Search Images Maps Play YouTube News Gmail Drive More »
Sign in
Screen reader users: click this link for accessible mode. Accessible mode has the same essential features but works better with your reader.

Patents

  1. Advanced Patent Search
Publication numberUS20040088539 A1
Publication typeApplication
Application numberUS 10/287,927
Publication dateMay 6, 2004
Filing dateNov 1, 2002
Priority dateNov 1, 2002
Also published asUS8249255, US20060008082, US20130191639, WO2004042537A2, WO2004042537A3
Publication number10287927, 287927, US 2004/0088539 A1, US 2004/088539 A1, US 20040088539 A1, US 20040088539A1, US 2004088539 A1, US 2004088539A1, US-A1-20040088539, US-A1-2004088539, US2004/0088539A1, US2004/088539A1, US20040088539 A1, US20040088539A1, US2004088539 A1, US2004088539A1
InventorsSteven Infante, Aparna Mangari
Original AssigneeInfante Steven D., Aparna Mangari
Export CitationBiBTeX, EndNote, RefMan
External Links: USPTO, USPTO Assignment, Espacenet
System and method for securing digital messages
US 20040088539 A1
Abstract
A system and method for providing an improved way to secure messages being transmitted between communicating devices. Security mechanisms, operating below the session establishment level, provide encryption that becomes stronger over time as devices continue to communicate. After random characters are used to encrypt an initial message, each new message communicated between two devices is encrypted with the most recent message communicated there-between. Moreover, messages to be transmitted are parsed into smaller records having a fixed page length, encrypted and combined with additional encrypted records a predetermined number of times. The disclosed system and method also provide a multi-threading capability, thereby reducing the likelihood of a denial of service of attack.
Images(8)
Previous page
Next page
Claims(25)
What is claimed:
1. A method for securing a message communicated between a first device and a second device, said method comprising:
receiving encoding information from said first device, said encoding information transmitted to said second device in response to a request from said second device to communicate a first message to said first device;
encrypting said first message with said encoding information and storing said encrypted first message in a first memory;
transmitting said encrypted first message to said first device by said second device;
receiving said encrypted first message from said second device by said first device, decrypting said encrypted first message with said encoding information, and storing said encrypted first message in a second memory;
generating a second message by said second device, and encrypting said second message with said encrypted first message stored in said first memory;
transmitting said encrypted second message to said first device by said second device; and
decrypting said encrypted second message by said first device with said first encrypted message stored in said second memory.
2. The method of claim 1, further comprising receiving parameters from said first device directed to encrypting said first message and said second message.
3. The method of claim 2, wherein said parameters include a small page length value, a large page length value and a combined records value.
4. The method of claim 3, further comprising determining a record page length value by said second device based on one of said small page length value and said large page length value after evaluating the size of a message to be transmitted by said second device to said first device.
5. The method of claim 4, further comprising splitting at least part of a message by said second device into at least one record having a size equal to said record page length value, and encrypting said at least one record with at least one of said encoding information and said encrypted first message.
6. The method of claim 5, further comprising padding said at least one record with random bytes when said record is not as large as said record page length value.
7. The method of claim 5, further comprising repeating said step of splitting said message into at least one record and said step of encrypting said at least one record, a number of times equal to said combined records value, and combining said encrypted records by said second device prior to transmitting said combined records to said first device.
8. The method of claim 7, further comprising repeating said steps of splitting a message into records, encrypting said records, combining said records and transmitting said combined records until said message is completely transmitted to said first device.
9. The method of claim 7, further comprising performing a cyclic redundancy check and Base64Coding on said combined records prior to transmitting said combined records to said first device.
10. The method of claim 7, further comprising receiving said combined records by said first device from said second device and decrypting said combined records.
11. The method of claim 10, further comprising repeating said steps of receiving said combined records, decrypting said combined records, and continuing said steps of receiving said combined records and decrypting said combined records until said message from said second device is fully received and decrypted.
12. The method of claim 1, wherein said step of encrypting said first and said second message is performed with binary addition.
13. The method of claim 1, wherein said step of decrypting said first message and said second message is performed with binary subtraction.
14. The method of claim 1, further comprising including a code representing said second device by said second device in said first encrypted message and said second encrypted message.
15. A method for securing a message, said method comprising:
generating a first message;
receiving encoding information, said encoding information transmitted in response to a request to communicate said first message;
encrypting said first message with said encoding information and storing said encrypted first message in a first memory;
transmitting said encrypted first message;
generating a second message, and encrypting said second message with said encrypted first message stored in said first memory; and
transmitting said encrypted second.
16. A system for securing a message, said system comprising:
a first device, said first device receiving encoding information from a second device, said encoding information transmitted to said first device in response to a request from said first device to communicate a first message to said second device;
an encryption module, said encryption module encrypting said first message with said encoding information;
a storage module, said storage module storing said encrypted first message in a first memory;
a transmission module, said transmission module transmitting said encrypted first message from said first device to said second device;
a reception module, said reception module receiving said encrypted first message by said second device from said first device;
a decryption module, said decryption module decrypting said encrypted first message with said encoding information,
said storage module storing said encrypted first message in a second memory;
said first device generating a second message, said encryption module encrypting said second message with said encrypted first message stored in said first memory;
said transmission module transmitting said encrypted second message to said second device; and
said decryption module decrypting said encrypted second message by said second device with said first encrypted message stored in said second memory.
17. The system of claim 16, wherein said second device further transmits parameters directed to encrypting said first message and said second message.
18. The system of claim 17, wherein said parameters include a small page length value, a large page length value and a combined records value.
19. The system of claim 17, said first device further comprising a facility that determines a record page length value based on one of said small page length value and said large page length value after evaluating the size of a message to be transmitted by said transmission module.
20. The system of claim 19, further comprising a parsing module, said parsing module splitting at least part of a message into a record having a size equal to said record page length value.
