WO2001047176A1 - Method and apparatus for a revolving encrypting and decrypting process - Google Patents

Method and apparatus for a revolving encrypting and decrypting process Download PDF

Info

Publication number
WO2001047176A1
WO2001047176A1 PCT/US2000/042168 US0042168W WO0147176A1 WO 2001047176 A1 WO2001047176 A1 WO 2001047176A1 US 0042168 W US0042168 W US 0042168W WO 0147176 A1 WO0147176 A1 WO 0147176A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
client
data
key
encryption
Prior art date
Application number
PCT/US2000/042168
Other languages
French (fr)
Inventor
Ramakrishna Satyavolu
Suman Kumar Inala
Dimakar Shakhar
Sreeranga P. Rajan
Original Assignee
Yodlee.Com.Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yodlee.Com.Inc. filed Critical Yodlee.Com.Inc.
Priority to EP00992802A priority Critical patent/EP1243097A1/en
Priority to AU47077/01A priority patent/AU4707701A/en
Priority to JP2001547789A priority patent/JP2003518820A/en
Publication of WO2001047176A1 publication Critical patent/WO2001047176A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0464Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/162Implementing security features at a particular protocol layer at the data link layer

Definitions

  • the present invention is in the field of Internet navigation and secure log-in and transaction methods and pertains more particularly to methods and apparatus for encrypting and decrypting data that is routinely sent over a data-packet network from one computer to another.
  • WWW world- wide-web
  • Anyone with a suitable Internet appliance such as a personal computer with a standard Internet connection may access (go on-line) and navigate to information pages (termed web pages) stored on Internet-connected servers for the purpose of garnering information and initiating transactions with hosts of such servers and pages.
  • a method for encrypting and sending data from the server to the client and enabling decryption by the client comprising steps of (a) upon receiving a log-in and a data request from the client by the server, sending a cookie to the client, the cookie comprising a key value to be used for decrypting the data; (b) encrypting the data to be sent to the client using an encryption/decryption engine and the value of the key; and (c) sending the encrypted data to the client.
  • the server sends a copy of the encryption/decryption engine to the client, and this copy may be discarded after use.
  • a secure client/server system comprising a server having an encryption/decryption engine, access to data, and code for sending a cookie to a user logging in to the server, and a client.
  • the server upon receipt of a data request by a client, sends a cookie to the client wherein the value of the cookie comprises an encryption/decryption key, and wherein the server encrypts the data requested by the client using the key before transmission to the client.
  • the client after receiving encrypted data from the server, retrieves the key from the cookie value, and uses the key with the encryption/decryption engine to decrypt the data.
  • a method for encrypting data on a client from a server comprising steps of (a) upon receiving a log-in the client by the server, sending a cookie to the client, the cookie comprising a key value to be used for encryption the data, and sending an indication of the data to be encrypted; (b) accessing the key value by the client from the cookie sent; and (c) encrypting the data on the client using an encryption/decryption engine and the value of the key retrieved from the cookie value.
  • the server sends a copy of the encryption/decryption engine to the client, and the copy may be discarded after use. Also a new key may be sent every session.
  • a secure client/server system comprising a server having an encryption/decryption engine, access to data, and code for sending a cookie to a user logging in to the server; and a client.
  • the server upon receipt of a log-in by a client, sends a cookie to the client wherein the value of the cookie comprises an encryption/decryption key, and sends also an indication of data to be encrypted, and wherein the client retrieves the key value from the cookie, and encrypts the data indicated by the server using the key.
  • the server sends a copy of the encryption/decryption engine to the client, and the copy may be discarded after use. Also a new key may be sent for each session.
  • a method for secure data transfer between a first and a second server comprising steps of (a) the first server contacting the second server for data; (b) the second server sending a cookie to the first server, the value of the cookie comprising a key value for encryption/decryption; (c) encrypting data before transmission by the second server, using the key value; and
  • the second server may send a copy of an encryption/decryption engine to the first server, and the first server uses the copy with the retrieved key to accomplish decryption.
  • a secure means of data transfer wherein keys for encryption and decryption are transferred as a part of a cookie.
  • Fig. 1 is a block diagram illustrating a revolving encryption/decryption process initiated from a secure server on behalf of a client station according to an embodiment of the present invention.
  • Fig. 2 is a block diagram illustrating a revolving encryption/decryption process used in a server to server mode.
  • Fig. 3 is a flow diagram depicting a method of practicing the present invention.
  • a unique method for encrypting, decrypting, and sending secure data over a data-packet network is provided that allows data to be automatically encrypted or decrypted under control of a sending node. Such a method is described in enabling detail below.
  • FIG. 1 is a block diagram illustrating a revolving encryption/decryption process initiated from a WEB server on behalf of a client station according to an embodiment of the present invention.
  • a WEB server 67 is provided and adapted to function as an Internet file server as is known in the art. Server 67 may be adapted to provide portal services, messaging services, HTTP services, Proxy services or any other known WEB service to clients who subscribe to such services, or to users in general.
