In response to an inquiry (20) by an unsophisticated Subscriber (11) over a nonsecure network (10), a Provider (12) returns (21) a public key and retains the corresponding private key. The Subscriber (11) encrypts (24) a password using the public key, which is decrypted (25) by the Provider (12). The password is then used to securely transfer (62) to the Subscriber (11) a key determined by the Provider (12), thereby enabling the Subscriber (11) to decrypt messages encrypted (27) by the Provider (12) and transmitted (28) over the nonsecure network (10). This password dependent secure transmission of a key to an unsophisticated Subscriber (11) may be accomplished by several methods, including hashing, key lookup, Wizard protocol, and Warlock procedure. In each method the password is used by the Subscriber (11) and the Provider (12) in correlated operations ending in secure receipt by the Subscriber (11) of a key determined by the Provider (12).
展开▼
