U.S. patent application number 13/699019 was filed with the patent office on 2013-03-14 for system and method for secure use of messaging systems.
The applicant listed for this patent is Aviad Lahav, Ben Matzkel, Maayan Tal. Invention is credited to Aviad Lahav, Ben Matzkel, Maayan Tal.
Application Number | 20130067012 13/699019 |
Document ID | / |
Family ID | 44276366 |
Filed Date | 2013-03-14 |
United States Patent
Application |
20130067012 |
Kind Code |
A1 |
Matzkel; Ben ; et
al. |
March 14, 2013 |
SYSTEM AND METHOD FOR SECURE USE OF MESSAGING SYSTEMS
Abstract
A system and method for secure use of messaging systems. A
mediator may receive an original message, process the original
message to produce a processed message, and may forward the
processed message to a server or a messaging system. A mediator may
receive a processed message from a server or a messaging system,
process the received processed message to produce an unprocessed
message that may be substantially identical to the original message
and may forward the unprocessed message to a destination.
Inventors: |
Matzkel; Ben; (Givatayim,
IL) ; Tal; Maayan; (Be'er Sheva, IL) ; Lahav;
Aviad; (Tel-Aviv, IL) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
Matzkel; Ben
Tal; Maayan
Lahav; Aviad |
Givatayim
Be'er Sheva
Tel-Aviv |
|
IL
IL
IL |
|
|
Family ID: |
44276366 |
Appl. No.: |
13/699019 |
Filed: |
May 19, 2011 |
PCT Filed: |
May 19, 2011 |
PCT NO: |
PCT/IL2011/000397 |
371 Date: |
November 20, 2012 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
61347229 |
May 21, 2010 |
|
|
|
Current U.S.
Class: |
709/206 |
Current CPC
Class: |
G06F 21/6245 20130101;
H04L 51/00 20130101; H04L 63/0428 20130101; H04L 63/0471 20130101;
H04L 63/123 20130101; H04L 51/14 20130101 |
Class at
Publication: |
709/206 |
International
Class: |
G06F 15/16 20060101
G06F015/16 |
Claims
1. A system for securing messages comprising a forward mediator and
a reverse mediator, the forward mediator to: receive an original
message; process the original message to provide a at least one
processed message, wherein the processing includes transforming at
least one portion of the original message; forward the at least one
processed message to a at least one server; and the reverse
mediator to: receive a processed message from a server, and process
the received processed message to provide an unprocessed
message.
2. The system of claim 1, wherein processing the original message
includes encrypting at least a portion of the original message.
3. The system of claim 1, wherein processing the original message
includes encrypting at least a portion of the original message,
wherein the portion is selected from the group consisting of: at
least one recipient address, a sender address, a subject associated
with the message, at least one attachment, at least one message
header, and a body of the message.
4. The system of claim 1, wherein processing the original message
includes generating at least one recipient address and including
the generated at least one recipient address in the processed
message, wherein the generated recipient address is designed to
cause the server to send the processed message to the reverse
mediator.
5. The system of claim 1, wherein said original message and said
unprocessed message are email messages.
6. The system of claim 1, wherein processing the original message
includes classifying the original message to produce message
classification information.
7. The system of claim 1, wherein: processing an original message
to produce a processed message includes: generating at least one
secured search term based on at least one original term included in
the original message; and including the generated at least one
secured search term in the processed message.
8. The system of claim 1, further comprising a search mediator,
said search mediator to: receive a first request from a client;
generate a second request based on the first request; generate at
least one secured search term based on at least one original search
term included in the first request; include the at least one
secured search term in the second request; and forward the second
request to the server.
9. The system of claim 1, wherein processing an original message to
produce a processed message includes changing a location of at
least a portion of the original message.
10. The system of claim of claim 7, wherein processing an original
message to produce a processed message includes changing a location
of at least one of: said at least one original term and said at
least one secured search term.
11. The system of claim 1, wherein processing an original message
to produce a processed message is according to one of: a sender of
the message and a receiver of the message.
12. The system of claim 1, wherein the forward mediator is to
include a parameter in the processed message and, the reverse
mediator is to validate the processed message based on the
parameter.
13. The system of claim 12, wherein validating the processed
message is based on at least one of: an integrity parameter and a
time the original message was received by the forward mediator.
14. The system of claim 7, wherein processing an original message
to produce a processed message includes normalizing at least one
original term included in the original message and generating a
secured search term based on the normalized at least one original
terms.
