EP1088433A1 - Method and apparatus for secure data transmission system - Google Patents
Method and apparatus for secure data transmission systemInfo
- Publication number
- EP1088433A1 EP1088433A1 EP00919529A EP00919529A EP1088433A1 EP 1088433 A1 EP1088433 A1 EP 1088433A1 EP 00919529 A EP00919529 A EP 00919529A EP 00919529 A EP00919529 A EP 00919529A EP 1088433 A1 EP1088433 A1 EP 1088433A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- file
- secure
- executable program
- reply
- program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
Definitions
- the present invention relates to data transmission systems and, more particularly, a method and apparatus for transmitting a secure document so that a recipient can review the document and provide a secure response without special apparatus at the receiving end.
- the sender must have apparatus for converting plain text into some encrypted or encoded format that is illegible to anyone lacking compatible apparatus at the receiving end.
- the Internet global computer network
- the Internet is a fast growing medium for information exchange. Although much of this information is of dubious value, the usefulness of the Internet as a vehicle for electronic commerce means that there is an increasing need to provide security for data transmissions. Different types of data transmissions present different risks and obstacles and require suitable protection from tampering, corruption, theft, unauthorized access, etc.
- Such an "envelope" can successfully protect data sent to a receiver.
- the receiver may want (or be required) to reply and the reply must also be protected during transmission.
- a problem reoccurs.
- the receiver is required to install and use some type of cryptographic software or hardware to protect the reply.
- this problem must be solved in a way that is simple to use and doesn't require an excessive amount of preparation (i.e. creating and distributing certificates and public keys, maintaining a authentication chain and a public key ring) .
- identical or highly compatible software and/or hardware must be installed at both ends.
- the two users are from different organizations, there may be no central computer to use as a "certification authority" .
- the users would then have to exchange keys in person or by mail. They could also rely on a trusted third party to provide this service.
- the two users would still have to establish a common standard with which to encrypt their data: PGP, PEM, S/MIME, etc. One or both might have to switch to this agreed upon standard .
- the present invention there is provided to the user, the ability to send an "electronic envelope" across private and public communication networks including the use of e-mail.
- the sent information is protected from unauthorized access, corruption, tampering and theft while in transit and the "electronic envelope" allows the receiving user to decrypt the message without having to install any cryptographic software or hardware.
- the invention includes a "secure reply” feature that allows the recipient of an encoded message to encrypt and return a message to the sender, again without having installed any cryptographic software.
- the present invention gives the receiver's reply the same level of protection and security that original encryption afforded the sender.
- the present invention is also easier to use, only requiring the two participants to exchange keys (known as "passphrases" ) by any of the available modes of communication, such as a telephone conversation, postal mail, in person communication, or any other mode. Keys can be changed regularly, thereby enhancing security.
- Widget Manufacturing Corporation WMC
- Bob an employee of WidgetBits, Inc., a supplier of components needed in the manufacture of widgets.
- Alice and Bob are keenly aware of the potential damage to their respective businesses should their competitors gain access to the information contained either in Alice's request or Bob's reply. Accordingly, they could use the system of the present invention to conduct their business.
- Alice starts by creating a "request for proposal” (RFP) document using any word processor.
- She uses the present invention to encrypt her document which "wraps” it in a self-decrypting "envelope”.
- She also enables a feature to give Bob the ability to encrypt his reply.
- she transmits this "envelope" to Bob using any means she chooses - e-mail, file transport, or copying the file to disk and mailing it, to name a few.
- Bob is now free to write his proposal. Again, using any word processor, he creates a document to send to Alice as his reply. When the document is ready, he once again opens the original "envelope" and supplies the passphrase. The option to create a secure reply is offered. If selected, the proposal is encrypted using the same passphrase that allowed decryption of the original message. Bob is then free to transmit his proposal back to Alice as a secure reply file using any means at his disposal .
- Alice Upon receiving the secure reply, Alice decrypts it using the original encryption-decryption program of the present invention together with the original passphrase. She can now read Bob's proposal and continue to conduct her business.
- Another example in which the present invention can be used is an implementation of a billing and payment processing system employed in an Electronic Commerce environment.
- a system of this type would use the ability to provide a secure reply for a more specialized purpose and so would implement a different user interface than in the preferred embodiments of the present invention. Nevertheless, the ability to provide a secure reply is unchanged.
- the two parties correspond via an e-mail connection. Both parties would first agree to a pass word or phrase (which may also be a Personal Identification Number or "PIN") with which the data being transferred is cryptographically secured
- PIN Personal Identification Number
- the vendor sends the customer an invoice or statement reflecting customer activity and an amount due.
