WO2002023785A2 - Messagerie securisee - Google Patents
Messagerie securisee Download PDFInfo
- Publication number
- WO2002023785A2 WO2002023785A2 PCT/GB2001/004150 GB0104150W WO0223785A2 WO 2002023785 A2 WO2002023785 A2 WO 2002023785A2 GB 0104150 W GB0104150 W GB 0104150W WO 0223785 A2 WO0223785 A2 WO 0223785A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- decoder
- user
- information
- secure messaging
- mail message
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
- G06Q10/107—Computer-aided management of electronic mailing [e-mailing]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/07—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail characterised by the inclusion of specific contents
- H04L51/08—Annexed information, e.g. attachments
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/041—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 using an encryption or decryption engine integrated in transmitted data
Definitions
- This invention relates to secure messaging over a communications network.
- cracks are pieces of software that allow one to break the encryption and decipher the information contained therein. It is particularly desirable to send invoices or statements electronically to clients provided that the information contained therein is only available to authorised users.
- invoice shall have its widest meaning and shall include statements and accounts unless otherwise indicated.
- processor is to be given its widest meaning and includes any suitable apparatus which executes under stored programme control to achieve a desired result.
- a method of secure messaging which includes sending a decoder to a user as an attachment to an e-mail message.
- decoder to be sent in the form of an executable file; for the decoder to be installed on a user's computer when the attachment is opened in the e-mail message; alternately for the decoder to be installed on a user's computer when the e-mail message is opened.
- decoder to operatively decrypt, encoded information using a key known to the user and to the sender of the information; for the key to be a SHA-1 or MD5 hash of at least two character strings; and for the at least two character strings to include a username and password.
- encoded information to be sent to a user as an attachment to an e-mail message; for the e-mail message to which the encoded information is attached to also have a decoder attached thereto; for the attachment to invoke the decoder when opened; and for the encoded information to be compressed before being attached to an e-mail message.
- a further feature of the invention provides for the information to be encoded using CBC encoded Blowfish or triple DES ciphers.
- the invention also provides a method of securely transmitting an invoice which includes encoding the information forming the invoice and transmitting the encoded information to a user as an attachment to an e-mail message and transmitting a decoder for the encoded information to a user as an attachment to an e-mail message.
- encoded information and decoder to be attached to the same e-mail message; for the decoder to install itself on the user's computer when the e-mail message is opened; alternately for the decoder to install itself on the user's computer when the attachment is opened in the e-mail message.
- the installed decoder to decrypt the encoded information attached to the e-mail message; for the installed decoder to decrypt the encoded information attached to the e-mail message when the attachment is opened; for the decoder to require a key from the user to decrypt the encoded information; and for the key to be known to the user and to the sender of the invoice.
- a further feature of the invention provides for the information forming the invoice to be compressed prior to being encoded.
- the invention further provides for a system for secure messaging comprising a first store of information and at least one processor configured to encode the information and to attach the encoded information to at least one e-mail message to be sent to at least one user and to attach a decoder to an e-mail message to be sent to the or each user.
- processors to attach encoded information and a decoder to a single e-mail message to the or each user; for the system to include a mail server for sending the or each e-mail message; for the or each decoder to be an executable file; and for the or each decoder to install itself on a user's computer.
- Still fiirther features of the invention provide for the or each decoder to install itself on a user's computer when the attachment is opened in the e-mail message; alternately for the or each decoder to install itself on a user's computer when the e-mail message is opened.
- each decoder to operatively decode the information attached to an e-mail message using a key known to the user and to the sender of the information; for each key to be a SHA-1 or MD5 hash of character strings; and for the character strings to include a username and password.
- the at least one processor to compress the information prior to encoding it; for the first store of information to include a plurality of sets of information; for each set of information to correspond to a user; and for each set of information to be encoded and attached to an e-mail message.
- Still further features of the invention provide for there to be provided a second store of information containing user address details and for a processor to be configured to correlate user details contained in the first information store with those in the second information store and to format e-mail messages using the information in the second store.
- the second store of information to further include a username and password for each user; for the processor to encode the information for a user using the username and password for the user contained in the second store of information; and for the or each decoder not to be installed on a user's computer if an identical decoder is already installed on the computer.
- a further feature of the invention provide for the at least one processor to interrogate a third store of information in which are recorded details of users who have already received a decoder and wherein the at least one processor does not attach a decoder to an e-mail message to a user where the user is recorded as having already received a decoder.
- Figure 1 is a schematic diagram of a secure messaging system.
- Confidential information for example monthly account statements, generated by the bank's computer system (4) is produced as individual files, or a single file and is stored in a first information store (5) together with necessary identification and addressing information.
- the files stored at (5) are then sent to a secure server (8) using a secure file transfer protocol (9).
- the files are parsed (13) into a format understood by the secure server.