21. The system of claim 20, wherein said encryption module encrypts said record with at least one of said encoding information and said encrypted first message.
22. The system of claim 20, wherein said parsing module splits said message into at least two records.
23. The system of claim 22, further comprising a combining module, said combining module combines said encrypted records.
24. The system of claim 22, wherein said parsing module, said encryption module, said combining module and said transmission module repeat said steps of splitting a message into records, encrypting said records, combining said records and transmitting said combined records until said message is completely transmitted to said first device.
25. The system of claim 24, wherein said parsing module, said decryption module, said combining module and said transmission module repeat said steps of receiving said combined records, decrypting said combined records, until said message from said second device is fully received and decrypted.
Description
    FIELD OF THE INVENTION
  • [0001]
    The present invention relates to network data communications, and more particularly ensuring that an intercepted message by an unauthorized party is unintelligible to that party.
  • BACKGROUND OF THE INVENTION
  • [0002]
    The proliferation of users and services on global computer networks such as the Internet raises security concerns for both users and service providers. Users want the data they submit to providers and the data they receive from providers to be free from unauthorized interception and use. Similarly, service providers want their hosts and systems secured from unauthorized access and intrusion by “hackers.” Service providers, especially those involved with financial services, view their computing hardware and software as critical assets. These service providers rely on the trust of their customers who assume that no one will be able to access customer records or otherwise negatively impact the service.
  • [0003]
    Prior on-line services used dedicated dial-up facilities, and customized security software on the user's terminal and the host system to prevent unauthorized access. In practice, users were forced to access the service provider's system by dialing a special telephone number. Transmitted data was secured by encryption, and incoming dial-up calls were only accepted from authorized users. Security software was also implemented on the provider's host system. This became very inefficient and cumbersome as users began to subscribe to multiple on-line services.
  • [0004]
    Global computer networks such as the Internet allow users to access many different hosts and services from their computers via a single access connection. While this has enhanced users' abilities to access information and conduct business, global networking has complicated service providers' security mechanisms.
  • [0005]
    Security methods have been developed over time which enable the use of special security software on both a user's terminal and a host's system. For example, the Secure Sockets Layer (SSL) handshake protocol is used for client and host authentication. SSL employs encryption algorithms (“cyphers”), for example, RC4, RSA and digital signature, to encrypt messages with one or more additional bytes that are passed between communicating devices. SSL is application independent, negotiates encryption keys and authenticates the communicating devices prior to allowing communications. Thus, it facilitates secure data transmission between a user and a host, and provides a reasonable assurance that messages transmitted to and from intended devices are free from unauthorized interception.
  • [0006]
    While prior art encryption methods assure secure communication sessions, the level of security associated therewith remains within a single state. The methods are static in that the keys that are used to encrypt and decrypt the messages remain the same during a single communication session. Moreover, modulus encryption techniques can be slow, and coupled with the generation and passing of keys between respective devices, significant performance degradation can occur, especially when multiplied many times over for a plurality of users.
  • [0007]
    A key goal of encryption algorithms in general is the preservation of confidentiality of messages being transmitted between parties. After completing an SSL handshake, a user terminal and a host system use the session keys passed between them to encrypt and decrypt data that are being transmitted.
  • [0008]
    Prior art ciphers are designed to protect against a security attack known as a “man in the middle” attack. Such an attack comprises an unauthorized party eavesdropping on a communication, for example, by intercepting messages passed between a sender device 12 and a receiver device 14 (FIG. 1). The unauthorized party intercepts and accesses the messages transmitted between the sender device 12 and receiver device 14, and is, thereafter, able to engage in unauthorized activity, for example, accessing the devices, and using the information in the communications for unauthorized purposes. Moreover, an unauthorized party intercepting communications between a sender device 12 and receiver device 14 can substitute keys that are sent back and forth between the respective devices and fool the devices into believing they are communicating with each. Although prior art authentication measures minimize the likelihood of a man in the middle attack, the security of the messages is not guaranteed.
  • [0009]
    It is, therefore, desirable to provide an efficient system for securing a communication session such that an intercepted message from an unauthorized party cannot be deciphered.
  • SUMMARY OF THE INVENTION
  • [0010]
    The present invention provides an improved way to secure messages being transmitted between communicating devices.
  • [0011]
    At the outset of a communication session, a first device receives encoding information from a second device. The encoding information is used to encrypt a message sent from the second device to the first device, and, once encrypted, the encrypted message is stored in a first memory. Thereafter, the encrypted message is transmitted to the first device.
  • [0012]
    After the encrypted message is received by the first device, the first device decrypts the message using the encoding information initially transmitted to the second device. The first device also stores the encrypted message in a second memory.
  • [0013]
    Thereafter, a second message is generated by the second device, and the second message is also encrypted prior to being transmitted. The second device uses the first encrypted message that is stored in the first memory to encrypt the second message. The second encrypted message is transmitted to the first device, and the first device references the second memory, retrieves the stored encrypted first message, and uses it to decrypt the second encrypted message.
  • [0014]
    Each subsequent communication between the respective first and second devices builds on prior communicated messages for encryption of the messages.
  • [0015]
    Other features and advantages of the present invention will become apparent from the following description of the invention which refers to the accompanying drawings.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • [0016]
    For the purpose of illustrating the invention, there is shown in the drawings a form which is presently preferred, it being understood, however, that the invention is not limited to the precise arrangement shown, in which:
  • [0017]
    [0017]FIG. 1 is a diagram of a prior art security hardware arrangement;
  • [0018]
    [0018]FIG. 2 is a diagram of the security hardware arrangement of the present invention;
  • [0019]
    [0019]FIG. 3 is a high level flowchart showing the relationship of the modules of the present invention;
  • [0020]
    FIGS. 4A-4C are detailed flowcharts depicting an example send process of the present invention; and
  • [0021]
    [0021]FIG. 5 is a detailed flowchart of an example receive process of the present invention.