15. The system of claim 7, wherein processing an original message
to produce a processed message includes selecting at least one
original search term based on at least one of: a length of an
original search term, a presence of an original search term in a
set of terms and an absence of an original search term in a set of
terms.
16. The system of claim 7, wherein processing an original message
to produce a processed message includes at least one of:
deterministically encrypting said at least one original search
terms using a secret key and applying non-reversible keyed security
transformation to at least one original search term.
17. A method of securing messages, the method comprising: receiving
an original message destined to a client; processing the original
message to provide a at least one processed message, wherein the
processing includes transforming at least one portion of the
original message; forwarding the at least one processed message to
a at least one server; and receiving a processed message from a
server; processing the received processed message to provide an
unprocessed message; and forwarding the unprocessed message to a
client.
18. The method of claim 17, wherein processing the original message
includes encrypting at least a portion of the original message.
19. The method of claim 17, wherein processing the original message
includes encrypting at least a portion of the original message,
wherein the portion is selected from the group consisting of: at
least one recipient address, a sender address, a subject associated
with the message, at least one attachment, at least one message
header, and a body of the message.
20. The method of claim 17, wherein processing the original message
includes generating at least one recipient address and including
the generated at least one recipient address in the processed
message, wherein the generated recipient address is designed to
cause the server to send the processed message to the reverse
mediator.
21. The method of claim 17, wherein said original message and said
unprocessed message are email messages.
22. The method of claim 17, wherein processing the original message
includes classifying the original message to produce message
classification information.
23. The method of claim 17, wherein processing the original message
includes generating at least one secured search term corresponding
to at least one original search terms included in the original
message, wherein said generating includes at least one of:
normalizing at least one original search terms, selecting at least
one original search term according to a length of an original
search term, selecting at least one original search term according
to a presence in a set of terms, encrypting at least one original
search term using a secret key and applying a one-way keyed
security transformation to at least one original search term.
Description
BACKGROUND OF THE INVENTION
[0001] Electronic Mail is one of the most common communication
forms. The Internet and the World Wide Web has made Electronic Mail
a widespread application in use by numerous individuals and
organizations. In the basic e-mail model, a user accesses an e-mail
server using a network communication protocols, can retrieve
messages waiting for him or her, and can send new messages to one
or more intended recipients. Several e-mail vendors offer
additional functionality on top of this basic function, such as
managing contacts, filtering and categorizing emails, etc.
[0002] There are many e-mail vendors who provide e-mail services in
the Internet, rather than distribute the software for operating an
e-mail server. Prominent examples include Google.RTM.'s Gmail.TM.
service, Hotmail.TM. and also many smaller Internet Service
Providers (ISPs). In such Internet-hosted services, users' messages
and other data are stored on the email provider's servers. Some
organizations and individuals concerned of their privacy are
reluctant to use such hosted services, as users' data and messages
are trusted to a third party--the email provider.
[0003] Electronic mail is a global and open system. Every email
provider is registered for one or more e-mail domains. E-mail
addresses always include this e-mail domain. When an e-mail message
needs to be delivered to its recipient, the global e-mail domain
registry is consulted in order to find the server handling this
domain; then the message is sent to that server; the server stores
the message; and later the recipient retrieves the message from the
server. The global registry of e-mail domains is operated using the
global Domain Name System (DNS), in which records known as MX
records are registered by providers. An MX record of an email
domain points to a server handling incoming messages for that
domain.
[0004] Email providers typically emphasize their taking of security
measures to protect users' data. Such measures include protecting
the communications between the user and the provider by encrypting
the network traffic, strong security policies enforced in the
provider's data centers, auditing and similar methods. However, all
these measures do not eliminate the basic concern of putting a
user's data in the hands of another party.
SUMMARY OF EMBODIMENTS OF THE INVENTION
[0005] Embodiments of the invention may enable secure use of
messaging systems. A system for securing messages may include a
mediator that may receive an original message, process the original
message to produce a processed message, wherein the processing
includes transforming at least a portion of the original message,
and forward the processed message to a server or a messaging
system. A mediator may receive a processed message from a server or
a messaging system, process the received processed message to
produce an unprocessed message that may be substantially identical
to the original message and may forward the unprocessed message to
a destination. Processing a message may include encrypting or
obfuscating any portion of a message including a sender and/or a
recipient address or name, a domain and/or a body of the message. A
mediator may mediate requests and/or queries related to processed
messages stored on a messaging system.
