Managing key encryption keys using a key wrapping tree
US10756888B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Nov 20, 2017 |
| Grant date | Aug 25, 2020 |
| Priority date | — |
| Expiry date | Aug 2, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2143
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Methods and systems for securely deleting electronic files and other data stored within a data storage system are described. Each file or separately deletable portion of data stored within the data storage system may be encrypted using a distinct data encryption key. When the file is selected for deletion, both the file and the corresponding data encryption key may be deleted. The data encryption key used for encrypting the file may be encrypted using a key encryption key. If the file and the corresponding data encryption key are both stored using an SSD, then the key encryption key may be stored using a HDD. The ability to physically delete or directly overwrite the key encryption key stored within the HDD may ensure that the file and the data encryption key stored using the SSD are no longer cryptographically recoverable.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.