WO2015183783A1 - Method and system for encrypting and transmitting information over unsecured communication channel - Google Patents

Method and system for encrypting and transmitting information over unsecured communication channel Download PDF

Info

Publication number
WO2015183783A1
WO2015183783A1 PCT/US2015/032382 US2015032382W WO2015183783A1 WO 2015183783 A1 WO2015183783 A1 WO 2015183783A1 US 2015032382 W US2015032382 W US 2015032382W WO 2015183783 A1 WO2015183783 A1 WO 2015183783A1
Authority
WO
WIPO (PCT)
Prior art keywords
encrypted message
url
server
message
sender
Prior art date
Application number
PCT/US2015/032382
Other languages
French (fr)
Inventor
Frank MACHNICK
Original Assignee
Machnick Frank
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Machnick Frank filed Critical Machnick Frank
Publication of WO2015183783A1 publication Critical patent/WO2015183783A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Definitions

  • Methods and apparatuses consistent with the exemplary embodiments relate to encrypting information and transmitting the encrypted information using an unsecured communication medium.
  • the exemplary embodiments relate to improvements in securely transmitting information in a manner that limits unauthorized access to the information.
  • Methods and apparatuses of the related art allow a user to encrypt and send messages, but do not maintain complete control over the storage of the message.
  • the encrypted message may be transmitted via insecure means, where the message can be intercepted, stored indefinitely, and eventually decrypted.
  • Logs, account information, and actual content of these messages are often stored on encryption systems, where this information could be accessed by an administrator and/or government agency.
  • methods and apparatuses of the related art generally require the use of a paid account, or at least an account connected to an email address in order to send and receive encrypted messages.
  • a system may include a sender terminal, a server, and a recipient terminal.
  • the sender terminal may receive a message input by a user and encrypt the message using a selected password.
  • the server may receive the encrypted message from the sender terminal, store the encrypted message in a database, and transmit to the sender terminal a uniform resource locator (URL) associated with the storage location of the encrypted message within the database.
  • the recipient terminal may access the encrypted message stored in the server using the URL and decrypt the message using the selected password.
  • the URL may be encrypted and/or obfuscated using one or more of a shortened URL, a graphical representation of the URL (e.g. , a QR code), and steganography.
  • the server may delete the encrypted message after the encrypted message stored in the server has been accessed one time.
  • the server may also return an alternate webpage instead of the encrypted message in response to each attempt after the first attempt to access the encrypted message using the URL.
  • the server may delete the encrypted message after the encrypted message has been stored on the server for a preset amount of time.
  • the selected password may be generated by the sender of the message or by a website accessed by a web browser running on the sender terminal.
  • a hash value of the selected password may be generated and included in the encrypted message received by the server from the sender terminal.
  • the recipient terminal may decrypt the encrypted message based on a comparison of the selected password and the hash value of the selected password.
  • a data encryption and transmission method may include receiving a message that has been input by a sender and encrypted, storing the encrypted message in a database and transmitting to the sender a URL associated with a storage location of the encrypted message within the database, and transmitting the encrypted message to a recipient in response to the recipient accessing the encrypted message via the URL.
  • a server for data encryption and transmission may include a receiving unit that receives a message that has been input by a sender and encrypted, a database that stores the encrypted message, and a transmission unit that transmits to the sender a uniform resource locator (URL) associated with a storage location of the encrypted message within the database, and transmits the encrypted message to a recipient in response to the recipient accessing the encrypted message via the URL.
  • a uniform resource locator URL
  • FIG. 1 is a block diagram showing the architecture of a data encryption and transmission system according to an exemplary embodiment.