BRIEF DESCRIPTION OF THE DRAWINGS
[0006] Embodiments of the invention are illustrated by way of
example and not limitation in the figures of the accompanying
drawings, in which like reference numerals indicate corresponding,
analogous or similar elements, and in which:
[0007] FIG. 1 shows a schematic block diagram of a system according
to embodiments of the invention;
[0008] FIG. 2 shows a schematic block diagram of a system according
to embodiments of the invention;
[0009] FIG. 3 shows a schematic block diagram of a system according
to embodiments of the invention;
[0010] FIG. 4 schematically shows a flow according to embodiments
of the invention; and
[0011] FIG. 5 illustrates an exemplary method of encryption
according to embodiments of the invention.
[0012] It will be appreciated that for simplicity and clarity of
illustration, elements shown in the figures have not necessarily
been drawn accurately or to scale. For example, the dimensions of
some of the elements may be exaggerated relative to other elements
for clarity, or several physical components may be included in one
functional block or element. Further, where considered appropriate,
reference numerals may be repeated among the figures to indicate
corresponding or analogous elements.
DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION
[0013] In the following detailed description, numerous specific
details are set forth in order to provide a thorough understanding
of the invention. However, it will be understood by those skilled
in the art that the present invention may be practiced without
these specific details. In other instances, well-known methods,
procedures, and components, modules, units and/or circuits have not
been described in detail so as not to obscure the invention. Some
features or elements described with respect to one embodiment may
be combined with features or elements described with respect to
other embodiments. For the sake of clarity, discussion of same or
similar features or elements may not be repeated.
[0014] Although embodiments of the invention are not limited in
this regard, discussions utilizing terms such as, for example,
"processing," "computing," "calculating," "determining,"
"establishing", "analyzing", "checking", or the like, may refer to
operation(s) and/or process(es) of a computer, a computing
platform, a computing system, or other electronic computing device,
that manipulates and/or transforms data represented as physical
(e.g., electronic) quantities within the computer's registers
and/or memories into other data similarly represented as physical
quantities within the computer's registers and/or memories or other
information non-transitory storage medium that may store
instructions to perform operations and/or processes.
[0015] Embodiments of the invention may include an article such as
a computer or processor readable non-transitory storage medium,
such as for example a memory, a disk drive, or a USB flash memory
encoding, including or storing instructions, e.g.,
computer-executable instructions, which when executed by a
processor or controller, cause the processor or controller to carry
out methods disclosed herein. For example, a mediator may be such
article.
[0016] Although embodiments of the invention are not limited in
this regard, the terms "plurality" and "a plurality" as used herein
may include, for example, "multiple" or "two or more". The terms
"plurality" or "a plurality" may be used throughout the
specification to describe two or more components, devices,
elements, units, parameters, or the like. Unless explicitly stated,
the method embodiments described herein are not constrained to a
particular order or sequence. Additionally, some of the described
method embodiments or elements thereof can occur or be performed
simultaneously, at the same point in time, or concurrently.
[0017] The present invention enables solving the trust problem
discussed above by addressing its root cause: the trust that a user
must have towards an email provider. The invention enables users to
use remote e-mail service providers without exposing the content
and/or recipients of their messages to the service provider. In
addition to email systems, the present invention has applicability
to messaging systems which need not be electronic in nature. The
invention can make in-bound and out-bound message interception for
content securing for any messaging system.
[0018] The present invention includes a messaging client portion, a
messaging server portion, and a mediator adapted to intercept and
modify communications between the messaging client portion and the
messaging server portion. Optionally, the invention also includes
one or more outgoing communication modules adapted to receiving
messages sent to a third party after leaving the server portion and
before reaching a third party. Optionally, the invention also
includes one or more incoming communication modules adapted to
receiving messages from a third party before reaching the server
portion.
[0019] The client portion may be a human user, a computer agent
being used by a person or an automatic agent operating on behalf of
a person. The client may access the server, may send a message or
messages retrieve request, may send a message or messages send
request, and may request any other operations. The mediator may be
adapted to receiving requests from the user intended for the
server, processing requests to produce processed requests, and
forwarding the processed requests to the messaging server. The
processing of a message (e.g., associated with a message send
request) may include detecting message parts such as message
subject, message body, message attachments, message recipient
address or addresses, message author address or addresses, and
other message parts. Processing of a message (e.g., an original
message received from a client) may include encrypting all or a
portion of the original message. For example, portions of a message
that may be encrypted or otherwise processed may be a recipient
address, a sender address, a subject associated with the message,
an attachment, a message header and/or a body of the message.
