WO2005015862A1 - Method and devices for secure transmission of electronic messages - Google Patents

Method and devices for secure transmission of electronic messages Download PDF

Info

Publication number
WO2005015862A1
WO2005015862A1 PCT/CH2004/000488 CH2004000488W WO2005015862A1 WO 2005015862 A1 WO2005015862 A1 WO 2005015862A1 CH 2004000488 W CH2004000488 W CH 2004000488W WO 2005015862 A1 WO2005015862 A1 WO 2005015862A1
Authority
WO
WIPO (PCT)
Prior art keywords
electronic message
encrypted
encryption system
content
reception apparatus
Prior art date
Application number
PCT/CH2004/000488
Other languages
French (fr)
Inventor
Fabian Honegger
Original Assignee
Onaras Ag
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Onaras Ag filed Critical Onaras Ag
Publication of WO2005015862A1 publication Critical patent/WO2005015862A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/07User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail characterised by the inclusion of specific contents
    • H04L51/08Annexed information, e.g. attachments
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/21Monitoring or handling of messages
    • H04L51/216Handling conversation history, e.g. grouping of messages in sessions or threads
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/56Unified messaging, e.g. interactions between e-mail, instant messaging or converged IP messaging [CPM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords

Definitions

  • the present invention relates to a method for the secure transmission of electronic messages via a telecommunication network and to apparatuses suitable for this purpose.
  • the invention relates in particular to a method and suitable apparatuses for the secure transmission of electronic messages, such as "electronic mails" (e-mails) , via a telecommunication network, the electronic messages being encrypted and decrypted.
  • electronic messages such as "electronic mails" (e-mails)
  • the public key method involves the e-mail being encrypted by the sender using a public key belonging to the receiver, and being decrypted again by the receiver using the latter' s private key (secret key).
  • the public key method may be executed in companies using a central e-mail encryption gateway 12, so that the individual employees have nothing to do with the key management and encryption.
  • the external partner 14 sends his public key to an internal employee 11, or to the e-mail encryption gateway 12 , where it is stored in a key database either manually or automatically.
  • the e-mail is automatically encrypted by the e-mail encryption gateway 12 using the added public key belonging to the external partner 14.
  • the encryption may be linked to the condition that the e- ail must satisfy defined criteria.
  • the encrypted e-mail is transmitted from the e-mail encryption gateway 12 to the external partner 14.
  • the external partner 14 receives the encrypted e-mail and decrypts it using the decryption module 15, using the private key which only the external partner knows, and renders the e-mail readable again.
  • the decryption module 15 is in the form of a software or hardware solution.
  • OpenPGP Pretty Good Privacy
  • S/MIME Secure Multipurpose Internet Mail Extensions
  • a fundamental drawback of the public key methods is that the receiver has to install special supplementary modules, typically software programs, software subprograms and cryptographical keys and/or certificates, on his terminal and needs to operate or use these supplementary modules in the correct manner. This firstly has an associated level of complexity, and secondly assumes that the receiving communication partner has certain technical capabilities and knowledge, which he does not necessarily have. In addition, many communication partners do not even have the authorization to install such supplementary modules on their system.
  • special supplementary modules typically software programs, software subprograms and cryptographical keys and/or certificates
  • Courier service systems or courier services are provided either as subsystems of e-mail encryption gateways or as individual solutions or as services via the Internet.
  • the sender 21 sends the e- mail to the courier service system 22 in unencrypted form.
  • the e-mail may be sent in this manner using a normal e-mail program or using an integrated webmail system.
  • the courier service system 22 stores and buffers the received e-mail 221 either in unencrypted form or in a form encrypted using a secret key.
  • the courier service system 22 provides a new second e-mail 23, typically in HTML format, and transmits it to the receiver 24 in step S23.
  • the new second e-mail 23 comprises a "hyperlink" 231 to the courier service system 22.
  • a web browser window opens, for example within the e-mail program, in step S24 and a web page appears which requires the receiver 24 to type in a password which he has obtained previously in a different way, for example by telephone.
  • the courier service system 22 shows the receiver 24 the e- mail, which is buffer-stored in the courier service system 22, in the web browser or, depending on the file type, in a display program provided for it, in step S25.
  • SSL Secure Socket Layer
  • Courier service systems do not have the drawback of the public key methods, because the communication partner does not need to install a program or certificate.
  • the communication partner can easily use a hyperlink to set up a connection to a web server, for which most e-mail programs today have been set up .
  • courier service systems face drawbacks regarding mail management.
  • Courier service systems use the web protocol HTTP(S) (Hypertext Transfer Protocol (Secure)) and not e-mail protocols, that is to say that the e-mail is uploaded (securely) to a web server, is stored there and is downloaded again. Only the hyperlink for accessing this web page is sent by e- mail.
  • HTTP Hypertext Transfer Protocol
  • the e-mail in courier service systems is stored not with the receiver 24 but rather in the courier service system 22, for example on a web server in the courier service system 22.
  • the receiver 24 is therefore not able to manage, move, copy, delete, back up etc. the e-mail in his e-mail program.
  • the receiver 24 must either manage the e-mail on the web server in the courier service system 22 or must download it and store it locally on his hard disk.
  • the operators of the courier service system typically the sender's company, are therefore confronted with the storage of all e- ails to the communication partners . This forces the operators to have an enormous large infrastructure, and/or they must delete the e-mails again after a certain time. Deleting a buffer-stored e-mail means that the communication partner is no longer able to read this e-mail, even if the e-mail with the hyperlink is still in his inbox.
  • a first electronic message for example an e-mail, which is intended to be transmitted securely via a telecommunication network, for example via the Internet, being encrypted in an encryption system
  • a second electronic message being provided in the encryption system, where the second electronic message comprises a content in the format of a text markup language.
  • the encrypted first electronic message is added to the content of the second electronic message, for example hidden in form fields in the text markup language.
  • the text markup language is HTML (Hypertext Markup Language) or XML (Extensible Markup Language) , for example.
