Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1999-08-30
2004-05-25
Barron, Gilberto (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S163000, C713S171000, C709S204000, C709S205000
Reexamination Certificate
active
06742116
ABSTRACT:
BACKGROUND OF THE INVENTION
A. Field of the Invention
The present invention relates to a security method, security software and security system for protecting private communications that are exchanged via a network. More specifically, the present invention relates to a method and system for protecting the contents of private communications in services in which a plurality of users communicate with one another, for instance, via electronic mail (e-mail) where a mailing list is utilized to identify specific parties to communicate with, and via communications transmitted over a network or the Internet such real time chat services.
B. Definition of Terms
When referring to a chat services, chat rooms, and chat channels herein, the inventors are referring to an Internet or network system service which allows a plurality of user terminals to communicate with one another simultaneously in real time sharing a virtual space such as chat room or chat channel. The e-mail communications mentioned herein refer electronic communications between a specific group of users identified in a mailing list where the list identifies each user with an electronic address such as an e-mail address. Also, in the following description, the term electronic conference room refers to both of the above described forms of electronic communication. For example, a chat room administered by a chat server is a virtual electronic conference room where a plurality of users can communicate. Further, a predetermined group of users each may have a mailing list consisting only of the e-mail addresses of the other users in the group. The predetermined group of users may send specific communications to the users each other using the mailing list, for instance, to send one single message to all users identified in the mailing list. Such a mailing list and communications between all parties included in the mailing list also constitute an electronic conference room in the context of the present invention described below.
C. Description of the Related Art
Due to increased usage of personal computers and the ever increasing development of online communication services, there has been an increasing amount of conferencing communications between a plurality of users on networks and on the Internet. Further, there has been an increase in the amount of real time communication over the Internet, in addition to increases non-real time communications such as electronic bulletin board and email communications. Examples of real time communications include chat systems which allow multiple users to chat with one another in real time. In such communication systems, a plurality of users share a single virtual space, which serves as an electronic conference room often referred to as a chat room. Such communication systems generally limit browsing of and participation in the conversation to users who are registered in the electronic conference room.
PROBLEM TO BE SOLVED BY THE INVENTION
Group e-mail communications (using a specific mailing list) and the above described chat systems are examples of electronic conference rooms that are administered by a communication server over a network or the Internet. In principle, conversations that take place in a specific electronic conference room are transmitted only to the specified users who have registered access to the electronic conference room, and it is desirable to maintain privacy to prevent communications from being received by an unwelcome user to the electronic conference room.
In the case of one-to-one communications, such as electronic mail, privacy protection of the communication can be maintained by any of a variety of well known security methods, such as public key encryption. In public key encryption, the sender has a public key used to encrypt a message, and the receiver has a private key used to decrypt the message. If public key encryption is applied to an electronic conference room in which a plurality of users are participating, a sender in a conversation within the electronic conference room must encrypt his or her statements upon transmission into the conversation with different encryption keys (public keys), one encryption key for each recipient to encrypt and/or decrypt the conversation. This is a big burden for the user and for the server that distributes data to each user terminal.
To lessen the burden on the server, some of the users may decide to share a single private key shared amongst all the users, thereby defining a common key. However, if a server that stores the common keys distributes the common keys to the various user terminal or clients, the common keys may have to be encrypted before being distributed, which makes the process even more complicated. If an encryption key is stored as a common key in each of the various users terminals, it is likely that the common key will be deciphered by a third party rendering the encryption virtually useless. Therefore, there is a need for a more reliable method for encrypting electronic communications between a group of user terminals.
SUMMARY OF THE INVENTION
One object of the present invention is to eliminate distribution of encryption keys during communications in an electronic conference room system where a plurality of users share an electronic conference room simultaneously, thereby making it difficult to decipher a private key and allowing an efficient and safe encryption and/or decryption of data transmitted between the users engaged in a conversation in the electronic conference room.
In accordance with one aspect of the present invention, a method ensures privacy and security in a communication system where a plurality of user terminals communicate with one other over a network. The method includes the steps of:
generating a series common key at each of the user terminals, each of the common keys being generated based upon a series of coordinated events that occurs among the user terminals and the network;
storing at each of the user terminals the generated common keys, each common key having a unique index identifying that common key;
encrypting at a sending user terminals a communication using a specific common key;
transmitting over the network from the sending user terminal the encrypted communication along with an index corresponding to the specific common key used to encrypt the communication; and
receiving at receiving user terminals the encrypted communication along with the index, identifying the common key used for encrypting the encrypted communication; and
decrypting in the receiving user terminals the encrypted communication using the identified common key.
In the present invention, the unique index is based upon a coordinated event identifiable by all of the user terminals.
Preferably, the coordinated events are based upon predetermined time intervals.
Preferably, the coordinated event is based upon actions taken in the communication system.
The predetermined time intervals may be, for instance, one hour time periods. Specifically, each user terminal generates a new common key every hour. Other time periods are possible. Since all of the user terminals have the same security program installed, all of the user terminals generate the same common key at approximately the same time.
Common keys are generated at each of the users terminals at a coordinated times and are stored such that the common keys are indexed based upon the coordinated times. The encrypted communication is sent along with an index corresponding to the coordinated event (in this case a time), the index having a one to one relationship with a specific the common key and is used to encrypt and decrypt the communication.
In accordance with another aspect of the present invention, a communication system includes a security program for ensuring secure and private communications between a plurality of user terminals transmitting communications to each other over a communication network via a communication server. The security program includes a means in each user terminal for storing at least one private key. A means is provided in each u
Matsui Kazuki
Matsumoto Tatsuro
Barron Gilberto
Fujitsu Limited
Nobahar A.
Staas & Halsey , LLP
LandOfFree
Security method, security software and security system for... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Security method, security software and security system for..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Security method, security software and security system for... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3239920