  • a client station 79 is provided and adapted as an Internet capable appliance. That is, station 79 has enough memory, processing power, and suitable software for navigating the Internet and interacting with server 67. Client station 79 is adapted for accessing server 67 through any known means of Internet connection. It will be assumed here that the means used for connecting to server 67 is a standard modem/ISP-type Internet-access connection as is most common for public access.
  • Server 67 has a software log-in interface 71, which is provided and adapted to allow users access to any services offered. Log-in to server 67 from station 79 is illustrated herein by a directional arrow labeled Log-in. To gain access, a user must enter a user name and password as is typical in the art. Once logged in, a user may interact with server 67 according to services provided as is generally known in the art.
  • Server 67 has a data encryption/decryption software engine 73 provided therein and adapted to encrypt or decrypt any data stored in or controlled by server 67.
  • a user-data block 69 represents data that is requested by and designated to be sent to a user.
  • Engine 73 is, in a preferred embodiment, a Java-based encryption/decryption program, many of which are known in the art and routinely used to encrypt and decrypt data.
  • Engine 73 generates and uses an encryption/decryption key 75 for the purpose of encrypting or decrypting data as illustrated by a double arrow placed between elements 73 and 69.
  • Key 75 is typically a line code generated for and used in conjunction with engine 73 for each encryption and decryption process.
  • Server 67 has a "cookie” generator software engine provided therein and adapted for generating "cookies", which are text files known in the art typically used for tracking user navigation on the Internet.
  • a WEB site generates and sends a cookie to users who log-in or visit certain WEB pages held in and hosted by the server. Once a WEB cookie is sent to a user, it is stored in a user's machine- cache-memory and is returned to the server the next time a user logs in, as is well known in the art. Only the hosting WEB site has control over generating a cookie for that WEB site.
  • a cookie in the art has typically both a name and a value, and the value may change each time a cookie is sent, again under control of the server.
  • decryption key 75 is made to be the cookie value, or added or otherwise combined with or appended to the cookie value, becoming part of that value, and is sent to users for encrypting or decrypting data stored on their machines, or data sent to them from server 67.
  • client station 79 has data block 81 illustrated therein, which represents data block 69 after it has been received at client station 79.
  • An encryption/decryption program 83 represents, in one embodiment, a temporary copy of program 73 after being sent from server 67 to station 79.
  • Data-block 81 and engine 83 are downloaded to a user's WEB browser, represented by element number 82, after successful log-in. This is illustrated herein by the directional arrow labeled Send Data/Program.
  • Data-block 81 may be any type of data that a user has requested from server 67.
  • encryption/decryption engine 83 may be resident at station 79, perhaps associated with WEB browser 82 as a plug-in.
  • a cookie 84 illustrated as residing in a Web cache 85 provided within station 79 represents a cookie containing the value of key 75.
  • Key 75 is integrated into cookie 84 during cookie generation.
  • Key 75 is a decryption key used for decrypting data block 81 at station 79, using engine 83.
  • a user operating client station 79 logs into server 67 as illustrated by a directional arrow labeled Log-in proceeding from station 79 and progressing to log-in interface 71.
  • Log-in interface 71 is adapted to prompt a user for a user name and password in order to verify identity and allow access to full services offered by server 67.
  • server 67 encrypts all user-requested data represented by data block 69 using engine 73 as illustrated by a double arrow labeled Encrypt, and according to key 75. After encryption is completed, server 67 sends encrypted data block 69 and a temporary copy of encryption/decryption program 73 (if a user does not already have one) to the user over the Internet as illustrated by a directional arrow labeled Send Encryption Engine. Received versions of block 69 and engine 73 are downloaded to browser 82 and appear as element 81 (user data) and element 83 (encryption/decryption engine) respectively.
  • Key 75 which is the key used for encrypting and decrypting user data 69 at server 67, is value-added to a text cookie generated by software 77 as illustrated by directional arrows proceeding from engine 73 to key 75 and then to generator 77.
  • the cookie (cookie 84) is sent to client station 79 as illustrated by a directional arrow labeled Send Cookie where it resides as cookie 84 in WEB cache 85.
  • any data held in server 67 and targeted for sending to a user may be encrypted with a new key 75 every time the user logs-in to server 67 to access services.
  • encryption may be performed on a less frequent basis such as perhaps every 10 sessions or so. Any frequency may be applied.
  • a user operating at station 79 now has all of his or her requested data in encrypted form, a program for decrypting the data, and a key for the program to use in automatically decrypting the data.
  • Engine 83 automatically decrypts the received data 81 at client station 79 by retrieving cookie 84 from cache 85 as illustrated by a double arrow labeled Retrieve Key, accessing the key from the cookie value, and using the key in decryption.
  • server 67 is first encrypting requested data and sending it to a client along with (if needed) a temporary encryption/decryption program and a key (in the cookie).
  • the above-described method allows a user to be sure that no one will intercept and be able to decrypt data that he or she is receiving from a server. Moreover, only the issuing server may change the value of a cookie and key combination.
  • server 67 may encrypt data on client station 79 for any purpose, such as for transmission over the Internet back to server 67 or, if server 67 is a proxy, by proxy to another server requiring the information for a transaction or the like.
  • a transaction data-block 86 is illustrated within browser 82 at station 79 and represents any data that a user wants to send to a server.