  • the second electronic message which is provided is transmitted via the telecommunication network to the reception apparatus to which the first electronic message is addressed, for example to a communication terminal or to a personal computer.
  • the encrypted first electronic message is transmitted from the reception apparatus to the encryption system via the telecommunication network.
  • the first electronic message received via the telecommunication network is decrypted in the encryption system and is transmitted from the encryption system to the reception apparatus using a secure connection, for example using an SSL connection, for the purpose of display.
  • the transmission of the encrypted first electronic message packed in a second electronic message and the automatic feedback of the encrypted first electronic message to the encryption system permit secure transmission of the first electronic messages via a telecommunication network without the need to equip the reception apparatus with additional special modules for decryption and without the user of the reception apparatus needing to concern himself with aspects of the decryption.
  • the transmission of the encrypted first electronic message packed in a second electronic message to the reception apparatus permits the receiver to manage the second electronic message with the encrypted first electronic message it contains in the reception apparatus, that is to say the first electronic message does not need to be stored, managed and, after a certain time, deleted in the encryption system.
  • an activation element which can be operated by the user for example a "button" or an icon, is added to the content of the second electronic message, and the content of the second electronic message is fashioned such that, in response to operation of the activation element, the encrypted first electronic message is transmitted from the reception apparatus to the encryption system using the secure connection via the telecommunication network.
  • Embedding the activation element which can be operated by the user into the second electronic message permits extremely simple control by the user as a result of activation of the desired decryption of the encrypted first electronic message .
  • the content of the second electronic message is set up as a feedback form with form fields, and the encrypted first electronic message is added secretly to form fields in the feedback form, for example to an HTML page which has been set up as a feedback form.
  • the encrypted first electronic message is hidden in the feedback form.
  • any attachments to the first electronic message are added in respectively encrypted form to separate form fields.
  • the encrypted first electronic message is then transmitted to the encryption system by transmitting the contents of the form fields from the reception apparatus to the encryption system.
  • provision of the second electronic message in the form of a feedback form involves address information for the encryption system being added to the content of the second electronic message.
  • Transmitting the encrypted first electronic message hidden in form fields in a feedback form permits extremely simple interchange of the electronic messages between the encryption system and the reception apparatus, which can be performed by conventional e- mail programs in the reception apparatus, so that the reception apparatus does not need to be equipped with additional special modules .
  • the present invention also relates to a suitable computer-based encryption system for the secure transmission of electronic messages via a telecommunication network and to a computer program product having suitable computer program code means for controlling one or more processors in a computer for the secure transmission of electronic messages via a telecommunication network.
  • figure 1 shows a block diagram which schematically illustrates the sequence in the public key method known from the prior art for the secure transmission of electronic messages via a telecommunication network.
  • figure 2 shows a block diagram which schematically illustrates the sequence in the courier service systems known from the prior art for the secure transmission of electronic messages via a telecommunication network.
  • figure 3 shows a block diagram which schematically illustrates the sequence between the computer-based encryption system and a reception apparatus in the case of an example of the inventive secure transmission of electronic messages via a telecommunication network.
  • figure 4 shows a flowchart which schematically illustrates the method sequence in the case of an example of the inventive secure transmission of electronic messages via a telecommunication network.
  • FIG. 3 schematically illustrates an encryption system 32 which comprises one or more computers having one or more respective processors.
  • the encryption system 32 comprises a plurality of functional modules which are preferably in the form of programmed software modules and which control the processor (s) in the encryption system such that the function of the functional module in question is performed by the processor (s) .
  • the programmed software modules each comprise computer program code means which are stored on a computer- readable medium 322. The person skilled in the art will understand that the functional modules may also be designed in part or in full using hardware.
  • the encryption system 32 comprises a communication module 321 for the interchange of electronic messages, such as e-mails, via a telecommunication network 35, for example the Internet and/or a mobile radio network, with the reception apparatus 34 shown in figure 3.
  • a communication module 321 for the interchange of electronic messages, such as e-mails, via a telecommunication network 35, for example the Internet and/or a mobile radio network, with the reception apparatus 34 shown in figure 3.
  • step SI involves an e-mail 311 being transferred from a sender apparatus 31 to the encryption system 32.
  • the e-mail 311 may also be generated in a computer in the encryption system 32.
  • the encryption system 32 or the functional module in question, encrypts the e-mail 311 and integrates the encrypted e-mail 331 into an HTML e-mail 33, as illustrated schematically in figure 3. That is to say that no link to the e-mail 311 is added to an HTML e- mail 33 but rather the entire encrypted e-mail 331.
  • the HTML e-mail 33 is provided by the encryption system 32 as an e-mail whose content has the format of the text markup language HTML.
  • address information for the encryption system 32 is added to the HTML content of the e-mail 33 (e.g. https://www.servername.com/xxx.cgi).
  • the HTML e-mail 33 provided is then transmitted in step
  • the receiver 34 where, as usual, it is stored in conventional fashion in or by the reception apparatus's e-mail program.
  • the receiver that is to say the user of the reception apparatus 34, wishes to read the content of this e-mail, he inputs his password into the form field provided for this purpose and operates the activation element, that is to say he clicks on the button in the HTML e-mail 33.
  • a secure connection in our example an SSL connection
  • the encryption system 32 decrypts the encrypted e-mail 331 received via the secure connection and, in step S14, transmits the decrypted e-mail 311 using the secure connection for the purpose of display in a browser window on the reception apparatus 34 or, depending on the file type of the attachment, in a display program provided for this purpose on the reception apparatus 34.
