Without limiting the invention, its background is described in connection with a system that creates an encrypted document which is transmitted over a communications path containing at least two facsimile devices.
Through the years, the Public Switched Telephone Network ("PSTN") has become vital to the transfer of digital information. Modems, telecopiers or facsimile machines have turned the PSTN into an inexpensive and effective way of transmitting and receiving messages, data and other forms of electronic information. Moreover, the increasing use of information services, such as CompuServe, Prodigy and America On Line, and the recent emergence of the Internet as the information highway of choice have made the PSTN a critical and necessary element of the modern electronic-age.
There are many reasons for the increasing use of the PSTN as a means of information transfer including its reliability, low cost of use and worldwide reach. Today, most anyone with a computer, modem and software can gain access to a large volume of information from practically any location where a telephone line outlet can be found. Thus, a point-to-point transfer between any two locations can be easily established and data transferred and received almost instantaneously. An example of this type of transfer would be a facsimile transmission or dial-up modem.
Other methods of electronic information transfer involve the use of the Internet as a way of avoiding the long distance charges associated with point-to-point PSTN transfers. The Internet provides widespread access to an unlimited number of users from an unlimited number of worldwide locations. Individual users, groups and other entities are identified on the Internet by a unique address. A local access hub provides users with an entry point into the Internet network. The local hub acts as the exchange point for both incoming and outgoing data by routing messages to their intended recipients. Since a point-to-point connection is never established, the costs are limited to those charged by the local hub provider and/or a nominal periodic access fee.
Still other methods of information exchange include the use of information services such as CompuServe, Prodigy or American On Line. As with the Internet, a user typically dials into such information services via a local access hub. The user may employ a proprietary software application on a computer which helps the user obtain access. The costs incurred by the user typically include a monthly access fee and a charge corresponding to the total amount of access during a given period.
Whether using a point-to-point transfer, the Internet or the information services described above, there is no existing method of transferring and receiving electronic information with complete confidentiality if a facsimile machine is part of the communications path. Facsimile transmissions have become common place in today's world, yet the use of facsimile equipment compromises the confidentiality of the information since it involves the transfer and receipt of plain language documents. While a document can be stamped "CONFIDENTIAL" in most cases there is no guarantee that the information is received and seen only by its intended recipient. Even where the facsimile device is part of the recipient's computer, there is no guarantee that the intended recipient may not be the only person who has access to the computer.
These concerns are made even more critical when the information being transmitted is highly sensitive, classified or involves priority. Examples of such information include a person's credit card numbers, savings or checking account numbers, billing histories, social security numbers and the like. Traditionally, it has been this concern for information security that has kept mainstream vendors and merchants from placing their goods and services for order on the PSTN via facsimile transmission. Should the user wish to place an order or make a purchase on the PSTN, the user is in essence leaving "carbon" copies of his credit and/or debit history behind for hackers to read, record and use in the future.
Various methods have been proposed to increase the overall security and integrity of the data transmission process on the PSTN. One method involves encryption of the data stream prior to transmission. Encryption involves scrambling the data stream so that the information is uncipherable and unintelligible to anyone who may intercept the data during transmission.
A commonly used encryption method is the Data Encryption Standard (DES) as set forth in Federal Information Processing Standards Publications (FIPs-PUB)-46 (1977). Normally, a DES based algorithm and secret Key are used by a message sender to encrypt the data prior to transmission. Once the data stream arrives at its intended destination, the DES and Key are then used by the recipient to deencrypt the data into an intelligible form. The Key often consists of a 56-bit combination of data which can be interpreted as 16 hexadecimal characters (0-9, and A-F).
Another encryption method involves the use of the RSA algorithm. In operation, an RSA-based program will generate two large prime numbers hundreds of digits long and produce both a "public" key and a "private" key from the numbers to allow encryption and deencryption of electronic messages, respectively. However, RSA encryption has not been popular since the generation and distribution of keys has made it difficult to manage on a widespread basis. Specifically, in an Internet environment where the handling of many transmissions and many users is critical, the use of RSA based programs is impractical.
Prior art systems have been developed to address the problems associated with the secure transmission of data over a network. For example, one approach is the End-To-End Encryption System and Method of Operation disclosed in U.S. Pat. No. 4,578,530 to Zeidler. The '530 patent relates to a method of transmitting DES encrypted Personal Identification Numbers (PIN) for use in conjunction with Automated Teller Machines (ATM) where a user's PIN and other account information are input by a combination of a magnetic strip on a plastic card and by keyboard entry.
However, while the '530 patent operates to increase system security in a network environment involving ATMs, it is not well suited for the electronic transmission of messages on the PSTN where PINs and magnetic cards are unknown elements. Furthermore, while in operation the '530 relies on financial institutions to provide their clients with a specific PIN and magnetic card, it is not well-suited to environments where a plain language document is being transferred over a facsimile machine.
Specifically, none of the conventional prior art systems provide for a reliable and secured method of transmitting sensitive or confidential information from sender to recipient where a facsimile device is part of the communications data path. Conventional prior art systems focus on key generation and distribution processes that are inapplicable where a plain language document is involved.
What is needed is a device and method for creating an encrypted document that can only be deencrypted and viewed by its intended recipient after transmission. Such a device and method would fill the void left by prior art systems.