  • DETAILED DESCRIPTION OF THE INVENTION
  • [0022]
    The present invention provides a system and method which allows devices to secure messages transmitted between each other across a communication network. In accordance with the present invention, security mechanisms are employed which operate “below” the session establishment level in a manner which is transparent to the user. The security system of the present invention is protocol independent, and operates on devices employing virtually any communication protocol, including, for example, TCP/IP, UDP, and IPX/SPX.
  • [0023]
    The present invention presents an improvement over prior art security mechanisms, including ciphers typically implemented by SSL, including digital signature, RSA and RC4. Such traditional techniques, known as modulus encryption methods, require a hash to be generated in which each communication session has a single key generated therefor, and after the session terminates, the key is lost. Moreover, even with the use of public and private key encryption methods, transmission of messages between devices is not guaranteed to be secure. For example, by performing a brute force attack, perhaps via concurrent operating devices, keys can be deciphered and the contents of a message thereafter deciphered. In accordance with the present invention, even a brute force attack performed on an intercepted message would not reveal the contents therein, due to the nature of the encryption method employed.
  • [0024]
    In accordance with the present invention, communication sessions between respective devices are stored in a memory, for example, a data cache directed to each respective device, for reference in future communication sessions. The encryption system of the present invention is much stronger than prior art methods because the encrypted messages become increasingly secure as respective devices continue to communicate over time. Since message content changes over time and becomes integrally part of the encryption process, the ability to decrypt messages by unauthorized devices becomes increasingly difficult.
  • [0025]
    Referring to the drawings figures in which like reference designators refer to like elements, there is shown in FIG. 1 an example of a typical prior art security hardware arrangement. In the example shown, a sender device 12 communicates with a receiver device 14 over communication network 16. Communication network 16 can be a local area network (LAN), a wide area network (WAN), or a global communication network such as the Internet. To exemplify prior art security mechanisms, a firewall is interposed between the sender system 12 and the communication network 16. Moreover, a proxy server is interposed between receiver system 14 and communication network 16.
  • [0026]
    Sender device 12 and receiver device 14 are typical devices suitable for performing the functions required of host and client systems, respectively. For example, each receiver system 14 can be a personal computer, a hand-held computer device capable of accessing a communication network, or a cellular telephone. Each sender device 12 can range in size and capability from a cellular telephone to a mainframe computer, and is sized according to the service provider's particular requirements. The computing hardware platforms for the sender device 12 and receiver device 14 need not contain any special operating system enhancements in order to function in their respective capacities. However, sender device 12 and receiver device 14 do contain special software which enables these devices to function as integral parts of the present invention. These control programs running on the respective devices can be written in any language suitable for programming, for example, C++ or Java. Moreover, in a preferred embodiment of the present invention, messages are formatted in the extensible mark-up language (“XML”) and transmitted to and from the respective devices.
  • [0027]
    [0027]FIG. 2 shows an example hardware and software arrangement in accordance with the present invention. Most notably, security module system 10 is coupled to the respective sender devices 12 and receiver devices 14, and operates to secure the messages transmitted and received by the respective devices. Although not shown in FIG. 2, prior art hardware devices, including firewalls and proxy servers, remain fully functional, notwithstanding the employment of security system 10 on each communicating device.
  • [0028]
    As the use of the Transmission Control Protocol/Internet Protocol (“TCP/IP”) has proliferated throughout the world as the most accepted digital communications protocol, interference with messages passed between sending and receiving devices remains a serious problem. Interference, for example, eavesdropping (unauthorized monitoring of communications) and tampering (changing or replacing information in messages), has led to the development of encryption methods, including, for example, digital signature and RC4. As noted above, SSL takes advantage of public-key cryptography to enable encryption and decryption of messages, reduce tampering, authenticate users, and confirm that messages are delivered successfully.
  • [0029]
    The present invention, using the processes described herein, greatly reduces the likelihood that a man in the middle attack will successfully result in the intercepting party being able to decode the message and retrieve the information transmitted therein.
  • [0030]
    A description of the processes and functions associated with securing messages in accordance with the present invention will now take place.
  • [0031]
    In a preferred embodiment, large messages that are transmitted from the receiver device 14 to the sender device 12 are split into smaller, fixed page length records, and the records are combined a predetermined number of times before being transmitted. For example, a message of 1,000 bytes is parsed into ten 100 byte records, and the first five of the 100 byte records are combined and transmitted to the sender device 12, and then the second five 100 byte records are combined and transmitted. Each record is preferably encrypted according to the processes described below, prior to being combined and transmitted. Small messages are padded with random bytes, if necessary, to reach the predefined, fixed page length.
  • [0032]
    After a request for a communication session is received by a sender device 12, the sender device 12 responds with a message that includes parameters for securing messages via the present invention. Parameters are transmitted to the receiver device 14 that include a minimum and maximum page length for all messages transmitted between the devices.
  • [0033]
    For example, the sender device 12 defines a minimum page length of 64 bytes and a maximum page length of 1,024 bytes, and are applied for the above-described records. After receiving these parameters, the receiver device 14 evaluates the length of each message that is to be sent to the sender device 12 and determines an appropriate page length therefor. Continuing with the present example, a message that is 24 bytes in length would have the minimum page length setting applied thereto. In such case, the message is padded with forty bytes of random information to conform to the appropriate minimum page length setting. Alternatively, a message comprising 2,000 bytes would have the maximum page length value applied thereto, and the message would be parsed into two records: one records would comprise the first 1,024 bytes of the message, and the second record would comprise the last 976 bytes of the message, plus forty-eight bytes appended thereto of random information to comply with the maximum page length requirement.
