System and method for file-level data protection

Assignee

• Apple Inc. · US

Inventors

• Dallas B. De Atley · San Francisco, US
• Gordon J. Freedman · Palo Alto, US
• Thomas Brogan Duffy, Jr. · San Francisco, US
• John Andrew Wright · San Francisco, US
• Vrajesh Bhavsar · Sunnyvale, US
• Lucia E. Ballard · San Francisco, US
• Michael Brouwer · San Jose, US
• Conrad Sauerwald · Mountain View, US
• Mitchell D. Adler · Cupertino, US
• Eric B. Tamura · Sunnyvale, US
• David Rahardja · Sunnyvale, US
• Carsten Guenther · San Francisco, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04W12/06
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Disclosed herein are systems, methods, and non-transitory computer-readable storage media for encryption and key management. The method includes encrypting each file on a computing device with a unique file encryption key, encrypting each unique file encryption key with a corresponding class encryption key, and encrypting each class encryption key with an additional encryption key. Further disclosed are systems, methods, and non-transitory computer-readable storage media for encrypting a credential key chain. The method includes encrypting each credential on a computing device with a unique credential encryption key, encrypting each unique credential encryption key with a corresponding credential class encryption key, and encrypting each class encryption key with an additional encryption key. Also disclosed is a method of verifying a password by decrypting a key bag, retrieving data from an encrypted file using an encryption key from the decrypted key bag, and verifying the password by comparing retrieved data with expected data.