A. Field of the Invention
The present invention relates to a security method, security software and security system for protecting private communications that are exchanged via a network. More specifically, the present invention relates to a method and system for protecting the contents of private communications in services in which a plurality of users communicate with one another, for instance, via electronic mail (e-mail) where a mailing list is utilized to identify specific parties to communicate with, and via communications transmitted over a network or the Internet such real time chat services.
B. Definition of Terms
When referring to a chat services, chat rooms, and chat channels herein, the inventors are referring to an Internet or network system service which allows a plurality of user terminals to communicate with one another simultaneously in real time sharing a virtual space such as chat room or chat channel. The e-mail communications mentioned herein refer electronic communications between a specific group of users identified in a mailing list where the list identifies each user with an electronic address such as an e-mail address. Also, in the following description, the term electronic conference room refers to both of the above described forms of electronic communication. For example, a chat room administered by a chat server is a virtual electronic conference room where a plurality of users can communicate. Further, a predetermined group of users each may have a mailing list consisting only of the e-mail addresses of the other users in the group. The predetermined group of users may send specific communications to the users each other using the mailing list, for instance, to send one single message to all users identified in the mailing list. Such a mailing list and communications between all parties included in the mailing list also constitute an electronic conference room in the context of the present invention described below.
C. Description of the Related Art
Due to increased usage of personal computers and the ever increasing development of online communication services, there has been an increasing amount of conferencing communications between a plurality of users on networks and on the Internet. Further, there has been an increase in the amount of real time communication over the Internet, in addition to increases non-real time communications such as electronic bulletin board and email communications. Examples of real time communications include chat systems which allow multiple users to chat with one another in real time. In such communication systems, a plurality of users share a single virtual space, which serves as an electronic conference room often referred to as a chat room. Such communication systems generally limit browsing of and participation in the conversation to users who are registered in the electronic conference room.
Group e-mail communications (using a specific mailing list) and the above described chat systems are examples of electronic conference rooms that are administered by a communication server over a network or the Internet. In principle, conversations that take place in a specific electronic conference room are transmitted only to the specified users who have registered access to the electronic conference room, and it is desirable to maintain privacy to prevent communications from being received by an unwelcome user to the electronic conference room.
In the case of one-to-one communications, such as electronic mail, privacy protection of the communication can be maintained by any of a variety of well known security methods, such as public key encryption. In public key encryption, the sender has a public key used to encrypt a message, and the receiver has a private key used to decrypt the message. If public key encryption is applied to an electronic conference room in which a plurality of users are participating, a sender in a conversation within the electronic conference room must encrypt his or her statements upon transmission into the conversation with different encryption keys (public keys), one encryption key for each recipient to encrypt and/or decrypt the conversation. This is a big burden for the user and for the server that distributes data to each user terminal.
To lessen the burden on the server, some of the users may decide to share a single private key shared amongst all the users, thereby defining a common key. However, if a server that stores the common keys distributes the common keys to the various user terminal or clients, the common keys may have to be encrypted before being distributed, which makes the process even more complicated. If an encryption key is stored as a common key in each of the various users terminals, it is likely that the common key will be deciphered by a third party rendering the encryption virtually useless. Therefore, there is a need for a more reliable method for encrypting electronic communications between a group of user terminals.
One object of the present invention is to eliminate distribution of encryption keys during communications in an electronic conference room system where a plurality of users share an electronic conference room simultaneously, thereby making it difficult to decipher a private key and allowing an efficient and safe encryption and/or decryption of data transmitted between the users engaged in a conversation in the electronic conference room.
In accordance with one aspect of the present invention, a method ensures privacy and security in a communication system where a plurality of user terminals communicate with one other over a network. The method includes the steps of:
generating a series common key at each of the user terminals, each of the common keys being generated based upon a series of coordinated events that occurs among the user terminals and the network;
storing at each of the user terminals the generated common keys, each common key having a unique index identifying that common key;
encrypting at a sending user terminals a communication using a specific common key;
transmitting over the network from the sending user terminal the encrypted communication along with an index corresponding to the specific common key used to encrypt the communication; and
receiving at receiving user terminals the encrypted communication along with the index, identifying the common key used for encrypting the encrypted communication; and
decrypting in the receiving user terminals the encrypted communication using the identified common key.