  • [0034]
    The employment of minimum and maximum page length settings ensures efficient transmissions between the communicating devices. If only a single message page length is employed, for example, of 1024 bytes, then, for example, a message of 24 bytes would have to be padded to reach a length of 1,024 bytes and would result in an inefficient use of resources. Similarly, if a single message page length of 64 bytes is used for message transmissions, then a message comprising 1,000 bytes would have to be parsed sixteen times into smaller message files in order to conform to a fixed 64 byte message length and would also be very inefficient. Therefore, the fixed page length employed for messages sent between the sender device 12 and receiver device 14 is dependent upon the size of the message to be transmitted.
  • [0035]
    As noted above, the security of messages encrypted via the present invention increases as the sender device 12 and receiver device 14 communicate over time. This is achieved by storing the contents of messages passed between the sender device 12 and receiver device 14, for example, in a data cache, and thereafter, combining future messages with the cached messages. More particularly, the security system of the present invention applies binary addition to the message to be transmitted with the cached messages. The page length of the cached messages is fixed to a preset size, such that the length of the cached messages never extends past the fixed size. In this way, when a new message is combined using binary addition to the existing cached messages, the message becomes encrypted and extremely difficult to decipher, in part because the page length of the message is not variable.
  • [0036]
    To illustrate by way of example, a previous message stored in a data cache and represented in decimal format is equal to 99999. The fixed page length of the cached message is five bytes. A new message to be added thereto, also represented in decimal format, is equal to 1. A variable length message file, after the two messages are added, would equal 100000. However, since the message page length in the data cache is fixed to five bytes, the resulting sum is 00000 and would, therefore, be unintelligible by a party that unscrupulously captures the message in a man in the middle attack, as described above.
  • [0037]
    In addition to maximum and minimum page length settings, the sender device 12 also defines a parameter for the number of records to be combined prior to transmitting to the sender device 12. After messages are parsed into records having an appropriate fixed length, in the above example, 64 or 1024 bytes, the records are then combined with messages stored in the data cache, as described above. However, the receiver device 14 does not yet transmit the records to the sender device 12. The receiver device 14 references the parameter defining the number of records to combine and, depending upon whether the end of the message has been reached, repeats the above-described process of parsing the message into records in accordance with the message length parameters, and encrypting the records by combining them with the stored data cache. The receiver device 14, thereafter, repeats the process again until the number of records to be combined equals the number of records to combine parameter as defined by the sender device 12. Once the number of records encrypted with the cache equals the number of records to combine parameter, the records are added together, preferably via binary arithmetic, and then transmitted.
  • [0038]
    For example, if the parameter defining the number of records to be combined prior to transmission is equal to ten, then the process repeats ten times, or until the end of the message has been reached. In this way, the security system of the present invention is very efficient. For example, a message consisting of 100,000 bytes and parsed into 5,000 byte records is not transmitted in twenty page segments. Instead, the 5,000 byte records are combined, according to the predefined parameter, and transmitted just a few times.
  • [0039]
    It is important to note that the sender device 12 also transmits a code that identifies itself to the receiver device 14. This code is used by the receiver device 14 to ensure that the sender device 12 is the source of the transmission, and not an unscrupulous hacker. When the receiver device 14 transmits encrypted messages to the sender device 12, it, too, appends an identifying code. Thus, the origin of the transmissions is confirmed by the respective devices.
  • [0040]
    Moreover, to ensure that messages transmitted can be interpreted by disparate devices, for example, devices that read either ASCII or EBCDIC, the receiver device 14 performs a conversion according to the BASE64CODE standard. To ensure that messages are transmitted without errors that typically arise over communication networks, the receiver device 14 also performs a cyclic redundancy check (“CRC”) on the message. When the message is received by the sender device 12, the sender device 12 similarly performs a CRC to ensure successful transmission and performs a BASE64DECODE for compatibility. When a sender device 12 confirms that the message contains no transmission errors, it transmits an acknowledgement (“ACK”) to the receiver device 14, thereby indicating that the next message, if any, can be transmitted. In the event of an error occurring during transmission, the sender device 12 transmits a negative acknowledgement (“NACK”) to the receiver device 14, and the message is retransmitted.
  • [0041]
    In a preferred embodiment of the present invention, each message to be transmitted using the security functionality of the present invention is translated in hexadecimal format before being parsed into fixed-length records. This is done, in part, because occasionally a null character string is interpreted as a terminating character and indicating an end of a message. For example, the C programming language interprets a null character as an end of message directive. By translating messages into a hexadecimal format, an inadvertent null character string can be avoided.
  • [0042]
    Thus, the security system of the present invention provides enhanced security and greater efficiency than prior art methods. An unscrupulous hacker who intercepts a message but does not have access to all of the number of records to be combined, the predefined page length and the contents of the data cache is unable to decrypt the message. Moreover, the system operates approximately 500 to 1,000 times faster than traditional prior art encryption methods, including SSL. This is due, in large part, to the extremely fast binary arithmetic operations performed for encrypting the data, coupled with the absence of security keys that, in prior art methods, are generated and passed between the respective devices.
  • [0043]
    In one embodiment of the present invention, an Internet web site, acting as a sender device 12 and employing the security modules of the present invention, transmits an arbitrary message to any receiver device 14 that accesses the web site and that is requesting a communication session. For example, a Joint Photographic Expert Group (“JPEG”) image file of the Statue of Liberty is transmitted to the receiver device 14 and is used to form the basis for encryption of messages sent between the respective devices. The arbitrary message, in this example, the image file, becomes the primary reference that is used by the two communicating devices to encrypt and decrypt messages transmitted there-between. The image file is also used to pad any message fragments required to comply with the fixed page length requirements defined by the sender device 12.
  • [0044]
    The processes and functions associated with receiving messages in accordance with the present invention are now described as follows.
