Method and system for at least partially updating data encrypted with an all-or-nothing encryption scheme

1. A method for at least partially updating encrypted data stored on one or more servers, the encrypted data being encrypted with an all-or-nothing encryption (AONE) scheme, the method comprising:

• a) dividing the encrypted data, which includes a first number m of plaintext blocks, into a second number N of equal sized chunks, wherein the second number is based on a number of the one or more servers on which the encrypted data is to be stored, and wherein each chunk includes m/N plaintext blocks,b) encrypting each chunk using the AONE, wherein an additional randomness is embedded into the AONE by an initialization vector derived from the randomness being used as an initial seed for an AONE initialization vector of the AONE, and outputting a plurality of ciphertext blocks for each chunk,c) storing the encrypted chunks in memory on the one or more servers, wherein storing the encrypted chunks comprises storing an i-th ciphertext block of each encrypted chunk on an i-th server, and wherein the randomness is encrypted using an XOR-combination of XOR operations performed on the ciphertext blocks for each chunk,d) determining one or more parts of one or more chunks to update,e) decrypting the randomness by accessing all the encrypted chunks to compute the XOR-combination,f) decrypting the one or more chunks to update based on the result of e),g) updating the decrypted chunks,h) re-encrypting the updated decrypted chunks using the AONE, andi) storing the re-encrypted chunks according to step c).