CA2559298A1 - Method and system for encrypted message transmission - Google Patents
Method and system for encrypted message transmission Download PDFInfo
- Publication number
- CA2559298A1 CA2559298A1 CA002559298A CA2559298A CA2559298A1 CA 2559298 A1 CA2559298 A1 CA 2559298A1 CA 002559298 A CA002559298 A CA 002559298A CA 2559298 A CA2559298 A CA 2559298A CA 2559298 A1 CA2559298 A1 CA 2559298A1
- Authority
- CA
- Canada
- Prior art keywords
- sender
- recipient
- computer station
- subscriber
- transmission
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/68—Special signature format, e.g. XML format
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
A method for the secure transmission of an electronic message from a sender to a recipient. The method comprises receiving an encrypted sender transmission file transmitted from a sender computer station at a management server, wherein the sender transmission file comprises one or more signed hash values, a sender identifier and one or more recipient identifiers. The signature values are created from one or more message components associated with the electronic message composed at the sender computer station. The encrypted sender transmission file is decrypted; and a comparision is made with of the one or more signed hash values. For each of the one or more recipient identifiers, one or more recipient public keys; is retrieved.
Claims (23)
1. A method for the secure transmission of an electronic message from a sender to a recipient, the method comprising a) receiving an encrypted sender transmission file transmitted from a sender computer station at a management server, wherein the sender transmission file comprises one or more signed hash values, a sender identifier and one or more recipient identifiers; wherein the one or more signature values are created from one or more message components associated with the electronic message composed at the sender computer station;
b) decrypting the encrypted sender transmission file;
c) comparing the one or more signed hash values accessible to the management server with one or more second hash values accessible to the recipient computer station;
d) retrieving for each of one or more recipient identifiers, one or more recipient public keys;
e) transmitting to the sender computer station a second transmission file, wherein the second transmission file contains the one or more recipient public keys, the sender identifiers, and the one or more recipient identifiers;
wherein at the sender computer station a first container file is created, and is transmitted to the recipient computer station.
b) decrypting the encrypted sender transmission file;
c) comparing the one or more signed hash values accessible to the management server with one or more second hash values accessible to the recipient computer station;
d) retrieving for each of one or more recipient identifiers, one or more recipient public keys;
e) transmitting to the sender computer station a second transmission file, wherein the second transmission file contains the one or more recipient public keys, the sender identifiers, and the one or more recipient identifiers;
wherein at the sender computer station a first container file is created, and is transmitted to the recipient computer station.
2. The method of claim 1, wherein the electronic message is an e-mail message.
3. The method of claim 1, wherein the one or more message components comprise a subject field, one or more attachments, and an e-mail body.
4. The method of claim 1, wherein the encrypted transmission file is encrypted with a first symmetric session key.
5. The method of claim 4, wherein the encrypted sender transmission file is transmitted to the management server along with the first symmetric session key.
6. The method of claim 1, wherein the first container file comprises all of the one or more email components.
7. The method of claim 6, wherein the first container file comprises a second container file and a third container file.
8. The method of claim 1, wherein the sender and the recipient subscribe to a key management service administered by the management server and become subscribers.
9. The method of claim 8, wherein each subscriber has a subscriber public key, and a subscriber private key pair.
10. The method of claim 9, wherein the subscriber public key and subscriber private key pair are generated upon configuration of the sender computer station.
11. The method of claim 8, wherein the subscriber public key is stored at the management server.
12. The method of claim 8, wherein the subscriber private key is stored in a keystore at the sender computer station.
13. The method of claim 1, wherein the first container file is transmitted as an as part of an e-mail message to the recipient computer station.
14. The method of claim 13, wherein the first container file is transmitted through the SMTP protocol.
15. The method of claim 1, wherein the first container file is transmitted as part of an FTP message.
16. The method of claim 13, wherein the recipient identifier is a recipient e-mail address.
17. A key management server system for processing encrypted electronic messages originating from a sender computer station destined for a recipient computer station; the system comprising:
a memory means comprising a transmission database and subscriber database, wherein the transmission datastore records transmission events, and the subscriber datastore records subscriber information a processor means connected to the memory means, the processor operable to allow the key management server to:
i) receive an encrypted sender transmission file transmitted from the sender computer station wherein the sender transmission file comprises one or more first signed hash values, a sender identifier and one or more recipient identifiers; wherein the one or more hash values are created from one or more message components associated with an electronic message composed at the sender computer station;
ii) decrypt the encrypted sender transmission file;
iii) retrieve for each of one or more recipient identifiers, one or more recipient public keys stored in the subscriber datastore; and iv) transmit to the sender computer station a second transmission file, wherein the second transmission file contains the one or more recipient public keys, the sender identifier, and the one or more recipient identifiers;
wherein at the sender computer station a first container file is created, and is transmitted to the recipient computer station.
