Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Security kernel or utility
Reexamination Certificate
1999-09-14
2002-03-26
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Security kernel or utility
C713S165000, C713S166000
Reexamination Certificate
active
06363480
ABSTRACT:
CROSS REFERENCE TO RELATED APPLICATIONS
N/A
STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT
N/A
BACKGROUND OF THE INVENTION
The present invention relates generally to private communications, and more specifically to a system and method for providing ephemeral decryptability of documents, files, and/or messages.
In recent years, individuals and businesses have increasingly employed computer and telecommunications networks, such as the World Wide Web (WWW), to exchange messages. These networks typically include a number of intermediate systems between the source of a message and its destination, at which the message may be temporarily written to a memory and/or data storage device. Such intermediate systems, as well as the communications lines within the network itself, are often considered to be susceptible to actions of a malicious third party, which may result in messages being intercepted as they are carried through the network. For this reason, various types of data encryption have been used for private communications through such networks. Encryption algorithms are also sometimes used to support integrity checking and authentication of received messages. Integrity checking allows the message recipient to determine whether the message has been altered since it was generated, while authentication permits the recipient to verify the source of the message.
Specific encryption algorithms are usually thought of as being either “symmetric key” or “public key” systems. In symmetric key encryption, also sometimes referred to as “secret key” encryption, the two communicating parties use a shared, secret key to both encrypt and decrypt messages they exchange. The Data Encryption Standard (DES), published in 1977 by the National Bureau of Standards, and the International Data Encryption Algorithm (IDEA), developed by Xuejia Lai and James L. Massey, are examples of well known symmetric key encryption techniques. Public key encryption systems, in contrast to symmetric key systems, provide each party with two keys: a private key that is not revealed to anyone, and a public key made available to everyone. When the public key is used to encrypt a message, the resulting encoded message can only be decoded using the corresponding private key. Public key encryption systems also support the use of “digital signatures”, which are used to authenticate the sender of a message. A digital signature is an encrypted digest associated with a particular message, which can be analyzed by a holder of a public key to verify that the message was generated by someone knowing the corresponding private key.
While encryption protects the encrypted data from being understood by someone not in possession of the decryption key, the longer such encrypted information is stored, the greater potential there may be for such a key to fall into the wrong hands. For example, key escrows are often maintained which keep records of past keys. Such records may be stored for convenience in order to recover encrypted data when a key has been lost, for law enforcement purposes, to permit the police to eavesdrop on conversations regarding criminal activities, or for business management to monitor the contents of employee communications. However, as a consequence of such long term storage, the keys may be discovered over time.
In existing systems, there are various events that may result in an encrypted message remaining stored beyond its usefulness to a receiving party. First, there is no guarantee that a receiver of an encrypted message will promptly delete it after it has been read. Additionally, electronic mail and other types of messages may be automatically “backed-up” to secondary storage, either at the destination system, or even within intermediate systems through which they traverse. The time period such back-up copies are stored is sometimes indeterminate, and outside control of the message originator. Thus, it is apparent that even under ordinary circumstances, an encrypted message may remain in existence well beyond its usefulness, and that such longevity may result in the privacy of the message being compromised.
Existing systems for secure communications, such as the Secure Sockets Layer (SSL) protocol, provide for authenticated, private, real-time communications. In the SSL protocol, a server system generates a short term public/private key pair, that is certified as authentic using a long term private key belonging to the server. The client uses the short term public key to encrypt a symmetric key for use during the session. The server periodically changes its short term private key, discarding any previous versions. This renders any records of previous sessions established using the former short term public key undecryptable. Such a system is sometimes referred to as providing “perfect forward secrecy”. These existing systems, however, provide no mechanism for setting or determining a finite “lifetime”, in terms of decryptability, for stored encrypted data or messages independent of a real-time communications session.
Accordingly it would be desirable to have a system for specifying a finite period after which stored encrypted data, such as electronic mail messages, cannot be decrypted. After such a “decryption lifetime” period expires, the encrypted data should become effectively unrecoverable. The system should provide the ability to specify such a decryptability lifetime on a per message, data unit, or file basis, independent of any particular real-time communications session.
BRIEF SUMMARY OF THE INVENTION
A system and method for providing ephemeral decryptability is disclosed, which enables a user to encrypt data in a way that ensures that the data cannot be decrypted after a finite period. One or more ephemeral encryption keys are provided to a party wishing to encrypt a message to be passed to a destination party. The ephemeral key or keys are each associated with an expiration time. Prior to the expiration time, the party wishing to encrypt the message uses the ephemeral encryption key or keys to encrypt the message, and passes the encrypted message to the destination party. The destination party uses ephemeral decryption keys associated with the ephemeral encryption keys to decrypt the received message. The provider of the ephemeral encryption keys destroys at least the ephemeral decryption keys such that they cannot be recovered after their respective expiration times. In the case where ephemeral public/private key pairs are used, then the ephemeral encryption keys are the public keys, the ephemeral decryption keys are the private keys. In the case where ephemeral symmetric keys are used, then the ephemeral encryption key and its associated ephemeral decryption key are the same key. In the present disclosure, data that has been encrypted using any kind of ephemeral key may sometimes be referred to as “ephemeral data.”
In a first illustrative embodiment, a first party establishes a number of ephemeral public/private key pairs, each of which will be destroyed at an associated time in the future (the “expiration time”), and makes them publicly available. A second party then selects one of the ephemeral public/private key pairs having an expiration time appropriate for its needs, and sends one or more messages to the first party encrypted using the public key from the selected ephemeral key pair. If the ephemeral keys are symmetric keys, the second party would request an ephemeral symmetric key from the first party, causing the first party to generate an ephemeral symmetric key and securely convey it to the second party. At the expiration time, the first party destroys all copies of the ephemeral decryption key, thus rendering any messages encrypted with the associated encryption key permanently undecipherable.
In a second illustrative embodiment, a number of third party entities offer an “ephemerizer service”, and are accordingly referred to as “ephemeral key servers” or “ephemerizers”. Each ephemerizer publishes a selection of ephemeral public/private key pairs, or generates ephemeral sy
Peeso Thomas R.
Sun Microsystems Inc.
Weingarten Schurgin, Gagnebin & Lebovici LLP
LandOfFree
Ephemeral decryptability does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Ephemeral decryptability, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Ephemeral decryptability will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2889817