  • server 67 is presumed to be a proxy server and clear-text data in block 86 on client station 79 is first encrypted using engine 83 (downloaded from server 67) and cookie 84 (containing key 75). This process is illustrated by the double arrow labeled Retrieve Key, and a directional arrow proceeding from element 83 to element 86. Server 67 would also send an encryption/decryption program and a cookie containing key 75 to any WEB server transacting with a user operating station 79. This process is represented by a directional arrow labeled WEB Service illustrated at server 67.
  • a target server receives encrypted data from station 79 as represented by a directional arrow labeled WEB Service illustrated at station 79.
  • the WEB service also has key 75 and program 73 from server 67. Therefore, the target server is enabled to automatically decrypt the data from station 79 and for entry into a form field.
  • the method and apparatus of the present invention may be used with any dialog or transaction interface presented by any WEB service.
  • server 67 may encrypt data at station 79 for transmission over the Internet back to server 67.
  • server 67 retains key 75 for the later decryption process.
  • Security in all described embodiments is enhanced by virtue of the fact that the value of a cookie, including key 75, can only be changed by an issuing server and not by a third party.
  • key 75 is received in cache memory and cannot be manually manipulated for use with program 83 for decrypting or encrypting information.
  • Server 67 may encrypt data differently each time a user logs on to receive data and send a new cookie/key combination, which overwrites the old one in cache thereby further enhancing security of data during transit.
  • a new encryption/decryption program may be sent in conjunction with every new key such that when a user logs-off, the new encryption/decryption program is not retained.
  • Fig. 2 is a block diagram illustrating a revolving encryption/decryption process used in a server to server mode.
  • two Internet servers are illustrated as
  • WEB server 89 is, for the purpose of this example, designated as the "sending” server while WEB server 91 is designated as the "receiving" server.
  • Server 89 has a resident encryption/decryption engine 95 provided therein and adapted for encrypting and decrypting data as was described with reference to Fig. 1.
  • a data-block 93 illustrated within server 89 represents any data that is encrypted by virtue of engine 95 as illustrated by a double arrow labeled Encrypt.
  • a decryption key 97 is illustrated within server 89 and represents a generated key for decrypting and encrypting data in block 93.
  • Server 89 also has a communication interface 101, which is provided and adapted for communication with other servers.
  • a cookie generator is also provided and adapted to generate and send cookies as is known in the art.
  • a data block 103 is illustrated within server 91 and represents encrypted data 93 received from server 89.
  • Server 91 is, in this instance, in receiving mode.
  • Server 91 has an encryption/decryption engine 105 illustrated therein and adapted for encrypting and decrypting data as illustrated by a double arrow labeled Decrypt.
  • engine 105 is a temporary program received from server 89 along with data 103.
  • server 89 would always be the controlling server.
  • server 91 may be adapted with full encryption/decryption and key generating capability such that neither server 89 or 91 is a controlling server.
  • Server 91 being the receiving server in this example, has a WEB cache 109 containing a WEB cookie 110 (received from server 89), and decryption key 97 retrieved from cookie 110 for data-decrypting purposes. Both servers have communication interfaces, interface 101 (for server 89) and interface 111 (for server 91) installed therein and adapted to allow communication over the Internet as known in the art.
  • server 91 has established a connection-data request to server 89 through communication interface 111, over the Internet, to communication interface 101.
  • data (93) is encrypted by encryption/decryption engine 95 using key 97 as illustrated by the double arrow labeled Encrypt.
  • Encrypted data 93 is sent to server 91 over the open connection (interface 101 to 111).
  • the value of key 97 is integrated into a cookie generated by cookie generator 99 and sent to server 91 where it resides in cache 109 as WEB cookie 110. This is illustrated by directional arrows first starting at element 95 and proceeding ultimately to communication interface 101 at server 89, and by directional arrows starting at communication interface 111 at server 91 and proceeding ultimately to respective elements.
  • encryption/decryption engine 105 retrieves key 97 from WEB cookie 110 in cache 109 as illustrated by double arrows placed between the involved elements. Engine 105 then uses key 97 to decrypt data 103 for use.
  • server 89 is the controlling server and issues temporary encryption/decryption programs and keys to servers requesting secure data.
  • data may be encrypted differently with a new key each time a server requests and is granted a connection for data transmission from the controlling server.
  • server 89 may encrypt data held at another server for transmission back to itself by first sending program 105 and key 97 for the requesting server to encrypt data for transmission back. In this case, server 89 would retain a copy of key 97 for decryption purposes.
  • both servers 89 and 91 may be adapted as controlling servers such that each may send the other a temporary encryption program and a key for decryption. There are many possibilities.
  • the method and apparatus of the present invention may be practiced on any data-packet network that supports the use of cookies, Hyper-Text-Transfer-Protocol (HTTP) and other suitable Internet Protocol (IP) without departing from the spirit and scope of the present invention.
  • HTTP Hyper-Text-Transfer-Protocol
  • IP Internet Protocol
  • a business may use the method as a secure data transfer process on a corporate Local- Area-Network (LAN) or Wide- Area- Network (WAN).
  • LAN Local- Area-Network
  • WAN Wide- Area- Network
  • a controlling server adapted to send encryption/decryption programs and keys may multicast sensitive data to a plurality of receiving servers or client stations such that all the receivers get the same encrypted data securely without fear of intercept.