  • [0045]
    In accordance with the present invention, messages encrypted according to the foregoing rules are received by the sender device 12. Both the sender device 12 and the receiver device 14 use the stored cache data to encrypt and decrypt messages sent there-between. Therefore, after the sender device 12 receives a message encrypted via the security system of the present invention, the sender device 12 references a stored data cache that is identical to the data cache used by receiver device 14 to encrypt the existing message. The sender device 12 performs binary subtraction on the received encrypted message using the contents of the stored data cache to decrypt the message. If necessary, the sender device 12 removes any additional bytes that may have been added to the message by the sender device 14 to pad the message in order to comply with the fixed page length requirement, as defined by the sender device 12. In this way, the sender device 12, knowing the fixed page length of the message and the contents of the data cache, can decipher the received message. Moreover, the sender device 12 that receives the encrypted message refers to an originating code therein to ensure that the message was delivered from the intended receiver device 14.
  • [0046]
    It is important to note that the sender device 12 and receiver device 14 may have communication sessions with thousands of different devices. In accordance with the present invention, a separate data cache is referenced by the sender device 12 and/or the receiver device 14 for the respective communicating device. When an encrypted message is received from a receiver device 14, the sender device 12 references the stored data cache for the respective receiver device 14 in order to decrypt the message such that the sender device 12 will be able to decipher the message. Moreover, when a message is being encrypted by a receiver device 14, the receiver device 14 references the appropriate stored data cache for the respective sender device 12 in order to encrypt the message for the sender device 12.
  • [0047]
    The multi-threading capabilities of the present invention operate as follows.
  • [0048]
    The security system of the present invention enables the use of a single IP address and communication port (referred to herein as a “socket”) connection between sender and receiver devices, and all messages sent between the respective devices are transmitted thereon. This represents a significant improvement over prior art security systems that require different sockets to be opened and closed for each message being transmitted. For example, when a user establishes a connection with a web page that comprises multiple objects (e.g., images, sounds, exterior page text, or the like) using web browser software, a communication and data session is established between the server and the browser software. Through this session, multiple sockets are opened in order to retrieve the multiple objects. If the user is connected to a secure web site, the security is maintained in all of the socket connections during the communication and data session until the session between the browser and the web server ends, for example by the web browser or server terminating the session, inactivity resulting in a “time out,” or until the user establishes a connection to an otherwise unsecured web site. In such case where the browser attempts to connect to an unsecured web site during an active and secured session, a message is preferably displayed indicating that secure and non-secure items are being downloaded simultaneously.
  • [0049]
    In accordance with the present invention, all encrypted messages are transmitted between a sender device 12 and receiver device 14 over a single communication socket. This is accomplished by the security modules employed on the respective devices. Specifically, each message that is transmitted between the devices during a single communication session is encrypted, including, for example, by appending data thereto from cached pages, as described herein. A single socket is opened on the sender device 12, for example, a HTTP server, and is used for transmitting all content between the devices during the single communication session. The sockets required for any additional objects (e.g., images, sound files, and the like) are also opened by the sender device 12, but all messages, including the additional objects, that are transmitted between the sender device 12 and receiver device 14 are delivered over the single socket connection, and managed by the security system of the present invention.
  • [0050]
    In addition to a single communication session between a single sender device 12 and a single receiver device 14, the present invention supports multi-threading of concurrent communication sessions. The multi-threading capability of the present invention supports a plurality of concurrent secure communication sessions simultaneously. A receiver device 14 establishes a communication session with sender device 12 over a single processing thread. As additional receiver devices 14 establish communication sessions with sender device 12, new processing threads are spawned to support each communication session. Methods of multi-threading multiple communication sessions between a plurality of systems are well known by those skilled in the art.
  • [0051]
    In addition to the multi-threading capabilities of the present invention, the present invention preferably supports multi-document transmissions using single communication thread between one sender device 12 and one receiver device 14. The multi-document capability of the present invention enables the respective communicating devices to send different documents simultaneously within a single message.
  • [0052]
    For example, sending device 12 transmits three separate documents, Document 1, Document 2 and Document 3 to receiving device 14. Document 1 is 1,024 bytes long and is transmitted in sixteen records, each comprising 64 bytes, Document 2 is also 1,024 bytes long and is also transmitted in sixteen records of 64 bytes, and Document 3 is 2,048 bytes and is transmitted in thirty-two records, where each record is 64 bytes long. In accordance with the present invention, and as described herein, each document (1, 2 and 3) are parsed into records comprising 64 bytes in length. However, instead of transmitting all sixteen records comprising Document 1, then all sixteen records comprising Document 2 and thirty-two records comprising Document 3 sequentially, each 64 record includes portions of Document 1, Document 2 and Document 3. Further to this example, ten 64 byte records are preferably transmitted between the respective devices at a time, and the first three records include a portion of Document 1, the second three records include a portion of Document 2, and the last four records include a portion of Document 3. Preferably, identifying information is included in the transmission that informs the receiver device 14 that associates each record with a corresponding document number. After the receiver device 14 acknowledges a successful reception, receiver device 14 combines the received records into a cache and sender device 12 proceeds to transmit the next three records, including a portion of Document 1, the next three records, including a portion of Document 2, and the next four records, including a portion of comprising Document 3 to receiver device 14. This process continues until Document 1 and Document 2 have been fully transmitted. Since, in this example, Document 3 is twice as large as Documents 1 and 2, the remainder of Document 3 is transmitted as in a single document transmission, described above.
  • [0053]
    In addition to multi-threading and multi-document capabilities described above, the present invention further affords a bi-directional capability for secure transmissions between the sender device 12 and receiver device 14. In short, the bi-directional capabilities includes a way for the sender device 12 to transmit information to receiver device 14 and for receiver device 14 to send information to sender device 12 securely and simultaneously.
