Method and system for multiple symmetric encryption for .ZIP files

US 20050094817A1
Filed: 09/20/2004
Published: 05/05/2005
Est. Priority Date: 07/16/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method of placing data in a .Zip file format data container, said method including:

receiving a data file;

generating a first symmetric key from random data;

symmetrically encrypting said data file using said first symmetric key to form and encrypted data file;

generating a second symmetric key;

symmetrically encrypting said first symmetric key using said second symmetric key to form second symmetric key data;

generating a third symmetric key;

symmetrically encrypting said first symmetric key using said third symmetric key to form third symmetric key data; and

placing said encrypted data file, said second symmetric key data, and said third symmetric key data in a data container, wherein said data container is constructed in accordance with a .Zip file format.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a method of integrating existing strong encryption methods into the processing of a .ZIP file to provide a highly secure data container which provides flexibility in the use of symmetric and asymmetric encryption technology. The present invention adapts the well established .ZIP file format to support higher levels of security and multiple methods of data encryption and key management, thereby producing a highly secure and flexible digital container for electronically storing and transferring confidential data

Citations

152 Claims

1. A method of placing data in a .Zip file format data container, said method including:
- receiving a data file;
  
  generating a first symmetric key from random data;
  
  symmetrically encrypting said data file using said first symmetric key to form and encrypted data file;
  
  generating a second symmetric key;
  
  symmetrically encrypting said first symmetric key using said second symmetric key to form second symmetric key data;
  
  generating a third symmetric key;
  
  symmetrically encrypting said first symmetric key using said third symmetric key to form third symmetric key data; and
  
  placing said encrypted data file, said second symmetric key data, and said third symmetric key data in a data container, wherein said data container is constructed in accordance with a .Zip file format.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1 further including:
    - compressing said data file before symmetrically encrypting said data file.
  - 3. The method of claim 2 wherein said compressing employs a Lempel-Ziv (LZ)-type data compression algorithm.
  - 4. The method of claim 2 wherein said compressing employs a Deflate-type data compression algorithm.
  - 5. The method of claim 2 wherein said compressing employs a Burrows-Wheeler Transform (BWT)-type data compression algorithm.
  - 6. The method of claim 1 wherein said data file is not compressed before symmetrically encrypting.
  - 7. The method of claim 1 wherein at least part of one of said second symmetric key and said third symmetric key is composed of random data.
  - 8. The method of claim 7 wherein at least part of said second symmetric key is composed of a first set of random data and at least part of said third symmetric key is composed of a second set of random data.
  - 9. The method of claim 8 wherein said first set of random data is not equal to said second set of random data.
  - 10. The method of claim 1 wherein said at least part of one of said second symmetric key and said third symmetric key is received from a user.
  - 11. The method of claim 10 wherein said at least part of one of said second symmetric key and said third symmetric key is a password.
  - 12. The method of claim 11 wherein at least part of said second symmetric key is a first password and at least part of said third symmetric key is a second password
  - 13. The method of claim 12 wherein said first password is not equal to said second password.
  - 14. The method of claim 1 wherein at least one of said first symmetric key, said second symmetric key and said third symmetric key has a key length of at least 128 bits.
  - 15. The method of claim 1 wherein at least one of said first symmetric key, said second symmetric key and said third symmetric key has a key length of at least 192 bits.
  - 16. The method of claim 1 wherein at least one of said first symmetric key, said second symmetric key and said third symmetric key has a key length of at least 256 bits.
  - 17. The method of claim 1 wherein said symmetrically encrypting said data file uses an AES encryption encoding operation.
  - 18. The method of claim 1 wherein said symmetrically encrypting said data file uses a 3DES encryption encoding operation.

19. A .Zip file format data container including:
- an encrypted data file, said data file encrypted using a first symmetric key, wherein said first symmetric key is generated from random data;
  
  second symmetric key data, said second symmetric key data generated from a second symmetric key used to symmetrically encrypt said first symmetric key; and
  
  third symmetric key data, said third symmetric key data generated from a third symmetric key used to symmetrically encrypt said first symmetric key, wherein said data container is constructed in accordance with a .Zip file format.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 20. The .Zip file format data container of claim 19 wherein said data file is compressed prior to symmetric encryption.
  - 21. The .Zip file format data container of claim 20 wherein said compressing employs a Lempel-Ziv (LZ)-type data compression algorithm.
  - 22. The .Zip file format data container of claim 20 wherein said compressing employs a Deflate-type data compression algorithm.
  - 23. The .Zip file format data container of claim 20 wherein said compressing employs a Burrows-Wheeler Transform (BWT)-type data compression algorithm.
  - 24. The .Zip file format data container of claim 19 wherein said data file is not compressed before symmetric encryption.
  - 25. The .Zip file format data container of claim 19 wherein at least part of one of said second symmetric key and said third symmetric key is composed of random data.
  - 26. The .Zip file format data container of claim 25 wherein at least part of said second symmetric key is composed of a first set of random data and at least part of said third symmetric key is composed of a second set of random data.
  - 27. The .Zip file format data container of claim 26 wherein said first set of random data is not equal to said second set of random data.
  - 28. The .Zip file format data container of claim 19 wherein said at least part of one of said second symmetric key and said third symmetric key is received from a user.
  - 29. The .Zip file format data container of claim 28 wherein said at least part of one of said second symmetric key and said third symmetric key is a password.
  - 30. The .Zip file format data container of claim 29 wherein at least part of said second symmetric key is a first password and at least part of said third symmetric key is a second password
  - 31. The .Zip file format data container of claim 30 wherein said first password is not equal to said second password.
  - 32. The .Zip file format data container of claim 19 wherein at least one of said first symmetric key, said second symmetric key and said third symmetric key has a key length of at least 128 bits.
  - 33. The .Zip file format data container of claim 19 wherein at least one of said first symmetric key, said second symmetric key and said third symmetric key has a key length of at least 192 bits.
  - 34. The .Zip file format data container of claim 19 wherein at least one of said first symmetric key, said second symmetric key and said third symmetric key has a key length of at least 256 bits.
  - 35. The .Zip file format data container of claim 19 wherein said symmetrically encrypting said data file uses an AES encryption encoding operation.
  - 36. The .Zip file format data container of claim 19 wherein said symmetrically encrypting said data file uses a 3DES encryption encoding operation.