a memory means comprising a transmission database and subscriber database, wherein the transmission datastore records transmission events, and the subscriber datastore records subscriber information a processor means connected to the memory means, the processor operable to allow the key management server to:
i) receive an encrypted sender transmission file transmitted from the sender computer station wherein the sender transmission file comprises one or more first signed hash values, a sender identifier and one or more recipient identifiers; wherein the one or more hash values are created from one or more message components associated with an electronic message composed at the sender computer station;
ii) decrypt the encrypted sender transmission file;
iii) retrieve for each of one or more recipient identifiers, one or more recipient public keys stored in the subscriber datastore; and iv) transmit to the sender computer station a second transmission file, wherein the second transmission file contains the one or more recipient public keys, the sender identifier, and the one or more recipient identifiers;
wherein at the sender computer station a first container file is created, and is transmitted to the recipient computer station.
18. The system of claim 17, wherein the transmission datastore records a first timestamp when the sender encrypted transmission file is transmitted from the sender computer station.
19. The system of claim 17, wherein the transmission datastore records a second timestamp when the first container file is opened by the recipient computer station.
20. The system of claim 17, wherein a sender and a recipient subscribe to a key management service administered by the management server and become subscribers.
21. The system of claim 20, wherein each subscriber has a subscriber public key and a subscriber private key.
22. The system of claim 21, wherein the subscriber datastore securely stores each subscriber public key.
23. The system of claim 21, wherein the subscriber private key is stored at the subscriber computer station.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CA002559298A CA2559298A1 (en) | 2006-09-08 | 2006-09-08 | Method and system for encrypted message transmission |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CA002559298A CA2559298A1 (en) | 2006-09-08 | 2006-09-08 | Method and system for encrypted message transmission |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA2559298A1 true CA2559298A1 (en) | 2008-03-08 |
Family
ID=39153676
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA002559298A Abandoned CA2559298A1 (en) | 2006-09-08 | 2006-09-08 | Method and system for encrypted message transmission |
Country Status (1)
| Country | Link |
|---|---|
| CA (1) | CA2559298A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022100666A1 (en) * | 2020-11-12 | 2022-05-19 | 华为技术有限公司 | Information sending method and apparatus |
-
2006
- 2006-09-08 CA CA002559298A patent/CA2559298A1/en not_active Abandoned
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022100666A1 (en) * | 2020-11-12 | 2022-05-19 | 华为技术有限公司 | Information sending method and apparatus |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7673004B1 (en) | Method and apparatus for secure IM communications using an IM module | |
| US20220198049A1 (en) | Blockchain-Based Secure Email System | |
| US6904521B1 (en) | Non-repudiation of e-mail messages | |
| US8615661B2 (en) | System and method for transmitting and utilizing attachments | |
| CN1756234B (en) | Server, VPN client, VPN system | |
| US7277549B2 (en) | System for implementing business processes using key server events | |
| WO2005065141A3 (en) | Identity-based-encryption message management system | |
| US20080065878A1 (en) | Method and system for encrypted message transmission | |
| US8219798B1 (en) | Method and system for securing E-mail transmissions | |
| AU2014257953A1 (en) | Method performed by at least one server for processing a data packet from a first computing device to a second computing device to permit end-to-end encryption communication | |
| US20120216040A1 (en) | System for Email Message Authentication, Classification, Encryption and Message Authenticity | |
| CA2565360A1 (en) | System and method for securing data | |
| Wei et al. | Forward-secure puncturable identity-based encryption for securing cloud emails | |
| CN102170419A (en) | A secure mail client system and a method thereof | |
| US20060168071A1 (en) | Electronic mail sending and receiving system | |
| WO2005096543A1 (en) | Method of providing key containers | |
| Castiglione et al. | E-mail-based covert channels for asynchronous message steganography | |
| US20120203913A1 (en) | Method and system for federation of proxy-based and proxy-free communications systems | |
| US20020099941A1 (en) | Email processing method, email processing apparatus and recording medium | |
| CN111541603B (en) | Independent intelligent safety mail terminal and encryption method | |
| US20060259761A1 (en) | Public Key Infrastructure (PKI) Information Encryption by a Non-Sender System | |
| CA2559298A1 (en) | Method and system for encrypted message transmission | |
| CN110737705A (en) | Data acquisition system for forwarding behaviors | |
| CN110493212A (en) | A kind of general purpose mail End to End Encryption method | |
| US20090235065A1 (en) | Method for automatic encryption and decryption of electronic communication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FZDE | Dead |