  • [0054]
    For example, sender device 12 initiates a communication with receiver device 14 to transmit a document that is 2,048 bytes in length. Moreover, receiver device 14 desires to transmit to sender device 12 a document that is 1,024 bytes in length. The present invention affords a simultaneous transmission of the two documents between the two respective devices. Further to this example, as sender device 12 transmits the first portion of its document to receiver device 14, the receiver device 14 acknowledges reception of the first portion of the documents sent by sender device 12 and further that it has a document of its own to transmit. In response, sender device 12 directs the receiver device 14 to use a portion of the records being transmitted between the two devices. In this example, for a transmission comprising ten records, sending device 12 populates records 1, 4, 6, 7, 8 and 10 with the document that the sending device 12 is transmitting, and receiver device 14 populates records 2, 3, 5 and 9 with a portion of the document that receiver device 14 is transmitting. This process continues until at least one of the documents is completely transmitted. If any remaining portion of a document to be transmitted remains, then the respective device transmits the remainder of its document as in a single document transmission, described above.
  • [0055]
    An example of the secure communication process implementing the security modules is now described with reference to the high-level flow chart depicted in FIG. 3.
  • [0056]
    Referring now to the send message process, initially a message is sent from requesting device (i.e., receiver device 14) and received by a sender device 12 (step S110). In step S112, the security system 10 determines whether previous communications between the sender device 12 and receiver device 14 have ever occurred. If no prior communications have occurred between the respective devices, then, in step S114, the security system 10 initializes a communication process. The sender device 12 determines whether the receiver system 14 employs the security system 10 of the present invention, and, therefore, whether the receiver device 14 is able to support the secure communication processes described herein. In the event that the receiver system 14 does not employ the security system 10, then the process branches to step S122 and the sender device 12 passes the message to the sender device 12 without any encryption algorithms employed on the message.
  • [0057]
    In the event that the receiver system does employ the security system of the present invention, a secure communication process is initiated and the encryption algorithms of the present invention are used (step S118). The process branches to step S120, and a secure message send loop process is initialized and implemented for the message. Messages sent between the receiver device 14 and the sender device 12 are secured in accordance with the present invention (step S122).
  • [0058]
    Referring now to the receive message process of the present invention (FIG. 3), a message is received by the receiver device 14 from the sender device 12 (step S111). Similar to the send message process, the receiver device 14 checks whether prior communications have occurred between the respective devices (step S124). In the event that the received message represents the first communication between the two devices, since this is a receive message process, the message is automatically read (step S126). In the event that the message does not represent the first communication between the two, then the receiver device 14 proceeds to decrypt the message (step S128) in accordance with the processes described herein.
  • [0059]
    By way of example, FIGS. 4A-4C show a flow chart identifying in greater detail the preferred steps of the send message process of the present invention. In the flow chart shown in FIGS. 4A-4C, a receiver device 14 is transmitting a message to the sender device 12.
  • [0060]
    In step S200 (FIG. 4A), the receiver device 14 generates a message, denoted as “M,” for transmission to the sender device 12. In step S202, the receiver device 14 determines whether an active communication session exists between the respective communicating devices. If no session exists, then the process branches to step S204 wherein the receiver device 14 transmits information to initiate a communication session with the sender device 12 and, in step S206, waits for an ACK and a system identification code to be received from the sender device 12. In step S208, the receiver device 14 determines whether previous communications have occurred between the respective devices, and if not, then, in step S210, the contents of the preliminary communication are stored in a data cache. If previous communications have occurred between the respective devices, then the receiver device 14 references a stored data cache for the current communication (not shown).
  • [0061]
    If, in step S202, the receiver device 14 determines that an open communication session exists with the sender device 12, then the process branches to step S212. Similarly, after the receiver device 14 stores the contents of the preliminary communication in the data cache (step S210), the process branches to step S212. Also, if the receiver device 14 determines, in step S208, that previous communications have occurred between the respective devices, then the process branches to step S212.
  • [0062]
    In step S212, the receiver device 14 initializes three variables, in which one variable, MessNo (representing an index of the combined records being sent), is set to 0, another variable, MessEnd (representing the end of the message), is set to false, and a third variable, TempPageSpac (an index used for combining records prior to transmission), is set to 0.
  • [0063]
    From step S212, the process branches to step S214, wherein a determination is made regarding the length of the message M. As noted above, messages transmitted according the present invention parsed into records having an assigned fixed page length (denoted in the example in FIG. 4A as “PS”) based on parameters including a minimum page size and a maximum page size defined by the sender device 12. In the example shown in FIG. 4A, the maximum page length is defined at 1028, and the minimum page length is defined at 64. Also in FIG. 4A, the receiver device 14 determines, in step S214, whether to use the maximum or minimum page length by referencing the length of message M. In the example shown in FIG. 4A, in the event the length of the message M is greater than 1028 bytes, then the system branches to step S216 where the variable PS is assigned a value of 1028. In the event the page length of message M is less than 1028, then the system branches to step S218 and defines PS to equal 64. Thereafter, the process branches to step S220 wherein the last summation stored in the data cache, preferably an XML repository, is retrieved and stored in a variable, denoted herein as “LS”.
  • [0064]
    As noted above, the present invention preferably parses a message into records having a fixed page length, and after encrypting each record, the receiver device 14 transmits a predefined number of combined records to the sender device 12. From step S220, the process branches to step S222 (FIG. 4B) and a variable, messcount (representing the number of messages to be transmitted), is assigned a value of 0.
  • [0065]
    Thereafter, the process branches to step S224, and a looping mechanism is invoked. Within the loop, the process branches to step S226, and a determination is made whether the length of message M is greater than the value of the variable, PS. In the event that the length of message M is greater than the predefined page length, PS, then the process branches to step S228 and prepares a record to be transmitted to the sender device 12. The record is created from the original message by extracting the number of bytes (PS) from the message M, denoted in FIG. 4B as R=M−(length[M]−PS). Thereafter, the message, M, is modified by removing the bytes comprising the record, denoted in FIG. 4B as M=M−R. After the system 10 has generated a record to be sent to the sender device 12, the process branches to step S230 and the record is stored in a message queue to be combined with other records prior to transmission.
