1. Technical Field
The invention relates to communication on an electronic network. More particularly, the invention relates to a method and system for providing secure document delivery over a wide area network, such as the Internet.
2. Description of the Prior Art
The Internet is increasingly being used for communications. It is now possible on the Internet for a sender to direct a document to a specific recipient, regardless of platform, operating system, or email system. The sender's computer may be connected to the Internet directly, or through an intranet's server. Such communication is possible even when the recipient is not a computer but, rather, a fax machine or printer connected to the Internet.
This increase in Internet communications has necessitated the development of security systems to insure protection for information transmitted over the Internet. Encryption is a basic technique used to scramble information to prevent unsolicited access to that information. One well-known encryption scheme is secret key encryption, sometimes referred to as private key encryption or symmetric-key cryptography. Secret key encryption employs the technique of scrambling information using a unique key to prevent unsolicited access thereto.
This unique key is then required to unscramble the information. FIG. 1 is a diagram illustrating secret key encryption, according to the prior art.
A document 10 is scrambled 12 using a secret key 14. A secret key is an encryption scheme that is only available to authorized users of the scheme. The encryption software may be located on the user's computer, or at a remote location. Thus, the document may be encrypted in situ, or upon transmission to another computer, such as an intranet server.
The resulting encrypted document 16 is then transmitted to the recipient. It is unscrambled 18 using the secret key 14 to regenerate the original document 10. The encrypted document cannot be accessed without the secret key. Again, the decryption software may be located on the recipient's computer, or at a remote location.
One potential problem associated with secret key encryption is the secure distribution of the secret key. If the secret key is sent over a non-secure channel, the integrity of the security is compromised. For most practical applications, telephone or fax provides adequate security for delivering secret keys, while the document can be delivered over the internet using such mail schemes as Posta, which is available from Tumbleweed Software Corporation of Redwood City, Calif. In some instances, however, users require a more secure, or more convenient, means of distributing a key.
Another known encryption scheme is public key encryption. In public key encryption, the sender and the recipient each own a pair of keys, called the public key and the private key. The owner of a key pair publishes the public key and keeps the private key a Secret.
The sender uses the published public key of the intended recipient to encrypt information. The information is decrypted using the recipient's private key. Thus, using public key encryption, no private key must be distributed.
FIG. 2 is a diagram illustrating public key encryption, according to the prior art. A document 20 is scrambled 22 using a public key 24. The resulting encrypted document 26 is then transmitted to the recipient. It is unscrambled 28 using the private key 30 to regenerate the original document 20.
The keys used in public key encryption are very large numbers. Public key encryption exploits an esoteric mathematical relationship between the key numbers to implement the encryption and decryption. As a result, the private key cannot readily be derived from the published public key.
It is often useful to verify that a document has not been altered during transmission, or to verify the sender or recipient of a document. Secret and public key technology provide such verification. However, public key encryption algorithms are typically complex and often are too time consuming to be of practical use. Secret key encryption is much faster, but there are difficulties associated with securely transmitting the key.
A public key/private key encryption system is described in Ganesan, Yaksha, An Improved System And Method For Securing Communications Using Split Private Key Asymmetric Cryptography, U.S. Pat. No. 5,535,276 Jul. 9, 1996). However, the Ganesan encryption scheme uses a complicated scheme for generating temporary keys and requires several different users to manually request public keys.
In Torii, Key Distribution Protocol For File Transfer In The Local Area Network, U.S. Pat. No. 5,313,521 May 17, 1991) a key distribution center is used to authenticate a terminal to a server. Pastor, Reliable Document Authentication System, U.S. Pat. No. 4,853,961 (Aug. 1, 1989) describes a document authentication system that includes a decryption key. Choudhury, et al, Method of Protecting Electronically Published Materials Using Cryptographic Protocols, U.S. Pat. No. 5,509,074 (Apr. 16, 1996) teaches a document protection system that includes a server-to-server security access operation to authenticate each document request. However, all of these prior art schemes require user intervention to authenticate the certificate.
Another encryption scheme, digital envelopes, is not subject to the disadvantages of secret key and public key encryption. Using digital envelopes, a sender encrypts a document with a secret key. The secret key is then encrypted with a public key. The recipient of the document then uses the recipient's private key to decrypt the secret key, and then the secret key to decrypt the document.
Registries are now available for publication of public keys. Such registries can certify that a particular public key belongs to a particular entity. For example, a certificate authority issues and maintains digital certificate that are used to connect entities to their specific public keys. The sender must query the registry to receive the requested public key information. This time-consuming process is inefficient, especially when the sender has a large number of documents to transmit to different recipients.
It would be an advantage to provide a system and method for automatically and dynamically retrieving a public key over a wide area network for encryption purposes. It would be a further advantage if such system and method uses a server to retrieve the certificate and requires no user intervention. It would be yet another advantage if the system and method does not transmit a document to the server until the server has returned the public key to the user.