WO2002023785A2 - Secure messaging - Google Patents

Secure messaging Download PDF

Info

Publication number
WO2002023785A2
WO2002023785A2 PCT/GB2001/004150 GB0104150W WO0223785A2 WO 2002023785 A2 WO2002023785 A2 WO 2002023785A2 GB 0104150 W GB0104150 W GB 0104150W WO 0223785 A2 WO0223785 A2 WO 0223785A2
Authority
WO
WIPO (PCT)
Prior art keywords
decoder
user
information
secure messaging
mail message
Prior art date
Application number
PCT/GB2001/004150
Other languages
French (fr)
Other versions
WO2002023785A3 (en
Inventor
Michael Henry Wright
Nicholas Hunter Ramage
Original Assignee
Innovation Venture Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Innovation Venture Limited filed Critical Innovation Venture Limited
Priority to AU2001287874A priority Critical patent/AU2001287874A1/en
Publication of WO2002023785A2 publication Critical patent/WO2002023785A2/en
Publication of WO2002023785A3 publication Critical patent/WO2002023785A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/107Computer-aided management of electronic mailing [e-mailing]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/07User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail characterised by the inclusion of specific contents
    • H04L51/08Annexed information, e.g. attachments
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/041Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 using an encryption or decryption engine integrated in transmitted data

