1. Field of the Invention
It frequently is desirable to spontaneously transmit digital data, in particular recordings such as images, films, sound recordings or written data such as addresses, texts, calendar entries, telephone numbers or any other confidential data from a first communication terminal of a first subscriber to a second communication terminal of a second subscriber.
In the following, an efficient method and an efficient system will be described, with which this is possible in particular for mobile communication terminals “ad hoc”, i.e. without previous mutual exchange of addresses, on the basis of location data.
2. Description of Related Art
During the transmission of data via a data exchange system (wireless or wire-bound data transmission lines, switching computers etc.) the problem arises that the transmitted data possibly can be intercepted or viewed by third parties. For secure transmissions in the internet, a so-called transport encryption is used as prior art, in which the remote terminals agree upon a secret key e.g. by means of the Diffie-Hellman method.
A prerequisite, however, is that before establishment of the secure connection transmitter and receiver mutually exchange data, which in certain application scenarios is not possible or desirable.
In a system according to the prior art, secure connections to the switching and/or data exchange service are established by the transmitter and receiver, but on the part of the operator of the service the data are temporarily stored unencrypted and can be viewed by the operator or by third parties, when the same get access to the switching or data exchange service.
To minimize risks for the user and operator, it is desirable that data are encrypted by the transmitter such that they can only be decrypted by the receiver. This is also referred to as end-to-end encryption.
A solution according to the prior art consists in that the transmitter encrypts the data with a secret key, which it then communicates to the receiver on a confidential route. To simplify the problem of the transmission of keys, so-called asymmetric encryption methods have been available for many years, which will be explained below. All systems used in practice so far, however, have the problem that the user must generate and administer keys, which requires an additional effort, so that for reasons of convenience no encryption frequently is used.
When information is to be transmitted in encrypted form, so that it reaches only the desired receivers, an indirect transmission leads to a number of problems due to the fact that                the data are stored centrally        the receiver circle cannot explicitly be controlled by the transmitter in every application scenario        it possibly is desired to keep the subscribers “anonymous” towards the central service        it possibly is desired in particular to transmit and centrally store the data already before definition of the receiver circle.        
To protect data against unauthorized access, a multitude of encryption methods and protocols are known. In general, data which also are referred to as plain text are transformed into an enciphered text by mathematical methods and a secret key, which enciphered text only can be decrypted again with a knowledge of the correct key, i.e. can be transformed back into plain text.
A distinction is made between symmetric methods, in which the same key is used for encryption and decryption, and asymmetric methods which for encryption require a different key than for decryption.
Asymmetric methods provide for publishing the key for encryption and hence generally encrypt messages to a receiver such that only the receiver in possession of the private key is able to decrypt this message.
Known and standardized symmetric encryption methods for example include DES and the successor AES, and useful asymmetric methods for example include the RSA method based on prime numbers and the EC method based on elliptic curves.
The known PGP (Pretty-Good-Privacy) method is used to encrypt for example electronic mail. The transmitter needs the public key of the receiver for encrypting a message, which only can be decrypted by an associated private key in possession of the receiver. In the case of PGP, however, it is required that the transmitter receives the public key from the receiver in advance, and in contrast to the method of the invention the receiver circle must be predetermined when sending the data and for each receiver a public key must exist.
In section X.509 of the so-called X.500 standard of the ITU there is likewise defined a method for the exchange of keys within an address directory infrastructure, which fulfills a similar purpose as embodiments described below. In X.509 however it is required that keys are provided with a digital signature by a higher instance, so that transmitter and receiver require additional certificates.
The methods and systems described below can be rendered more secure against attacks from a fourth side, by additionally utilizing X.509 transport encryption on the route to the switching computer. Fourth side is meant to be an attacker who does not belong the circle of transmitter, receiver and system operator.
In the following, a method is described which provides for an end-to-end encryption for a system of the spontaneous data transmission as described above.
End-to-end encryption means that on the route between transmitter and receiver the data are not decrypted, so that the system operator also has no access to the data transmitted by the users. This contrasts with the usual transport encryption on partial routes, in which a system present on the transport route decrypts the data and newly encrypts the same, so that the operator of the switching system has access to the data in plain text. Such methods are used for example in the so-called E-Postbrief or DE-Mail.
Another known method, which serves a similar purpose as the method according to the invention, is the so-called “Off-The-Record-Messaging” or OTR. However, the same carries out a Diffie-Hellman key exchange and in its features and methods substantially differs from the method according to the invention.
The methods and systems described here provide for having the key exchange take place automatically and for storing the encrypted data on the central service, even if the receiver circle is not yet known.