Cryptography – Key management – Key escrow or recovery
Reexamination Certificate
1996-07-26
2001-09-11
Barrón, Jr., Gilberto (Department: 2131)
Cryptography
Key management
Key escrow or recovery
C380S282000, C380S285000, C713S152000, C713S160000
Reexamination Certificate
active
06289105
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to a method and an apparatus for encrypting and transferring electronic mails, which realize an information management and a transfer control regarding encrypted electronic mails.
2. Description of the Background Art
In conjunction with spread of computer networks, electronic mails are becoming widely used. In addition, an electronic mail encryption apparatus has been developed to meet demands for transferring secret information in forms of electronic mails.
Conventionally, the electronic mail encryption apparatus has been realized in schemes such as PEM (Privacy Enhanced Mail) and PGP (Pretty Good Privacy). In the following, a conventional procedure for encrypting electronic mails will be described.
First, an encryption key of the secret-key cryptography is generated, and an electronic mail message is encrypted by using this encryption key according to the secret-key cryptography. Then, the encryption key used for encrypting message is encrypted by using respective public keys of a sender and a receiver of the electronic mail according to the public-key cryptography, to produce a sender's encryption key information and a receiver's encryption key information. When there are more than one receivers, the encryption key information for each one of these receivers is produced. Then, the encrypted message, a prescribed number of receiver's encryption key information, and the sender's encryption key information are transmitted as an encrypted electronic mail.
When a receiver or a sender wish to read the encrypted electronic mail which has been encrypted in this manner, the encryption key is obtained first by decrypting the encryption key information assigned to himself by using his own secret key. The secret key to be used here is in pair with the public key used in producing the encryption key information, and only a person who has this secret key can obtain the encryption key by decrypting the encryption key information. After the encryption key is obtained, the message can be decrypted by using this encryption key according to the secret-key cryptography so that it becomes possible to read the message of the electronic mail.
Now, in organizations such as corporations and companies, there are demands for realizing the information management regarding contents of the electronic mails, in order to prevent a leak of secret information to outsiders by means of the electronic mails.
In a case of the electronic mail in which the message is not encrypted, its content can be read by anyone other than the sender and the receiver, so that the information management can be realized by preserving copies of the electronic mails as a log in an apparatus such as an electronic mail transfer apparatus.
However, in a case of the conventional encrypted electronic mail, only the sender and the receiver of this electronic mail can decrypt the encrypted message. Consequently, even when a log preserved in the electronic mail transfer apparatus is checked, the content of the encrypted electronic mail cannot be read by an electronic mail manager, so that it has been impossible to realize the information management.
Moreover, the conventional electronic mail transfer apparatus simply carries out a transfer of the electronic mail by determining intended receivers from a header of the electronic mail upon a request for a transfer of the electronic mail. Consequently, even an encrypted electronic mail which has a highly classified information will be transferred if there is a request for a transfer, so that there remains a possibility of an erroneous transfer, which poses a serious problem from a viewpoint of security.
Thus, the conventional electronic mail encryption apparatus has been associated with a problem that the information management cannot be realized because the electronic mail manager cannot read the content of the electronic mail encrypted by this apparatus.
In addition, the conventional electronic mail transfer apparatus has been associated with a problem from a viewpoint of security because the electronic mail has been transferred unconditionally.
SUMMARY OF THE INVENTION
It is therefore an object of the present invention to provide a method and an apparatus for encrypting electronic mails in which the information management regarding encrypted electronic mails can be realized by a third person other than senders and receivers of encrypted electronic mails.
It is another object of the present invention to provide a method and an apparatus for transferring electronic mails in which the transfer control regarding encrypted electronic mails can be realized.
According to one aspect of the present invention there is provided an electronic mail encryption apparatus, comprising: message encrypting means for encrypting a message of an electronic mail according to a secret-key cryptography by using an encryption key, to produce an encrypted message; encryption key encrypting means for encrypting the encryption key according to a public-key cryptography by using each one of public keys of a sender and receivers of the electronic mail and a prescribed management public key, to respectively produce encryption key information for each one of the sender and the receivers of the electronic mail and a management encryption key information; and encrypted electronic mail constructing means for constructing an encrypted electronic mail by using the encrypted message, the encryption key information for each one of the sender and the receivers of the electronic mail, and the management encryption key information.
According to another aspect of the present invention there is provided a method for encrypting an electronic mail, comprising the steps of: (a) encrypting a message of the electronic mail according to a secret-key cryptography by using an encryption key, to produce an encrypted message; (b) encrypting the encryption key according to a public-key cryptography by using each one of public keys of a sender and receivers of the electronic mail and a prescribed management public key, to respectively produce encryption key information for each one of the sender and the receivers of the electronic mail and a management encryption key information; and (c) constructing an encrypted electronic mail by using the encrypted message produced at the step (a), and the encryption key information for each one of the sender and the receivers of the electronic mail and the management encryption key information produced at the step (b).
According to another aspect of the present invention there is provided an electronic mail transfer apparatus, comprising: identifying means for identifying whether an electronic mail to be transferred is an encrypted electronic mail or not; judging means for judging whether a transfer of said electronic mail to be transferred is permitted or not according an identification result obtained by the identifying means; and transfer means for transferring said electronic mail to be transferred according to a judgement result obtained by the judging means.
According to another aspect of the present invention there is provided a method for transferring an electronic mail, comprising the steps of: (a) identifying whether an electronic mail to be transferred is an encrypted electronic mail or not; (b) judging means for judging whether a transfer of said electronic mail to be transferred is permitted or not according an identification result obtained by the step (a); and (c) transferring said electronic mail to be transferred according to a judgement result obtained by the step (b).
Other features and advantages of the present invention will become apparent from the following description taken in conjunction with the accompanying drawings.
REFERENCES:
patent: 5369707 (1994-11-01), Follendore, III
patent: 5495533 (1996-02-01), Linehan
patent: 5548646 (1996-08-01), Aziz et al.
patent: 5557346 (1996-09-01), Lipner et al.
patent: 5721777 (1998-02-01), Blaze
patent: 5751813 (1998-05-01), Dorenbos
patent:
Barron Jr. Gilberto
Foley & Lardner
Kabushiki Kaisha Toshiba
Seal James
LandOfFree
Method and apparatus for encrypting and transferring... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for encrypting and transferring..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for encrypting and transferring... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2482661