Processing a message may include processing message portions, parts
or elements jointly or separately to provide a processed message
composed of processed message elements.
[0020] A mediator may include two portions, a first portion adapted
to receiving requests from a client, and a second portion adapted
to receiving responses from the server. A mediator that may receive
an original message from a client, process the original message to
produce a processed message and forward the processed message to a
server may be referred to herein as a forward mediator. A mediator
that may receive a processed message from a server, process the
received processed message to produce an unprocessed message, e.g.,
such that the unprocessed message may be substantially identical to
an original message, and forward the unprocessed message, e.g., to
a client may be referred to herein as a reverse mediator.
[0021] In an embodiment of the present invention, the processing
performed at the mediator, incoming communication module and
outgoing communication module may include encrypting incoming and
outgoing messages before they are received by the messaging server,
and decrypting messages before they are received by either a user
of the system or a third party recipient of a message authored by
the user. Thus an email provider is able to provide an email
messaging service without gaining access to a user's data, and
users are able to work with an untrusted email provider. An
embodiment of the present invention may secure communication of
information over various network protocols simultaneously,
including SMTP, POP3, IMAP, MAPI, Web-based access to mail services
such as Gmail, etc.
[0022] Reference is made to FIG. 1 that shows a schematic block
diagram of a system and flows according to embodiments of the
invention. As shown by FIG. 1, an embodiment of the invention may
include both an outgoing communication module, an incoming
communication module and a mediator. The incoming and outgoing
communication modules and the mediator may be implemented as
network nodes, or attached to, or incorporated in a computing
device, e.g., a user's computer or a server. The incoming and
outgoing communication modules and the mediator may be separate
units or devices or they may be combined into a one or more units.
A messaging client 101 may access a messaging server 103 with the
mediator 102 mediating communication of information, data and/or
parameters between the messaging client and the server. For
example, some or all information communicated between the messaging
client and the server may be routed through, or intercepted by, a
mediator. It will be understood that a various setups, systems or
configurations may be possible. For example, a single mediator may
include both an incoming and an outgoing communication module. An
incoming communication module may function as a forward
mediator.
[0023] The messaging client may send and receive messages in
clear-text (121), and the messaging client receives and sends these
messages encrypted (122). When a third party 107 sends a message
(123) to the client, it may first be received by the incoming
communication module 106, then the incoming communication module
may encrypt the message and may send it encrypted (124) to the
messaging server. The encrypted message may be stored in the
messaging server. Later, when the client accesses the messaging
server using the mediator, the encrypted message may be decrypted
before being received at the client. In another case, when the
client is sending a message to a second third party 105, the
message may be encrypted when sent to the messaging server, stored
there encrypted in the user's outbox, then sent encrypted (125) to
the outgoing communication module 104, decrypted and sent in
plain-text (126) to the second third party (105). The client,
mediator, incoming communication module and outgoing communication
module may be located at a restricted-access network 150 such as
the organization's private network, and thus may be able to apply
encryption and decryption using encryption keys available only in
the restricted-access network.
[0024] An embodiment of the present invention may include an
outgoing communication module functioning as a reverse mediator.
When an outgoing communication module exists, the mediator may
process one or more recipients in a message send request to provide
one or more processed recipients. The processed recipients may be
constructed such that the message will be received at an outgoing
communication module after being sent from the messaging server to
the processed recipient address. The processing of an intended
recipient may include at least one of (a) encrypting the recipient
address, (b) adding identification information to the processed
recipient in order to assist interception or detection of a
processed recipient in a body of text, (c) adding context
information indicating the context in which the processing has
taken place, (d) encoding the processed recipient such that it is
not rejected by the email server, (e) adding address destination
information to indicate to the email server how to access an
outgoing communication module for delivery of the message, (f)
breaking up the original address to provide searchable terms within
the address, then adding encrypted forms of the searchable terms to
the processed recipient, (g) any other processing modifying the
intended recipient.
[0025] Optionally, to increase security of information related to
the intended recipients, processing of the intended recipients may
include at least one of (a) producing one or more processed
recipients from one or more intended recipients, (b) generating
fake recipient addresses that can be identified as fake by an
outgoing communication module but not necessarily by other parties,
(c) placing processed recipients in another message part such as
the message body or subject, (d) changing the location or role of
an intended recipient, for example removing all intended recipients
from an email "cc" or "bcc" recipient list and putting them all in
the "to" recipient list. Any modifications to a header or metadata
of a message may be performed. For example, recipient addresses may
be modified, removed, replaced or added.