  • Fig. 2 depicts a representative browser screen for entry of an encryption password.
  • Fig. 3 depicts a representative browser screen for entry of message content to be encrypted.
  • FIG. 4 depicts a representative browser screen providing an obfuscated URL to a
  • Fig. 5 depicts a representative browser screen for retrieval of an encrypted message.
  • the exemplary embodiments may be embodied in various forms without being limited to the exemplary embodiments set forth herein. Descriptions of well-known parts are omitted for clarity.
  • Fig. 1 is an architectural diagram of a data encryption and transmission system according to an exemplary embodiment.
  • a data encryption and transmission system may include a sender 100, a sender's browser 100a, a server 110, a recipient 120, and a recipient's browser 120a.
  • the system according to the exemplary embodiment allows the sender 100 to securely send an encrypted message to recipient 120 with a reduced risk that the message will be intercepted or accessed by an unauthorized recipient.
  • the sender 100 When the sender 100 wants to send a message to recipient 120 using the system of the exemplary embodiment in Fig. 1, the sender 100 inputs a message into the sender's browser 100a.
  • the sender's browser 100a may be any browser, computer, tablet, phone, or other mobile device.
  • the sender's browser 100a is javascript-enabled, though the teachings herein can be implemented without the use of javascript.
  • Fig. 3 depicts a representative screen 300 of browser 100a for entry of the message to be encrypted.
  • the user may enter the message using an anti-keylogger keyboard (such as a virtual on-screen keyboard 302) and/or a redacted or otherwise masked textbox 304 for additional security.
  • the on-screen keyboard 302 may be HTML and javascript-based, which will limit the ability of keyloggers and malware to track the sender's input.
  • the masked textbox 304 allows for "dark typing," rendering screenshots by malware, which usually are taken every 15 seconds or more, ineffective.
  • the on-screen keyboard 302 may generated using cascading style sheets (CSS) and/or the JQuery JavaScript library, though the on-screen keyboard 302 is not limited thereto and may be generated using other software techniques.
  • CSS cascading style sheets
  • JQuery JavaScript library though the on-screen keyboard 302 is not limited thereto and may be generated using other software techniques.
  • the sender 100 may send a document and/or picture file instead of, or in addition to, a text message.
  • system of Fig. 1 may encrypt and transmit a Microsoft Word file and/or a JPEG file, however other document and image file types may also be used.
  • the on-screen keyboard 302 may not be displayed to the user so as to simplify usability.
  • the on-screen keyboard 302 may be displayed to allow the sender 100 to input a text message to encrypt and transmit along with the document and/or image file.
  • the term "message" includes any content that sender 100 desires to transmit to recipient 120, including plain text, documents, images, multimedia, file attachments, and the like.
  • Sender 100 or the sender's browser 100a generates a unique password that is used to encrypt the message, and that the recipient 120 will eventually use to access the message.
  • This encryption key can be input, for example, in text box 306 depicted in Fig. 3 (and also in Fig. 2).
  • the message is then encrypted in the memory of sender's browser 100a, for example using 256 bit AES or another encryption algorithm, using the unique password.
  • a hash value of the password may also be generated and included in the encrypted message.
  • the hash value may be an MD5 hash value, or a hash value generated using a different algorithm.
  • the sender's browser 100a then transmits the encrypted message to server 110 via the HTTPS secure socket layer (SSL).
  • SSL HTTPS secure socket layer
  • Server 1 10 receives the encrypted message from the sender's browser 100a and may store the encrypted message in an SQL database container having an associated temporary Uniform Resource Locator (URL).
  • the server 1 10 may encrypt the temporary URL and send the encrypted temporary URL to the senders' browser 100a.
  • the temporary URL may be obfuscated to provide additional security, such as by shortening the temporary URL using, for example, Google URL shortener or a similar service (e.g., TinyURL), as shown to good advantage in Fig. 4.
  • the server 100 may also generate a QR code or other graphical user interface
  • the temporary URL may also be obscured within an image using steganography in order to provide additional security.