Abstract

Refering to figure 1, a scheme for encryption and decryption of data between two computer stations operating in the Internet environment uses a cookie sent by servers (67) to transmit a key (75) for encryption and decryption. The key (75) can be the cookie value, or the cookie value can contain or encompass the key (75) in some form known to both machines.The server (67) may encrypt data for a client (79) using a key (75) also sent to the client (79) in a cookie, and the client (79) may then retrieve the key (75) and use it for decrypting data sent. Server (67) may also use the scheme in a variation to encrypt data on a client (79) machine. Two servers may use the scheme as well. In some cases a copy of an encryption/decryption (83) engine is sent as well, and in some cases the copy sent is temporary.

Description

Method and Apparatus for a Revolving Encrypting and Decrypting Process
Field of the Invention
The present invention is in the field of Internet navigation and secure log-in and transaction methods and pertains more particularly to methods and apparatus for encrypting and decrypting data that is routinely sent over a data-packet network from one computer to another.
Background of the Invention
The information network known as the world- wide-web (WWW), which is a subset of the well-known Internet, is arguably the most complete source of publicly accessible information available. Anyone with a suitable Internet appliance such as a personal computer with a standard Internet connection may access (go on-line) and navigate to information pages (termed web pages) stored on Internet-connected servers for the purpose of garnering information and initiating transactions with hosts of such servers and pages.
Many companies offer various subscription services accessible via the Internet. For example, many people now do their banking, stock trading, shopping, and so forth from the comfort of their own homes via Internet access. Typically, a user, through subscription, has access to personalized and secure WEB pages for such functions. By typing in a user name and a password or other personal identification code, a user may obtain information, initiate transactions, buy stock, and accomplish a myriad of other tasks.
There are many methods known in the art for providing measures of security for patrons of on-line services. Secure connections protected by firewalls, authenticated certificates authorizing senders of information, encryption methods, and others. Many of these methods fall short in one aspect or another of providing complete security for an end user. For example, some encryption programs store both the program and key on an end user's station where an unauthorized user may compromise both. Many secure connections and servers are not completely immune from attack by computer hackers attempting to intercept and steal proprietary data. Some encryption and decryption programs may be undermined by a persistent hacker intent on solving the encryption scheme.
It has occurred to the inventor that sensitive information may be usurped even if encrypted and sent to a user's station for log-in. An unauthorized user may under certain circumstances find a decryption key on a user's station. Once found, the key may be used to decrypt and steal all sorts of sensitive encrypted data. Still a greater level of security must be observed for secure auto-logins and other sensitive transactions between servers and from servers to user stations.
What is clearly needed are more secure methods for encrypting and decrypting data transferred between computers.
Summary of the Invention
In a preferred embodiment of the present invention, in a client-server system, a method for encrypting and sending data from the server to the client and enabling decryption by the client is provided, comprising steps of (a) upon receiving a log-in and a data request from the client by the server, sending a cookie to the client, the cookie comprising a key value to be used for decrypting the data; (b) encrypting the data to be sent to the client using an encryption/decryption engine and the value of the key; and (c) sending the encrypted data to the client. There may be a further step for the client retrieving the key value from the cookie, executing a copy of the decryption engine, and decrypting the data. In some cases the server sends a copy of the encryption/decryption engine to the client, and this copy may be discarded after use.
Also a new key may be sent for each session. In another aspect of the invention a secure client/server system is provided, comprising a server having an encryption/decryption engine, access to data, and code for sending a cookie to a user logging in to the server, and a client. The server, upon receipt of a data request by a client, sends a cookie to the client wherein the value of the cookie comprises an encryption/decryption key, and wherein the server encrypts the data requested by the client using the key before transmission to the client. In preferred embodiments the client, after receiving encrypted data from the server, retrieves the key from the cookie value, and uses the key with the encryption/decryption engine to decrypt the data. In some cases the server sends a copy of the encryption/decryption engine to the client, and the copy may be discarded after use. In some cases a new key is sent each time a client logs in to the server. In another aspect of the invention, in a client-server system, a method for encrypting data on a client from a server is provided, comprising steps of (a) upon receiving a log-in the client by the server, sending a cookie to the client, the cookie comprising a key value to be used for encryption the data, and sending an indication of the data to be encrypted; (b) accessing the key value by the client from the cookie sent; and (c) encrypting the data on the client using an encryption/decryption engine and the value of the key retrieved from the cookie value. In some cases the server sends a copy of the encryption/decryption engine to the client, and the copy may be discarded after use. Also a new key may be sent every session.
In yet another aspect a secure client/server system is provided, comprising a server having an encryption/decryption engine, access to data, and code for sending a cookie to a user logging in to the server; and a client. In this system the server, upon receipt of a log-in by a client, sends a cookie to the client wherein the value of the cookie comprises an encryption/decryption key, and sends also an indication of data to be encrypted, and wherein the client retrieves the key value from the cookie, and encrypts the data indicated by the server using the key. Again, in some cases the server sends a copy of the encryption/decryption engine to the client, and the copy may be discarded after use. Also a new key may be sent for each session.
In yet another aspect of the invention a method for secure data transfer between a first and a second server is provided, comprising steps of (a) the first server contacting the second server for data; (b) the second server sending a cookie to the first server, the value of the cookie comprising a key value for encryption/decryption; (c) encrypting data before transmission by the second server, using the key value; and
(d) sending the encrypted data to the second server. The second server may send a copy of an encryption/decryption engine to the first server, and the first server uses the copy with the retrieved key to accomplish decryption.
In various embodiments of the invention taught in enabling detail below, for the first time a secure means of data transfer is provided wherein keys for encryption and decryption are transferred as a part of a cookie.
Brief Description of the Drawing Figures
