Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2000-04-25
2003-06-24
Barron, Gilberto (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S151000, C713S152000
Reexamination Certificate
active
06584564
ABSTRACT:
TECHNICAL FIELD
The present invention relates generally to providing security for communications in networks such as the Internet, and more particularly to the secure communication of e-mail messages within such networks.
BACKGROUND ART
Virtually every user of electronic communications mediums has at some time or another paused to wonder about the security of messages within those systems. Various reasons exist for causing concern in this regard, probably ones far too numerous to cover here, but a few examples include having to depend on complex technologies, having to rely on unknown and possibly untrustworthy intermediaries, and the increasing anonymity in our electronic communications due to the distances which messages may travel and the masses of people which we may now reach.
Existing communications systems have had a long time to establish security mechanisms and to build up trust in them by their users. In the United States our conventional postal mail is a good example. We deposit our posted letters into a receptacle which is often very physically secure. Our letters are then picked up, sorted, transported, and ultimately delivered to a similar receptacle for retrieval by their recipients. Between the receptacles of a sender and a receiver the persons handling a letter are part of a single organization (at least intra-nationally) that is well known to us and considered to be highly trustworthy. Even on the rare occasions when the security of our postal system does fail, it has mechanisms to quickly detect and to correct this.
Unfortunately, most of us do not have anywhere near a similar degree of trust in the security of e-mail as it passes between senders and receivers in our modern electronic communications mediums. We generally trust only in our ability to maintain the security of our sending and receiving “receptacles” for e-mail messages, because they are personal computers (PCs), workstations, Internet appliances, etc. which are within our personal physical control. We also typically appreciate that we have much less control over what goes on in the electronic medium between such receptacles. Any number of miscreants may copy and receive an unsecured e-mail without its sender and receivers being any the wiser. Even worse, in many cases, an e-mail message can be maliciously altered in transit, fraudulently concocted entirely, or later simply repudiated.
The problem of e-mail security is a severe one and is already receiving considerable attention. Legal mechanisms have and are more strongly being put into place to punish and to discourage security breaches, but the very beneficial ability of e-mail to travel so far and so swiftly also means that it may cross legal boundaries, potentially hampering such legal efforts and definitely creating a crisis in user confidence.
Old technologies have been revived and extended for use in the new electronic medium, often variations of ones long used in combination with conventional postal systems to obtain heightened security there. Thus we are seeing a resurgence of interest in and the use of cryptography.
Many of the existing systems for e-mail security are unwieldy, not well trusted, or both. The very electronic systems which have made e-mail possible and efficient have already made many conventional cryptographic systems obsolete, or at least highly suspect. Modern computer systems have the ability to perform staggering numbers of tedious operations in a massively parallel manner, and many strong cryptographic systems of the past have now been shown to be no longer reliable.
New systems have emerged, however. The last 25 years has seen the introduction, rapid development, and more recently the application in electronic communications of public-key and private-key based systems commonly termed a “public key infrastructure” (PKI). These are presently quite popular, but perhaps prematurely and unduly.
The foundation of the PKI system is generally attributed to work done by Ron Rivest, Adi Shamir, and Leonard Adleman at the Massachusetts Institute of Technology in the mid 1970's. The result of that work, commonly known as the RSA algorithm, is a cryptosystem wherein both a public and a private key are assigned to a principal. The public key is revealed to all, but the private key is kept secret. The keys used are both large prime numbers, often hundreds of digits long, and the inherent strength of the RSA algorithm lies in the difficulty in mathematically factoring large numbers.
To send a message securely the message is encrypted using the public key of its intended recipient (here the principal). The message can then only be decrypted and read by the recipient by using their private key. In this simple scenario anyone can send messages to the recipient which only the recipient can read.
A highly beneficial feature of the PKI approach is that a sender can also be a principal and can send a message which only they could have sent. i.e., a non-repudiable message. For this the sender encrypts a message (often only a part of what will be a larger message) using their private key. A recipient then knows that the purported or disputed sender is the true sender of the message, since only using that sender's public key will work to decrypt the message.
In practice, the sender and the receiver often are both principals in PKI systems. The sender encrypts a “signature” using their private key, then embeds this signature into their message, and then encrypts the result using the recipient's public key. The message then is secure to all but the recipient. Only the recipient can decrypt the message generally, using their private key, and once that is done the recipient may further use the sender's public key to specifically decrypt the signature. In this manner the receiver may rest assured that the sender is the true, non-repudiable, source of the signature (and implicitly the entire message; but this works more securely still if the signature uniquely includes something like a hash of the general message).
As the presence of the term “infrastructure” in PKI implies, however, this popular cryptographic system requires a considerable support system. An authority typically is needed to issue and particularly to certify the keys (usually both, as a matter of practicality), since PKI relies on public keys. The public keys must also be published, so that those wishing to send a message can determine keys for intended recipients. These tasks are usually handled by a “certification authority.” Unfortunately, as the marketplace in our competitive society is now demonstrating, this can lead to a plurality of certification authorities all vying for acceptance and thoroughly confusing the potential users.
Of course public and private key systems are possible without the use of a certification authority, say, among small groups wishing to carry out secure communications among themselves and where repudiation is not a concern. But as the very negative reaction by government to initial publication of and about the RSA algorithm has aptly demonstrated, true, unbridled security can be perceived as a threat to government ability to protect society. While it is probably now too late for governments to fully suppress the use of ultra-strong cryptography, it also follows that governments will be more receptive to cryptosystems that can be opened when truly appropriate (often termed “key escrow” systems).
PKI also has some problems with regard to usability and efficiency. Since the keys are quite large, usually well beyond the capability of an average human to memorize, they are awkward to work with. Machine based storage and usage mechanisms usually must be resorted to just to handle the keys. This is a severe impediment to mobile use across multiple systems and to recovering after erasure from volatile memory, and it creates a whole host of additional problems related to protecting what effectively becomes a physical key needed to contain the private key. A receiver based key system, such as PKI, is also unwieldy in some situations. F
Moreh Jahanshah
Olkin Terry M.
Barron Gilberto
IPLO -Intellectual Property Law Offices
Roberts Raymond E.
Sigaba Corporation
Zand Kambiz
LandOfFree
Secure e-mail system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Secure e-mail system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure e-mail system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3113537