Encryption system with key recovery
First Claim
1. A computer-implemented method performed by a computing device where the computing device includes at least a processor for executing instructions from a memory, the method comprising:
- analyzing, via at least the processor, an encrypted data item to recover a site key value for decrypting the encrypted data item, wherein the analyzing comprises identifying a header of the encrypted data item and identifying from within the header at least a bin number and a hash table index, wherein;
the bin number is derived from a first portion of the site key value,the hash table index is derived from the site key value, andthe site key value includes at least the first portion and a second portion;
recovering, via at least the processor, the site key value at least in part by;
performing a bin recovery process on the bin number to recover the first portion of the site key value,performing an iterative filter matching process using at least the first portion and a site key filter to recover the second portion of the site key value, andperforming an iterative index matching process using at least the second portion and the hash table index to recover the site key value; and
controlling, using the site key value, a decryption process to decrypt the encrypted data item as a decrypted data item to provide access to the decrypted data item.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and other embodiments associated with the recovery of a lost site key value used in encryption are described. In one embodiment, site key recovery logic is configured to analyze an encrypted data item to identify a bin number and a hash table index within a header of the encrypted data item. The bin number is derived from a first portion of the site key value and the hash table index is derived from the site key value. The site key value includes at least the first portion and a second portion. A bin recovery process is performed on the bin number to recover the first portion. A filter matching process is performed using the first portion and a site key filter to recover the second portion. An index matching process is performed using the second portion and the hash table index to recover the site key value.
13 Citations
20 Claims
-
1. A computer-implemented method performed by a computing device where the computing device includes at least a processor for executing instructions from a memory, the method comprising:
-
analyzing, via at least the processor, an encrypted data item to recover a site key value for decrypting the encrypted data item, wherein the analyzing comprises identifying a header of the encrypted data item and identifying from within the header at least a bin number and a hash table index, wherein; the bin number is derived from a first portion of the site key value, the hash table index is derived from the site key value, and the site key value includes at least the first portion and a second portion; recovering, via at least the processor, the site key value at least in part by; performing a bin recovery process on the bin number to recover the first portion of the site key value, performing an iterative filter matching process using at least the first portion and a site key filter to recover the second portion of the site key value, and performing an iterative index matching process using at least the second portion and the hash table index to recover the site key value; and controlling, using the site key value, a decryption process to decrypt the encrypted data item as a decrypted data item to provide access to the decrypted data item. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer system, comprising:
-
a processor connected to memory; and a module stored on a non-transitory computer readable medium and configured with instructions that when executed by the processor cause the processor to; store at least records of encrypted data items; read an encrypted data item from the data cache and analyze the encrypted data item to recover a site key value for decrypting the encrypted data item, wherein the analyzing comprises identifying a header of the encrypted data item and identifying from within the header at least a bin number and a hash table index, wherein; the bin number is derived from a first portion of the site key value, the hash table index is derived from the site key value, and the site key value includes at least the first portion and a second portion; perform a bin recovery process on the bin number to recover the first portion of the site key value; perform an iterative filter matching process using at least the first portion and a site key filter to recover the second portion of the site key value; perform an iterative index matching process using at least the second portion and the hash table index to recover the site key value; and control, using the site key value, a decryption process to decrypt the encrypted data item as a decrypted data item to provide access to the decrypted data item. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer-readable medium storing instructions that, when executed by one or more processors of a computing device, cause the computing device to at least:
-
control an analyzing of an encrypted data item to recover a site key value for decrypting the encrypted data item, wherein the analyzing comprises identifying a header of the encrypted data item and identifying from within the header at least a bin number and a hash table index, wherein; the bin number is derived from a first portion of the site key value, the hash table index is derived from the site key value, and the site key value includes at least the first portion and a second portion; control a recovering of the site key value at least in part by; performing a bin recovery process on the bin number to recover the first portion of the site key value, performing an iterative filter matching process using at least the first portion and a site key filter value to recover the second portion of the site key value, and performing an iterative index matching process using at least the second portion and the hash table index to recover the site key value; and control, using the site key value, a decryption process to decrypt the encrypted data item as a decrypted data item to provide access to the decrypted data item. - View Dependent Claims (19, 20)
-
Specification