System and method for secure three-party communications
DCFirst Claim
1. A key handler, comprising:
- an interface to a memory which stores a plurality of encrypted records, each encrypted record having an associated asymmetric encryption key pair and being encrypted with a first component of the associated asymmetric encryption key pair;
at least one automated processor operating in a privileged processing environment, configured to receive a selected encrypted record from the memory through the interface, to negotiate at least one asymmetric session key, and to transcrypt the encrypted message to a transcrypted message in an integral process substantially without intermediate decryption, using a transcryption key derived at least in part from the at least one asymmetric session key; and
a communication port configured to conduct the negotiation for the at least one asymmetric session key and to communicate the transcrypted record.
6 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A system and method for communicating information between a first party and a second party, comprising the steps of receiving, by an intermediary, an identifier of desired information and accounting information for a transaction involving the information from the first party, transmitting an identifier of the first party to the second party, and negotiating, by the intermediary, a comprehension function for obscuring at least a portion of the information communicated between the first party and the second party. The data transmission may be made secure with respect to the intermediary by providing an asymmetric key or direct key exchange for encryption of the communication between the first and second party. The data transmission may be made secure with respect to the second party by maintaining the information in encrypted format at the second party, with the decryption key held only by the intermediary, and transmitting a secure composite of the decryption key and a new encryption key to the second party for transcoding of the data record, and providing the new decryption key to the first party, so that the information transmitted to the first party can be comprehended by it.
883 Citations
20 Claims
-
1. A key handler, comprising:
-
an interface to a memory which stores a plurality of encrypted records, each encrypted record having an associated asymmetric encryption key pair and being encrypted with a first component of the associated asymmetric encryption key pair; at least one automated processor operating in a privileged processing environment, configured to receive a selected encrypted record from the memory through the interface, to negotiate at least one asymmetric session key, and to transcrypt the encrypted message to a transcrypted message in an integral process substantially without intermediate decryption, using a transcryption key derived at least in part from the at least one asymmetric session key; and a communication port configured to conduct the negotiation for the at least one asymmetric session key and to communicate the transcrypted record. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method, comprising:
-
storing a plurality of encrypted records, each encrypted record having an associated asymmetric encryption key pair and being encrypted with a first component of the associated asymmetric encryption key pair, in a database; receiving an encrypted record by an automated key handler operating in a privileged processing environment, through an interface; negotiating, by the automated key handler, at least one asymmetric session key; transcrypting, by the automated key handler, the encrypted message to a transcrypted message in an integral process substantially without intermediate decryption, using a transcryption key; and communicating the transcrypted record. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A method, comprising:
-
storing a plurality of encrypted records, each encrypted record having an associated asymmetric encryption key pair and being encrypted with a first component of the associated asymmetric encryption key pair, in a memory; receiving an encrypted record by an automated key handler operating in a privileged processing environment; generating at least one asymmetric transcryption key pair by the automated key handler; negotiating, by the automated key handler, at least one asymmetric session key pair, with an external system, through a communication port; transcrypting, by the automated key handler, the encrypted message to a transcrypted message in an integral process substantially without intermediate decryption, using a transcryption key having as components at least;
a component of the at least one asymmetric transcryption key pair and a component of the at least one asymmetric session key pair, to result in a transcrypted message which is decryptable with at least a corresponding component of the at least one asymmetric transcryption key pair and a corresponding component of the at least one asymmetric session key pair; andcommunicating the transcrypted record through the communication port. - View Dependent Claims (19, 20)
-
Specification