- the information in the files is formatted (14) to produce documents of a required type, such as HTML or Word.
- a processor compresses the documents and then encodes the information (15) using a CBC encoded block cipher.
- the encrypted document is padded with random data for more entropy and to reduce the likelihood of know-plaintext attacks.
- the process may use any block cipher and key length but in this embodiment supports 112 bit and 168 bit Triple DES or 128 bit to 448 bit Blowfish block ciphers.
- the key for the encryption is created from a SHA-1 or MD5 hash of the recipient's username and password, which is included in the data files (4). Any suitable character strings may however be used to form the key.
- Each encoded file is then attached by the processor to an e-mail message (16) addressed to the relevant user (20) together with a decoder.
- Each decoder is a small executable file that is capable of decrypting encoded files once properly installed on a computer.
- Each decoder is further configured to be capable of being installed on a number of different software platforms. This avoids the problem of having to first determine the type of software platform being used by each user (20) and then sending a specific, and often different, decoder to each user (20).
- the messages together with attachments are then sent via a bulk mailer (17) using Simple Mail Transfer Protocol (SMTP) to the users (20). Bounced mail (19) will be returned to the mail server (8) for reporting purposes.
- SMTP Simple Mail Transfer Protocol
- the decoder Once the e-mail message is received by a user (20), opening the message and executing the decoder (21) will cause the decoder attached to the message to automatically install itself on the user's computer if the user (20) does not already have a decoder.
- the decoder could, however, also be configured to install automatically when the message is opened. As the size of the decoder is very small, about 43 kb in this embodiment, it is easy to send as an e-mail attachment and simple to manage by the user's computer.
- the decoder Once the decoder is installed on the user's computer all encoded files attached to e-mail messages by the sender (2) will automatically invoke the decoder when they are opened (22). At this point, the user will be required to enter his username and password, which will be used to decode the message (24). If the username/password combination is correct the document is opened using the default viewer (25) for the documents, for example Word or Excel.
- the system (1) enables secure messaging to occur through a simple yet highly effective process.
- By attaching the decoder to an e-mail message it is unnecessary for the user to obtain a decoder by downloading from a communication network or any other means.
- the size of the decoder does not impose a large overhead on the e-mail size in terms of bandwidth usage.
- any suitable encoding can be used and the decoder need not be self-installing and could be installed through any convenient means.
- the decoder could further be created prior to attachment to a message to decrypt information using a specific key thus obviating the need for the user to enter his password and username for each message. For security reasons, where such a decoder is used, it is desirable for the decoder to require these details prior to installing itself.
- the decoder could be configured to remember a username and password after they have been entered once.
- the decoder could also be attached to a separate message to the message that the encoded information is attached to.
- a first store containing sets information to be encoded together with an identifier for each set
- a second store containing the addressing details and username and password for each identifier.
- the processor would obtain addressing details and encoding keys for the information in the first store from the second store of information.
- a third store of information which could form part of the second store of information, could also be used to record whether a user already has a decoder installed on his computer or at least whether he has been sent one. This information could then be checked prior to sending encoded information with an e-mail message to determine whether it is necessary to attach a decoder to the message. Where a decoder is not attached to a message and the user requires one, for example where another computer is being used which does not have a decoder installed, a hyperlink could be provided to allow the user to access a website (secure or otherwise) to download the decoder. Alternatively a device could be provided on messages to automatically request a decoder to be sent to the user.