[0026] Reference is made to FIG. 2 that shows a schematic block
diagram of a system and flows according to embodiments of the
invention. FIG. 2 illustrates how an outgoing email message may be
processed by an embodiment of the present invention in an email
messaging system. The outgoing communication module 204 may be
registered for delivering messages of a unique or specific email
domain "out.client.com", using a DNS MX registration. When the
mediator 202 processes a recipient of an email message 222 received
from the client 201, it may: (1) encrypt the message recipient,
subject and body, (2) encode the encrypted recipient in Base-32
encoding, (3) add an at-sign ("@") to the encoded recipient, (4)
add the unique email domain registered for an outgoing
communication module, (5) add authentication information to the
outgoing message.
[0027] Later, when the email server 203 tries to deliver the
processed message 221 to the processed recipient, the message will
reach an outgoing communication module 204 as the email domain of
the processed recipient is handled by the outgoing communication
module. The outgoing communication module may proceed to process
the processed message, providing a re-produced 222 message and may
forward the re-produced message to the originally unprocessed
intended recipient using the recipient's MTA 205.
[0028] Optionally, the mediator includes in the processed message
authentication information to be validated by an outgoing
communication module. The outgoing communication module may thus
able to validate the authenticity of a processed message, and may
refuse to process any un-authenticated messages. The authentication
information may include an encryption time indication or a time
expiration indication to indicate the time for which the
authentication information is valid. The authentication information
may be digitally signed or encrypted to provide confidentiality or
tampering resistance.
[0029] The present invention may include one or more incoming
communication modules adapted to receiving messages from a third
party intended for a user of the system. An incoming module may
process an original incoming message to provide a processed
message, and then forward the processed message to the messaging
server. In order for incoming messages to be received at an
incoming communication module, an outgoing communication module may
modify the sender address or reply-to address in the outgoing
message such that any reply will be received at an incoming
communication module. The incoming communication module may be
registered at the messaging system's address registry, and an
outgoing communication module may produce a processed sender
address handled by an incoming communication module.
[0030] For example, if the original sender address of an email
message is "sender@mail.com", an outgoing communication module may
change it to "sender@incoming.mail.com", and an incoming
communication module may be registered at the DNS system to process
messages for the domain "incoming.mail.com".
[0031] Reference is made to FIG. 2 that shows a schematic block
diagram of a system and flows according to embodiments of the
invention. Generally, FIG. 3 illustrates how an embodiment of the
invention processes incoming messages. When a third party email
user 301 sends an email message 321 to the client 305, the message
may first be received and processed at the incoming communication
module 302. The incoming communication module may encrypt the
message's body, subject, sender address, and recipient. The
recipient may further be encoded in Base-32, and the email domain
"@client.com" may be appended to the processed message 322. The
processed message may then be received by the client's untrusted
MTA 303, which may store the encrypted message and may make it
available for the client for later retrieval. When the client 305
eventually retrieves the message, the message may be decrypted at
the mediator before being received at the client.
[0032] To provide additional security by hiding the identity of the
user, the system may process one or more sender addresses in at
least one of (a) sender addresses occurring in message send
requests made by the client and received at the mediator before
being received at the messaging server, (b) user names for
authentication to a messaging server received at the mediator
before being received at the messaging server, (c) sender addresses
occurring in outgoing messages, received at an outgoing
communication module, (d) recipient address of an incoming message,
received at an incoming communication module, (e) anywhere where a
user name may occur.
[0033] Some messaging servers require a client to authenticate to a
messaging server before requesting any further requests, including
message send requests. Some of these authenticating messaging
servers may also require the sender address in message send
requests to be validated against the authentication credentials
received from a client. In such cases, the system may process user
names and sender address such that the processed user names and
sender addresses do not cause requests to be rejected by the
messaging server. For example, processed user names and sender
addresses may be generated such that they adhere with a rule,
criteria, format or any requirement dictated by the messaging
server.
[0034] In the mediator, processing of user names occurring in
sender addresses to provide processed user names may include at
least one of (a) encrypting the one or more user names using a
symmetric cipher and a private key, (b) adding identification
information to the processed one or more user names in order to
assist interception or detection of a processed one or more
addresses in a body of text, (c) adding context information
indicating the context in which the processing has taken place, (d)
encoding the processed one or more user names such that it is not
rejected by a messaging application in the messaging system, (e)
maintaining a fixed mapping between original user names and
processed user names, and replacing an original sender addresses
with a matching processed sender address using this mapping, (f)
any other processing modifying the original one or more sender
address.