  • the user of the reception apparatus 34 realizes only that he is clicking on the button and that the e-mail 311 appears in readable form in the browser window, or in the display program.
  • the e-mail 311 is thus packed secretly (hidden) into another e-mail 33, specifically such that clicking on the HTML button in the e-mail 33 uploads the encrypted e-mail 331 automatically to the encryption system 32, decrypts it there and displays it in a browser window on the reception apparatus 34.
  • step SI the method sequence is initiated in step SI through the transmission of an e-mail 311 from a sender apparatus 31 to the encryption system 32.
  • step S2 the e-mail 311 is accepted by the encryption system 32.
  • step S3 the encryption system 32 examines whether a key for the encryption method has already been provided for the receiver (addressee) of the e-mail 311. If a key has not yet been provided for the receiver, then a key is generated in step S4 and is stored in the encryption system 32 in association with the receiver in question.
  • step S5 the receiver is sent a password or access code, for example by telephone, which is indicated in figure 4 by the arrow S5' .
  • step S6 the encryption system 32 possibly provides the individual parts of the e-mail 311 by separating attachments from the e-mail 311.
  • step S7 the encryption system 32 encrypts the e- mail 311, that is to say the individual parts of the e- mail 311, including the content of the e-mail 311 and the attachments to the e-mail 311 which have been separated in step S6, are encrypted.
  • step S8 the encryption system 32 adds the encrypted e-mail 331 secretly to HTML form fields in the HTML e- mail 33 described above, in which case the parts of the e-mail 311 which have been encrypted in step S7 are respectively added to separate HTML form fields.
  • the encryption system 32 also adds the form field as the input field for inputting the password or the access code, the address information for the encryption system 32 and the activation element which can be operated by the receiver to the HTML content of the e-mail 33.
  • step S9 the encryption system 32 transmits the HTML e-mail 33 provided in step S8 with the encrypted e-mail 331 via the telecommunication network 35 to the reception apparatus 34, where it is stored in the e- mail program.
  • step S10 the receiver opens the HTML e-mail 33 in the e-mail program on the reception apparatus 34, inputs the password transmitted in step S5 into the form field provided as input field and operates the activation element in the HTML e-mail 33.
  • step Sll the e-mail program on the reception apparatus 34 creates the secure connection to the encryption system 32 and transmits the password which has been input and the e-mail 331 encrypted in hidden form in the form fields to the encryption system 32.
  • the HTML e-mail 33 with the encrypted e-mail 331 remains stored in the reception apparatus 34 for use again later.
  • step S12 the encryption system 32 checks whether the password received is correct, that is to say the received password is compared with a password which is associated with the user to whom the e-mail 311 or the HTML e-mail 33 is addressed. If the password is incorrect, the encryption system 32 transmits an error message to the e-mail program on the reception apparatus 34.
  • the encryption system 32 decrypts the encrypted e-mail 331 received, that is to say the encrypted parts of the e-mail 311 which have been added to the HTML e-mail 33 in step S8, in step S13.
  • step S14 the encryption system 32 displays the decrypted e-mail 331, that is to say the unencrypted parts of the e-mail 311, in a browser window on the reception apparatus 34 and/or, depending on the file type of the attachment, in a display program provided for this purpose on the reception apparatus 34 using the secure connection created in step Sll . That is to say that the encryption system 32 transmits the decrypted e-mail 331, or the unencrypted parts of the e-mail 311, to the reception apparatus 34 using the secure connection for the purpose of display in a browser window and/or in a display program.
  • the user may also first be asked to input the password, or access code, by the encryption system 32.
  • activation of the transmission of the encrypted e-mail 331 from the reception apparatus 34 to the encryption system 32 may, in one variant embodiment, also be triggered independently of the operation of an activation element, for example automatically by program code in the HTML e-mail 33, for example by Javascript.
  • the encrypted e-mail 331 may, in one variant embodiment, also be transmitted via the telecommunication network 35 from the reception apparatus 34 to the encryption system 32 in nonsecure form, for example triggered by the aforementioned program code.
  • the secure connection is first created by the encryption system 32 for transmitting the decrypted e-mail 311 to the reception apparatus 34.
  • steps S2 to S9 to be performed in a first computer in the encryption system 32, for the key generated in step S4 to be transmitted from the first computer to a second computer in the encryption system 32, for the e-mail program on the reception apparatus 34 to create the secure connection to the second computer in the encryption system 32 in step Sll and to transmit the password which has been input and the encrypted e-mail 331 to the second computer in the encryption system 32, and for steps S12 to S14 to be performed by the second computer in the encryption system 32.
  • the proposed solution has a similar effect for the receiver as the courier service system. He simply needs to click on a button, instead of a link, in order to read the e-mail.
  • the proposed solution provides significant advantages over courier service systems.
  • the user of the reception apparatus 34 (receiver) can manage the e-mail using his e-mail program.
  • the e-mail 311 has been stored in encrypted form and embedded in the HTML e-mail 33, it is still a normal e-mail with content.
  • the receiver is thus able to copy, move, back up, delete etc. the HTML e-mail 33 with its entire content. He can thus manage the e-mail 33 in his familiar environment.
  • the sender, or the encryption system 32 does not need to buffer-store all e-mails which have been transmitted to the communication partners .
  • the sender or the encryption system 32, does not need to buffer-store all e-mails which have been transmitted to the communication partners .
  • it is necessary to store and manage only one key and the password on the encryption system 32, regardless of how many e-mails are sent to this partner.
  • the problem of deleting the e-mails after a certain time does not arise either.
  • the communication partner is able to read his e-mails until the sender, or the encryption system 32, deletes the key.
  • the proposed method also affords a higher level of security than a courier service system.
  • the proposed solution has the advantage over the public key method that the communication partner does not need to install any software, any plugin, any certificate or any key on his system and he nevertheless has the opportunity to read encrypted e-mails.
  • the proposed solution has the advantage over public key methods that the sender can automatically be sent confirmation of receipt.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Information Transfer Between Computers (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