Fig. 1 is a block diagram illustrating a revolving encryption/decryption process initiated from a secure server on behalf of a client station according to an embodiment of the present invention. Fig. 2 is a block diagram illustrating a revolving encryption/decryption process used in a server to server mode.
Fig. 3 is a flow diagram depicting a method of practicing the present invention.
Description of the Preferred Embodiments
In a preferred embodiment of the present invention, a unique method for encrypting, decrypting, and sending secure data over a data-packet network is provided that allows data to be automatically encrypted or decrypted under control of a sending node. Such a method is described in enabling detail below.
Fig. 1 is a block diagram illustrating a revolving encryption/decryption process initiated from a WEB server on behalf of a client station according to an embodiment of the present invention. A WEB server 67 is provided and adapted to function as an Internet file server as is known in the art. Server 67 may be adapted to provide portal services, messaging services, HTTP services, Proxy services or any other known WEB service to clients who subscribe to such services, or to users in general.
A client station 79 is provided and adapted as an Internet capable appliance. That is, station 79 has enough memory, processing power, and suitable software for navigating the Internet and interacting with server 67. Client station 79 is adapted for accessing server 67 through any known means of Internet connection. It will be assumed here that the means used for connecting to server 67 is a standard modem/ISP-type Internet-access connection as is most common for public access.
Server 67 has a software log-in interface 71, which is provided and adapted to allow users access to any services offered. Log-in to server 67 from station 79 is illustrated herein by a directional arrow labeled Log-in. To gain access, a user must enter a user name and password as is typical in the art. Once logged in, a user may interact with server 67 according to services provided as is generally known in the art.
Server 67 has a data encryption/decryption software engine 73 provided therein and adapted to encrypt or decrypt any data stored in or controlled by server 67. In this example a user-data block 69 represents data that is requested by and designated to be sent to a user. Engine 73 is, in a preferred embodiment, a Java-based encryption/decryption program, many of which are known in the art and routinely used to encrypt and decrypt data. Engine 73 generates and uses an encryption/decryption key 75 for the purpose of encrypting or decrypting data as illustrated by a double arrow placed between elements 73 and 69. Key 75 is typically a line code generated for and used in conjunction with engine 73 for each encryption and decryption process. For example, data is encrypted according to the key, and must be decrypted according to the same key. Server 67 has a "cookie" generator software engine provided therein and adapted for generating "cookies", which are text files known in the art typically used for tracking user navigation on the Internet. Typically a WEB site generates and sends a cookie to users who log-in or visit certain WEB pages held in and hosted by the server. Once a WEB cookie is sent to a user, it is stored in a user's machine- cache-memory and is returned to the server the next time a user logs in, as is well known in the art. Only the hosting WEB site has control over generating a cookie for that WEB site.
A cookie in the art has typically both a name and a value, and the value may change each time a cookie is sent, again under control of the server. According to a preferred embodiment of the present invention, decryption key 75 is made to be the cookie value, or added or otherwise combined with or appended to the cookie value, becoming part of that value, and is sent to users for encrypting or decrypting data stored on their machines, or data sent to them from server 67.
In this example, client station 79 has data block 81 illustrated therein, which represents data block 69 after it has been received at client station 79. An encryption/decryption program 83 represents, in one embodiment, a temporary copy of program 73 after being sent from server 67 to station 79. Data-block 81 and engine 83 are downloaded to a user's WEB browser, represented by element number 82, after successful log-in. This is illustrated herein by the directional arrow labeled Send Data/Program. Data-block 81 may be any type of data that a user has requested from server 67. In another embodiment, encryption/decryption engine 83 may be resident at station 79, perhaps associated with WEB browser 82 as a plug-in.
A cookie 84, illustrated as residing in a Web cache 85 provided within station 79 represents a cookie containing the value of key 75. Key 75 is integrated into cookie 84 during cookie generation. Key 75, in this case, is a decryption key used for decrypting data block 81 at station 79, using engine 83.
In practice of the present invention, a user operating client station 79 logs into server 67 as illustrated by a directional arrow labeled Log-in proceeding from station 79 and progressing to log-in interface 71. Log-in interface 71 is adapted to prompt a user for a user name and password in order to verify identity and allow access to full services offered by server 67.
In one embodiment, once a user identity is properly confirmed and a data request is verified, server 67 encrypts all user-requested data represented by data block 69 using engine 73 as illustrated by a double arrow labeled Encrypt, and according to key 75. After encryption is completed, server 67 sends encrypted data block 69 and a temporary copy of encryption/decryption program 73 (if a user does not already have one) to the user over the Internet as illustrated by a directional arrow labeled Send Encryption Engine. Received versions of block 69 and engine 73 are downloaded to browser 82 and appear as element 81 (user data) and element 83 (encryption/decryption engine) respectively. Key 75, which is the key used for encrypting and decrypting user data 69 at server 67, is value-added to a text cookie generated by software 77 as illustrated by directional arrows proceeding from engine 73 to key 75 and then to generator 77. The cookie (cookie 84) is sent to client station 79 as illustrated by a directional arrow labeled Send Cookie where it resides as cookie 84 in WEB cache 85. It is noted herein that in one embodiment any data held in server 67 and targeted for sending to a user may be encrypted with a new key 75 every time the user logs-in to server 67 to access services. In another embodiment, encryption may be performed on a less frequent basis such as perhaps every 10 sessions or so. Any frequency may be applied. After successful log-in to server 67 and data transfer, a user operating at station 79 now has all of his or her requested data in encrypted form, a program for decrypting the data, and a key for the program to use in automatically decrypting the data. Engine 83 automatically decrypts the received data 81 at client station 79 by retrieving cookie 84 from cache 85 as illustrated by a double arrow labeled Retrieve Key, accessing the key from the cookie value, and using the key in decryption. In this example, server 67 is first encrypting requested data and sending it to a client along with (if needed) a temporary encryption/decryption program and a key (in the cookie). The above-described method allows a user to be sure that no one will intercept and be able to decrypt data that he or she is receiving from a server. Moreover, only the issuing server may change the value of a cookie and key combination.