Definitions

  • This invention relates to secure messaging over a communications network.
  • cracks are pieces of software that allow one to break the encryption and decipher the information contained therein. It is particularly desirable to send invoices or statements electronically to clients provided that the information contained therein is only available to authorised users.
  • invoice shall have its widest meaning and shall include statements and accounts unless otherwise indicated.
  • processor is to be given its widest meaning and includes any suitable apparatus which executes under stored programme control to achieve a desired result.
  • a method of secure messaging which includes sending a decoder to a user as an attachment to an e-mail message.
  • decoder to be sent in the form of an executable file; for the decoder to be installed on a user's computer when the attachment is opened in the e-mail message; alternately for the decoder to be installed on a user's computer when the e-mail message is opened.
  • decoder to operatively decrypt, encoded information using a key known to the user and to the sender of the information; for the key to be a SHA-1 or MD5 hash of at least two character strings; and for the at least two character strings to include a username and password.
  • encoded information to be sent to a user as an attachment to an e-mail message; for the e-mail message to which the encoded information is attached to also have a decoder attached thereto; for the attachment to invoke the decoder when opened; and for the encoded information to be compressed before being attached to an e-mail message.
  • a further feature of the invention provides for the information to be encoded using CBC encoded Blowfish or triple DES ciphers.
  • the invention also provides a method of securely transmitting an invoice which includes encoding the information forming the invoice and transmitting the encoded information to a user as an attachment to an e-mail message and transmitting a decoder for the encoded information to a user as an attachment to an e-mail message.
  • encoded information and decoder to be attached to the same e-mail message; for the decoder to install itself on the user's computer when the e-mail message is opened; alternately for the decoder to install itself on the user's computer when the attachment is opened in the e-mail message.
  • the installed decoder to decrypt the encoded information attached to the e-mail message; for the installed decoder to decrypt the encoded information attached to the e-mail message when the attachment is opened; for the decoder to require a key from the user to decrypt the encoded information; and for the key to be known to the user and to the sender of the invoice.
  • a further feature of the invention provides for the information forming the invoice to be compressed prior to being encoded.
  • the invention further provides for a system for secure messaging comprising a first store of information and at least one processor configured to encode the information and to attach the encoded information to at least one e-mail message to be sent to at least one user and to attach a decoder to an e-mail message to be sent to the or each user.
  • processors to attach encoded information and a decoder to a single e-mail message to the or each user; for the system to include a mail server for sending the or each e-mail message; for the or each decoder to be an executable file; and for the or each decoder to install itself on a user's computer.
  • Still fiirther features of the invention provide for the or each decoder to install itself on a user's computer when the attachment is opened in the e-mail message; alternately for the or each decoder to install itself on a user's computer when the e-mail message is opened.
  • each decoder to operatively decode the information attached to an e-mail message using a key known to the user and to the sender of the information; for each key to be a SHA-1 or MD5 hash of character strings; and for the character strings to include a username and password.
  • the at least one processor to compress the information prior to encoding it; for the first store of information to include a plurality of sets of information; for each set of information to correspond to a user; and for each set of information to be encoded and attached to an e-mail message.
  • Still further features of the invention provide for there to be provided a second store of information containing user address details and for a processor to be configured to correlate user details contained in the first information store with those in the second information store and to format e-mail messages using the information in the second store.
  • the second store of information to further include a username and password for each user; for the processor to encode the information for a user using the username and password for the user contained in the second store of information; and for the or each decoder not to be installed on a user's computer if an identical decoder is already installed on the computer.
  • a further feature of the invention provide for the at least one processor to interrogate a third store of information in which are recorded details of users who have already received a decoder and wherein the at least one processor does not attach a decoder to an e-mail message to a user where the user is recorded as having already received a decoder.
  • Figure 1 is a schematic diagram of a secure messaging system.