- the customer responds with payment instructions and an authorization.
- the vendor would prepare a statement.
- This statement would then be encrypted and enclosed in an "envelope" along with a special purpose program designed to gather the customer's payment instructions
- This envelope is transmitted through e-mail to the customer
- the customer opens the envelope using the pass word or phrase established by prior agreement with the vendor
- the purpose of providing a secure reply feature is to allow two computer users to communicate securely (I e using encrypted data files) in circumstances where only one of them has the cryptographic software needed Whatever software is needed to both decrypt the sent message as well as encrypt the reply is transmitted with the original message.
- a secure reply may also be used in any circumstance where all that is needed is an acknowledgment that the message has been received and correctly decrypted since a secure reply cannot be created without knowledge of the correct pass word or phrase
- the contents of the acknowledgment itself may be useful to a rival business or individual and so the encrypted reply provides the necessary security
- a working implementation of this electronic billing and payment system exists m proprietary products of the assignee of the present invention
- the purpose of providing a secure reply feature is to allow two computer users to communicate securely (i.e. using encrypted data files) in circumstances where only one of them has the cryptographic software needed. Whatever software is needed to both decrypt the sent message as well as encrypt the reply is transmitted with the original message.
- XYZ Partners represents a well known party in contentious litigation. All the materials pertaining to this case are considered highly sensitive. Nevertheless, XYZ needs to consult with lawyers at another, distantly located firm (HIJ) specializing in an one area of the case. Time is, of course, of the essence.
- HIJ distantly located firm
- lawyers at XYZ can send documents to HIJ securely through the public e-mail network.
- the lawyers at HIJ can then edit any document sent or add their own input to the document and, using the present invention, reply to XYZ with the same level of security. All parties are protected by the secure transmission and the collaborative effort requires a minimum of overhead and preparation.
- the document would be sent from the first user to the second using an protected transmission and the second user could then make any needed modifications to the document and return it using the present invention.
- Yet another object of the invention is to enable the secure distribu- tion of software with user registration information being returned using the present invention.
- a further object of the invention is to permit the distribution of information about a product under development to a restricted group of computer users. Those users could respond with comments, suggestions, etc. n accordance with the present invention.
- FIG. 1 s flow diagram showing the principles of operation of the present invention.
- FIG. 2, including FIGS. 2a-2d, inclusive are flow charts of the steps taken m implementing the sending, receipt and return of secure information;
- FIG. 3, including FIGS. 3a - 3d, inclusive is a more detailed flow chart of the process of the present invention;
- FIG 4 including FIGS. 4a - 4b is a flow chart of an embodiment of the present invention for secure billing and payment transactions,
- FIG. 1 there is shown a generalized overview illustrating the present invention m use.
- a message envelope exe
- envelope exe which includes an executable program and encrypted files is created which, when received and executed, decrypts the information contents upon the presentation of a preselected pass word or phrase
- the entire message can be sent to a receiver using e-mail, a modem to modem file transfer over telephone lines, or may be recorded upon a disk which can be sent by courier or through the mails.
- the receiving party executes the program (envelope, exe) that is an integral part of the message
- the receiving computer then asks for the agreed upon pass word or phrase and, upon its provision, operates upon the encrypted files to decrypt them
- the receiver is then given the option to provide a secure encrypted reply.
- the received message is executed again and the reply option, when invoked, encrypts the reply message and the reply can be transmitted back to the originator using any of the same methods that could be employed in sending the initial message.
- the originator receives the message, his equipment permits a decryption of the returned file.
- the initial step is the creation of the envelope . exe file 12, which is explained in greater detail in connection with FIG. 2, below.
- the global computer network is used to transmit the file 12 in the transmitting step 14.
- the file is received 16 and the transmitted program is executed 18. If the recipient desires to proved an encrypted reply, the received program enables the preparation of the reply 20 and this reply is returned 22 through the global computer network.
- the reply is received by the original sender 24 who possesses the program to decrypt the reply 26.
- FIG. 2a a preferred embodiment of the present invention is detailed, explaining the layout of the message which is to be transmitted.
- the user determines which files are to be transmitted, the encryption algorithm and pass word or phrase, whether to include the secure reply option, any other user-specified information and a name for the file.
- the decrypt engine code is written and is attached to the other file elements.
- Each file that is to be transmitted is sequentially retrieved and, if the option is selected, compressed. Next, special data is computed and in a successive step is encrypted using an algorithm that is user determined. A file header is prepared and the file is set for transmission.