For the purpose of secure transmission of an electronic message (311) via a telecommunication network (35), the electronic message (311) is encrypted (S7) in an encryption system (32). In the encryption system (32), a second electronic message (33) is provided (S8) which comprises a content in the format of a text markup language such as HTML. The encrypted first electronic message (331) is added secretly to form fields in this content. In addition, an activation element which can be operated by the user is added to the content, and the content is fashioned such that, in response to operation (S10) of the activation element, the encrypted first electronic message (331) is transmitted (S11) from a reception apparatus (34) to the encryption system (32) using a secure connection via the telecommunication network (35). In the encryption system (32), the encrypted first electronic message (331) received via the secure connection is decrypted (S13) and is transmitted (S14) to the reception apparatus (34) using the secure connection for the purpose of display.

Description

METHOD AND DEVICES FOR SECURE TRANSMISSION OF ELECTRONIC MESSAGES Technical field
The present invention relates to a method for the secure transmission of electronic messages via a telecommunication network and to apparatuses suitable for this purpose. The invention relates in particular to a method and suitable apparatuses for the secure transmission of electronic messages, such as "electronic mails" (e-mails) , via a telecommunication network, the electronic messages being encrypted and decrypted.
Prior art
To protect the interchange of electronic messages such as e-mail, methods are used to encrypt the content of the e-mails. Currently, primarily two types of methods for interchanging encrypted electronic messages with external partners are used, the "public key method" (see figure 1) and a method which is based on "courier service systems" (see figure 2) .
The public key method involves the e-mail being encrypted by the sender using a public key belonging to the receiver, and being decrypted again by the receiver using the latter' s private key (secret key). As figure 1 illustrates, the public key method may be executed in companies using a central e-mail encryption gateway 12, so that the individual employees have nothing to do with the key management and encryption. As can be seen from figure 1, in step Sll of the public key method the external partner 14 sends his public key to an internal employee 11, or to the e-mail encryption gateway 12 , where it is stored in a key database either manually or automatically. When an e-mail is sent from the internal employee 11 to the external partner 14 in step S12, the e-mail is automatically encrypted by the e-mail encryption gateway 12 using the added public key belonging to the external partner 14. In addition, the encryption may be linked to the condition that the e- ail must satisfy defined criteria. In step S13, the encrypted e-mail is transmitted from the e-mail encryption gateway 12 to the external partner 14. The external partner 14 receives the encrypted e-mail and decrypts it using the decryption module 15, using the private key which only the external partner knows, and renders the e-mail readable again. The decryption module 15 is in the form of a software or hardware solution.
The two best known public key methods are OpenPGP (Pretty Good Privacy) and S/MIME (Secure Multipurpose Internet Mail Extensions) , for which there are an array of solutions and plugins .
A fundamental drawback of the public key methods is that the receiver has to install special supplementary modules, typically software programs, software subprograms and cryptographical keys and/or certificates, on his terminal and needs to operate or use these supplementary modules in the correct manner. This firstly has an associated level of complexity, and secondly assumes that the receiving communication partner has certain technical capabilities and knowledge, which he does not necessarily have. In addition, many communication partners do not even have the authorization to install such supplementary modules on their system.
Courier service systems or courier services are provided either as subsystems of e-mail encryption gateways or as individual solutions or as services via the Internet. As figure 2 shows in schematic form, in step S21 of such solutions the sender 21 sends the e- mail to the courier service system 22 in unencrypted form. The e-mail may be sent in this manner using a normal e-mail program or using an integrated webmail system. The courier service system 22 stores and buffers the received e-mail 221 either in unencrypted form or in a form encrypted using a secret key. As can be seen in figure 2, the courier service system 22 provides a new second e-mail 23, typically in HTML format, and transmits it to the receiver 24 in step S23. The new second e-mail 23 comprises a "hyperlink" 231 to the courier service system 22. When the receiver 24 clicks on this hyperlink 231 in his e-mail program, a web browser window opens, for example within the e- mail program, in step S24 and a web page appears which requires the receiver 24 to type in a password which he has obtained previously in a different way, for example by telephone. When the password has been typed in, the courier service system 22 shows the receiver 24 the e- mail, which is buffer-stored in the courier service system 22, in the web browser or, depending on the file type, in a display program provided for it, in step S25. The connection between the browser belonging to the receiver 24 and the courier service system 22 is secured, or encrypted, using SSL (Secure Socket Layer) , which means that nobody in between is able to intercept and read the e-mail message .
Courier service systems do not have the drawback of the public key methods, because the communication partner does not need to install a program or certificate. The communication partner can easily use a hyperlink to set up a connection to a web server, for which most e-mail programs today have been set up .
However, courier service systems face drawbacks regarding mail management. Courier service systems use the web protocol HTTP(S) (Hypertext Transfer Protocol (Secure)) and not e-mail protocols, that is to say that the e-mail is uploaded (securely) to a web server, is stored there and is downloaded again. Only the hyperlink for accessing this web page is sent by e- mail. Hence, the e-mail in courier service systems is stored not with the receiver 24 but rather in the courier service system 22, for example on a web server in the courier service system 22. The receiver 24 is therefore not able to manage, move, copy, delete, back up etc. the e-mail in his e-mail program. The receiver 24 must either manage the e-mail on the web server in the courier service system 22 or must download it and store it locally on his hard disk. The operators of the courier service system, typically the sender's company, are therefore confronted with the storage of all e- ails to the communication partners . This forces the operators to have an immensely large infrastructure, and/or they must delete the e-mails again after a certain time. Deleting a buffer-stored e-mail means that the communication partner is no longer able to read this e-mail, even if the e-mail with the hyperlink is still in his inbox.
Description of the invention
It is an object of the present invention to propose a new method for the secure transmission of electronic messages via a telecommunication network and apparatuses suitable for this purpose which do not have the drawbacks of the prior art .
In line with the present invention, these objectives are achieved, in particular, by the elements of the independent claims. In addition, other advantageous embodiments can be found in the dependent claims and in the description.