In the present invention, the unique index is based upon a coordinated event identifiable by all of the user terminals.
Preferably, the coordinated events are based upon predetermined time intervals.
Preferably, the coordinated event is based upon actions taken in the communication system.
The predetermined time intervals may be, for instance, one hour time periods. Specifically, each user terminal generates a new common key every hour. Other time periods are possible. Since all of the user terminals have the same security program installed, all of the user terminals generate the same common key at approximately the same time.
Common keys are generated at each of the users terminals at a coordinated times and are stored such that the common keys are indexed based upon the coordinated times. The encrypted communication is sent along with an index corresponding to the coordinated event (in this case a time), the index having a one to one relationship with a specific the common key and is used to encrypt and decrypt the communication.
In accordance with another aspect of the present invention, a communication system includes a security program for ensuring secure and private communications between a plurality of user terminals transmitting communications to each other over a communication network via a communication server. The security program includes a means in each user terminal for storing at least one private key. A means is provided in each user terminal for commanding identification of an identifier corresponding to an electronic conference room administered by the communication server through which the plurality of user terminals communicate with one another. The commanding means is configured to command generation of a plurality of common keys, each of said common keys having a unique index. As well, there is a means in each user terminal for generating the common key based on the identifier and the unique index, and storing the generated common key in the storing means such that the common key is referred to by the unique index. A means is also provided in each user terminal for encrypting communications to be sent from one user terminal to other user terminals via the communication server, the encrypting means using the newest of the common keys. There is also a means in each user terminal for transmitting the encrypted communications to the other user terminals along with the index via the communication server. Further a means is provided in each user terminal for receiving transmitted communications from the other user terminals via the communication server. Lastly, a means is provided in each user terminal for decrypting encrypted communications received from other user terminals using the unique index to identify the common key from said storing means.
Preferably, the commanding means is further configured to detect predetermined changes in the electronic conference room and designate the detected change as a coordinated event, the coordinated event being used by said generating means to a new common key, the new common key having a unique index corresponding to the coordinated event.
Preferably, the commanding means is further configured to designate each coordinated event in accordance with a predetermined passage of time.
Preferably, the storing means stores a plurality of the private keys, the plurality of private keys being indexed in accordance with the predetermined passage of time. The commanding means identifies one of the private key based on the indexing in accordance of the predetermined passage of time.
In accordance with the present invention, the encrypting means encrypts contents of a communication entered at a user terminal with a newest private key. The encryption means transmits a communication message containing the contents of the communication along with indexing information that corresponds to the common key used to encrypt the communication content. Similarly, the decrypting means receives a communication message generated at another user terminal, and decrypts the contents of the communication using the common key identified using the transmitted indexing information. Specifically, the common key to be used to decrypt the contents of the communication is obtained from the storing means by searching for the indexing information obtained from the communication message. Since the all common keys have a one-to-one relationship with an index, and the same set of common keys and corresponding indices are generated in each user terminal separately, messages can be sent between user terminals without transmission of the actual common key.
If the coordinated event is predetermined based upon the changing of the hour (once an hour), a common key is generated once at hour at a predetermined time, for instance, on the hour. Since all user terminals (for instance, personal computers) have an internal clock, each of the user terminals is able to generate the common keys on the hour.
Suppose a communication is encrypted using common key at user terminal A at 11:59 and a common key having an index of 11:00 is used to encrypt the communication, a common key CS11a, which was generated at 11:00 at the user terminal A. The encrypting means sends out the encrypted communication and the index based upon the hour 11:00. If the time in other user terminals, for instance user terminal B, is already 12:01, the encrypted contents of the communication are received along with the index. The time at the user terminal B is after 12:00 and a new common key has already been generated. Even so, the decrypting means of the user terminal B can determine the common key generated at 11:00 used to encrypt the encrypted contents of the communication because the index for the 11:00 common key was transmitted with the encrypted contents of the communication. The decrypting means retrieves the 11:00 common key from the storing means, thereby decrypting the encrypted contents of the communication.
