The invention relates to the field of electronic document encryption. More particularly, the invention relates to techniques for the secure delivery of electronic documents to remote recipients.
The development of computerized information sources, such as those provided through the Internet or other on-line sources, has led to a proliferation of electronically available information. The desired or required security for the secure distribution of information and documents across networks has led to a variety of architectures and techniques to protect this information.
Encryption is a basic technique to scramble information or documents to prevent unsolicited access to that information.
FIG. 1 is a block diagram of secret key encryption 10a, wherein a document 12 is encrypted, or scrambled, with a secret key 14, producing an encrypted document 20. The encrypted document 20 can then be transferred to a recipient. Secret key encryption, sometimes referred to as symmetric key cryptography, employs a technique of scrambling information to prevent unsolicited access, using a unique, secret key 14.
FIG. 2 is a block diagram of secret key decryption 10b, wherein the same, unique secret key 14 is required to unscramble 22 the encrypted document 20, to reproduce a copy of the original document 12. Without access to the secret key 14, an encrypted document 20 remains secure from tampering.
One potential issue with secret key encryption 10a and 10b is the challenge of distributing the secret key 14 securely. For example, suppose a sender uses secret key encryption to encrypt a document 12, and then sends a recipient the encrypted document 20. The recipient needs the secret key 14 to decrypt 22 the encrypted document 20. If the secret key 22 is sent over a non-secure channel, then the integrity of the security is compromised. For most applications, telephone or fax provides a secure enough means of delivering secret keys 14, while the encrypted document 20 can be delivered over the internet using Posta(trademark). In some instances, however, senders and recipients require a more robust or convenient means of distributing a secret key 14.
Public key encryption facilitates a more robust, and typically a more convenient means, of delivering information securely. With public key encryption, each recipient owns a pair of keys, called a public key 32 and a private key 40. The key pair""s owner (the recipient) publishes the public key 32, and keeps the private key 40 a secret.
FIG. 3 is a block diagram of public key encryption 30a, wherein a document 12 is encrypted, or scrambled 34, with a public key 32, producing an encrypted document 36. To send information to a recipient, a sender uses the published public key 32 of the intended recipient to encrypt 34 the information, and then the recipient uses their own private key 40 to decrypt the information. Hence, the private key 40 (which is necessary to decrypt the information) is not distributed. FIG. 4 is a block diagram of private key decryption 30b, wherein the private key 40 is required to unscramble 38 the encrypted document 36, to reproduce a copy of the original document 12. Without access to the private key 40, an encrypted document 36 remains secure from tampering.
Public key encryption 30a and 30b typically exploits a mathematical relationship between the public and private keys 32, 40, which allows a public key 32 to be published, without risking the derivation of the private key 40 from the published public key 32.
Public key encryption algorithms are typically complex, and hence may be too time consuming to be of practical use for many users. Secret key encryption 10a, 10b is typically much faster than public key encryption 30a, 30b, but requires the transmission the secret key 14 from the sender to the recipient.
In a digital envelope system, a user encrypts a document 12 with a secret key 14, and then encrypts the secret key 14 with the public key 32 of the intended recipient. The recipient of the encrypted document 20 then uses their private key 40 to decrypt the secret key 14, and then uses the secret key 14 to decrypt the document.
It is often useful to verify if a document has not been altered during transmission, or to verify who sent or received a given document. Hashing algorithms (or message digests) and public key technologies facilitate solutions to document integrity and transport verification.
Digital certificates can also be used to provide enhanced security for encrypted information. Suppose a recipient owns a public/private key pair and wishes to publish the public key 32 so others can use the public key 32, either to encrypt information to be sent to the recipient, or to verify the digital signature of the recipient. A secure technique for the recipient to publish the public key 32 is to register the public key 32 with a trusted authority. The trusted authority can then certify that a particular public key 32 belongs to the recipient. A digital certificate connects a recipient, or other entity, with a particular public key 32.
A digital certificate, as disclosed later, is a record of a public key and an identity, and the association of the two as attested to by a third party by means of a digital signature. The private key is not in the certificate, but only one private key can match a given public key. A public/private key pair is actually a pair of numbers with the following properties:
The private key cannot be derived easily from the public key; and
The public key can be used to cipher data which can only be deciphered by knowing the private key (some public keys algorithms, such as RSA, also have the inverse property, which makes them suitable for use a digital signatures).
A trusted or certificate authority issues and maintains digital certificates.
The disclosed prior art systems and methodologies thus provide some methods for the encryption and secure delivery of documents, but fail to provide a simple digital certificate generation and enrollment system that is implemented and controlled by a sender. The development of such a digital certificate system would constitute a major technological advance.
A sender driven certificate enrollment system and methods of its use are provided, in which a sender controls the generation of a digital certificate, which can be used to encrypt and send a document to a recipient in a secure manner. The sender compares previously stored recipient information to gathered information from the recipient. If the information matches, the sender transfers key generation software to the recipient, which produces the digital certificate, comprising a public and private key pair. The sender can then use the public key to encrypt and send the document to the recipient, wherein the recipient can use the matching private key to decrypt the document. In a preferred embodiment, a server is interposed between the sender and the recipient, to provide increased levels of system security, automation, and integrity.