[0035] Optionally, the processing of sender addresses and user
names in the mediator may include processing an indication of
registered handler for messages, such as an email domain in email
messages. When an indicated handler for messages is the incoming
communications module, the mediator may replace it with the
indicated handler which is the messaging server, such that the
messaging server is not aware of an incoming communication module.
In an incoming communication module, processing of recipient
addresses may include any processing applied in the mediator to
sender addresses.
[0036] In an outgoing communication module, processing of sender
addresses occurring in outgoing messages may include (a) validation
that the sender address has been previously received and processed
by the mediator, (b) modifying a part of a sender address
indicating a registered handler for incoming messages (e.g. the
email domain in email addresses) to indicate that the handler is an
incoming communication module, (c) decrypting a user name occurring
in sender addresses, (d) using a fixed mapping between original
user names and processed user names to retrieve an original user
name, (e) removing identification information added to a user name
or sender address, (f) removing context information added to a user
name or sender address, (g) decoding encoded user names or sender
addresses, (h) any other processing needed to recover an original
sender address or user name occurring in a sender address from user
names or sender addresses previously processed at the mediator or
at an incoming communication module.
[0037] Reference is made to FIG. 4 that shows a flow according to
embodiments of the invention. FIG. 4 illustrates possible
processing of email addresses in an embodiment of the invention
securing email communications. In this example, the email server
compares the authenticated user name to the user name part of an
email address and may reject a message send request if the two user
names are not equal. Here, if the original sender of an email
message is "jsmith@client.com", the user name in an authentication
request is "jsmith", and the messaging server requires a user name
received in an authentication request to match the user-name part
of a sender address received in a message send request, then: (1)
the processed sender address may be "ZZu38jiok@client.com", (2) the
processed user name in an authentication request may be
"ZZu38jiok", (3) the email MTA 403 may check the sender against the
user name and the sent message may thus be accepted by the MTA and
may be processed normally. Inside the mediator, sender addresses
and user names may be processed by (1) encrypting, (2) encoding in
base-32, (3) adding a rare identifier such as "ZZ", (4) Add the
client's email domain--e.g., when required by the server.
[0038] The system may encrypt outgoing messages as part of their
processing in the mediator, such that messages send requests
received at the messaging server are encrypted. Encryption of
messages may combine several message elements such as message body,
subject, sender, recipient or attachments and encrypt them together
or separately. Encryption may be performed using a symmetric cipher
using a key known only to the mediator, an incoming communication
module, or an outgoing communication module. The system may encrypt
messages as part of their processing in the incoming communication
module, such that incoming messages received at the messaging
server are encrypted.
[0039] Some servers enable users to search through sent and
received messages for specific search terms. To support searching
of encrypted messages, the mediator or an incoming communication
module may identify searchable terms within the message subject,
body, attachments or other message elements, then encrypt theses
searchable terms individually. Searchable terms may be encrypted
individually and/or deterministically, such that an encrypted
searchable term is always equivalent to other encrypted searchable
terms when the original searchable terms are equivalent. Processing
a request related to a message may be based on, or according to,
the processing of the message. For example, the same encryption key
or scheme used to encrypt searchable or other terms in a message
may be used to encrypt searchable or other terms in a subsequent
search request related to the message.
[0040] The system may process search requests in the mediator
before such a search request is received by the messaging server.
The mediator may encrypt every individual search term occurring in
the search request in the same way searchable terms within
processed message elements are encrypted, using the same secret key
or mapping. Optionally, encryption of searchable message elements
may separate searchable information from un-searchable information,
and un-searchable information may be encrypted separately from
individual searchable terms. Un-searchable information may include
(a) non-letter textual characters, such as punctuation marks and
space characters, (b) upper case or lower case variations in
letters, (c) diacritics added or removed from letter variants, such
as "cafe" vs. "cafe", (d) a set of predefined words marked as
unsearchable, for example the words "this", "that", "a" may be
marked unsearchable, (e) variations in word boundary determination,
such as the distinction between "white board" and "whiteboard", (f)
variations in the morphological form of a base word, such as the
distinction between "send" and "sending". The encrypted
un-searchable information need not be deterministic, and may use
cryptographic salt for encryption. The process of removing
un-searchable information from individual words or text segments is
herein referred to as normalization. An individual word or text
segment included in the original message may be herein referred to
as an original term or an original search term. The set of
predefined words may include all words of certain length or
lengths.