  • Confidential information for example monthly account statements, generated by the bank's computer system (4) is produced as individual files, or a single file and is stored in a first information store (5) together with necessary identification and addressing information.
  • the files stored at (5) are then sent to a secure server (8) using a secure file transfer protocol (9).
  • the files are parsed (13) into a format understood by the secure server.
  • the information in the files is formatted (14) to produce documents of a required type, such as HTML or Word.
  • a processor compresses the documents and then encodes the information (15) using a CBC encoded block cipher.
  • the encrypted document is padded with random data for more entropy and to reduce the likelihood of know-plaintext attacks.
  • the process may use any block cipher and key length but in this embodiment supports 112 bit and 168 bit Triple DES or 128 bit to 448 bit Blowfish block ciphers.
  • the key for the encryption is created from a SHA-1 or MD5 hash of the recipient's username and password, which is included in the data files (4). Any suitable character strings may however be used to form the key.
  • Each encoded file is then attached by the processor to an e-mail message (16) addressed to the relevant user (20) together with a decoder.
  • Each decoder is a small executable file that is capable of decrypting encoded files once properly installed on a computer.
  • Each decoder is further configured to be capable of being installed on a number of different software platforms. This avoids the problem of having to first determine the type of software platform being used by each user (20) and then sending a specific, and often different, decoder to each user (20).
  • the messages together with attachments are then sent via a bulk mailer (17) using Simple Mail Transfer Protocol (SMTP) to the users (20). Bounced mail (19) will be returned to the mail server (8) for reporting purposes.
  • SMTP Simple Mail Transfer Protocol
  • the decoder Once the e-mail message is received by a user (20), opening the message and executing the decoder (21) will cause the decoder attached to the message to automatically install itself on the user's computer if the user (20) does not already have a decoder.
  • the decoder could, however, also be configured to install automatically when the message is opened. As the size of the decoder is very small, about 43 kb in this embodiment, it is easy to send as an e-mail attachment and simple to manage by the user's computer.
  • the decoder Once the decoder is installed on the user's computer all encoded files attached to e-mail messages by the sender (2) will automatically invoke the decoder when they are opened (22). At this point, the user will be required to enter his username and password, which will be used to decode the message (24). If the username/password combination is correct the document is opened using the default viewer (25) for the documents, for example Word or Excel.
  • the system (1) enables secure messaging to occur through a simple yet highly effective process.
  • By attaching the decoder to an e-mail message it is unnecessary for the user to obtain a decoder by downloading from a communication network or any other means.
  • the size of the decoder does not impose a large overhead on the e-mail size in terms of bandwidth usage.
  • any suitable encoding can be used and the decoder need not be self-installing and could be installed through any convenient means.
  • the decoder could further be created prior to attachment to a message to decrypt information using a specific key thus obviating the need for the user to enter his password and username for each message. For security reasons, where such a decoder is used, it is desirable for the decoder to require these details prior to installing itself.
  • the decoder could be configured to remember a username and password after they have been entered once.
  • the decoder could also be attached to a separate message to the message that the encoded information is attached to.
  • a first store containing sets information to be encoded together with an identifier for each set
  • a second store containing the addressing details and username and password for each identifier.
  • the processor would obtain addressing details and encoding keys for the information in the first store from the second store of information.
  • a third store of information which could form part of the second store of information, could also be used to record whether a user already has a decoder installed on his computer or at least whether he has been sent one. This information could then be checked prior to sending encoded information with an e-mail message to determine whether it is necessary to attach a decoder to the message. Where a decoder is not attached to a message and the user requires one, for example where another computer is being used which does not have a decoder installed, a hyperlink could be provided to allow the user to access a website (secure or otherwise) to download the decoder. Alternatively a device could be provided on messages to automatically request a decoder to be sent to the user.
  • the functions of encoding information, attaching the information to a message, attaching a decoder to the message and sending the message may be performed by one or more processors. Where more than one processor is used the processors may each perform a specific task or may operate in parallel.