- Each of the remaining selected data files is, in turn, processed through the same steps until all selected files have been compressed (if the option has been selected) provided with error detection codes, file size information and any other information which must be added and encrypted.
- the message is closed and is ready for transmission by any available means including the global computer network, modem to modem direct transmission, or storing on transportable media and forwarded by mail or courier.
- the steps performed at the receiving end are outlined.
- envelope.exe the envelope header is read and the information relative to the number of files transmitted is noted.
- the various user instructions are then acted upon including the designation of the files to be extracted, the destination on the recipient's computer, pass word or phrase, the files, if any, to be included in a reply and, if a reply is to be made, the destination of the reply.
- each of the transmitted files is, in turn, decrypted, decompressed, is verified through an integrity check and written to the preselected destination in the recipient's system. If a secure reply is to be made, the next steps are to be found in FIG. 2c.
- the user After the message is received and if the receiving party is ready to send a reply, the user again executes the received program (i.e. runs the envelope.exe instruction) .
- the program is aware (through the use of a flag in the message header) that the original contents have already been decrypted and asks the user if a secure reply is to be created.
- the program asks for the name of the file or files to encrypt and, after encrypting the files, "wraps" them in a reply header. Notice that no decryption program is returned with the reply as it is a precondition of creating the message that the software needed to decrypt the reply is present .
- the user deter- mines which files to send, a file name, a password or pass phrase and a header.
- the received program when executed again compresses (if desired) each file that is to be returned, special information is collected and each file is encrypted by the program which was transmitted to the recipient, who has no other encryption or decryption software available to his system.
- the file is closed and the reply message is returned.
- the steps to be followed when the reply is received at the original sender's location are indicated in FIG. 2d.
- the original sender's program can read the header of the reply and extract all of the necessary processing information.
- the original recipient's reply instructions are then processed which include the files to be extracted, the pass word or phrase and the destination of the transmitted files .
- each returned file is decrypted using the appropriate algorithm.
- the file is next decompressed, if necessary.
- the contents are checked for integrity and the file is stored in the selected destination. When all files have been stored, the program is deemed complete.
- FIG. 3a the process at the receiving end is illustrated in a branching flow diagram.
- a reply option on the command line. If no file name is present, a flag is set indicating that a reply is to be created and a file name is generated. The program will then ask for the previously agreed upon pass word or phrase. Once provided, a crypt key is generated from the pass word or phrase and the message can be opened and read. After the header is read, the program checks to see if the reply option is indicated by a set flag but the message has not yet been decrypted. If so, a warning is given and the option to continue is offered. If the choice is not to continue, the program is exited.
- next branch point is if the flag is not set but the message has been decrypted. If affirmative, the user is requested to decide if a reply is desired. If no reply is desired, the flag is cleared. If a reply is desired, the flag is set.
- the next branch point examines the flag. If it is set, the key is verified, If not, the message is decrypted and the program is exited. The key is verified and if correct, the next check is made. If the key is not correct, the program exits. The next step is to check the reply file name. If one is not yet set, a name is acquired from the user. If there is a name set, a check is made to see if the file is accessible.
- a name is created for the reply output file.
- the user is asked if the created name is acceptable. If not, an acceptable file name is acquired. If so, it must be determined whether the file can be created. If not, the program is exited. If it can, the file is encrypted, a header is written for the "envelope" and the datafile and a message is displayed that the process has been completed.
- FIG. 3d the process at the original message source is not reviewed with the receipt of the reply message . Because the original operating program is at this source, the reply can be immediately opened and read. The header identification is noted and the pass word or phrase is supplied.
- the crypt key is created from the pass word or phrase and the file name for the decrypted output file is supplied. If the key being used is incorrect, the program is exited. If correct, the datafile is decrypted and verified as being correct and uncorrupted. If it is not, an error message is displayed and the program is exited. If it is correct, then the program is exited without the error message.
- FIG. 4 An alternative embodiment of the present invention is illustrated in the flow diagram of FIG. 4 which includes FIGS. 4a and 4b.
- a simplified program is illustrated for secure billing and payment. The bill is presented to the software program which compresses the bill, encrypts it and creates a secure "envelope" .
- a e-mail message is created which includes the encrypted bill.
- the e-mail server then sends the bill through the global computer network, sometimes calles the Internet,
- FIG. 4b the message including the bill is received and the attachment is opened.
- a browser is launched which fetches, using the global computer network, a decryption program from a web site server specially authorized to perform this service. Once obtained, the decryption program is run.