In another embodiment, server 67 may encrypt data on client station 79 for any purpose, such as for transmission over the Internet back to server 67 or, if server 67 is a proxy, by proxy to another server requiring the information for a transaction or the like. A transaction data-block 86 is illustrated within browser 82 at station 79 and represents any data that a user wants to send to a server. A transaction dialog box, represented herein by element 87, appears in browser window 82 during a transaction process with a server as is typical and known in the art of WEB navigation. Box 87 may be a form requiring credit card or other sensitive information used to purchase an item or service.
In this example server 67 is presumed to be a proxy server and clear-text data in block 86 on client station 79 is first encrypted using engine 83 (downloaded from server 67) and cookie 84 (containing key 75). This process is illustrated by the double arrow labeled Retrieve Key, and a directional arrow proceeding from element 83 to element 86. Server 67 would also send an encryption/decryption program and a cookie containing key 75 to any WEB server transacting with a user operating station 79. This process is represented by a directional arrow labeled WEB Service illustrated at server 67. A target server (WEB service) receives encrypted data from station 79 as represented by a directional arrow labeled WEB Service illustrated at station 79. The WEB service also has key 75 and program 73 from server 67. Therefore, the target server is enabled to automatically decrypt the data from station 79 and for entry into a form field. The method and apparatus of the present invention may be used with any dialog or transaction interface presented by any WEB service.
In still another embodiment, server 67 may encrypt data at station 79 for transmission over the Internet back to server 67. In this embodiment, server 67 retains key 75 for the later decryption process. Security in all described embodiments is enhanced by virtue of the fact that the value of a cookie, including key 75, can only be changed by an issuing server and not by a third party. Moreover, key 75 is received in cache memory and cannot be manually manipulated for use with program 83 for decrypting or encrypting information. Server 67 may encrypt data differently each time a user logs on to receive data and send a new cookie/key combination, which overwrites the old one in cache thereby further enhancing security of data during transit. A new encryption/decryption program may be sent in conjunction with every new key such that when a user logs-off, the new encryption/decryption program is not retained.
According to yet another embodiment of the present invention, the method taught above may be practiced between two WEB servers running server software. Such an embodiment is described below. Fig. 2 is a block diagram illustrating a revolving encryption/decryption process used in a server to server mode. In this example, two Internet servers are illustrated as
WEB server 89 and WEB server 91. WEB server 89 is, for the purpose of this example, designated as the "sending" server while WEB server 91 is designated as the "receiving" server.
Server 89 has a resident encryption/decryption engine 95 provided therein and adapted for encrypting and decrypting data as was described with reference to Fig. 1. A data-block 93 illustrated within server 89 represents any data that is encrypted by virtue of engine 95 as illustrated by a double arrow labeled Encrypt. A decryption key 97 is illustrated within server 89 and represents a generated key for decrypting and encrypting data in block 93. Server 89 also has a communication interface 101, which is provided and adapted for communication with other servers. A cookie generator is also provided and adapted to generate and send cookies as is known in the art.
A data block 103 is illustrated within server 91 and represents encrypted data 93 received from server 89. Server 91 is, in this instance, in receiving mode. Server 91 has an encryption/decryption engine 105 illustrated therein and adapted for encrypting and decrypting data as illustrated by a double arrow labeled Decrypt. In one embodiment, engine 105 is a temporary program received from server 89 along with data 103. In this example server 89 would always be the controlling server. In another embodiment, server 91 may be adapted with full encryption/decryption and key generating capability such that neither server 89 or 91 is a controlling server.
Server 91, being the receiving server in this example, has a WEB cache 109 containing a WEB cookie 110 (received from server 89), and decryption key 97 retrieved from cookie 110 for data-decrypting purposes. Both servers have communication interfaces, interface 101 (for server 89) and interface 111 (for server 91) installed therein and adapted to allow communication over the Internet as known in the art.
Assume now that server 91 has established a connection-data request to server 89 through communication interface 111, over the Internet, to communication interface 101. After a communication connection is established between servers 89 and 91, data (93) is encrypted by encryption/decryption engine 95 using key 97 as illustrated by the double arrow labeled Encrypt. Encrypted data 93 is sent to server 91 over the open connection (interface 101 to 111). The value of key 97 is integrated into a cookie generated by cookie generator 99 and sent to server 91 where it resides in cache 109 as WEB cookie 110. This is illustrated by directional arrows first starting at element 95 and proceeding ultimately to communication interface 101 at server 89, and by directional arrows starting at communication interface 111 at server 91 and proceeding ultimately to respective elements.
At server 91, encryption/decryption engine 105 retrieves key 97 from WEB cookie 110 in cache 109 as illustrated by double arrows placed between the involved elements. Engine 105 then uses key 97 to decrypt data 103 for use. In the above example, server 89 is the controlling server and issues temporary encryption/decryption programs and keys to servers requesting secure data. In this embodiment, data may be encrypted differently with a new key each time a server requests and is granted a connection for data transmission from the controlling server. In another embodiment, server 89 may encrypt data held at another server for transmission back to itself by first sending program 105 and key 97 for the requesting server to encrypt data for transmission back. In this case, server 89 would retain a copy of key 97 for decryption purposes.
In still another embodiment, both servers 89 and 91 may be adapted as controlling servers such that each may send the other a temporary encryption program and a key for decryption. There are many possibilities.
The method and apparatus of the present invention may be practiced on any data-packet network that supports the use of cookies, Hyper-Text-Transfer-Protocol (HTTP) and other suitable Internet Protocol (IP) without departing from the spirit and scope of the present invention. For example, a business may use the method as a secure data transfer process on a corporate Local- Area-Network (LAN) or Wide- Area- Network (WAN).
In yet another embodiment, a controlling server adapted to send encryption/decryption programs and keys may multicast sensitive data to a plurality of receiving servers or client stations such that all the receivers get the same encrypted data securely without fear of intercept. The method and apparatus of the present invention should be afforded the broadest scope possible in light of the several embodiments described. The spirit and scope of the present invention is limited only by the claims that follow.