Abstract

A method of secure messaging which includes sending a decoder to a user as an attachment to an e-mail message. The decoder may be sent in the form of an executable file which is installed on a user's computer when the attachment is opened in the e-mail message.

Description

Secure Messaging
Field of the Invention
This invention relates to secure messaging over a communications network.
Background to the Invention
The rapid growth of the Internet has led to widespread use of e-mail as a means of messaging. E-mail is attractive as it is quick and fairly cheap to use. As with transmissions on most communications networks, e-mail does suffer the disadvantage that it can be fairly easily intercepted. For this reason it is often desirable to encrypt messages. Presently, secure messaging is usually performed using a digital certificate and public key encryption. While this can be fairly effective, it is a cumbersome system as digital certificates are often difficult to install and understand, from an end-user perspective, and usually need annual revision. In addition, Public Key Lώastructure and digital certificate solutions require complex certificate management systems and rules. As a result, the system does not lend itself to widespread use.
Systems that do not employ digital certificates still require some form of a decoder, which decrypts messages, to be present on the recipient's computer. At present this entails purchasing proprietary software with a decoder from a vendor and installing it on a computer or downloading a commonly available decoder through a communications network, usually the Internet. The latter is often preferred but can be time-consuming and installation of the decoder difficult. Only once the decoder is installed on a computer can the user sign up to receive encrypted information and this can only be received after the sign up procedure has been successfully completed. The procedure required is thus often too laborious for novices to undertake. In addition, the commonly available solutions have known "cracks" that are also commonly available on the Internet. These cracks are pieces of software that allow one to break the encryption and decipher the information contained therein. It is particularly desirable to send invoices or statements electronically to clients provided that the information contained therein is only available to authorised users. In this specification "invoice" shall have its widest meaning and shall include statements and accounts unless otherwise indicated.
Also in this specification, "processor" is to be given its widest meaning and includes any suitable apparatus which executes under stored programme control to achieve a desired result.
Object of the Invention
It is an object of this invention to provide secure messaging which will at least partially alleviate some of the above mentioned problems.
Summary of the Invention
In accordance with the invention there is provided a method of secure messaging which includes sending a decoder to a user as an attachment to an e-mail message.
Further features of the invention provide for the decoder to be sent in the form of an executable file; for the decoder to be installed on a user's computer when the attachment is opened in the e-mail message; alternately for the decoder to be installed on a user's computer when the e-mail message is opened.
Further features of the invention provide for the decoder to operatively decrypt, encoded information using a key known to the user and to the sender of the information; for the key to be a SHA-1 or MD5 hash of at least two character strings; and for the at least two character strings to include a username and password.
Further features of the invention provide for the encoded information to be sent to a user as an attachment to an e-mail message; for the e-mail message to which the encoded information is attached to also have a decoder attached thereto; for the attachment to invoke the decoder when opened; and for the encoded information to be compressed before being attached to an e-mail message. A further feature of the invention provides for the information to be encoded using CBC encoded Blowfish or triple DES ciphers.
The invention also provides a method of securely transmitting an invoice which includes encoding the information forming the invoice and transmitting the encoded information to a user as an attachment to an e-mail message and transmitting a decoder for the encoded information to a user as an attachment to an e-mail message.
Further features of the invention provide for the encoded information and decoder to be attached to the same e-mail message; for the decoder to install itself on the user's computer when the e-mail message is opened; alternately for the decoder to install itself on the user's computer when the attachment is opened in the e-mail message.
Further features of the invention provide for the installed decoder to decrypt the encoded information attached to the e-mail message; for the installed decoder to decrypt the encoded information attached to the e-mail message when the attachment is opened; for the decoder to require a key from the user to decrypt the encoded information; and for the key to be known to the user and to the sender of the invoice.
A further feature of the invention provides for the information forming the invoice to be compressed prior to being encoded.
The invention further provides for a system for secure messaging comprising a first store of information and at least one processor configured to encode the information and to attach the encoded information to at least one e-mail message to be sent to at least one user and to attach a decoder to an e-mail message to be sent to the or each user.
Further features of the invention provide for the processor to attach encoded information and a decoder to a single e-mail message to the or each user; for the system to include a mail server for sending the or each e-mail message; for the or each decoder to be an executable file; and for the or each decoder to install itself on a user's computer. Still fiirther features of the invention provide for the or each decoder to install itself on a user's computer when the attachment is opened in the e-mail message; alternately for the or each decoder to install itself on a user's computer when the e-mail message is opened.
Yet further features of the invention provide for the or each decoder to operatively decode the information attached to an e-mail message using a key known to the user and to the sender of the information; for each key to be a SHA-1 or MD5 hash of character strings; and for the character strings to include a username and password.
Further features of the invention provide for the at least one processor to compress the information prior to encoding it; for the first store of information to include a plurality of sets of information; for each set of information to correspond to a user; and for each set of information to be encoded and attached to an e-mail message.
Still further features of the invention provide for there to be provided a second store of information containing user address details and for a processor to be configured to correlate user details contained in the first information store with those in the second information store and to format e-mail messages using the information in the second store.