  • the temporary URL may be a single-use, self-destruct URL that, when visited by a user, allows the user to access the information from the SQL container and then destroys the SQL container.
  • the server 1 10 may destroy the SQL container and its contents upon expiration of a predetermined time period. For example, field 308 in Fig. 3 allows the sender 100 to select a maximum lifespan of the SQL container, after which time it will self- destruct, even if the recipient never retrieves the encrypted message.
  • the server 1 10 may contain anti-hacking functionality such that when an attempted hack is detected, the SQL database is automatically deleted.
  • the anti -hacking functionality may be a URL that, when accessed, causes the database and/or the SQL container containing the encrypted message to be erased.
  • a URL may be disguised as a common administrative interface so that an unauthorized user attempting to probe the system for weaknesses may select the URL, thinking that it will allow access to content stored on the database, when in fact it will delete the container and/or database.
  • a trap URL may be included within the encrypted message. If a message is compromised, the unauthorized user that intercepted the message might access the trap URL, thereby causing database content to be erased.
  • the erased database content can be either all database content or only the content within which the trap URL was included.
  • the trap URL may not be accessible by the intended recipient because the trap URL may be stripped from the encrypted message before it is shown to the recipient, or when the recipient enters the correct password and the message is decrypted.
  • sender 100 may transmit the same to the recipient 120 via email, instant message, text message, phone, facsimile, physical mail, or any other transmission medium. That is, the transmission of the temporary URL, in any form, may occur outside of the system of the exemplary embodiment (e.g., it need not pass through server 1 10 on its way from sender 100 to recipient 120). Of course, server 1 10 could transmit the temporary URL directly to recipient 120.
  • Sender 100 will also transmit the password used to encrypt the message to recipient 120, and, in the interest of security, may do so in a communication separate from that of the encrypted message itself.
  • the recipient 120 In order to retrieve the encrypted message, the recipient 120 follows the temporary URL and enters the password that the recipient 120 received from sender 100. For example, visiting the temporary URL shown in Fig. 4 can lead the recipient 120 to the screen shown in Fig. 5. If the sender 100 transmitted a QR code for the temporary URL, the recipient 120 may use a QR reader device in order to access the URL. When the recipient 120 follows the temporary URL, the encrypted message is transmitted from the server 1 10 to the recipient's browser 120a, and the message is deleted from the server 1 10 (e.g., the SQL container is destroyed). The recipient 120 then inputs the password received from the sender 100 (e.g., in field 502 in Fig. 5) in order to decrypt the message in the recipient's browser 120a.
  • the sender 100 e.g., in field 502 in Fig. 5
  • the recipient's browser 120a will decrypt and display the message (stripping away any trap URLs in the process) only if the recipient 120 enters the correct password.
  • the recipient's browser 120a may verify the recipient's 120 password by comparing the entered password and the hash value contained in the encrypted message.
  • the system according to the exemplary embodiment of Fig. 1 provides cross- platform compatibility through its easy to use interface and hosting of an application on a public website.
  • the encryption key string (that is, the password) is secret to everyone but the sender 100 and receiver 120, and is never stored in the system or transmitted. Neither the sender nor the receiver is required to have a dedicated account and/or email address to send or receive encrypted messages.
  • By sending a link instead of a message a secure communication is created, and additional security is provided by using a temporary URL that self-destructs after being accessed and/or that expires after a predetermined period of time.
  • the system according to the exemplary embodiment of Fig. 1 may also encode the website source code to provide a third layer of encryption and security.
  • the server 110 may use a module to encode the source code of the website into a javascript applet that will be decoded inside the browser on the sender's computer. As the traffic passes nodes on the Internet, it would appear both encrypted and encoded to anyone attempting to intercept the transmission.