- the functions of encoding information, attaching the information to a message, attaching a decoder to the message and sending the message may be performed by one or more processors. Where more than one processor is used the processors may each perform a specific task or may operate in parallel.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Human Resources & Organizations (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Entrepreneurship & Innovation (AREA)
- Strategic Management (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Operations Research (AREA)
- Economics (AREA)
- Marketing (AREA)
- Data Mining & Analysis (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Information Transfer Between Computers (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2001287874A AU2001287874A1 (en) | 2000-09-15 | 2001-09-17 | Secure messaging |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0022724A GB0022724D0 (en) | 2000-09-15 | 2000-09-15 | Secure messaging |
GB0022724.9 | 2000-09-15 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2002023785A2 true WO2002023785A2 (fr) | 2002-03-21 |
WO2002023785A3 WO2002023785A3 (fr) | 2002-08-01 |
Family
ID=9899565
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/GB2001/004150 WO2002023785A2 (fr) | 2000-09-15 | 2001-09-17 | Messagerie securisee |
Country Status (3)
Country | Link |
---|---|
AU (1) | AU2001287874A1 (fr) |
GB (1) | GB0022724D0 (fr) |
WO (1) | WO2002023785A2 (fr) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2002032044A2 (fr) * | 2000-10-13 | 2002-04-18 | Eversystems Inc. | Messagerie a cle secrete |
WO2006021830A1 (fr) * | 2004-08-27 | 2006-03-02 | Easecredit | Releve de compte bancaire par courriel pour operations bancaires par internet effectuees par courriel et procede de production d'un releve de compte bancaire par courriel |
EP1646194A1 (fr) * | 2004-10-08 | 2006-04-12 | Sagem Communication | Procédé de production d'un accusé de réception fiable |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000049786A1 (fr) * | 1999-02-19 | 2000-08-24 | Messagemedia, Inc. | Systeme et procede de cryptage de messages |
-
2000
- 2000-09-15 GB GB0022724A patent/GB0022724D0/en not_active Ceased
-
2001
- 2001-09-17 WO PCT/GB2001/004150 patent/WO2002023785A2/fr active Application Filing
- 2001-09-17 AU AU2001287874A patent/AU2001287874A1/en not_active Abandoned
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000049786A1 (fr) * | 1999-02-19 | 2000-08-24 | Messagemedia, Inc. | Systeme et procede de cryptage de messages |
Non-Patent Citations (1)
Title |
---|
PRENEEL B: "State-of-the-art Ciphers for Commercial Applications" COMPUTERS & SECURITY. INTERNATIONAL JOURNAL DEVOTED TO THE STUDY OF TECHNICAL AND FINANCIAL ASPECTS OF COMPUTER SECURITY, ELSEVIER SCIENCE PUBLISHERS. AMSTERDAM, NL, vol. 18, no. 1, 1999, pages 67-74, XP004154866 ISSN: 0167-4048 * |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2002032044A2 (fr) * | 2000-10-13 | 2002-04-18 | Eversystems Inc. | Messagerie a cle secrete |
WO2002032044A3 (fr) * | 2000-10-13 | 2003-01-09 | Eversystems Inc | Messagerie a cle secrete |
US6728378B2 (en) | 2000-10-13 | 2004-04-27 | Eversystems Information Comircio Representagco, Importageo E Exportagco Ltda. | Secret key messaging |
WO2006021830A1 (fr) * | 2004-08-27 | 2006-03-02 | Easecredit | Releve de compte bancaire par courriel pour operations bancaires par internet effectuees par courriel et procede de production d'un releve de compte bancaire par courriel |
EP1646194A1 (fr) * | 2004-10-08 | 2006-04-12 | Sagem Communication | Procédé de production d'un accusé de réception fiable |
FR2876527A1 (fr) * | 2004-10-08 | 2006-04-14 | Sagem | Procede de production d'un accuse de reception fiable |
Also Published As
Publication number | Publication date |
---|---|
WO2002023785A3 (fr) | 2002-08-01 |
AU2001287874A1 (en) | 2002-03-26 |
GB0022724D0 (en) | 2000-11-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7634651B1 (en) | Secure data transmission web service | |
JP4148979B2 (ja) | 電子メールシステム、電子メール中継装置、電子メール中継方法及び電子メール中継プログラム | |
US8166299B2 (en) | Secure messaging | |
US6442686B1 (en) | System and methodology for messaging server-based management and enforcement of crypto policies | |
US20070172066A1 (en) | Message security | |
US20030065941A1 (en) | Message handling with format translation and key management | |
US20070118735A1 (en) | Systems and methods for trusted information exchange | |
US20020172367A1 (en) | System for secure electronic information transmission | |
US20040120525A1 (en) | System and method for storage and retrieval of cryptographic keys | |
EP1145507A1 (fr) | Acheminement securise de messages electroniques sur internet | |
AU2004203148A1 (en) | Method for Strongly Encrypting .zip Files | |
US7660987B2 (en) | Method of establishing a secure e-mail transmission link | |
WO2008050742A1 (fr) | Système de transmission et de réception de messages électroniques | |
WO2004042537A2 (fr) | Systeme et procede de securisation de messages numeriques | |
CN1783853B (zh) | 密码邮件服务器设备 | |
US6847719B1 (en) | Limiting receiver access to secure read-only communications over a network by preventing access to source-formatted plaintext | |
US6968458B1 (en) | Apparatus and method for providing secure communication on a network | |
EP1387239B1 (fr) | Messagerie sécurisée | |
AU2005201621B2 (en) | Transmission of secure electronic mail formats | |
JP2008134985A (ja) | ネットワークシステム | |
US20020053019A1 (en) | System, computer product and method for secure electronic mail communication | |
WO2002023785A2 (fr) | Messagerie securisee | |
WO2000046952A1 (fr) | Procede permettant d'envoyer un courrier electronique, de maniere sure, via un explorateur | |
US20080172470A1 (en) | Method and a system for the secure exchange of an e-mail message | |
CN113407971B (zh) | 一种基于html5技术的跨互联网文件安全分享方法与系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
AK | Designated states |
Kind code of ref document: A3 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A3 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase in: |
Ref country code: JP |