The aforementioned objectives are achieved by the present invention particularly by virtue of a first electronic message, for example an e-mail, which is intended to be transmitted securely via a telecommunication network, for example via the Internet, being encrypted in an encryption system, and by virtue of a second electronic message being provided in the encryption system, where the second electronic message comprises a content in the format of a text markup language. In this case, the encrypted first electronic message is added to the content of the second electronic message, for example hidden in form fields in the text markup language. The text markup language is HTML (Hypertext Markup Language) or XML (Extensible Markup Language) , for example. The second electronic message which is provided is transmitted via the telecommunication network to the reception apparatus to which the first electronic message is addressed, for example to a communication terminal or to a personal computer. The encrypted first electronic message is transmitted from the reception apparatus to the encryption system via the telecommunication network. The first electronic message received via the telecommunication network is decrypted in the encryption system and is transmitted from the encryption system to the reception apparatus using a secure connection, for example using an SSL connection, for the purpose of display. Advantageously, the transmission of the encrypted first electronic message packed in a second electronic message and the automatic feedback of the encrypted first electronic message to the encryption system permit secure transmission of the first electronic messages via a telecommunication network without the need to equip the reception apparatus with additional special modules for decryption and without the user of the reception apparatus needing to concern himself with aspects of the decryption. Furthermore, the transmission of the encrypted first electronic message packed in a second electronic message to the reception apparatus permits the receiver to manage the second electronic message with the encrypted first electronic message it contains in the reception apparatus, that is to say the first electronic message does not need to be stored, managed and, after a certain time, deleted in the encryption system.
Preferably, an activation element which can be operated by the user, for example a "button" or an icon, is added to the content of the second electronic message, and the content of the second electronic message is fashioned such that, in response to operation of the activation element, the encrypted first electronic message is transmitted from the reception apparatus to the encryption system using the secure connection via the telecommunication network. Embedding the activation element which can be operated by the user into the second electronic message permits extremely simple control by the user as a result of activation of the desired decryption of the encrypted first electronic message .
Preferably, the content of the second electronic message is set up as a feedback form with form fields, and the encrypted first electronic message is added secretly to form fields in the feedback form, for example to an HTML page which has been set up as a feedback form. In this way the, the encrypted first electronic message is hidden in the feedback form. In this case, any attachments to the first electronic message are added in respectively encrypted form to separate form fields. The encrypted first electronic message is then transmitted to the encryption system by transmitting the contents of the form fields from the reception apparatus to the encryption system. In addition, provision of the second electronic message in the form of a feedback form involves address information for the encryption system being added to the content of the second electronic message. Transmitting the encrypted first electronic message hidden in form fields in a feedback form permits extremely simple interchange of the electronic messages between the encryption system and the reception apparatus, which can be performed by conventional e- mail programs in the reception apparatus, so that the reception apparatus does not need to be equipped with additional special modules .
Besides the method for secure transmission of electronic messages via a telecommunication network, the present invention also relates to a suitable computer-based encryption system for the secure transmission of electronic messages via a telecommunication network and to a computer program product having suitable computer program code means for controlling one or more processors in a computer for the secure transmission of electronic messages via a telecommunication network.
Brief description of the drawings
An embodiment of the present invention is described below with reference to an example. The example of the embodiment is illustrated by the following appended figures :
figure 1 shows a block diagram which schematically illustrates the sequence in the public key method known from the prior art for the secure transmission of electronic messages via a telecommunication network.
figure 2 shows a block diagram which schematically illustrates the sequence in the courier service systems known from the prior art for the secure transmission of electronic messages via a telecommunication network.
figure 3 shows a block diagram which schematically illustrates the sequence between the computer-based encryption system and a reception apparatus in the case of an example of the inventive secure transmission of electronic messages via a telecommunication network. figure 4 shows a flowchart which schematically illustrates the method sequence in the case of an example of the inventive secure transmission of electronic messages via a telecommunication network.
Ways of implementing the invention
Figure 3 schematically illustrates an encryption system 32 which comprises one or more computers having one or more respective processors. The encryption system 32 comprises a plurality of functional modules which are preferably in the form of programmed software modules and which control the processor (s) in the encryption system such that the function of the functional module in question is performed by the processor (s) . The programmed software modules each comprise computer program code means which are stored on a computer- readable medium 322. The person skilled in the art will understand that the functional modules may also be designed in part or in full using hardware.
The encryption system 32 comprises a communication module 321 for the interchange of electronic messages, such as e-mails, via a telecommunication network 35, for example the Internet and/or a mobile radio network, with the reception apparatus 34 shown in figure 3.
As figure 3 schematically indicates, step SI involves an e-mail 311 being transferred from a sender apparatus 31 to the encryption system 32. The e-mail 311 may also be generated in a computer in the encryption system 32. Instead of storing the e-mail 311, as in the known courier service systems, and integrating a hyperlink to this e-mail into a second new HTML e-mail, the encryption system 32, or the functional module in question, encrypts the e-mail 311 and integrates the encrypted e-mail 331 into an HTML e-mail 33, as illustrated schematically in figure 3. That is to say that no link to the e-mail 311 is added to an HTML e- mail 33 but rather the entire encrypted e-mail 331. The HTML e-mail 33 is provided by the encryption system 32 as an e-mail whose content has the format of the text markup language HTML. The content of the e-mail 33 is set up, in particular, as an HTML page which is normally used as a feedback form on web pages (e.g. <form action = https://www.servername.com/xxx.cgi" method = P0ST>) . The encrypted e-mail 331 is added secretly to one or more form fields in the HTML content of the e-mail 33 (e.g. <input type = "HIDDEN" name = "field 1" value = " ">) by the encryption system 32, thereby making the encrypted e-mail 331 hidden in the HTML content. If the e-mail 311 has attachments, then these are each added separately to various form fields in the HTML content of the e-mail
33. In addition, the HTML content of the e-mail 33 is provided with a form field as an input field for the input of a password or access code by the user (e.g. password: <input type = "PASSWORD" name = "password">) . Furthermore, address information for the encryption system 32 is added to the HTML content of the e-mail 33 (e.g. https://www.servername.com/xxx.cgi). Finally, an activation element which can be operated by the user is added to the HTML content of the e-mail 33 (e.g. <input type = "SUBMIT" value = "Click here to decrypt">) .
The HTML e-mail 33 provided is then transmitted in step
S9 from the encryption system 32 via the telecommunication network 35 to the reception apparatus