Abstract

A system and method for encrypting and transmitting data are provided. The data encryption and transmission system may include a sender terminal that receives a message input by a user and encrypts the message; a server that receives the encrypted message from the sender terminal, stores the encrypted message in a database, and transmits to the sender terminal a uniform resource locator (URL) associated with a storage location of the encrypted message within the database; and a recipient terminal that accesses the encrypted message stored in the server using the URL and decrypts the encrypted message using a selected password.

Description

METHOD AND SYSTEM FOR ENCRYPTING AND TRANSMITTING INFORMATION OVER UNSECURED COMMUNICATION CHANNEL
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application claims the benefit of United States provisional application no.
62/003,084, filed 27 May 2014, which is hereby incorporated by reference as though fully set forth herein.
BACKGROUND
[0002] Methods and apparatuses consistent with the exemplary embodiments relate to encrypting information and transmitting the encrypted information using an unsecured communication medium. In particular, the exemplary embodiments relate to improvements in securely transmitting information in a manner that limits unauthorized access to the information.
[0003] Methods and apparatuses of the related art allow a user to encrypt and send messages, but do not maintain complete control over the storage of the message. For example, the encrypted message may be transmitted via insecure means, where the message can be intercepted, stored indefinitely, and eventually decrypted. Logs, account information, and actual content of these messages are often stored on encryption systems, where this information could be accessed by an administrator and/or government agency. Moreover, methods and apparatuses of the related art generally require the use of a paid account, or at least an account connected to an email address in order to send and receive encrypted messages.
SUMMARY
[0004] According to an aspect of one or more exemplary embodiments, there is provided a data encryption and transmission system. A system according to one or more exemplary embodiments may include a sender terminal, a server, and a recipient terminal. The sender terminal may receive a message input by a user and encrypt the message using a selected password. The server may receive the encrypted message from the sender terminal, store the encrypted message in a database, and transmit to the sender terminal a uniform resource locator (URL) associated with the storage location of the encrypted message within the database. The recipient terminal may access the encrypted message stored in the server using the URL and decrypt the message using the selected password. The URL may be encrypted and/or obfuscated using one or more of a shortened URL, a graphical representation of the URL (e.g. , a QR code), and steganography.
[0005] The server may delete the encrypted message after the encrypted message stored in the server has been accessed one time. The server may also return an alternate webpage instead of the encrypted message in response to each attempt after the first attempt to access the encrypted message using the URL. Alternatively or additionally, the server may delete the encrypted message after the encrypted message has been stored on the server for a preset amount of time.
[0006] The selected password may be generated by the sender of the message or by a website accessed by a web browser running on the sender terminal. A hash value of the selected password may be generated and included in the encrypted message received by the server from the sender terminal. The recipient terminal may decrypt the encrypted message based on a comparison of the selected password and the hash value of the selected password.
[0007] According to another aspect of one or more exemplary embodiments, there is provided a data encryption and transmission method. The method may include receiving a message that has been input by a sender and encrypted, storing the encrypted message in a database and transmitting to the sender a URL associated with a storage location of the encrypted message within the database, and transmitting the encrypted message to a recipient in response to the recipient accessing the encrypted message via the URL.
[0008] According to another aspect of one or more exemplary embodiments, there is provided a server for data encryption and transmission. The server may include a receiving unit that receives a message that has been input by a sender and encrypted, a database that stores the encrypted message, and a transmission unit that transmits to the sender a uniform resource locator (URL) associated with a storage location of the encrypted message within the database, and transmits the encrypted message to a recipient in response to the recipient accessing the encrypted message via the URL.
BRIEF DESCRIPTION OF THE DRAWINGS
[0009] Fig. 1 is a block diagram showing the architecture of a data encryption and transmission system according to an exemplary embodiment.
[0010] Fig. 2 depicts a representative browser screen for entry of an encryption password.
[0011] Fig. 3 depicts a representative browser screen for entry of message content to be encrypted.
[0012] Fig. 4 depicts a representative browser screen providing an obfuscated URL to a
SQL container containing an encrypted message.
[0013] Fig. 5 depicts a representative browser screen for retrieval of an encrypted message.
DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS [0014] Reference will now be made in detail to the following exemplary embodiments, which are illustrated in the accompanying drawings, wherein like reference numerals refer to like elements throughout.
[0015] The exemplary embodiments may be embodied in various forms without being limited to the exemplary embodiments set forth herein. Descriptions of well-known parts are omitted for clarity.
[0016] Fig. 1 is an architectural diagram of a data encryption and transmission system according to an exemplary embodiment. Referring to Fig. 1 , a data encryption and transmission system according to an exemplary embodiment may include a sender 100, a sender's browser 100a, a server 110, a recipient 120, and a recipient's browser 120a. The system according to the exemplary embodiment allows the sender 100 to securely send an encrypted message to recipient 120 with a reduced risk that the message will be intercepted or accessed by an unauthorized recipient.
[0017] When the sender 100 wants to send a message to recipient 120 using the system of the exemplary embodiment in Fig. 1, the sender 100 inputs a message into the sender's browser 100a. The sender's browser 100a may be any browser, computer, tablet, phone, or other mobile device. In some embodiments, the sender's browser 100a is javascript-enabled, though the teachings herein can be implemented without the use of javascript.
[0018] Fig. 3 depicts a representative screen 300 of browser 100a for entry of the message to be encrypted. The user may enter the message using an anti-keylogger keyboard (such as a virtual on-screen keyboard 302) and/or a redacted or otherwise masked textbox 304 for additional security. The on-screen keyboard 302 may be HTML and javascript-based, which will limit the ability of keyloggers and malware to track the sender's input. The masked textbox 304 allows for "dark typing," rendering screenshots by malware, which usually are taken every 15 seconds or more, ineffective. For example, the on-screen keyboard 302 may generated using cascading style sheets (CSS) and/or the JQuery JavaScript library, though the on-screen keyboard 302 is not limited thereto and may be generated using other software techniques.
[0019] According to an exemplary embodiment, the sender 100 may send a document and/or picture file instead of, or in addition to, a text message. For example, system of Fig. 1 may encrypt and transmit a Microsoft Word file and/or a JPEG file, however other document and image file types may also be used. When the user intends to encrypt and transmit a document or picture file, the on-screen keyboard 302 may not be displayed to the user so as to simplify usability. Alternatively, the on-screen keyboard 302 may be displayed to allow the sender 100 to input a text message to encrypt and transmit along with the document and/or image file. As used herein, therefore, the term "message" includes any content that sender 100 desires to transmit to recipient 120, including plain text, documents, images, multimedia, file attachments, and the like.
[0020] Sender 100 or the sender's browser 100a generates a unique password that is used to encrypt the message, and that the recipient 120 will eventually use to access the message. This encryption key can be input, for example, in text box 306 depicted in Fig. 3 (and also in Fig. 2). The message is then encrypted in the memory of sender's browser 100a, for example using 256 bit AES or another encryption algorithm, using the unique password. A hash value of the password may also be generated and included in the encrypted message. For example, the hash value may be an MD5 hash value, or a hash value generated using a different algorithm.
[0021] The sender's browser 100a then transmits the encrypted message to server 110 via the HTTPS secure socket layer (SSL). By sending the encrypted message via HTTPS SSL, the encrypted message is encrypted a second time while being uploaded to the server 1 10, further enhancing the security of the systems and methods disclosed herein.
[0022] Server 1 10 receives the encrypted message from the sender's browser 100a and may store the encrypted message in an SQL database container having an associated temporary Uniform Resource Locator (URL). The server 1 10 may encrypt the temporary URL and send the encrypted temporary URL to the senders' browser 100a. In addition, the temporary URL may be obfuscated to provide additional security, such as by shortening the temporary URL using, for example, Google URL shortener or a similar service (e.g., TinyURL), as shown to good advantage in Fig. 4. The server 100 may also generate a QR code or other graphical
representation of the temporary URL and transmit the QR code, rather than the URL itself, to the sender's browser 100a. The temporary URL may also be obscured within an image using steganography in order to provide additional security.
[0023] The temporary URL may be a single-use, self-destruct URL that, when visited by a user, allows the user to access the information from the SQL container and then destroys the SQL container. Alternatively, the server 1 10 may destroy the SQL container and its contents upon expiration of a predetermined time period. For example, field 308 in Fig. 3 allows the sender 100 to select a maximum lifespan of the SQL container, after which time it will self- destruct, even if the recipient never retrieves the encrypted message. In addition, the server 1 10 may contain anti-hacking functionality such that when an attempted hack is detected, the SQL database is automatically deleted. For example, the anti -hacking functionality may be a URL that, when accessed, causes the database and/or the SQL container containing the encrypted message to be erased. Such a URL may be disguised as a common administrative interface so that an unauthorized user attempting to probe the system for weaknesses may select the URL, thinking that it will allow access to content stored on the database, when in fact it will delete the container and/or database.