  • [0066]
    In the event that the length of message M is not greater than the defined page length, PS, a determination is made in step S232 whether the length of message M is less than the value of PS If the length of message M is less than the value of PS, then the process branches to step S234 wherein the message M is concatenated with random characters, for example a JPEG image of the Statue of Liberty, in order to reach the fixed page length (PS). From there, the process branches to step S236, the message is marked as being complete (MessEnd-True), and the temporary message queue is emptied of the message.
  • [0067]
    Thereafter, the process branches to step S238, the record is encrypted and prepared for transmission. Specifically, the record is encrypted by adding the last summation, LS, to the record, preferably by using the binary addition process described above, and BASE64CODE and CRC coding, also described above, are performed on the record R for compatibility with disparate devices, and, further, to ensure successful transmission.
  • [0068]
    From step S238, the process branches to step S240 (FIG. 4C) where the variables, MessNo and TempPageSpac, initialized in step S204 (FIG. 4A), are incremented by a value of one. Thereafter, the process branches to step S242 wherein a plurality of information is transmitted. For example, as shown in step S242, the variables MessNo, MessEnd, system ID of the sender device 12 and receiver device 14, and the record are transmitted. The process branches to step S244 wherein the process loops back (S224) to continue transmissions, provided there are additional records and/or messages to be transmitted. In step S246, a determination is made whether the variable, messcount (a temporary variable representing the number of messages), to be sent is equal to 0. If the variable messcount is equal to 0, then the process branches to step S248 where a determination is made whether the value represented by the variable, MessNo is less than a value represented by the variable, tempbuksize (a temporary variable representing the number of records to transmit at a time). If not, then the process branches to step S250 and a transmission of the records occurs. If the system 10 determines in step S248 that the value of the variable MessNo, is less than the value of the variable, tempbuksize, then the process branches to step S252 and the data cache, LS, is updated with the combined records.
  • [0069]
    From step S252, the process branches to step S254 directed to bidirectional transmissions. If, in step S254, a determination is made that the transmission is bi-directional and includes documents being transmitted from both the sending device 12 and receiving device 14, a variable, DIRFLAG, is assigned a value to indicate the bi-directional transmission. Alternatively, if the transmission includes one-way communications (e.g., from sender device 12 to receiver device 14), then the variable, DIRFLAG, is assigned a value of receiving only
  • [0070]
    If, in step S246, the sender device 14 determines that the value of the messcount variable is not equal to 0, then, in step S256, a determination is made whether the value of the variable messno is less than the value of the variable tempbuksize. If so, the process, in step S258, repeats. Alternatively, if the value of the variable messno is not less than the value of the tempbuksize, then the process branches to step step S262 wherein each record being transmitted to sender device 12 is combined in the data cache, LS and stored therein. Thereafter, the process branches to step S264 and an ACK is awaited to ensure successful transmission. When received, the process branches to step S266 and the system loops back to step S262 for the next message.
  • [0071]
    This set of instructions (modifying the last summation, clearing the temporary storage of messages to be transmitted (Bukstorage) and updating the XML repository with the last summation) is repeated for each set of records to be transmitted to the sender device 12. When the process determines that the end of the message has been reached, MessEnd equals true, and the entire message has been transmitted securely using the methods described herein.
  • [0072]
    [0072]FIG. 5 shows in greater detail the processes associated with the receiver device 14 in accordance with the present invention.
  • [0073]
    In step S300 (FIG. 5), the sender device 12 receives a message from the receiver device 14, preferably formatted as an XML message, and including a plurality of parameters, including the combined records (MessNo), the message end value (MessEnd), the sender device 12 (UID(A)), the receiver device 14 (UID(B)) and the record (R). The sender device 12 receives enough information from the receiver device 14 to decrypt the message.
  • [0074]
    From step S300, the process branches to step S302 wherein a determination is made whether the sender device 12 encountered an error while receiving the data. In the event that no error was encountered, then, in step S304, the receiver device 14 transmits an ACK. After the ACK is received, if additional messages are remaining to be transmitted, then the process continues and additional messages are transmitted. Alternatively, if the receiver device receives a NACK, then the particular message that was previously transmitted is retransmitted. In the event that NO ACK is received during transmission, then the process branches to step S306 wherein a determination is made whether the message being decrypted is the first of a group of messages. In the event that the sender device 12 has received an initial message, then the process branches to step S308 wherein the sender device 12 sends an ACK to the receiver device 14, and a determination is made in step S310 whether previous communications exist with the receiver device 14.
  • [0075]
    In the event that this is the initial message, then the process branches to step wherein an ACK is transmitted and a determination is made whether this is an initial communication between the respective devices. If this is a initial communication, then the message is saved in a data cache (a summation database) in step S312. If this is not an initial communication with the respective sending device 12, then the initial records of the message are transmitted.
  • [0076]
    If, in step S306, the receiver device 14 determines this is not the initial message passed between the respective devices, then the process branches to step S314 and the record, R, is saved in a temporary storage area (Bukstorage) along with the identifier of the message being transmitted (MessID). Thereafter, the variable MessNo is set to a value The variable MESSNO is directed to the number of messages that are being transmitted between the respective devices. Moreover, a directory flag (Dirfl) is assigned a value as to whether this is a bidirectional communication or solely a unidirectional one in which the receiver device 14 is only receiving messages.
  • [0077]
    From step S314, the process branches to step S316 where the appropriate last summation (LS), for the respective sender device 12 is retrieved from the data cache and the record that is received during the transmission is decoded, preferably by applying binary arithmetic as described above.