Claims

What is claimed is:
1. In a client-server system, a method for encrypting and sending data from the server to the client and enabling decryption by the client, comprising steps of: (a) upon receiving a log-in and a data request from the client by the server, sending a cookie to the client, the cookie comprising a key value to be used for decrypting the data;
(b) encrypting the data to be sent to the client using an encryption/decryption engine and the value of the key; and (c) sending the encrypted data to the client.
2. The method of claim 1 further comprising a step for the client retrieving the key value from the cookie, executing a copy of the decryption engine, and decrypting the data.
3. The method of claim 1 comprising a step for the server sending a copy of the encryption/decryption engine to the client.
4. The method of claim 3 wherein the copy of the encryption/decryption engine is discarded after use.
5. The method of claim 1 wherein a new key is sent each time a client logs in to the server.
6. A secure client/server system, comprising: a server having an encryption/decryption engine, access to data, and code for sending a cookie to a user logging in to the server; and a client; characterized in that the server, upon receipt of a data request by a client, sends a cookie to the client wherein the value of the cookie comprises an encryption/decryption key, and wherein the server encrypts the data requested by the client using the key before transmission to the client.
7. The system of claim 6 wherein the client, after receiving encrypted data from the server, retrieves the key from the cookie value, and uses the key with the encryption/decryption engine to decrypt the data.
8. The system of claim 6 wherein the server sends a copy of the encryption/decryption engine to the client.
9. The system of claim 8 wherein the copy of the encryption/decryption engine is discarded after use.
10. The system of claim 6 wherein a new key is sent each time a client logs in to the server.
11. In a client-server system, a method for encrypting data on a client from a server, comprising steps of:
(a) upon receiving a log-in the client by the server, sending a cookie to the client, the cookie comprising a key value to be used for encryption the data, and sending an indication of the data to be encrypted;
(b) accessing the key value by the client from the cookie sent; and
(c) encrypting the data on the client using an encryption/decryption engine and the value of the key retrieved from the cookie value.
12. The method of claim 11 comprising a step for the server sending a copy of the encryption/decryption engine to the client.
13. The method of claim 12 wherein the copy of the encryption/decryption engine is discarded after use.
14. The method of claim 11 wherein a new key is sent each time a client logs in to the server.
15. A secure client/server system, comprising: a server having an encryption/decryption engine, access to data, and code for sending a cookie to a user logging in to the server; and a client; characterized in that the server, upon receipt of a log-in by a client, sends a cookie to the client wherein the value of the cookie comprises an encryption/decryption key, and sends also an indication of data to be encrypted, and wherein the client retrieves the key value from the cookie, and encrypts the data indicated by the server using the key.
16. The system of claim 15 wherein the server sends a copy of the encryption/decryption engine to the client.
17. The system of claim 16 wherein the copy of the encryption/decryption engine is discarded after use.
18. The system of claim 15 wherein a new key is sent each time a client logs in to the server.
19. A method for secure data transfer between a first and a second server, comprising steps of: (a) the first server contacting the second server for data;
(b) the second server sending a cookie to the first server, the value of the cookie comprising a key value for encryption/decryption;
(c) encrypting data before transmission by the second server, using the key value; and (d) sending the encrypted data to the second server.
20. The method of claim 19 wherein the second server sends a copy of an encryption/decryption engine to the first server, and the first server uses the copy with the retrieved key to accomplish decryption.
PCT/US2000/042168 1999-12-14 2000-11-13 Method and apparatus for a revolving encrypting and decrypting process WO2001047176A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP00992802A EP1243097A1 (en) 1999-12-14 2000-11-13 Method and apparatus for a revolving encrypting and decrypting process
AU47077/01A AU4707701A (en) 1999-12-14 2000-11-13 Method and apparatus for a revolving encrypting and decrypting process
JP2001547789A JP2003518820A (en) 1999-12-14 2000-11-13 Method and apparatus for a circular encryption and decryption process

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US46151999A 1999-12-14 1999-12-14
US09/461,519 1999-12-14

Publications (1)

Publication Number Publication Date
WO2001047176A1 true WO2001047176A1 (en) 2001-06-28

Family

ID=23832890

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/042168 WO2001047176A1 (en) 1999-12-14 2000-11-13 Method and apparatus for a revolving encrypting and decrypting process

Country Status (4)

Country Link
EP (1) EP1243097A1 (en)
JP (1) JP2003518820A (en)
AU (1) AU4707701A (en)
WO (1) WO2001047176A1 (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7653602B2 (en) 2003-11-06 2010-01-26 Visa U.S.A. Inc. Centralized electronic commerce card transactions
US7725369B2 (en) 2003-05-02 2010-05-25 Visa U.S.A. Inc. Method and server for management of electronic receipts
US7857216B2 (en) 2003-09-12 2010-12-28 Visa U.S.A. Inc. Method and system for providing interactive cardholder rewards image replacement
US8005763B2 (en) 2003-09-30 2011-08-23 Visa U.S.A. Inc. Method and system for providing a distributed adaptive rules based dynamic pricing system
US8010405B1 (en) 2002-07-26 2011-08-30 Visa Usa Inc. Multi-application smart card device software solution for smart cardholder reward selection and redemption
US8015060B2 (en) 2002-09-13 2011-09-06 Visa Usa, Inc. Method and system for managing limited use coupon and coupon prioritization
US8407083B2 (en) 2003-09-30 2013-03-26 Visa U.S.A., Inc. Method and system for managing reward reversal after posting
US8429048B2 (en) 2009-12-28 2013-04-23 Visa International Service Association System and method for processing payment transaction receipts
US8554610B1 (en) 2003-08-29 2013-10-08 Visa U.S.A. Inc. Method and system for providing reward status
US8626577B2 (en) 2002-09-13 2014-01-07 Visa U.S.A Network centric loyalty system
US9852437B2 (en) 2002-09-13 2017-12-26 Visa U.S.A. Inc. Opt-in/opt-out in loyalty system
US20200021566A1 (en) * 2011-10-28 2020-01-16 Danmarks Tekniske Universitet Dynamic encryption method
US11132691B2 (en) 2009-12-16 2021-09-28 Visa International Service Association Merchant alerts incorporating receipt data

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3365815B1 (en) 2016-12-29 2019-05-01 Google LLC Search and retrieval of keyed data maintained using a keyed database
JP6876760B2 (en) * 2019-09-03 2021-05-26 グーグル エルエルシーGoogle LLC Retrieving and retrieving keyed data maintained using a keyed database

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5818935A (en) * 1997-03-10 1998-10-06 Maa; Chia-Yiu Internet enhanced video system
US5966441A (en) * 1996-11-18 1999-10-12 Apple Computer, Inc. Method and apparatus for creating a secure autonomous network entity of a network component system
US6199113B1 (en) * 1998-04-15 2001-03-06 Sun Microsystems, Inc. Apparatus and method for providing trusted network security
US6226750B1 (en) * 1998-01-20 2001-05-01 Proact Technologies Corp. Secure session tracking method and system for client-server environment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5966441A (en) * 1996-11-18 1999-10-12 Apple Computer, Inc. Method and apparatus for creating a secure autonomous network entity of a network component system
US5818935A (en) * 1997-03-10 1998-10-06 Maa; Chia-Yiu Internet enhanced video system
US6226750B1 (en) * 1998-01-20 2001-05-01 Proact Technologies Corp. Secure session tracking method and system for client-server environment
US6199113B1 (en) * 1998-04-15 2001-03-06 Sun Microsystems, Inc. Apparatus and method for providing trusted network security