[0024] In addition, a trap URL may be included within the encrypted message. If a message is compromised, the unauthorized user that intercepted the message might access the trap URL, thereby causing database content to be erased. The erased database content can be either all database content or only the content within which the trap URL was included.
According to an exemplary embodiment, the trap URL may not be accessible by the intended recipient because the trap URL may be stripped from the encrypted message before it is shown to the recipient, or when the recipient enters the correct password and the message is decrypted.
[0025] After the sender 100 receives the encrypted temporary URL, shortened temporary
URL, QR code for the temporary URL, steganographically-encoded temporary URL, or the like at sender's browser 100a, sender 100 may transmit the same to the recipient 120 via email, instant message, text message, phone, facsimile, physical mail, or any other transmission medium. That is, the transmission of the temporary URL, in any form, may occur outside of the system of the exemplary embodiment (e.g., it need not pass through server 1 10 on its way from sender 100 to recipient 120). Of course, server 1 10 could transmit the temporary URL directly to recipient 120. Sender 100 will also transmit the password used to encrypt the message to recipient 120, and, in the interest of security, may do so in a communication separate from that of the encrypted message itself.
[0026] In order to retrieve the encrypted message, the recipient 120 follows the temporary URL and enters the password that the recipient 120 received from sender 100. For example, visiting the temporary URL shown in Fig. 4 can lead the recipient 120 to the screen shown in Fig. 5. If the sender 100 transmitted a QR code for the temporary URL, the recipient 120 may use a QR reader device in order to access the URL. When the recipient 120 follows the temporary URL, the encrypted message is transmitted from the server 1 10 to the recipient's browser 120a, and the message is deleted from the server 1 10 (e.g., the SQL container is destroyed). The recipient 120 then inputs the password received from the sender 100 (e.g., in field 502 in Fig. 5) in order to decrypt the message in the recipient's browser 120a. The recipient's browser 120a will decrypt and display the message (stripping away any trap URLs in the process) only if the recipient 120 enters the correct password. The recipient's browser 120a may verify the recipient's 120 password by comparing the entered password and the hash value contained in the encrypted message.
[0027] After the recipient 120 has retrieved the message from the server 1 10, no further attempts to access the temporary URL will be able to retrieve the encrypted message. Rather, subsequent access attempts will receive an advertisement or "spam" website. This further obfuscates the existence of the message to any unauthorized persons attempting to intercept the message. In addition, if the recipient 120 receives an advertisement or spam website when the recipient 120 follows the URL received from the sender 100, the recipient will know that the message has already been accessed, and the content thereof has potentially been compromised.
[0028] The system according to the exemplary embodiment of Fig. 1 provides cross- platform compatibility through its easy to use interface and hosting of an application on a public website. The encryption key string (that is, the password) is secret to everyone but the sender 100 and receiver 120, and is never stored in the system or transmitted. Neither the sender nor the receiver is required to have a dedicated account and/or email address to send or receive encrypted messages. By sending a link instead of a message, a secure communication is created, and additional security is provided by using a temporary URL that self-destructs after being accessed and/or that expires after a predetermined period of time.
[0029] The system according to the exemplary embodiment of Fig. 1 may also encode the website source code to provide a third layer of encryption and security. By encoding the website source code, even antivirus software is prevented from analyzing the content of the website or the messages stored or transmitted using the website. In this exemplary embodiment, the server 110 may use a module to encode the source code of the website into a javascript applet that will be decoded inside the browser on the sender's computer. As the traffic passes nodes on the Internet, it would appear both encrypted and encoded to anyone attempting to intercept the transmission.
[0030] Although a few exemplary embodiments of the present general inventive concept have been shown and described, it will be appreciated by those skilled in the art that changes may be made in these embodiments without departing from the principles and spirit of the general inventive concept, the scope of which is defined in the appended claims and their equivalents.