- the recipient is prompted for a Personal Identification Number ("PIN") or pass word or pass phrase.
- PIN Personal Identification Number
- the PIN is checked for validity. If invalid, it is printed out and the program is shut down. If valid, the program then decrypts the message and sends a confirmation over the global network to the sender.
- the bill is then displayed in the browser window and a connection is arranged to a billing website. At this point, a payment authorization can be sent or the billing website can furnish other bill paying options.
- the biller website can be a neutral service provider or a financial institution which can be authorized to pay all or a portion of the bill or otherwise meet the payment responsibility.
- the secure message includes a program, which when executed, enables a viewing of the received message and the preparation of a secure reply.
- the recipient cannot use the program to create new, secure messages to third parties or to permit those third parties to create secure replies.
- the system of the present invention lends itself to the secure exchange of data or for secure financial transactions in which bills can be presented and paid.
- any means of communication may be employed including, but not limited to the delivery of portable media.
- the transmitted program can be abbreviated so that a link is created through the global computer network that supplies the software necessary to decrypt the message and create the secure reply. Further a separate link can be created with a secure financial services site that can handle a financial transaction based on the submission of a secure billing.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
- Communication Control (AREA)
Abstract
Description
Claims
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12543799P | 1999-03-22 | 1999-03-22 | |
US125437P | 1999-03-22 | ||
PCT/US2000/007588 WO2000057613A1 (en) | 1999-03-22 | 2000-03-22 | Method and apparatus for secure data transmission system |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1088433A1 true EP1088433A1 (en) | 2001-04-04 |
Family
ID=22419718
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP00919529A Withdrawn EP1088433A1 (en) | 1999-03-22 | 2000-03-22 | Method and apparatus for secure data transmission system |
Country Status (7)
Country | Link |
---|---|
EP (1) | EP1088433A1 (en) |
JP (1) | JP2002540679A (en) |
CN (1) | CN1304610A (en) |
AU (1) | AU4019900A (en) |
BR (1) | BR0005457A (en) |
DE (1) | DE10080963T1 (en) |
WO (1) | WO2000057613A1 (en) |
Families Citing this family (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7392388B2 (en) | 2000-09-07 | 2008-06-24 | Swivel Secure Limited | Systems and methods for identity verification for secure transactions |
EP1338132A2 (en) * | 2000-11-28 | 2003-08-27 | Swivel Technologies Limited | Secure file transfer method and system |
JP2002175447A (en) * | 2000-12-08 | 2002-06-21 | Tetsuo Kusumoto | Design ordering and collecting method |
GB2377774A (en) * | 2001-07-17 | 2003-01-22 | Tornado Entertainment Ltd | Data distrubution system |
JP3524901B2 (en) * | 2001-12-03 | 2004-05-10 | おべ工業株式会社 | Pit cover opening and closing device for moving objects |
GB0205045D0 (en) * | 2002-03-05 | 2002-04-17 | Bitarts Ltd | Software protection arrangement |
US8010405B1 (en) | 2002-07-26 | 2011-08-30 | Visa Usa Inc. | Multi-application smart card device software solution for smart cardholder reward selection and redemption |
US8626577B2 (en) | 2002-09-13 | 2014-01-07 | Visa U.S.A | Network centric loyalty system |
US9852437B2 (en) | 2002-09-13 | 2017-12-26 | Visa U.S.A. Inc. | Opt-in/opt-out in loyalty system |
US8015060B2 (en) | 2002-09-13 | 2011-09-06 | Visa Usa, Inc. | Method and system for managing limited use coupon and coupon prioritization |
US7827077B2 (en) | 2003-05-02 | 2010-11-02 | Visa U.S.A. Inc. | Method and apparatus for management of electronic receipts on portable devices |
US8554610B1 (en) | 2003-08-29 | 2013-10-08 | Visa U.S.A. Inc. | Method and system for providing reward status |
US7051923B2 (en) | 2003-09-12 | 2006-05-30 | Visa U.S.A., Inc. | Method and system for providing interactive cardholder rewards image replacement |
US8005763B2 (en) | 2003-09-30 | 2011-08-23 | Visa U.S.A. Inc. | Method and system for providing a distributed adaptive rules based dynamic pricing system |
US8407083B2 (en) | 2003-09-30 | 2013-03-26 | Visa U.S.A., Inc. | Method and system for managing reward reversal after posting |
US7653602B2 (en) | 2003-11-06 | 2010-01-26 | Visa U.S.A. Inc. | Centralized electronic commerce card transactions |