Cited By (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8010405B1 (en) 2002-07-26 2011-08-30 Visa Usa Inc. Multi-application smart card device software solution for smart cardholder reward selection and redemption
US8239261B2 (en) 2002-09-13 2012-08-07 Liane Redford Method and system for managing limited use coupon and coupon prioritization
US10460338B2 (en) 2002-09-13 2019-10-29 Visa U.S.A. Inc. Network centric loyalty system
US9852437B2 (en) 2002-09-13 2017-12-26 Visa U.S.A. Inc. Opt-in/opt-out in loyalty system
US8626577B2 (en) 2002-09-13 2014-01-07 Visa U.S.A Network centric loyalty system
US8015060B2 (en) 2002-09-13 2011-09-06 Visa Usa, Inc. Method and system for managing limited use coupon and coupon prioritization
US7987120B2 (en) 2003-05-02 2011-07-26 Visa U.S.A. Inc. Method and portable device for management of electronic receipts
US7725369B2 (en) 2003-05-02 2010-05-25 Visa U.S.A. Inc. Method and server for management of electronic receipts
US7827077B2 (en) 2003-05-02 2010-11-02 Visa U.S.A. Inc. Method and apparatus for management of electronic receipts on portable devices
US8386343B2 (en) 2003-05-02 2013-02-26 Visa U.S.A. Inc. Method and user device for management of electronic receipts
US9087426B2 (en) 2003-05-02 2015-07-21 Visa U.S.A. Inc. Method and administration system for management of electronic receipts
US8793156B2 (en) 2003-08-29 2014-07-29 Visa U.S.A. Inc. Method and system for providing reward status
US8554610B1 (en) 2003-08-29 2013-10-08 Visa U.S.A. Inc. Method and system for providing reward status
US7857215B2 (en) 2003-09-12 2010-12-28 Visa U.S.A. Inc. Method and system including phone with rewards image
US7857216B2 (en) 2003-09-12 2010-12-28 Visa U.S.A. Inc. Method and system for providing interactive cardholder rewards image replacement
US8005763B2 (en) 2003-09-30 2011-08-23 Visa U.S.A. Inc. Method and system for providing a distributed adaptive rules based dynamic pricing system
US8407083B2 (en) 2003-09-30 2013-03-26 Visa U.S.A., Inc. Method and system for managing reward reversal after posting
US9141967B2 (en) 2003-09-30 2015-09-22 Visa U.S.A. Inc. Method and system for managing reward reversal after posting
US8244648B2 (en) 2003-09-30 2012-08-14 Visa U.S.A. Inc. Method and system for providing a distributed adaptive rules based dynamic pricing system
US9710811B2 (en) 2003-11-06 2017-07-18 Visa U.S.A. Inc. Centralized electronic commerce card transactions
US7653602B2 (en) 2003-11-06 2010-01-26 Visa U.S.A. Inc. Centralized electronic commerce card transactions
US11132691B2 (en) 2009-12-16 2021-09-28 Visa International Service Association Merchant alerts incorporating receipt data
US8650124B2 (en) 2009-12-28 2014-02-11 Visa International Service Association System and method for processing payment transaction receipts
US8429048B2 (en) 2009-12-28 2013-04-23 Visa International Service Association System and method for processing payment transaction receipts
US20200021566A1 (en) * 2011-10-28 2020-01-16 Danmarks Tekniske Universitet Dynamic encryption method

Also Published As

Publication number Publication date
EP1243097A1 (en) 2002-09-25
AU4707701A (en) 2001-07-03
JP2003518820A (en) 2003-06-10

Similar Documents

Publication Publication Date Title
JP4867663B2 (en) Network communication system
US7313816B2 (en) Method and system for authenticating a user in a web-based environment
EP1400089B1 (en) Authentification of a user across communicaqtion sessions
US6154543A (en) Public key cryptosystem with roaming user capability
US7231526B2 (en) System and method for validating a network session
US5892828A (en) User presence verification with single password across applications
JP5313311B2 (en) Secure message system with remote decryption service
US7281128B2 (en) One pass security
US20030163691A1 (en) System and method for authenticating sessions and other transactions
US8549298B2 (en) Secure online service provider communication
US20040093419A1 (en) Method and system for secure content delivery
US20080022085A1 (en) Server-client computer network system for carrying out cryptographic operations, and method of carrying out cryptographic operations in such a computer network system
JP2009505308A (en) Distributed single sign-on service
EP1243097A1 (en) Method and apparatus for a revolving encrypting and decrypting process
CN111526161A (en) Communication method, communication equipment and proxy system
EP2414983B1 (en) Secure Data System
JP4608929B2 (en) Authentication system, server authentication program, and client authentication program
WO2001054342A1 (en) Method and apparatus for secure storage of personal data in web-based applications using symmetric encryption and distributed key components
US20100005303A1 (en) Universal authentication method
US20100146605A1 (en) Method and system for providing secure online authentication
WO2000027089A1 (en) Secure authentication for access to back-end resources
JP2002328905A (en) Client authentication method, authentication device, program and storage medium
WO2000079726A2 (en) Cryptographic representation of sessions

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
ENP Entry into the national phase

Ref document number: 2001 547789

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: IN/PCT/2002/884/CHE

Country of ref document: IN

WWE Wipo information: entry into national phase

Ref document number: 2000992802

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2000992802

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWW Wipo information: withdrawn in national office

Ref document number: 2000992802

Country of ref document: EP