[0041] Optionally, encryption and decryption of searchable terms
may be performed by maintaining a mapping between encrypted and
decrypted terms, instead of using a cipher and a private key. The
mapping may be secret and known only to the mediator, incoming
communication module and outgoing communication modules. The
mapping may include using a non-reversible keyed security
transformation. Optionally, encryption and decryption of searchable
terms may be performed by a combination of maintaining a mapping
and encrypting with a symmetric cipher and a private key.
Optionally, e.g., in order to increase the resistance to
statistical cryptographic analysis, the order of encrypted
searchable terms may be changed, with the original order encrypted
separately or jointly with the un-searchable information.
[0042] Optionally, e.g., in order to increase the resistance to
statistical cryptographic analysis, fake encrypted searchable terms
may be added to encrypted searchable terms. The indication of fake
searchable terms will also be encrypted. Further, fake encrypted
searchable terms may be produced in a statistical distribution that
matches a statistical distribution of non-fake text bodies, such
that it is not easy to defer which search terms are fake and/or
which are not from a statistical analysis of an encrypted text.
Optionally, to increase the resistance to statistical cryptographic
analysis, fake encrypted terms copied from real encrypted terms may
be added to encrypted searchable terms, and real words occurring
more than once in the original text may have only one encrypted
word in the processed text. Thus, it may be difficult for an
attacker injecting a specific word to the system multiple times to
determine which of the fake words the encrypted form of the
injected word is.
[0043] To make the system more secure to statistical attacks while
enabling searching through text, the mediator or incoming
communication module may encrypt the an entire textual input, such
as the message body or the message subject, in a single encrypted
bulk (e.g., without determining word boundaries or performing other
segmentation). Then, to enable searching, an encrypted form of
every word appearing in the input may be included in the processed
text, in an arbitrary order. Further, additional fake words may be
added to the processed text.
[0044] Reference is made to FIG. 5 that illustrates an exemplary
method of encryption according to embodiments of the invention.
FIG. 5 illustrates an exemplary encryption of a sentence in a
searchable form, e.g., as described in detail above. Encryption
proceeds in several steps. As shown by 510, input data may be
received, for example, input data may be any portion of an original
message, e.g., an e-mail message, including a message body,
metadata, information in a header of a message etc.
[0045] As shown by 520, individual data units may be identified,
for example, input text may be broken up into a sequence of text
segments. As shown by 530, unsearchable data units may be
identified and/or marked, for example, text segments may be
selected for searchable encryption, e.g. a segment may be
classified as a word, a word may be included in a group of
searchable or un-searchable words, a word may be excluded from the
group of candidates based on its length, etc.
[0046] As shown by 540, data units may be normalized, for example,
text segments selected for searchable encryption may be normalized,
e.g. by converting all letters to lower case, by converting letters
with diacritics to letters without diacritics, by converting words
to morphologically equivalent variants such as converting plural
forms into singular forms, a combination of such methods, etc.
Fourth, the order of text segments selected for searchable
encryption may be changed. As shown by 550, normalized tokens may
be shuffled and the shuffle order (or another parameter related to
the shuffling of tokens) may be recorded, e.g., such that an
original order may be restored. For example, information including
un-searchable segments and possibly searchable segments may be
arranged in at least one un-searchable tokens, also referred to
herein as control tokens, and segments selected for searchable
encryption may be arranged in at least one secured search terms. As
shown by 560, a control token may be generated and/or used to
record any parameter related to any of the operations in the flow.
For example, metadata or parameters related to conversions applied
to data (e.g., a transformation and/or shuffle of terms) may be
stored in a control token. The control token may be encrypted using
a secret key. A secured search term may be encrypted or may be
transformed using a one-way keyed security transformation such as a
cryptographic hash function, a cryptographic Message Authentication
Code (MAC), etc.
[0047] The system may encrypt searchable message text elements such
as message subject and body produced encrypted forms different from
encrypted forms of addresses and contacts. For example, encrypted
forms of email addresses may use only lower case ASCII characters
for encoding email addresses, and encrypted forms of searchable
words may use both upper case and lower case letters. Optionally,
to support searching of all encrypted forms, the system may process
search requests to provide processed search requests, where any
possible encrypted form of a search term is added in the search
request. The possible encrypted forms are added to the search
request in a way that the messaging server understands that the
relation between the searchable terms is a logical disjunction
relation (also called an "OR" relation).