Since common keys are generated at each of the users terminals at coordinated event such as time intervals, the common keys do not have to be distributed. Also, since common key is updated over time, it is harder for a third party to decipher a common key. By storing the common keys with reference to the coordinated event information, such as event indices or time indices, it ensures that an encrypted contents of a communication are always decrypted with a common key that was used to encrypt the encrypted contents of the communication, even when there is a time difference between the sending and receiving users terminals.
The coordinated events may be predetermined passages of time intervals, change in the date, or may be actions that occur with respect to the electronic conference room. Such actions may be, for example, a change of password for participation in the electronic conference room, a change in the users who converse in the electronic conference room, a request to generate a common key, transmission of a message from one of the users terminals, and/or a request to transfer a file.
The private key generation means is a program to generate private keys. Since the storing means does not store the private keys themselves, it is even more difficult for a third party to decipher the private keys, and also the common keys.
Each user terminal includes a display or monitor. The security program is configured such that the encrypting means can display a command button on the screen. The command button allows a user to choose between encryption-on mode and encryption-off mode. In this way, a user can choose whether to encrypt a communication content or not based on the nature of the communication content or to whom the communication content is sent.
The security program is also configured such that the encrypting means includes in transmitted communications a flag indicating whether the communication content is encrypted. The decryption means only decrypts an encrypted communication if a flag indicating encryption is present in the transmitted communication. The encrypted communication content can be decrypted and displayed automatically.
The decrypting means is also configured to display a sign such as an icon of a key at predetermined locations on the display of the user terminal, such as next to a channel name identifying the electronic conference room and/or at the beginning of the conversation text, to show whether a communication sent by another user terminal was encrypted. In this way, a user can visually tell whether the communication content received was encrypted or not.
Access to the electronic conference room requires a password and the command means receives the password from the communication server. Changes in the password may also be used as a basis for generation of a common key (a coordinated event. By utilizing the password as one of the variables from which a common key is generated, it is even more difficult for a third party to decipher the common key.
A security program is configured such that the generating means accepts a maximum number of common keys stored in the storing means. Once the number of the common keys reaches the maximum number of common keys, the oldest key is deleted such that a new common key can be stored. By limiting the number of common keys stored in the storing means, resources of the user terminal can be better utilized.
In accordance with another aspect of the present invention, a computer-readable recording medium includes a security program is stored thereon. The security program is adapted for use with a communication system which administers communication between a plurality of user terminals over a network. The security program is adapted to execute following steps:
A: storing at least one private key;
B: specifying an identifier corresponding to an electronic conference room on the network, coordinated events, and a private key, and directing a common key to be generated at each of the plurality of user terminals in response to a plurality of the coordinated events;
C: generating separately in each of the user terminals a plurality of common keys based on the identifier and a plurality of private keys, and storing the common keys generated such that each common key is identifiable by an index which corresponds to a predetermined series of coordinated events, one index per common key;
D: processing a communication to be transmitted to the electronic conference room, encrypting the content of the communication using the newest of the common keys, and sending a communication message having: 1) contents of the communication in an encrypted form, and 2) one index corresponding to the common key used to encrypt the contents of the communication; and
E: receiving a communication message from the electronic conference room, extracting an index from the communication message, identifying the common key using the extracted index, decrypting encrypted contents of a communication using the identified common key.
Preferably, the coordinated events are based upon the passage of predetermined periods of time.
Preferably, the coordinated events are based upon actions taken by at least one of the user terminals.
Preferably, the actions include at least one of: a request for a new common key; and a change in the number of user terminals engaged in a conversation in the electronic conference room.