34, where, as usual, it is stored in conventional fashion in or by the reception apparatus's e-mail program. When the receiver, that is to say the user of the reception apparatus 34, wishes to read the content of this e-mail, he inputs his password into the form field provided for this purpose and operates the activation element, that is to say he clicks on the button in the HTML e-mail 33. In response to operation of the activation element, in step Sll the e-mail program in the reception apparatus 34 creates a secure connection, in our example an SSL connection, to the encryption system 32 determined by the aforementioned address information in conventional fashion on the basis of the HTML instruction in the HTML content of the e-mail 33 (action = https) , and loads the password which has been input and the e-mail 331 encrypted secretly in the form fields for the encryption system 32. If the password is correct, the encryption system 32 decrypts the encrypted e-mail 331 received via the secure connection and, in step S14, transmits the decrypted e-mail 311 using the secure connection for the purpose of display in a browser window on the reception apparatus 34 or, depending on the file type of the attachment, in a display program provided for this purpose on the reception apparatus 34. The user of the reception apparatus 34 realizes only that he is clicking on the button and that the e-mail 311 appears in readable form in the browser window, or in the display program.
The e-mail 311 is thus packed secretly (hidden) into another e-mail 33, specifically such that clicking on the HTML button in the e-mail 33 uploads the encrypted e-mail 331 automatically to the encryption system 32, decrypts it there and displays it in a browser window on the reception apparatus 34.
As shown schematically in the flowchart in figure 4, the method sequence is initiated in step SI through the transmission of an e-mail 311 from a sender apparatus 31 to the encryption system 32.
In step S2, the e-mail 311 is accepted by the encryption system 32.
In step S3, the encryption system 32 examines whether a key for the encryption method has already been provided for the receiver (addressee) of the e-mail 311. If a key has not yet been provided for the receiver, then a key is generated in step S4 and is stored in the encryption system 32 in association with the receiver in question.
In step S5, the receiver is sent a password or access code, for example by telephone, which is indicated in figure 4 by the arrow S5' .
In step S6, the encryption system 32 possibly provides the individual parts of the e-mail 311 by separating attachments from the e-mail 311.
In step S7, the encryption system 32 encrypts the e- mail 311, that is to say the individual parts of the e- mail 311, including the content of the e-mail 311 and the attachments to the e-mail 311 which have been separated in step S6, are encrypted.
In step S8, the encryption system 32 adds the encrypted e-mail 331 secretly to HTML form fields in the HTML e- mail 33 described above, in which case the parts of the e-mail 311 which have been encrypted in step S7 are respectively added to separate HTML form fields. As described above, the encryption system 32 also adds the form field as the input field for inputting the password or the access code, the address information for the encryption system 32 and the activation element which can be operated by the receiver to the HTML content of the e-mail 33.
In step S9, the encryption system 32 transmits the HTML e-mail 33 provided in step S8 with the encrypted e-mail 331 via the telecommunication network 35 to the reception apparatus 34, where it is stored in the e- mail program.
In step S10, the receiver opens the HTML e-mail 33 in the e-mail program on the reception apparatus 34, inputs the password transmitted in step S5 into the form field provided as input field and operates the activation element in the HTML e-mail 33.
In step Sll, the e-mail program on the reception apparatus 34 creates the secure connection to the encryption system 32 and transmits the password which has been input and the e-mail 331 encrypted in hidden form in the form fields to the encryption system 32. In this case, the HTML e-mail 33 with the encrypted e-mail 331 remains stored in the reception apparatus 34 for use again later.
In step S12, the encryption system 32 checks whether the password received is correct, that is to say the received password is compared with a password which is associated with the user to whom the e-mail 311 or the HTML e-mail 33 is addressed. If the password is incorrect, the encryption system 32 transmits an error message to the e-mail program on the reception apparatus 34.
If the password is correct, the encryption system 32 decrypts the encrypted e-mail 331 received, that is to say the encrypted parts of the e-mail 311 which have been added to the HTML e-mail 33 in step S8, in step S13.
In step S14, the encryption system 32 displays the decrypted e-mail 331, that is to say the unencrypted parts of the e-mail 311, in a browser window on the reception apparatus 34 and/or, depending on the file type of the attachment, in a display program provided for this purpose on the reception apparatus 34 using the secure connection created in step Sll . That is to say that the encryption system 32 transmits the decrypted e-mail 331, or the unencrypted parts of the e-mail 311, to the reception apparatus 34 using the secure connection for the purpose of display in a browser window and/or in a display program.
At this point, it will be recorded that, in one variant embodiment, the user may also first be asked to input the password, or access code, by the encryption system 32. In addition, activation of the transmission of the encrypted e-mail 331 from the reception apparatus 34 to the encryption system 32 may, in one variant embodiment, also be triggered independently of the operation of an activation element, for example automatically by program code in the HTML e-mail 33, for example by Javascript. Also, the encrypted e-mail 331 may, in one variant embodiment, also be transmitted via the telecommunication network 35 from the reception apparatus 34 to the encryption system 32 in nonsecure form, for example triggered by the aforementioned program code. In the latter case, the secure connection is first created by the encryption system 32 for transmitting the decrypted e-mail 311 to the reception apparatus 34. Finally, it is also possible for steps S2 to S9 to be performed in a first computer in the encryption system 32, for the key generated in step S4 to be transmitted from the first computer to a second computer in the encryption system 32, for the e-mail program on the reception apparatus 34 to create the secure connection to the second computer in the encryption system 32 in step Sll and to transmit the password which has been input and the encrypted e-mail 331 to the second computer in the encryption system 32, and for steps S12 to S14 to be performed by the second computer in the encryption system 32.
Although the solution is technically completely different, the proposed solution has a similar effect for the receiver as the courier service system. He simply needs to click on a button, instead of a link, in order to read the e-mail. However, the proposed solution provides significant advantages over courier service systems. The user of the reception apparatus 34 (receiver) can manage the e-mail using his e-mail program. Although the e-mail 311 has been stored in encrypted form and embedded in the HTML e-mail 33, it is still a normal e-mail with content. The receiver is thus able to copy, move, back up, delete etc. the HTML e-mail 33 with its entire content. He can thus manage the e-mail 33 in his familiar environment. In addition, the sender, or the encryption system 32, does not need to buffer-store all e-mails which have been transmitted to the communication partners . For each communication partner, it is necessary to store and manage only one key and the password on the encryption system 32, regardless of how many e-mails are sent to this partner. Hence, the problem of deleting the e-mails after a certain time does not arise either. The communication partner is able to read his e-mails until the sender, or the encryption system 32, deletes the key. Finally, the proposed method also affords a higher level of security than a courier service system. This is because in the courier service system the password can be used to read all encrypted e-mails from a particular sender, whereas in the proposed solution a user not only needs to know the password but also needs to be in possession of the encrypted e-mail in order to read it .
The proposed solution has the advantage over the public key method that the communication partner does not need to install any software, any plugin, any certificate or any key on his system and he nevertheless has the opportunity to read encrypted e-mails. In addition, the proposed solution has the advantage over public key methods that the sender can automatically be sent confirmation of receipt.