Yet further features of the invention provide for the second store of information to further include a username and password for each user; for the processor to encode the information for a user using the username and password for the user contained in the second store of information; and for the or each decoder not to be installed on a user's computer if an identical decoder is already installed on the computer.
A further feature of the invention provide for the at least one processor to interrogate a third store of information in which are recorded details of users who have already received a decoder and wherein the at least one processor does not attach a decoder to an e-mail message to a user where the user is recorded as having already received a decoder. Brief Description of the Drawings
One embodiment of the invention will be described, by way of example only, with reference to Figure 1 which is a schematic diagram of a secure messaging system.
Detailed Description of the Drawings
A system (1) for secure messaging from a sender (2), in this embodiment a bank, to a plurality of users (20), in this embodiment clients (only one shown), is shown in Figure 1.
Confidential information, for example monthly account statements, generated by the bank's computer system (4) is produced as individual files, or a single file and is stored in a first information store (5) together with necessary identification and addressing information. The files stored at (5) are then sent to a secure server (8) using a secure file transfer protocol (9).
Once received by the secure server (8) through a file data interface (11) the files are parsed (13) into a format understood by the secure server. Hereafter the information in the files is formatted (14) to produce documents of a required type, such as HTML or Word. Once the documents are created, a processor compresses the documents and then encodes the information (15) using a CBC encoded block cipher. The encrypted document is padded with random data for more entropy and to reduce the likelihood of know-plaintext attacks. The process may use any block cipher and key length but in this embodiment supports 112 bit and 168 bit Triple DES or 128 bit to 448 bit Blowfish block ciphers. The key for the encryption is created from a SHA-1 or MD5 hash of the recipient's username and password, which is included in the data files (4). Any suitable character strings may however be used to form the key.
Each encoded file is then attached by the processor to an e-mail message (16) addressed to the relevant user (20) together with a decoder. Each decoder is a small executable file that is capable of decrypting encoded files once properly installed on a computer. Each decoder is further configured to be capable of being installed on a number of different software platforms. This avoids the problem of having to first determine the type of software platform being used by each user (20) and then sending a specific, and often different, decoder to each user (20). The messages together with attachments are then sent via a bulk mailer (17) using Simple Mail Transfer Protocol (SMTP) to the users (20). Bounced mail (19) will be returned to the mail server (8) for reporting purposes.
Once the e-mail message is received by a user (20), opening the message and executing the decoder (21) will cause the decoder attached to the message to automatically install itself on the user's computer if the user (20) does not already have a decoder. The decoder could, however, also be configured to install automatically when the message is opened. As the size of the decoder is very small, about 43 kb in this embodiment, it is easy to send as an e-mail attachment and simple to manage by the user's computer. Once the decoder is installed on the user's computer all encoded files attached to e-mail messages by the sender (2) will automatically invoke the decoder when they are opened (22). At this point, the user will be required to enter his username and password, which will be used to decode the message (24). If the username/password combination is correct the document is opened using the default viewer (25) for the documents, for example Word or Excel.
The system (1) enables secure messaging to occur through a simple yet highly effective process. By attaching the decoder to an e-mail message it is unnecessary for the user to obtain a decoder by downloading from a communication network or any other means. As the decoder is self installing it is not necessary for the user to have any technical knowledge. Also, the size of the decoder does not impose a large overhead on the e-mail size in terms of bandwidth usage.
It will be appreciated, however, that many other embodiments of a secure messaging system exist especially as regards the configuration thereof and the form of decoder. For example, any suitable encoding can be used and the decoder need not be self-installing and could be installed through any convenient means. The decoder could further be created prior to attachment to a message to decrypt information using a specific key thus obviating the need for the user to enter his password and username for each message. For security reasons, where such a decoder is used, it is desirable for the decoder to require these details prior to installing itself. Alternatively, the decoder could be configured to remember a username and password after they have been entered once. The decoder could also be attached to a separate message to the message that the encoded information is attached to.
Furthermore, it may be desirable to have two or more stores of information, a first store containing sets information to be encoded together with an identifier for each set, and a second store containing the addressing details and username and password for each identifier. In this instance the processor would obtain addressing details and encoding keys for the information in the first store from the second store of information.
A third store of information, which could form part of the second store of information, could also be used to record whether a user already has a decoder installed on his computer or at least whether he has been sent one. This information could then be checked prior to sending encoded information with an e-mail message to determine whether it is necessary to attach a decoder to the message. Where a decoder is not attached to a message and the user requires one, for example where another computer is being used which does not have a decoder installed, a hyperlink could be provided to allow the user to access a website (secure or otherwise) to download the decoder. Alternatively a device could be provided on messages to automatically request a decoder to be sent to the user.
It will still further be appreciated that the functions of encoding information, attaching the information to a message, attaching a decoder to the message and sending the message may be performed by one or more processors. Where more than one processor is used the processors may each perform a specific task or may operate in parallel.

