Public key based secure messaging systems allow users to communicate securely over the Internet. Examples of public-key based secure messaging systems include S/MIME (see RFC3850-3855 of IETF) and PGP (see RFC 2440 of IETF). Although such systems have existed for many years and have been promoted by major companies, very few people use such systems today because of the complexity involved in implementing and using such systems. The problem with these systems is that both the sender and the recipient each must create and manage a pair of public and private keys, the public key must be certified by a certificate authority (CA), and the public keys must be transmitted to the other party before any encrypted message can be sent.
The same inventors of the present invention have disclosed a secure transmission system (U.S. Pat. No. 6,760,752) that significantly reduces the barrier for a user to start using public key encryption. The system hosts every user's public key in a central key server. A user only needs to generate a pair of public and private keys and answer a confirmation email before being able to send and receive encrypted messages. The recipient's public key is retrieved and certified each time when a message is sent to the recipient. However, the system still requires the recipient to have public and private keys first before a message can be sent to the recipient. Furthermore, it requires both the sender and the recipient to install a special encryption/decryption software program.
The first inventor of the present invention (David Cook) disclosed a secure forwarding system (U.S. Pat. No. 6,732,101) that allows a secure message to be sent to a recipient without requiring the recipient to have a pair of public and private keys or install special encryption/decryption software programs. The system first looks up the recipient's public key from a central key server. If the recipient's public key is found, the message will be encrypted using the recipient's public key and sent to the recipient directly. If the recipient does not have a public key in the central key server, the message will be encrypted and sent to a forwarding server where, if the recipient has specified any specific form of secure forwarding, that forwarding will be instituted. In the alternative, the recipient can be notified to pick up the message using a web browser over a secure link, such as TLS or SSL. The access of the message is controlled by a password which can be established the first time the recipient receives such a web-based delivered message. Two issues regarding this system are 1) some messages sent with the TLS web-based delivery are not picked up by the recipients, either because these recipients do not want to go through the process of establishing a password for the first time or because they have forgotten the password and are unwilling to establish a new password, and 2) senders are sometimes reluctant to use such a system because of the theoretical possibility that the message could be viewed at the forwarding server.
The inventors of the present invention also disclosed a system and method that automatically selects the best method for electronic content delivery (US Application No 2004/0139314). This system is similar to U.S. Pat. No. 6,732,101 but is extended to include other possible recipient devices, such as network gateway devices. This system has the same issues of the system of U.S. Pat. No. 6,732,101 discussed above.
There is a need for a system and method that sends secure messages to a recipient without requiring the recipient to establish a password, to generate and certify public/private keys, or to install any special encryption/decryption software.