EP-3753199-B1 - METHOD AND DEVICES FOR KEYLESS SECURE DATA COMMUNICATION

Inventors

• OURDANE, Mohammed, Arezki
• NGUYEN, Duy Cu

Dates

Publication Date

20260513

Application Date

20190208

Claims (10)

1. A method carried out at a sending mail server (36s) for secure communication of data from a sender device (12) to a recipient device (14), the sending mail server (36s) including a memory device and a processor, the processor being configured for carrying out the method, the method comprising: at a secure data transfer agent (30s) of the sending mail server (36s), receiving source data to be communicated to the recipient device (14) from the sender device (12), the source data having been determined by a source data application (28s) at the sender device (12), and invoking a rendering and signing module (32) with the source data as a parameter; at the rendering and signing module (32), said method comprises parsing the source data to generate a human-perceptible version of the source data (M P ), the human-perceptible version being a file in a platform-independent document file format; and transmitting a hash of at least the human-perceptible version to a blockchain gateway (47), the blockchain gateway (47) providing the hash(es) to a blockchain infrastructure (46) for generating on the basis thereof a signature S; and receiving the signature S and returning the signature (S) in conjunction with the human-perceptible version (M P ) of the source data to the secure data transfer agent (30s); at the secure data transfer agent (30s), sending the signed data (M S ) including the signature (S) and the human-perceptible (M P ) to the recipient device (14); and optionally making the signature (S) accessible to a secure signature portal (42).
2. The method according to claim 1, further including uploading the signed data (M S ) to a secure cloud storage server (51) via a first encrypted link (37).
3. The method according to claim 1 or 2, wherein the sending mail server (36s) remote from the sending device (12) and coupled thereto via a second encrypted link (38).
4. The method according to any of the preceding claims, wherein the source data application (28s) is a mail application, and the source data is an electronic message.
5. The method according to any of the preceding claims, wherein the human-perceptible version comprises a printing-ready copy of the electronic message.
6. The method according to claim 5, wherein the printing-ready copy is in Portable Document Format (PDF) or Post Script (PS) format.
7. The method according to any of claims 1 to 3, wherein the source data application (28s) is a content publishing application, and the source data is a media content.
8. The method according to any of claims 1 to 3, wherein the source data application (28s) is a media presentation or streaming application, and the source data is image and/or video data.
9. A method for processing at a recipient device (14) signed data (M' S ) sent by a sender device (12) using the method of any of the preceding claims, the recipient device (14) including a memory device, audio and/or visual output devices and a user input device coupled to a processor, the processor being configured for carrying out the method, the method comprises: receiving at a recipient data application (28r) or at a recipient server communicating with the recipient data application (28r), the signed data (M' S ); extracting a signature (S') from the signed data (M' S ); sending the extracted signature (S') to a blockchain gateway (47) and/or to a secure signature portal (42) with a request for verification; receiving a verification result from the blockchain gateway (47) or the secure signature portal (42), the verification result indicating whether or not the extracted signature (S') is verified as corresponding to a signature associated with the signed data and sent to the blockchain gateway (47) or secure signature portal (42) by the sender device (12); and forwarding the verification result to the recipient data application (28r) or the recipient server; at the recipient data application (28r) or the recipient server, (i) extracting the human-perceptible version of the message (M' P ) and the signature (S') from the signed data (M' S ), presenting the human-perceptible version M' P to a user via the audio and/or visual output devices, and/or (ii) presenting an indication in association with the received signed data M' S that the verification result was positive or negative corresponding, respectively, to the extracted signature (S') being valid or invalid.
10. A recipient device (14) for secure receipt of data communicated by a sender device (12), the recipient device (14) including a memory device, audio and/or visual output devices and a user input device coupled to a processor, the processor being configured for carrying out the method of claim 9.

Description

TECHNICAL FIELD The present invention generally relates to data communication, e.g. electronic messaging, over a network, and more particularly to a method and devices for secure and/or verifiable data communication without the use of cryptographic keys and encryption infrastructure. BACKGROUND Electronic communication - from one user's (i.e., sender's) computing machine or device to another's (i.e., recipient's) device, for example through the use of mail application programs (such as Lotus/IBM Notes, Eudora, Outlook and Thunderbird) - has been widespread for some decades, and persons skilled in the art will be familiar with email communication protocols, especially the SMTP protocol and its extensions (https://tools.ietf.org/html/rfc5321). Such email communications are conveyed by gateways, servers, routers, etc., forming the physical infrastructure for the transport of emails via the relevant protocols, from the sender's device to the recipient's device, and the email communication is handled by mail handling software or agents (hereafter "Mail Transport Agents", MTAs) on such servers or other infrastructure objects. At least to an extent, the contents of emails can be accessed at such infrastructure objects or by the MTAs, in particular where there is no end-to-end encryption of the email. Therefore, privacy and interception and accessing of emails by unauthorized persons has been an issue for some time, with various mechanisms being developed in order to afford privacy through encryption and the use of an encryption key-based infrastructure. Examples of these include technologies such as public key infrastructure (PKI), and more particularly PGP, S/MIME, Gpg4Win, as well as various desktop computing encryption/signing applications, such as Symantec Encryption Desktop and Endpoint Security. Moreover, numerous scenarios arise with the use of email in which a recipient needs to know that the content of a received message can be trusted (and, often, that the received message originated with the sender). That is, taking a digital signature for a message from the sender is as a cryptographic value that depends on the message and on the sender, the digital signature provides data integrity (and proof of origin - non-repudiation). This, as well as proof of existence of a message, can be desirable where it is necessary to settle disputes between the sender and recipient as to whether the message was sent or as to its content. For example, sender Alice is working at a law firm, and the recipient Bob is a freelancer. Alice wishes to send Bob a contract agreement by email, and they both wish to be able to prove the existence and integrity of the email, in case of disputes. An issue with such known technologies is that it requires considerable investment and technology management in terms of key management; losing a private key may compromise all messages signed with this key. A further problem is that, in order to ensure communications such as emails are properly signed and conveyed to the recipient in a secure manner, some technical knowledge of encryption, signatures and certificates is required of the sending / receiving user(s), the setup can be technically burdensome, and significant intervention by the user at each time of sending an email may be required. A further issue is that known systems do not always afford a suite of products that can be integrated with existing email infrastructures with negligible effort. An additional drawback is that known systems do not always also provide additional services such as secure storage, independent from email infrastructures, for signed communications. US 2017/359288 A1 discloses an email messaging system that includes a first email message server, a second email message server and a distributed database system that stores a blockchain. The first email message server receives an email message from a first user system, and records a selected component of the received email message into a block of the blockchain. The selected component of the email message is added to the blockchain after validation by other participants in the blockchain. When the second email message server receives the email message from the first email message server, the second email message server can determine whether a component from the received email message matches the selected component that is stored in the block of the blockchain. WO 2018/012871 A1 discloses a method for providing recording and verification service for data received and transmitted by messenger service. When at least one from among chat participants requests recording of data generated by the chat participants in an environment in which a messenger bot participates in a chat, registers at least a portion of the generated data as recorded data in a database, provides a transaction ID indicating location in the database of the data registered therein to at least one participant from among the chat participants, determines,