Encryption system with double key wrapping
First Claim
1. A computer-implemented method performed by a computing device where the computing device includes at least a processor for executing instructions from a memory, the method comprising:
- selecting a secret key for encryption;
encrypting, by at least the processor, the secret key by applying a first pass of Authenticated Encryption with Additional Data (AEAD) using first keys generated from a random seed value;
encrypting, by at least the processor, the random seed value by applying a second pass of the Authenticated Encryption with Additional Data (AEAD) using second keys generated from the encrypted secret key; and
generating, by at least the processor, a wrapped key by combining the encrypted secret key and the encrypted random seed value.
0 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods, and other embodiments associated with encryption are described. In one embodiment, a method comprises selecting a secret key for encryption and encrypting the secret key by applying a first pass of Authenticated Encryption with Additional Data (AEAD) using first keys generated from a random seed value. The random seed value is encrypted by applying a second pass of the Authenticated Encryption with Additional Data (AEAD) using second keys generated from the encrypted secret key. A wrapped key is generated by combining the encrypted secret key and the encrypted random seed value.
12 Citations
15 Claims
-
1. A computer-implemented method performed by a computing device where the computing device includes at least a processor for executing instructions from a memory, the method comprising:
-
selecting a secret key for encryption; encrypting, by at least the processor, the secret key by applying a first pass of Authenticated Encryption with Additional Data (AEAD) using first keys generated from a random seed value; encrypting, by at least the processor, the random seed value by applying a second pass of the Authenticated Encryption with Additional Data (AEAD) using second keys generated from the encrypted secret key; and generating, by at least the processor, a wrapped key by combining the encrypted secret key and the encrypted random seed value. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer system, comprising:
-
one or more processors configured to at least execute instructions; a memory connected to the one or more processors; a non-transitory computer-readable medium storing instructions that, when executed by the one or more processors of the computing device, cause the computing device to at least; select a secret key for encryption; encrypt the secret key by applying a first pass of Authenticated Encryption with Additional Data (AEAD) using first keys generated from a random seed value; encrypt the random seed value by applying a second pass of the Authenticated Encryption with Additional Data (AEAD) using second keys generated from the encrypted secret key; and generate a wrapped key by combining the encrypted secret key and the encrypted random seed value. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer-readable medium storing instructions that, when executed by one or more processors of a computing device, cause the computing device to at least:
-
select a secret key for encryption; encrypt the secret key by applying a first pass of Authenticated Encryption with Additional Data (AEAD) using first keys generated from a random seed value; encrypt the random seed value by applying a second pass of the Authenticated Encryption with Additional Data (AEAD) using second keys generated from the encrypted secret key; and generate a wrapped key by combining the encrypted secret key and the encrypted random seed value. - View Dependent Claims (12, 13, 14, 15)
-
Specification