WO2006000653A1 (en) * | 2004-05-26 | 2006-01-05 | France Telecom | Method and platform for manipulating secured data |
DE102005028066B3 (en) | 2005-06-16 | 2006-12-07 | Deutsche Exide Gmbh | Pole bridge for a battery |
US20110145082A1 (en) | 2009-12-16 | 2011-06-16 | Ayman Hammad | Merchant alerts incorporating receipt data |
US8429048B2 (en) | 2009-12-28 | 2013-04-23 | Visa International Service Association | System and method for processing payment transaction receipts |
US8837733B2 (en) * | 2012-05-16 | 2014-09-16 | Intel Corporation | System for protection and authentication of location services with distributed security |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2143874C (en) * | 1994-04-25 | 2000-06-20 | Thomas Edward Cooper | Method and apparatus for enabling trial period use of software products: method and apparatus for utilizing a decryption stub |
US5805702A (en) * | 1995-09-29 | 1998-09-08 | Dallas Semiconductor Corporation | Method, apparatus, and system for transferring units of value |
-
2000
- 2000-03-22 EP EP00919529A patent/EP1088433A1/en not_active Withdrawn
- 2000-03-22 DE DE10080963T patent/DE10080963T1/en not_active Withdrawn
- 2000-03-22 WO PCT/US2000/007588 patent/WO2000057613A1/en not_active Application Discontinuation
- 2000-03-22 CN CN00800735.7A patent/CN1304610A/en active Pending
- 2000-03-22 AU AU40199/00A patent/AU4019900A/en not_active Abandoned
- 2000-03-22 JP JP2000607384A patent/JP2002540679A/en active Pending
- 2000-03-22 BR BR0005457-7A patent/BR0005457A/en not_active Application Discontinuation
Non-Patent Citations (1)
Title |
---|
See references of WO0057613A1 * |
Also Published As
Publication number | Publication date |
---|---|
BR0005457A (en) | 2001-01-30 |
CN1304610A (en) | 2001-07-18 |
JP2002540679A (en) | 2002-11-26 |
AU4019900A (en) | 2000-10-09 |
DE10080963T1 (en) | 2002-07-25 |
WO2000057613A1 (en) | 2000-09-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1088433A1 (en) | Method and apparatus for secure data transmission system | |
US6430688B1 (en) | Architecture for web-based on-line-off-line digital certificate authority | |
US7644268B2 (en) | Automated electronic messaging encryption system | |
US7237114B1 (en) | Method and system for signing and authenticating electronic documents | |
US5848161A (en) | Method for providing secured commerical transactions via a networked communications system | |
US6931532B1 (en) | Selective data encryption using style sheet processing | |
US7003497B2 (en) | System and method for confirming electronic transactions | |
US8782422B2 (en) | System and method for authenticating documents | |
AU2003257282B2 (en) | System, method and computer product for delivery and receipt of S/MIME encrypted data | |
US20020013899A1 (en) | Automated document distribution and transaction verification | |
US20160337361A1 (en) | System and method to use a cloud-based platform supported by an api to authenticate remote users and to provide pki- and pmi- based distributed locking of content and distributed unlocking of protected content | |
US20060072745A1 (en) | Encryption system using device authentication keys | |
CN1451213B (en) | Systems and methods for authenticating an electronic message | |
US20020112164A1 (en) | System and method for providing customized secure access to shared documents | |
EP0760565A1 (en) | Apparatus and method for authenticating the dispatch and contents of documents | |
US20020078351A1 (en) | Secret key Messaging | |
EP1734686A2 (en) | Cipher communication system using device authentication keys | |
WO2001003367A1 (en) | Method for generating secure symmetric encryption and decryption | |
US20040068470A1 (en) | Distributing public keys | |
US20020128982A1 (en) | Method and arrangement for offering a service via information network | |
EP1146684B1 (en) | Limited printing of electronically transmitted information | |
WO2001028154A1 (en) | Transmission of confidential information | |
WO2000046952A1 (en) | Method for sending secure email via standard browser | |
KR20030083273A (en) | A system for making/retrieving secure documents using on-line fingerprint authentication and a method therefor | |
JP3449894B2 (en) | Network transaction system, recording medium recording the program, terminal device, and identification method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE |
|
AX | Request for extension of the european patent |
Free format text: AL;LT;LV;MK;RO;SI |
|
17P | Request for examination filed |
Effective date: 20010326 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20021001 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: 8566 |
|
RBV | Designated contracting states (corrected) |
Designated state(s): FR GB |