Claims

Claims
1. A method for the secure transmission of electronic messages via a telecommunication network (35) , comprising: encryption (S7) of a first electronic message (311) in an encryption system (32) , provision (S8) of a second electronic message (33) in the encryption system (32) , where the second electronic message (33) comprises a content in the format of a text markup language and where the encrypted first electronic message (331) is added to said content, transmission (S9) of the second electronic message (33) to a reception apparatus (34) via the telecommunication network (35) , transmission (Sll) of the encrypted first electronic message (331) from the reception apparatus (34) to the encryption system (32) via the telecommunication network (35) , decryption (S13) of the encrypted first electronic message (331) received via the telecommunication network (35) in the encryption system (32) , and transmission (S14) of the decrypted first electronic message (311) from the encryption system (32) using a secure connection via the telecommunication network (35) for the purpose of display in the reception apparatus (34) .
2. The method as claimed in claim 1, characterized in that receipt of the second electronic message (33) in the reception apparatus (34) is followed by operation (S10) of an activation element, which can be operated by the user, in the content of the second electronic message (33) , and in that, in response to operation (S10) of the activation element the encrypted first electronic message (331) is transmitted (Sll) , from the reception apparatus (34) to the encryption system (32) using the secure connection via the telecommunication network (35) .
3. The method as claimed in either of claims 1 or 2 , characterized in that the content of the second electronic message (33) is set up as a feedback form with form fields, in that the encrypted first electronic message (331) is added secretly to form fields in the feedback form, and in that the encrypted first electronic message (331) is transmitted (Sll) to the encryption system (32) by transmitting the contents of the form fields from the reception apparatus (34) to the encryption system (32) .
4. The method as claimed in one of claims 1 to 3, characterized in that provision (S8) of the second electronic message (33) involves a form field being added to the content of the second electronic message
(33) as an input field for inputting a password or an access code, in that receipt of the second electronic message (33) in the reception apparatus (34) is followed by the input (S10) of a password or an access code into the input field by a user of the reception apparatus (34) , in that the password which has been input or the access code which has been input is transmitted (Sll) to the encryption system (32) together with the encrypted first electronic message (331) , in that the password which has been input or the access code which has been input is compared (S12) by the encryption system (32) with a password or an access code which is associated with the user to whom the first electronic message (311) is addressed, and in that the encrypted first electronic message (331) is not decrypted (S13) if there is no match.
5. The method as claimed in one of claims 1 to , characterized in that electronic mails are used as electronic messages (311, 33) , in that Hypertext Markup Language or Extensible Markup Language is used as the text markup language, in that the encrypted first electronic message (331) is added secretly to form fields in the content of the second electronic message (33) , with any attachments to the first electronic message (311) being added, in each case in encrypted form, to separate form fields, and in that provision (S8) of the second electronic message (33) involves address information for the encryption system (32) being added to the content of the second electronic message (33) .
6. A computer-based encryption system (32) for the secure transmission of electronic messages via a telecommunication network (35) , comprising: means for encrypting a first electronic message (311) , and means for decrypting the encrypted first electronic message (331) , characterized by means for providing a second electronic message (33) , where the second electronic message (33) comprises a content in the format of a text markup language and where the encrypted first electronic message (331) is added to said content, means for transmitting the second electronic message (33) to a reception apparatus (34) via the telecommunication network (35) , means for receiving the encrypted first electronic message (331) from the reception apparatus (34) via the telecommunication network (35) and for decrypting the encrypted first electronic message (331) received, and means for transmitting the decrypted first electronic message (311) using a secure connection via the telecommunication network (35) for the purpose of display in the reception apparatus (34) .
7. The computer-based encryption system (32) as claimed in claim 6, characterized in that the means for providing the second electronic message (33) are set up to add an activation element which can be operated by the user to the content of the second electronic message (33) and to fashion the content of the second electronic message (33) such that, in response to operation of the activation element, the encrypted first electronic message (331) is transmitted from the reception apparatus (34) to the encryption system (32) using the secure connection via the telecommunication network (35) .
8. The computer-based encryption system (32) as claimed in either of claims 6 or 7, characterized in that the means for providing the second electronic message (33) are set up to set up the content of the second electronic message (33) as a feedback form with form fields and to add the encrypted first electronic message (331) secretly to form fields in the feedback form.
9. A computer program product comprising: a computer- readable medium (322) containing computer program code means for controlling one or more processors in a computer for the secure transmission of electronic messages via a telecommunication network (35) , such that a first electronic message (311) is encrypted (S7) in the computer, that a second electronic message (33) is provided (S8) in the computer, where the second electronic message (33) comprises a content in the format of a text markup language and where the encrypted first electronic message (331) is added to said content, that the second electronic message (33) is transmitted (S9) from the computer to a reception apparatus (34) via the telecommunication network (35) , that the encrypted first electronic message (331) is received in the computer from the reception apparatus (34) via the telecommunication network (35) and is decrypted (S13) in the computer, and that the decrypted first electronic message (311) is transmitted (S14) from the computer to the reception apparatus (34) using a secure connection via the telecommunication network (35) for the purpose of display.
10. The computer program product as claimed in claim 9, characterized in that it comprises further computer program code means which control the processors in the computer such that provision (S8) of the second electronic message (33) in the computer involves an activation element which can be operated by the user being added to the content of the second electronic message (33) , and in that the content of the second electronic message (33) is fashioned such that, in response to operation (S10) of the activation element, the encrypted first electronic message (331) is transmitted (Sll) from the reception apparatus (34) to the computer using the secure connection via the telecommunication network (35) .
11. The computer program product (322) as claimed in either of claims 9 or 10, characterized in that it comprises further computer program code means which control the processors in the computer such that provision (S8) of the second electronic message (33) in the computer involves the content of the second electronic message (33) being set up as a feedback form with form fields and that the encrypted first electronic message (331) is added secretly to form fields in the feedback form.
PCT/CH2004/000488 2003-08-07 2004-08-03 Method and devices for secure transmission of electronic messages WO2005015862A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
EP03405583.0 2003-08-07
EP03405583 2003-08-07
EP03405660.6 2003-09-09
EP03405660A EP1478143B1 (en) 2003-08-07 2003-09-09 Method and device for secure e-mail transmission