Claims

Claims
1. A method of secure messaging, which includes sending a decoder to a user as an attachment to an e-mail message.
2. A method of secure messaging as claimed in claim 1 in which the decoder is sent in the form of an executable file.
3. A method of secure messaging as claimed in claim 1 or claim 2 in which the decoder is installed on a user's computer when the attachment is opened in the e-mail message.
4. A method of secure messaging as claimed in claim 1 or claim 2 in which the decoder is installed on a user's computer when the e-mail message is opened.
5. A method of secure messaging as claimed in any one of the preceding claims in which the decoder operatively decrypts encoded information using a key known to the user and to the sender of the information.
6. A method of secure messaging as claimed in claim 5 in which the key is a SHA-1 or MD5 hash of at least two character strings.
7. A method of secure messaging as claimed in claim 6 in which the at least two character strings include a username and password.
8. A method of secure messaging as claimed in any one of the preceding claims in which encoded information is sent to a user as an attachment to an e-mail message.
9. A method of secure messaging as claimed in claim 8 in which the e-mail message to which the encoded information is attached also has a decoder attached thereto.
10. A method of secure messaging as claimed in claim 8 or claim 9 in which the attachment invokes the decoder when opened.
11. A method of secure messaging as claimed in claim 8 or claim 9 in which the encoded information is compressed before being attached to an e-mail message.
12. A method of secure messaging as claimed in any one of claims 5 to 11 in which the information is encoded using CBC encoded Blowfish or triple DES ciphers.
13. A method of securely transmitting an invoice which includes encoding the information forming the invoice and transmitting the encoded information to a user as an attachment to an e-mail message and transmitting a decoder for the encoded information to a user as an attachment to an e-mail message.
14. A method of securely transmitting an invoice as claimed in claim 13 in which the encoded information and decoder are attached to the same e-mail message.
15. A method of securely transmitting an invoice as claimed in claim 13 or claim 14 in which the decoder installs itself on a user's computer when the attachment is opened in the e-mail message.
16. A method of securely transmitting an invoice as claimed in claim 13 or claim 14 in which the decoder installs itself on a user's computer when the e-mail message is opened.
17. A method of securely transmitting an invoice as claimed in claim 15 or claim 16 in which the installed decoder decrypts the encoded information attached to the e-mail message.
18. A method of securely transmitting an invoice as claimed in claim 17 in which the installed decoder decrypts the encoded information attached to the e-mail message when the attachment is opened.
19. A method of securely transmitting an invoice as claimed in claim 17 or claim 18 in which the decoder requires a key from the user to decrypt the encoded information.
20. A method of securely transmitting an invoice as claimed in claim 19 in which the key is known to the user and to the sender of the invoice.
21. A method of securely transmitting an invoice as claimed in any one of claims 13 to 20 in which the information forming the invoice is compressed prior to being encoded.
22. A system for secure messaging comprising a first store of information and at least one processor configured to encode the information and to attach the encoded information to at least one e-mail message to be sent to at least one user and to attach a decoder to an e-mail message to be sent to the or each user.
23. A system for secure messaging as claimed in claim 22 in which the processor attaches encoded information and a decoder to a single e-mail message to the or each user.
24. A system for secure messaging as claimed in claim 22 or claim 23 which includes a mail server for sending the or each e-mail message.
25. A system for secure messaging as claimed in any one of claims 22 to 24 in which the or each decoder is an executable file.
26. A system for secure messaging as claimed in any one of claims 22 to 25 in which the or each decoder installs itself on a user's computer.
27. A system for secure messaging as claimed in claim 26 in which the or each decoder installs itself on a user's computer when the attachment is opened in the e-mail message.
28. A system for secure messaging as claimed in claim 26 in which the or each decoder installs itself on a user's computer when the e-mail message is opened.
29. A system for secure messaging as claimed in any one of claims 22 to 28 in which the or each decoder operatively decodes the information attached to a user's e-mail message using a key known to the user and to the sender of the information.
30. A system for secure messaging as claimed in claim 29 in which a key is a SHA-1 or MD5 hash of character strings.
31. A system for secure messaging as claimed in claim 30 in which the character strings include a username and password.
32. A system for secure messaging as claimed in any one of claims 22 to 31 in which the at least one processor compresses the information prior to encoding it.
33. A system for secure messaging as claimed in any one of claims 22 to 32 in which the first store of information includes a plurality of sets of information, each set of information corresponding to a user.
34. A system for secure messaging as claimed in claim 33 in which each set of information is encoded and attached to an e-mail message.
35. A system for secure messaging as claimed in claim 33 or claim 34 in which there is provided a second store of information containing user address details and wherein a processor is configured to correlate user details contained in the first information store with those in the second information store and to format e-mail messages using the information in the second store.
36. A system for secure messaging as claimed in claim 35 in which the second store of information further includes a username and password for each user.
37. A system for secure messaging as claimed in claim 36 in which the first processor encodes the information for a user using the username and password contained in the second store of information for the user.
38. A system for secure messaging as claimed in any one of claims 22 to 37 in which the or each decoder is not installed on a user's computer if an identical decoder is already installed on the computer.
39. A system for secure messaging as claimed in any one of claims 22 to 38 in which a processor interrogates a third store of information in which are recorded details of users who have already received a decoder and wherein the at least one processor does not attach a decoder to an e-mail message to a user where the user is recorded as having already received a decoder.
40. A method of secure messaging substantially as herein described and as illustrated with reference to the drawing.
41. A method of securely transmitting an invoice substantially as herein described and as illustrated with reference to the drawing.
42. A system for secure messaging substantially as herein described and as illustrated with reference to the drawing.
PCT/GB2001/004150 2000-09-15 2001-09-17 Secure messaging WO2002023785A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001287874A AU2001287874A1 (en) 2000-09-15 2001-09-17 Secure messaging

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0022724A GB0022724D0 (en) 2000-09-15 2000-09-15 Secure messaging
GB0022724.9 2000-09-15

Publications (2)

Publication Number Publication Date
WO2002023785A2 true WO2002023785A2 (en) 2002-03-21
WO2002023785A3 WO2002023785A3 (en) 2002-08-01