[0048] Optionally, to support searching of encrypted forms in
sender and recipient addresses, the system may add to the processed
address a searchable form of every searchable term in an input
address, when the format of a processed address allows this adding.
For example, some email servers allow a display-name to be added to
email address in the form "MyName" <myuser@mymail.com>. The
mediator or incoming communication module may add an encrypted form
of searchable terms occurring in an email address such as "myuser"
and "myemail" to the display-name part of the email address, thus
providing "MyName-encrypted myuser-encrypted myname-encrypted"
<myuser-mymail-com-alternate-form-encrypted>@mail.com".
[0049] Since incoming messages sent from a third party to a user of
the system may be encrypted without the third party authentication
to the system, this could become a security risk, assisting an
attacker to obtain encrypted forms of specific words if the
attacker gains access to the user's account in a messaging server.
Optionally, the incoming communication module may encrypt incoming
messages in an un-searchable, non-deterministic form, such that
multiple injection attempts do not provide an attacker with
repeated encrypted forms, and not assisting in building a mapping
between encrypted and plain-text forms of specific injected words.
The system may later detect that the incoming message was sent from
a legitimate user by at least one of (a) recognizing a message sent
from the user to that user, (b) the user explicitly indicating the
sender to the system as a legitimate user, (c) other heuristic or
statistical analysis proving that the sender is legitimate.
[0050] Optionally, the outgoing communication module may include in
the processed sender address information indicating the recipient
or recipients of the message, in an encrypted form. Later, when the
recipient replies to the processed sender address, an incoming
communication module can verify that the replier is sending a
message to an address he is authorized to send messages to.
Optionally, the system may recognize illegitimate senders of
incoming messages as spam senders, and handle such messages as spam
messages.
[0051] A major concern of many email vendors may be spam messages.
Generally, spam messages are unsolicited messages sent to the user
or to a large group of users, usually encouraging the recipient to
purchase goods or otherwise disturbing the user without invitation.
Some messaging servers analyze message content in order to identify
spam messages. Embodiments of the invention may thus interfere with
this processing as the message content may be hidden from the
messaging server. In some embodiments, an incoming communication
module may perform spam identification before forwarding the
message to the messaging server. The incoming communication module
may apply any available spam identification technique or tools
prior to forwarding the message to the messaging server. The spam
identification process may herein be referred to as production of
message classification information. Any processing of a message as
described herein may be based on classification information
produced by a classification of the message. For example, an
encryption scheme may be selected based on a classification of the
message. A classification of a message may be based on information
included in a message (e.g., a recipient, a sender, a subject,
content included in a body etc.). A classification of a message may
be based on a context or any relevant parameter, e.g., a
communication channel over which the message is communicated (e.g.,
a secured or non-secured channel), a destination server or web site
and the like.
[0052] Embodiments of the invention, e.g., a mediator as described
herein, may include an article such as a computer or processor
non-transitory readable medium, or a computer or processor
non-transitory storage medium, such as for example a memory, a disk
drive, or a USB flash memory, encoding, including or storing
instructions, e.g., computer-executable instructions, which, when
executed by a processor or controller, carry out methods disclosed
herein. Some embodiments, e.g., a mediator as described herein, may
be provided in a computer program product that may include a
non-transitory machine-readable medium, stored thereon
instructions, which may be used to program a computer, or other
programmable devices, to perform methods as disclosed herein.
[0053] The storage medium may include, but is not limited to, any
type of disk including optical disks, rewritable compact disk
(CD-RWs) and the like. The storage medium may include semiconductor
devices such as read-only memories (ROMs), random access memories
(RAMs), such as a dynamic RAM (DRAM), flash memories or any type of
media suitable for storing electronic instructions, including
programmable storage devices. A system according to embodiments of
the invention may include components such as, but not limited to, a
plurality of central processing units (CPU) or any other suitable
multi-purpose or specific processors or controllers, a plurality of
input units, a plurality of output units, a plurality of memory
units, and a plurality of storage units. A system may additionally
include other suitable hardware components and/or software
components. In some embodiments, a system may include or may be,
for example, a personal computer, a workstation, a server computer,
a network device or any other suitable computing device.
[0054] While certain features of the invention have been
illustrated and described herein, many modifications,
substitutions, changes, and equivalents may occur to those skilled
in the art. It is, therefore, to be understood that the appended
claims are intended to cover all such modifications and changes as
fall within the true spirit of the invention.
* * * * *