Publications (1)

Publication Number Publication Date
WO2005015862A1 true WO2005015862A1 (en) 2005-02-17

Family

ID=33031279

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CH2004/000488 WO2005015862A1 (en) 2003-08-07 2004-08-03 Method and devices for secure transmission of electronic messages

Country Status (2)

Country Link
EP (1) EP1478143B1 (en)
WO (1) WO2005015862A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3644572A1 (en) * 2018-10-27 2020-04-29 Zertificon Solutions GmbH Secure communication of payload data
JP7060751B1 (en) 2021-09-28 2022-04-26 良多 根岸 Data sharing device and data sharing method

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012052818A1 (en) 2010-10-20 2012-04-26 Privasphere Ag Method and system for secure communication

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0869652A2 (en) * 1997-04-01 1998-10-07 Tumbleweed Software Corporation Document delivery system
WO2000031931A1 (en) * 1998-11-24 2000-06-02 Telefonaktiebolaget Lm Ericsson (Publ) Method and system for securing data objects

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0869652A2 (en) * 1997-04-01 1998-10-07 Tumbleweed Software Corporation Document delivery system
WO2000031931A1 (en) * 1998-11-24 2000-06-02 Telefonaktiebolaget Lm Ericsson (Publ) Method and system for securing data objects

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SPIEGEL G: "HINTER SCHLOSS UND SIEGEL", CT MAGAZIN FUER COMPUTER TECHNIK, VERLAG HEINZ HEISE GMBH., HANNOVER, DE, no. 8, 12 April 1999 (1999-04-12), pages 174 - 179, XP000804892, ISSN: 0724-8679 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3644572A1 (en) * 2018-10-27 2020-04-29 Zertificon Solutions GmbH Secure communication of payload data
WO2020084151A1 (en) * 2018-10-27 2020-04-30 Zertificon Solutions Gmbh Secure communication of payload data
JP7060751B1 (en) 2021-09-28 2022-04-26 良多 根岸 Data sharing device and data sharing method
JP2023048525A (en) * 2021-09-28 2023-04-07 良多 根岸 Data sharing apparatus and data sharing method

Also Published As

Publication number Publication date
EP1478143A1 (en) 2004-11-17
EP1478143B1 (en) 2005-10-05

Similar Documents

Publication Publication Date Title
JP4991035B2 (en) Secure message system with remote decryption service
CA2394451C (en) System, method and computer product for delivery and receipt of s/mime-encrypted data
US6904521B1 (en) Non-repudiation of e-mail messages
US7634651B1 (en) Secure data transmission web service
US8145898B2 (en) Encryption/decryption pay per use web service
AU2728100A (en) Web-based delivery of secure e-mail messages
EP1249981A1 (en) A security service system and method
US20060020799A1 (en) Secure messaging
US20100037050A1 (en) Method and apparatus for an encrypted message exchange
CA2518025A1 (en) Secure e-mail messaging system
US20030093664A1 (en) Message transmission/reception control method and message transmission/reception control system
WO2000031944A1 (en) A secure electronic mail gateway
WO2005015862A1 (en) Method and devices for secure transmission of electronic messages
JP2005202715A (en) Classified information transfer system
WO2000046952A1 (en) Method for sending secure email via standard browser
EP1592188B1 (en) Method and apparatus for transmission of digitally signed electronic mail
JP2001352320A (en) Cipher text transferring method and device
JP2004078559A (en) Encryption mail communication method and encryption mail system
WO2002009346A1 (en) A ubiquitous e-mail encryption component
JP6749794B2 (en) Program and server
CA2638476C (en) Method and apparatus for an encrypted message exchange
JP2020198616A (en) Program and server
JP2011118931A (en) Message transmission/reception control method and message transmission/reception control system
JP2004532473A (en) Modification of e-mail system to achieve secure delivery system
JP2005286460A (en) Decryption apparatus

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGTHS PURSUANT TO RULE 69(1) EPC (EPOFORM 1205A DATED 03.05.06)

122 Ep: pct application non-entry in european phase