Claims

What is claimed is:
1. A data encryption and transmission system comprising:
a sender terminal that receives a message input by a user and encrypts the message using a selected password;
a server that receives the encrypted message from the sender terminal, stores the encrypted message in a database, and transmits to the sender terminal a uniform resource locator (URL) associated with a storage location of the encrypted message within the database; and a recipient terminal that accesses the encrypted message stored in the server using the URL and decrypts the encrypted message using the selected password.
2. The data encryption and transmission system of claim 1,
wherein after the encrypted message stored in the server has been accessed one time, the server deletes the encrypted message from the server.
3. The data encryption and transmission system of claim 1,
wherein after the encrypted message stored in the server has been accessed one time, each subsequent attempt to access the encrypted message using the URL causes the server to return an alternate webpage instead of the encrypted message.
4. The data encryption and transmission system of claim 1,
wherein after the encrypted message stored in the server has been stored for a preset amount of time without being accessed, attempts to access the encrypted message using the URL causes the server to return an alternate webpage instead of the encrypted message.
5. The data encryption and transmission system of claim 1,
wherein the URL is encrypted using one or more of a shortened URL, a graphical representation of the URL, and steganography.
6. The data encryption and transmission system of claim 1,
wherein the selected password is generated by a sender of the message or a website accessed by a web browser running on the sender terminal; and
wherein a hash value of the selected password is generated and included in the encrypted message received by the server from the sender terminal.
7. The data encryption and transmission system of claim 6,
wherein a sender of the message sends the selected password and the URL to a recipient who retrieves the encrypted message via the recipient terminal using the URL and the selected password; and
wherein the recipient terminal decrypts the encrypted message based on a comparison of the selected password and the hash value of the selected password.
8. A data encryption and transmission method comprising:
receiving a message that has been input by a sender and encrypted;
storing the encrypted message in a database and transmitting to the sender a uniform resource locator (URL) associated with a storage location of the encrypted message within the database; and transmitting the encrypted message to a recipient in response to the recipient accessing the encrypted message via the URL.
9. The data encryption and transmission method of claim 8, further comprising: after the encrypted message stored in the database has been accessed via the URL one time, deleting the encrypted message from the server.
10. The data encryption and transmission method of claim 8, further comprising: after the encrypted message stored in the database has been accessed via the URL one time, returning an alternate webpage instead of the encrypted message for each subsequent attempt to access the encrypted message via the URL.
11. The data encryption and transmission method of claim 8, further comprising: after the encrypted message stored in the database has been stored for a preset amount of time without being accessed, returning an alternate webpage instead of the encrypted message for attempts to access the encrypted message via the URL.
12. The data encryption and transmission method of claim 8, wherein transmitting to the sender the URL comprises encrypting the URL using one or more of a shortened URL, a graphical representation of the URL, and steganography.
13. The data encryption and transmission method of claim 8, wherein the step of receiving a message that has been input by a sender and encrypted comprises receiving a hash value of a selected password that is used to decrypt the encrypted message.
14. A server comprising:
a receiving unit that receives a message that has been input by a sender and encrypted; a database that stores the encrypted message; and
a transmission unit that transmits to the sender a uniform resource locator (URL) associated with a storage location of the encrypted message within the database, and transmits the encrypted message to a recipient in response to the recipient accessing the encrypted message via the URL.
15. The server of claim 14, wherein the server deletes the encrypted message after the encrypted message stored in the database has been accessed via the URL one time.
16. The server of claim 14, wherein after the message stored in the database has been accessed via the URL one time, the server returns an alternate webpage instead of the encrypted message for each subsequent attempt to access the encrypted message via the URL.
17. The server of claim 14, wherein after the message stored in the database has been stored for a preset amount of time without being accessed, the server returns an alternate webpage instead of the encrypted message for attempts to access the encrypted message via the URL.
18. The server of claim 14, further comprises an encryption unit that encrypts the URL before transmitting the URL to the sender using one or more of a shortened URL, a QR code that represents the URL, and steganography to obscure the URL within an image.
19. The server of claim 14, wherein the encrypted message received by the receiving unit includes a hash value of a selected password that is used to decrypt the encrypted message.
PCT/US2015/032382 2014-05-27 2015-05-26 Method and system for encrypting and transmitting information over unsecured communication channel WO2015183783A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201462003084P 2014-05-27 2014-05-27
US62/003,084 2014-05-27

Publications (1)

Publication Number Publication Date
WO2015183783A1 true WO2015183783A1 (en) 2015-12-03

Family

ID=54699636

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2015/032382 WO2015183783A1 (en) 2014-05-27 2015-05-26 Method and system for encrypting and transmitting information over unsecured communication channel

Country Status (1)

Country Link
WO (1) WO2015183783A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018057510A1 (en) * 2016-09-20 2018-03-29 United States Postal Service Methods and systems for a digital trust architecture
US10645068B2 (en) 2015-12-28 2020-05-05 United States Postal Service Methods and systems for secure digital credentials
CN112699385A (en) * 2020-12-21 2021-04-23 布比(北京)网络技术有限公司 Method and system for carrying out access control on electronic health record based on block chain
US11533178B2 (en) 2015-03-13 2022-12-20 United States Postal Service Methods and systems for data authentication services

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050210259A1 (en) * 2004-03-22 2005-09-22 Sharp Laboratories Of America, Inc. Scan to confidential print job communications
US20060036683A1 (en) * 2000-11-30 2006-02-16 Microsoft Corporation System and method for managing states and user context over stateless protocols
US20070219910A1 (en) * 2006-03-02 2007-09-20 Yahoo! Inc. Providing a limited use syndicated media to authorized users
US8560843B1 (en) * 2010-09-24 2013-10-15 Symantec Corporation Encrypted universal resource identifier (URI) based messaging
US20130326221A1 (en) * 2012-06-04 2013-12-05 Private Giant Confidential Message Exchange Using Benign, Context-Aware Cover Message Generation

