Data processing: financial – business practice – management – or co – Business processing using cryptography – Secure transaction
Reexamination Certificate
1997-07-11
2001-10-30
Trammell, James P. (Department: 2161)
Data processing: financial, business practice, management, or co
Business processing using cryptography
Secure transaction
Reexamination Certificate
active
06311171
ABSTRACT:
BACKGROUND
The present invention relates generally to techniques and systems for securing and synchronizing electronic communications between parties, e.g., over the Internet, and more particularly electronic communications involving financial transactions.
Methods for providing electronic or virtual cash by, for example, using “smart” cards having processors embedded therein are known in the art as an alternative to traditional plastic credit cards for guaranteeing payment from a buyer to a seller. These prior proposed methods secure the trade in one direction only, namely they provide some guarantee to the seller that he will get paid, but no guarantee to the buyer that he has received or will receive the wares, property or service expected.
A description of techniques relating to smart cards and the like may be found, for example, on the Internet at WWW.DIGICASH.COM. These techniques are concerned with eliminating the inconvenience to the merchant associated with the need to verify the authenticity of credit cards by making a telephone call to the issuing institution. Such systems are suitable primarily when the merchandise is physically inspected and accepted by the buyer at a retail outlet, for example. The one-way security guarantees provided by electronic cash make use of public key encryption algorithms, e.g., RSA, in which a message may be encrypted with a secret key but decrypted with a published key, or vice versa, depending on whether it is desired to ensure that no false messages can be sent or whether it is desired to prevent messages being intercepted and decrypted. As is also known, both techniques can be used at once to authenticate the source and to prevent interception.
Other forms of electronic trading have evolved in the context of stock markets and exchanges such as the NASDAQ, the Chicago Grain Exchange and the like, a purpose of which is to facilitate brokerage services by providing computer assistance in preparing paperwork of the traditional kind, such as transaction confirmations and settlements. The sort of electronic trading assistance provided by these computer systems used at major exchanges is therefore not concerned with providing an automated means of registering the ownership of assets and guaranteeing the nature and existence of assets, so much as providing mechanisms for traditional brokers to execute transactions more efficiently. Such systems are described for example in U.S. Pat. Nos. 5,375,055, 5,297,031, 5,297,032, 5,101,353 and 5,305,200.The nature and existence of assets being exchanged in these conventional trading systems still relies for its guarantees upon a trusted human broker.
Conventionally, many parallel systems exist for registering the ownership of major assets, including, for example, the Department of Motor Vehicles (DMV) for registering ownership of motor vehicles; the local courthouses, for registering the ownership and descriptions of real estate, as well as brokerages and banks for registering the ownership of cash, stocks and bonds and other commercial paper. These prior art systems, originally conceived to be run entirely by human clerical effort, have only relatively recently evolved to use computers to facilitate the manipulation of paper according to traditional principles in order to accomplish a greater volume of transactions with reduced clerical effort. Thus, it would be desirable to provide new systems and techniques for securing and synchronizing trade communications without the involvement of a traditional human broker or trusted institution to provide additional transactional efficiency.
SUMMARY
Exemplary embodiments of the present invention use a public key encryption algorithm to create encrypted descriptions of assets that are recorded in an electronic database as a trusted registry. Several such registries may exist, allowing a distributed system. The description of an asset is created by a properly authorized and regulated issuing institution, such as a bank, and the description is encrypted using a secret key known only to that institution. At this stage, the description of the asset may be decrypted and read by anyone using the published “public key” of the authorized institution. For example, a Federally Insured Deposit may be described by a database record encrypted using a secret key known only to the Federal Reserve Bank, but the record can be decrypted and read using the public key of the Federal Reserve. A person decrypting the record can be assured that the record could only have been created by the Federal Reserve as no other person has access to the correct encryption key.
The present invention includes further encryption of database records using the public key of the owner of the assets that the record describes. These doubly-encrypted records can only be deciphered using the secret key of the owner, without which they are a worthless collection of seemingly random binary bits or computer symbols. Thus it is of no value to a third person to steal such a record as it cannot be converted into something of tradeable value without knowledge of the owner's secret key.
When a first party agrees to transfer an asset to a second party as part of an electronic trade, the owner retrieves the doubly-encrypted asset description from the database and decrypts it using his secret key. The first party then re-encrypts the asset using the public key of the other party and transmits the result to the second party. Only the second party can decrypt the transmitted message using his secret key, so the information cannot be stolen in transit. The second party decrypts the message using his or her secret key and then decrypts it again using the public key of the issuing or guaranteeing institution. If the description of the asset matches the expectations of the second party, he or she can be assured that the asset exists and its tradeability is guaranteed by the issuing institution, without needing to contact the issuing institution.
Reciprocally, the second party transmits the description of a second asset being exchanged for the first party's asset. This second asset may, for example, comprise a cash deposit guaranteed by a different institution, but using the same method, i.e. using the secret key of the guaranteeing institution to “sign” the description of the deposit. The message from the second party to the first party is similarly encrypted using the first party's public key to prevent exposure in transit.
When both parties are satisfied with the respective descriptions of the asset being exchanged, both parties transmit respective messages to the trusted electronic registry or registries, encrypted using their secret keys, which the registry can decrypt using the public keys of the parties, thus verifying their authenticity. Each message identifies the record in the registry that the respective owner is agreeing to trade, for example by providing to the registry the encrypted symbol pattern of that record as it is currently stored in the registry, and the re-encrypted symbol pattern that represents the asset as belonging to the new owner. The message also informs the registry of the encrypted symbol pattern to be received from the reciprocal party in exchange.
The registry itself need have no knowledge of what these bit patterns represent, only that the trading parties have agreed to trade them. When the registry detects a match between, on the one hand, the symbol pattern expected to be received from the second party by the first party, and, on the other hand, the symbol pattern received from the second party, and vice versa, then the computer of the automated registry will overwrite the original asset descriptions encrypted with the public keys of the original owners with the new asset descriptions encrypted with public keys of the respective new owners, thus synchronizing the exchange.
When practicing the present invention, two parties may make electronic trades, over the Internet for example, of assets which are guaranteed by one or more originating institutions, without having t
Burns Doane Swecker & Mathis L.L.P.
Dixon Thomas A.
Ericsson Inc.
Trammell James P.
LandOfFree
Symmetrically-secured electronic communication system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Symmetrically-secured electronic communication system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Symmetrically-secured electronic communication system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2616907