  • [0078]
    From step S316, the process branches to step S318 wherein a determination is made whether TempPageSpac is equal to PageSpac. As noted above, TempPageSpac represents an index used for combining records prior to transmission, and PageSpac represents the records comprising the remainder of the message that have yet to be transmitted. If so, then the process branches to step S320 wherein an ACK is transmitted to the receiver device 14. The process branches from step S320 to step S322 wherein the data cache is updated with the most recent records. Alternatively, if in step S318 the receiver device 14 determines that the TempPageSpac does not equal the PageSpac, then, in step S324, the receiver device 14 waits In the preferred embodiment of the present invention, the receiver device waits via a looping mechanism for additional records to be transmitted thereto. Once the complete message has been transmitted, for example, by combining fixed length records, then an ACK is transmitted and the receiver device compresses the records into one summation, and stores the compressed records in a memory, for example, a data cache, and waits for the next transmission.
  • [0079]
    Thus, using the received loop process described above, the sender device 12 receives secure messages from the receiver device 14, and further maintains a current data cache identifying all the communications between the respective parties. Moreover, the sender device 12 and receiver device 14 maintain concurrent representations of the last summations, and thereby encode and decode messages between the two devices such that the security mechanisms employed increase with effectiveness over time.
  • [0080]
    It is important to note that the present invention does not inhibit or restrict other security mechanisms or load balancing mechanisms that may be in place over communication networks. Provided the security module system 10 is installed on the respective sending and receiving devices, the encoding and decoding mechanisms described above can be employed without effecting the platforms on which the mechanisms operate.
  • [0081]
    Although the present invention has been described in relation to particular embodiments thereof, many other variations and modifications and other uses will become apparent to those skilled in the art. Therefore, the present invention should be limited not by the specific disclosure herein.
Patent Citations
Cited PatentFiling datePublication dateApplicantTitle
US4229818 *Dec 29, 1978Oct 21, 1980International Business Machines CorporationMethod and apparatus for enciphering blocks which succeed short blocks in a key-controlled block-cipher cryptographic system
US5537438 *Mar 2, 1994Jul 16, 1996Alcatel N.V.Method of equalizing a receive data block in a time-division multiple access communication system and receiver utilizing this method
US5706281 *Jun 14, 1995Jan 6, 1998Hitachi, Ltd.Data transfer system
US5809147 *Aug 14, 1997Sep 15, 1998Koninklijke Ptt NederlandDevice for cryptographically processing data packets and method of generating cryptographic processing data
US5956405 *Jan 17, 1997Sep 21, 1999Microsoft CorporationImplementation efficient encryption and message authentication
US6085207 *Jun 12, 1997Jul 4, 2000Sun Microsystems, Inc.Method of performing signed operations with unsigned instructions in a microprocessor
US6246768 *Jul 13, 1998Jun 12, 2001Penta Security Systems, Inc.Data encryption system for encrypting plaintext data
US6608901 *Jul 31, 2001Aug 19, 2003Tecsec, Inc.Cryptographic key split combiner
US20020015492 *Apr 22, 1998Feb 7, 2002Motoji OhmoriCryptographic processing apparatus, cryptographic processing method, and storage medium storing cryptographic processing program for improving security without greatly increasing hardware scale and processing time
US20020146118 *Feb 14, 2001Oct 10, 2002Disanto Frank J.Method and system for selecting encryption keys from a plurality of encryption keys
US20030108196 *Oct 11, 2002Jun 12, 2003Alexey KirichenkoData encryption
US20030156715 *Jun 12, 2001Aug 21, 2003Reeds James AlexanderApparatus, system and method for validating integrity of transmitted data
US20030204741 *Apr 26, 2002Oct 30, 2003Isadore SchoenSecure PKI proxy and method for instant messaging clients
Referenced by
Citing PatentFiling datePublication dateApplicantTitle
US7039761 *Aug 11, 2003May 2, 2006Sony CorporationMethodology for performing caching procedures in an electronic network
US8200971Sep 23, 2009Jun 12, 2012Cisco Technology, Inc.Method for the provision of a network service
US8255465 *Sep 22, 2006Aug 28, 2012Scansafe LimitedNetwork communications
US8412157 *Jun 15, 2007Apr 2, 2013Interdigital Technology CorporationMethod and apparatus for security protection of an original user identity in an initial signaling message
US8776199 *Jan 13, 2010Jul 8, 2014Microsoft CorporationAuthentication of a server by a client to prevent fraudulent user interfaces
US20050038864 *Aug 11, 2003Feb 17, 2005Sony CorporationMethodology for performing caching procedures in an electronic network
US20060045309 *Jun 14, 2005Mar 2, 2006Shan SuthaharanSystems and methods for digital content security
US20070074018 *Sep 22, 2006Mar 29, 2007Scansafe LimitedNetwork communications
US20070297367 *Jun 15, 2007Dec 27, 2007Interdigital Technology CorporationMethod and apparatus for security protection of an original user identity in an initial signaling message
US20080304664 *Jun 7, 2007Dec 11, 2008Shanmugathasan SuthaharanSystem and a method for securing information
US20100082979 *Sep 23, 2009Apr 1, 2010Scansafe LimitedMethod for the provision of a network service
US20100115594 *Jan 13, 2010May 6, 2010Microsoft CorporationAuthentication of a server by a client to prevent fraudulent user interfaces
Classifications
U.S. Classification713/153
International ClassificationH04L29/06
Cooperative ClassificationH04L63/166, H04L63/08, H04L9/0861, H04L63/0428
European ClassificationH04L63/04B, H04L63/08, H04L63/16D
Legal Events
DateCodeEventDescription
Feb 25, 2003ASAssignment
Owner name: HIPOTENCY PARTNERS, INC., CONNECTICUT
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:INFANTE, STEVEN D.;MANGARI, APARNA;REEL/FRAME:013778/0229;SIGNING DATES FROM 20030214 TO 20030218