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060036683A1 (en) * 2000-11-30 2006-02-16 Microsoft Corporation System and method for managing states and user context over stateless protocols
US20050210259A1 (en) * 2004-03-22 2005-09-22 Sharp Laboratories Of America, Inc. Scan to confidential print job communications
US20070219910A1 (en) * 2006-03-02 2007-09-20 Yahoo! Inc. Providing a limited use syndicated media to authorized users
US8560843B1 (en) * 2010-09-24 2013-10-15 Symantec Corporation Encrypted universal resource identifier (URI) based messaging
US20130326221A1 (en) * 2012-06-04 2013-12-05 Private Giant Confidential Message Exchange Using Benign, Context-Aware Cover Message Generation

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"INTRODUCTION TO GOOGLE DOCS'';", LOUISVILLE FREE PUBLIC LIBRARY, 5 February 2013 (2013-02-05), pages 1 - 21, XP055238675, Retrieved from the Internet <URL:http://www.lfpl.org/jobshop/docs/google-docs.pdf> [retrieved on 20150811] *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11533178B2 (en) 2015-03-13 2022-12-20 United States Postal Service Methods and systems for data authentication services
US11533177B2 (en) 2015-03-13 2022-12-20 United States Postal Service Methods and systems for data authentication services
US10645068B2 (en) 2015-12-28 2020-05-05 United States Postal Service Methods and systems for secure digital credentials
WO2018057510A1 (en) * 2016-09-20 2018-03-29 United States Postal Service Methods and systems for a digital trust architecture
US10419218B2 (en) 2016-09-20 2019-09-17 United States Postal Service Methods and systems for a digital trust architecture
US11153086B2 (en) 2016-09-20 2021-10-19 United States Postal Service Methods and systems for a digital trust architecture
US11528138B2 (en) 2016-09-20 2022-12-13 United States Postal Service Methods and systems for a digital trust architecture
CN112699385A (en) * 2020-12-21 2021-04-23 布比(北京)网络技术有限公司 Method and system for carrying out access control on electronic health record based on block chain

Similar Documents

Publication Publication Date Title
US9537864B2 (en) Encryption system using web browsers and untrusted web servers
JP6844876B2 (en) Secure data acquisition of sensitive data over the network
CN110169033B (en) Enhanced email service
US10681081B2 (en) Secure content and encryption methods and techniques
US10069809B2 (en) System and method for secure transmission of web pages using encryption of their content
US9070112B2 (en) Method and system for securing documents on a remote shared storage resource
US10970378B2 (en) Secure generation and verification of machine-readable visual codes
CA2736584C (en) Method and system for secure use of services by untrusted storage providers
US11741264B2 (en) Security systems and methods for social networking
US9224000B1 (en) Systems and methods for providing information security using context-based keys
US9577989B2 (en) Methods and systems for decrypting an encrypted portion of a uniform resource identifier
US8473740B2 (en) Method and system for secured management of online XML document services through structure-preserving asymmetric encryption
US8769260B1 (en) Messaging system with user-friendly encryption and decryption
US20070179905A1 (en) Stateless Human Detection For Real-Time Messaging Systems
US20100306537A1 (en) Secure messaging
US11128588B2 (en) Apparatus, method and computer-readable recording medium storing computer program for restricting electronic file viewing utilizing antivirus software
CN107533613B (en) Storage medium product, cloud printing system and PDF file access method
CN107864677B (en) Content access authentication system and method
WO2015183783A1 (en) Method and system for encrypting and transmitting information over unsecured communication channel
CN108319822B (en) Method, storage medium, electronic device and system for protecting webpage code
KR20170084802A (en) Methdo and system for transmitting secure data in a terminal
KR101485968B1 (en) Method for accessing to encoded files
US20080228900A1 (en) Method and system for facilitating the transfer of a computer file
WO2021129681A1 (en) Scheduling method and apparatus, and medium and device
US9652621B2 (en) Electronic transmission security process

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15799718

Country of ref document: EP

Kind code of ref document: A1

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15799718

Country of ref document: EP

Kind code of ref document: A1