Family

ID=9899565

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2001/004150 WO2002023785A2 (en) 2000-09-15 2001-09-17 Secure messaging

Country Status (3)

Country Link
AU (1) AU2001287874A1 (en)
GB (1) GB0022724D0 (en)
WO (1) WO2002023785A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002032044A2 (en) * 2000-10-13 2002-04-18 Eversystems Inc. Secret key messaging
WO2006021830A1 (en) * 2004-08-27 2006-03-02 Easecredit E-mail bank account statement for internet banking when carrying out online payments via e-mail and method for preparing an e-mail bank account statement
EP1646194A1 (en) * 2004-10-08 2006-04-12 Sagem Communication Method for producing a reliable delivery acknowledgement

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000049786A1 (en) * 1999-02-19 2000-08-24 Messagemedia, Inc. Message encryption system and method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000049786A1 (en) * 1999-02-19 2000-08-24 Messagemedia, Inc. Message encryption system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
PRENEEL B: "State-of-the-art Ciphers for Commercial Applications" COMPUTERS & SECURITY. INTERNATIONAL JOURNAL DEVOTED TO THE STUDY OF TECHNICAL AND FINANCIAL ASPECTS OF COMPUTER SECURITY, ELSEVIER SCIENCE PUBLISHERS. AMSTERDAM, NL, vol. 18, no. 1, 1999, pages 67-74, XP004154866 ISSN: 0167-4048 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002032044A2 (en) * 2000-10-13 2002-04-18 Eversystems Inc. Secret key messaging
WO2002032044A3 (en) * 2000-10-13 2003-01-09 Eversystems Inc Secret key messaging
US6728378B2 (en) 2000-10-13 2004-04-27 Eversystems Information Comircio Representagco, Importageo E Exportagco Ltda. Secret key messaging
WO2006021830A1 (en) * 2004-08-27 2006-03-02 Easecredit E-mail bank account statement for internet banking when carrying out online payments via e-mail and method for preparing an e-mail bank account statement
EP1646194A1 (en) * 2004-10-08 2006-04-12 Sagem Communication Method for producing a reliable delivery acknowledgement
FR2876527A1 (en) * 2004-10-08 2006-04-14 Sagem METHOD FOR PRODUCING A RELIABLE RECEPTION ACCUSE

Also Published As

Publication number Publication date
AU2001287874A1 (en) 2002-03-26
GB0022724D0 (en) 2000-11-01
WO2002023785A3 (en) 2002-08-01

Similar Documents

Publication Publication Date Title
US7634651B1 (en) Secure data transmission web service
JP4148979B2 (en) E-mail system, e-mail relay device, e-mail relay method, and e-mail relay program
US8166299B2 (en) Secure messaging
US6442686B1 (en) System and methodology for messaging server-based management and enforcement of crypto policies
US20070172066A1 (en) Message security
US20030065941A1 (en) Message handling with format translation and key management
US20060129629A1 (en) Communication method, communication system, relay system, communication program, program for communication system, mail distribution system, mail distribution method, and mail distribution program
EP1145507A1 (en) Web-based delivery of secure e-mail messages
AU2004203148A1 (en) Method for Strongly Encrypting .zip Files
WO2002093849A2 (en) System for secure electronic information transmission
WO2004057795A1 (en) System and method for storage and retrieval of cryptographic keys
US20040088539A1 (en) System and method for securing digital messages
US7660987B2 (en) Method of establishing a secure e-mail transmission link
WO2008050742A1 (en) Electronic mail transmission and reception system
CN1783853B (en) Cipher mail server device
US6847719B1 (en) Limiting receiver access to secure read-only communications over a network by preventing access to source-formatted plaintext
US6968458B1 (en) Apparatus and method for providing secure communication on a network
EP1387239B1 (en) Secure messaging
AU2005201621B2 (en) Transmission of secure electronic mail formats
JP2008134985A (en) Network system
US20020053019A1 (en) System, computer product and method for secure electronic mail communication
WO2002023785A2 (en) Secure messaging
KR20030012556A (en) Mail transmitting/receiving system using watermarking and encoding technique, and method thereof
WO2000046952A1 (en) Method for sending secure email via standard browser
US20080172470A1 (en) Method and a system for the secure exchange of an e-mail message

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP