Entust securiy system has variou rohiteture cotnpanents. The security is based on a choice of mmetric key algorithm, including the Data Encrypion Standrd (DES). Triple DE-S and CA.ST; asymmetric or public keyr aoritrn such a R~SA, DSA and D]FFIE BEILMAAN; and hashing algorithm such as SHA-1, MD2 and MD5. These are only cxaumples of key sYsiterls. Other kcy system will be known to the skilled pcrsol which could be uscd to equal effct Th Ie recehve and Mfl sites are similarly p-ovided with Entus System cwinponents -configured to receive and decrypt data sent by the sender as described belo'w.

Rleforring* to Figure 4a, at the sender site 10 the plain text message P/T is both encrypted with the public key for the reelpie=t )4 or a group of recipients and signed by the PFiM method usiug timne r's private key 4s. The *'beader 1 part Of &c ma ipli Off Len the standard PEM formath~at DaA ZOM E. BEGIN PRIVACY-ENHANCED M ESSAG.. to the tenninin g empty Line. This is refatrd tD as the -inncr header" 22. The remaindar is the e'ncrypted texr &nctypted and signed by the PLEM Method uising the p~ublc key KT~ Of th(e third pariy only- This PrOduce =n -encrypted headet" 24 and an "ote header' 26.

Th6 encrypted text 20r, encryptad inner headc'r 24 and outcr header 26 are combiaed and digitally signed. T'he Message Ihtegr4t Check (MEG) field of the Outer'Header 206 is a convenient unique identifier 2s it is a hash of the inner header 22 vehichk in tumil, contains a hash of the plaintcxt so The, outer head er M:Cis I ud ca cu~ the content Of the- Plaintexr= Also, the inner header varies CMe whcn the szme plaint-= is used as the syrnmetric key is chosen at randomn on eacb occasion.

The encrypted text 20, encrypted iner header 24, the ouiter header .26 and' sip3at=r =r sent s a multi-purpose iriternet mnail extesion (MUM) witin an e-raail messagc to, fcomi a measge package. 71c unencrypted Woy of the messge itself is explawdton of the sent data and istrnctions to the recipient on how to obtain software to decrypt the MIME inclusion- The sender (and recipient) softw=r for preparing the encrypted data comprises Mficrosoft Exchange or Outlook mianagemcnt sofiw=r as weon as the new plu,in interface. The preparation of the message is Windows-based, providing a tool bar button to click onm if the servioc is zecquired for cna-ypting e-mail This =ubodiinet of the inveution is a fonu of c-mail recordcxI delivery. lbus, the prepared sceuxe message is sera by the SMIT? connection to the receiver site directly. At the same time an alerting messge may be sent from the sendcr sire to tho TIl'- Upon rccqipt.. of the e-mail message packagc- the recipient is preente-d with the open e-mail message containing the instructions, thc cipberT text, the encrxyptcd header, the outer header ritended' for ffie TT?1. 71e recipient's softwire estracts the inner and outer headers, sipns tbcm as onr.

block using ITEM or PKCSI#7 and amismits thcm to the FT using TCP/IP.

Thus, ibe recei-ver Site is instructed by the opmne-mail mcssagec to send dt least the encrypted. header 24 and the outer header' 26 to the TTP, as indicatedt in Fig=r 4c, as a =equest for decryption of the encrypted bteader.

At the TTP the signature, is checkel This procss itvcaL5 the identity of the recipient- The outer header is used to decrypt the 'encrypted inner header 24, generating the inner header 22 'to reveal the identity of the sender, The identities, date, tirne- message identifier (otiter header NEC field) and other pertinent information arc stored by the TT? as evidence that the recipient received the whole message, i.e. proof of delhvery.

Satisfied as to the authenticity of the sender and the recipient by. their respective signatues, the TTP signs the inner header 22 .using PEM or PKCS#7 and transmits it to the recipient In the event th~at the rocipient does not receive the inner header they moust take further action to *do so. as requesting the decryption is taken as evidence of receipt of the entire message.

The inner header also bears the digital signature at the sender. allowing the -rcceiver site to re-ve-rify the source of the Message. Using standard PEM decryption thc recipient can now recover the plaintext. This embodiment of the invention provides a form of recorded delivery for data transmission, such as e-mail- lhe sender sends messages dirctly to the intended recipient. Hdowever, in order to read the inessnge the receiver site moust initiate a request. to the MT to obtain the appropriate key to decipher the message. The request is logged by the TTP to provide proof- of-delivery that the recipient has re6cei-ved the message. The message! sender is able to submit a query to the TT? in ordcr to establish whether the or each intended recipient has attempted Lo read the encrypted m:ssaa-e. Because the buU. of thei data transferrdd does not reach the TTP, data storage capacily within the TT? is of less concern than if the message -were handled by the IT?. Furthermore. no data is held by the TTP until It is requested by thc intended recipient.

R~eferring now to Figure 2. a registered post embbdiment of the iniventionk is based on a similar concept to the recorded delivery system described above. In this embodiment, the sender sire is-link.ed to the TTP directly by a SM4PT_ communication as well as a TCP/IP conectjon. There is no establishment of communication between a- sender and the receiver site. nhe.rcce:iver site has SMTP and TCP/IP connection with dae TT?.

Lin this form of the invention, the e-mail m~essage package comprising the MIEfile of the cipher text 7 encrypted header and outer h eader is further signed digitally for rcelpt directly by the TTP, using an extra outer PO header 29, and sent via the SMTrP connection' to the TTP as shown in Figure 5. The TTP returns a proof of submission (time and date stamnp) of the e-mail message to the scnder upon ceceipt- The beader 28 contains a list of the intcnded recipients and any other options -that the sender has selected. The MT forwards 13 the MIME content to each of the recipients withb a message body dcs-iribiflg the sent data and instructions to the recipient on how to obtain software to decrypt the MINVIE inclusion (as in the recorded delivcry embodiment). Receipt of the e-mail package and forwarding to) thc receiver are events that are logged by the TTP for opticnal iterrogation by the sender or they' can be prepro~amnmed options taken up on preparation of the ihiessage package.

The recciver is now in possession of essentially the same package as was received directly from the sender ia the previous cmbodirnaent. In accordance w.,ith the samne non-secure instructions in the e-mail received directly, the receiver sends the outer header and the encryptcd header back to the TTP for dccryption. Upon receipt, the TTP is able to confirm implicitly that tbc receiver received the c-mail and, is attemnpting to open it This eventis also. logged for

I

interrogation by the sender, or preprogrammed notificatiofl, as confirinaticrn of receipt by the receiver. Once the TTP is satisfied as to the authenticity of the receiver, basd on the digitally signed roquest and receivers signature, tho inner header is signed foi7 transmission to the recipient, as before. Thereafter, thle decryption procedure takes the form proviously described.

From the perspactive of the message sendeor and recipient the only difference beiween this embodiment of the invention and the previouis ernbodixnent 1that the TTP can return a time-stamp (postmark) which provides proof-ofsubmission that the message was sabnitted and that the TTP forwarded it.

Message delivery status information can bei viewed by the srnder by means of an additional on-screen tool bar on the sender's personal comp-ter. The senodcr can interrog-ato the TTP at any time or arrange to be notified as and is when appropriate eventz have occurred. Additionally, the sende-r can arrang-e to be lntified if a pmrticular event is -not logged by the TTP within a specified puziod. Similarly, the intended recipient is abla to obtain logging infonnatioa.

inl a similar way.

The ivention is inteuded to be used with e-mail communications to provide secu= communication, status checking and non-repudiation- By routing the message through the TIT, tim e stamping of delivery of the mcssage parckagp is also possible as rcferred to above, Routing the cipher text directly to the intended recipient creates a request for ccyption of the Inneor Header flon the recipient which casn be time stamped by the TT1' as confirrnation of rteccipt whether or not the 717P was a party to the transmission of the mnessage from the sender to the recipient. Therd.after, this request to the TTP is further logged and reported to the sender as an attempt to open the encrypted data. Routing the cipher text directly also avoids the need for ciphier text handliag by the TTP at all.

Both embodiments provide three primary functioas, namnely message postmnarking, key release and enquiry processing using the logging facility in the data processor 16.

In order to provide strong audit capability. each entry in the audit log of the data 10 processor is protected by a media access control (MAC) routine internal to the 17P to detect tamnpering with the audit loc. including the addition, modification and deletion of entries. There is ani important requirement of a TTP- of sufficiently high security.

In more detail thD message processing by the daia processorn accepts a PE.M formatted message from the sender; validates the sender's signature; creates a database entry for the message which is updated as the message passes thcough the system: calls a billing. sub-routine passinga the rime. date, scnider~s distinguished 'name. sender's e-Mail address. messages identified, number of recipients and message size.- returns an appropriate message to the sender if the response from the billing sub-routine indicates that the mcssage .sb ould be refused, indicating the reason for refusal and updating the audit entry; generates sizned -messa-e for each logge vn oe nteadtlg and stores message header information in the TTP data processor so that one database record exists for each recipient in order to provide adequate deliveryv tracking.

Key release includes: accepting the cornection fzr the sender; receiving the signed PEM-based message, containing the encrypted header; verifying the recipient by the yequesi,: calling a billing sub-routine. passing the time, date.

sender's distinguished name, sender's e-aiail addiess, message identifier and meIIssage size: sending, an appropriate messagtz to die sender if the billing subroutine indicates that the message should be refused; updating t he audit entry and senidinig a message to the recipient indicating the rcason for key refusal; updating the database delivery status' extracting the ininer header using the Kp 0 private key; sending the encrypted and signed PEM-based message containing the material required by the recipient; and writing appropriate information to the audit loge.

Enqiry processin which permits user or administrative enquiry as to the deliverv status of a message includes: accepting the direct real-time connection from the enquirer: rcceiving an encrypted and tigned PEM-based enqluiry; verifying the digital signatures from the sender and/or the recipient; retrieving the appropria-tL record from the database; comparing the eaqL~irer's distinguished name: to the database entry to ensure that the enquircr is the sender, recipieant or an authorised administrator feturning an error if the cniquirer is unauthorised; and returing a delivery statu5 message if the cenquirer is authorised.

It will be apparent to the skilled person that the keys used can be varied according to security requirements and perceived risk of compromise. For CXample. the inner header does not have t6 be rigorously encrypted but in somne way at least obscured. In the art there are the so-called 'crippling' techniques tat provide a lesseri level of security against infiltrating a message. In the altema~tive, hash roixtinea can be used in place of a symmetric; encypton together with digital signatures authcnticating a message ofiginator. The system of the invention is applicable to secure transmission of information generafly although it is designed for secure transm-,issioni of e-mail- The use of a fuxthli encryption step which is controlled by thc TTP means access to the data is conitrolled by the TTP until it ba~ authenticated the recipient and the sender. Accordingly, the principkcs of the invention, wh~ich. havc been disclosed by way of thae above examples, can be inmplemenied in various ways. Those skillcd i-n the art will readily recognise that thcse and. othicr modifications and chaniges can be made~ to the present invention without strictly following the excuiplary applications illustrated and dcscribcd herein and wAithout depnting from the scope of the present iuvention which is set forth in the following claims.

Claims

2. A system as claimed in Claim 1, in whkhL the sender facility includes means for signing the data block.
3. A system as claimed in Claim I or 2, in which the means for sendingc at the sender facility are arranged to send the data block to the kcy facility and the key facility includes means for receiving, the data block and forwardinag tho said ddta block to the. =eeiver facility.
4. A systcrn as claimed in Claim 37 in which the key facility further includes means for logging receipt of the data block. S. A system as claimed in Claim 1 or 2, in whirh the menns fox sending at the sender facility are arranged to send the data block to the receiver facility azd the receiver facility includes means for receiving the data block-
6. A system as claimed in Claim 5, in which the key facility faz~tber includes Means for logging *rcecipt of thic furthcr encrypted pa~rt.
7. A systema as claimcd in ainy of Claims I to 6, in which the key facility includes means for loggi-Ag receipt of the request for decryption of the fu~rrher encrypted part as proof of delivery of the- data block to the receivor facility.
8. A sgyten as claimed in Claim 7, 'in whi ch the sender facility inc'ludcs means forE requesting proof of delivery infonnationftorn the key facility-
9. A data transfer system substantially as herein described with referen~ce to any one of the embodiments of the invention illustrated in the accompanying drawings. DATED this 15th Day of August 2003 BALDWIN SHELSTON WATERS Attorneys for: Viacode Limited