Method of securing files under the semi-trusted user threat model using symmetric keys and per-block key encryption
US9363247B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Apr 4, 2014 |
| Grant date | Jun 7, 2016 |
| Priority date | — |
| Expiry date | May 31, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/08
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A computer system and method for securing files in a file system equipped with storage resources that are accessible to an authenticable user operating with an untrusted client device under the semi-trusted client threat model. The file to be secured is stored in one or more blocks belonging to the storage resources along with symmetric per-block key(s) KBi assigned to each of the blocks in the file. The blocks are encrypted with the symmetric per-block keys to obtain encrypted blocks. The user is assigned user key(s) and each per-block key that was used for encryption is in turn encrypted with one of the user's keys to derive wrapped key(s) for each encrypted block. Wrapped key(s) are placed in encrypted block headers and introduce a level of indirection to encrypted file(s) that is appropriate for the semi-trusted client threat model.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.