37. A method of placing data in a data container, said method including:
- receiving a data file;
  
  generating a first symmetric key from random data;
  
  symmetrically encrypting said data file using said first symmetric key to form and encrypted data file;
  
  generating a second symmetric key;
  
  symmetrically encrypting said first symmetric key using said second symmetric key to form second symmetric key data;
  
  generating a third symmetric key;
  
  symmetrically encrypting said first symmetric key using said third symmetric key to form third symmetric key data; and
  
  placing said encrypted data file, said second symmetric key data, and said third symmetric key data in a data container, wherein said data container is designed for containing compressed files.
- View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55)
- - 38. The method of claim 37 further including:
    - compressing said data file before symmetrically encrypting said data file.
  - 39. The method of claim 38 wherein said compressing employs a Lempel-Ziv (LZ)-type data compression algorithm.
  - 40. The method of claim 38 wherein said compressing employs a Deflate-type data compression algorithm.
  - 41. The method of claim 38 wherein said compressing employs a Burrows-Wheeler Transform (BWT)-type data compression algorithm.
  - 42. The method of claim 37 wherein said data file is not compressed before symmetrically encrypting.
  - 43. The method of claim 37 wherein at least part of one of said second symmetric key and said third symmetric key is composed of random data.
  - 44. The method of claim 43 wherein at least part of said second symmetric key is composed of a first set of random data and at least part of said third symmetric key is composed of a second set of random data.
  - 45. The method of claim 44 wherein said first set of random data is not equal to said second set of random data.
  - 46. The method of claim 37 wherein said at least part of one of said second symmetric key and said third symmetric key is received from a user.
  - 47. The method of claim 46 wherein said at least part of one of said second symmetric key and said third symmetric key is a password.
  - 48. The method of claim 47 wherein at least part of said second symmetric key is a first password and at least part of said third symmetric key is a second password
  - 49. The method of claim 48 wherein said first password is not equal to said second password.
  - 50. The method of claim 37 wherein at least one of said first symmetric key, said second symmetric key and said third symmetric key has a key length of at least 128 bits.
  - 51. The method of claim 37 wherein at least one of said first symmetric key, said second symmetric key and said third symmetric key has a key length of at least 192 bits.
  - 52. The method of claim 37 wherein at least one of said first symmetric key, said second symmetric key and said third symmetric key has a key length of at least 256 bits.
  - 53. The method of claim 37 wherein said symmetrically encrypting said data file uses an AES encryption encoding operation.
  - 54. The method of claim 37 wherein said symmetrically encrypting said data file uses a 3DES encryption encoding operation.
  - 55. The method of claim 37 wherein said data container is constructed in accordance with a .Zip file format.

56. A data container including:
- an encrypted data file, said data file encrypted using a first symmetric key, wherein said first symmetric key is generated from random data;
  
  second symmetric key data, said second symmetric key data generated from a second symmetric key used to symmetrically encrypt said first symmetric key; and
  
  third symmetric key data, said third symmetric key data generated from a third symmetric key used to symmetrically encrypt said first symmetric key, wherein said data container is designed for containing compressed files.
- View Dependent Claims (57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74)
- - 57. The data container of claim 56 wherein said data file is compressed prior to symmetric encryption.
  - 58. The data container of claim 57 wherein said compressing employs a Lempel-Ziv (LZ)-type data compression algorithm.
  - 59. The data container of claim 57 wherein said compressing employs a Deflate-type data compression algorithm.
  - 60. The data container of claim 57 wherein said compressing employs a Burrows-Wheeler Transform (BWT)-type data compression algorithm.
  - 61. The data container of claim 56 wherein said data file is not compressed before symmetric encryption.
  - 62. The data container of claim 56 wherein at least part of one of said second symmetric key and said third symmetric key is composed of random data.
  - 63. The data container of claim 62 wherein at least part of said second symmetric key is composed of a first set of random data and at least part of said third symmetric key is composed of a second set of random data.
  - 64. The data container of claim 63 wherein said first set of random data is not equal to said second set of random data.
  - 65. The data container of claim 56 wherein said at least part of one of said second symmetric key and said third symmetric key is received from a user.
  - 66. The data container of claim 65 wherein said at least part of one of said second symmetric key and said third symmetric key is a password.
  - 67. The data container of claim 66 wherein at least part of said second symmetric key is a first password and at least part of said third symmetric key is a second password
  - 68. The data container of claim 67 wherein said first password is not equal to said second password.
  - 69. The data container of claim 56 wherein at least one of said first symmetric key, said second symmetric key and said third symmetric key has a key length of at least 128 bits.
  - 70. The data container of claim 56 wherein at least one of said first symmetric key, said second symmetric key and said third symmetric key has a key length of at least 192 bits.
  - 71. The data container of claim 56 wherein at least one of said first symmetric key, said second symmetric key and said third symmetric key has a key length of at least 256 bits.
  - 72. The data container of claim 56 wherein said symmetrically encrypting said data file uses an AES encryption encoding operation.
  - 73. The data container of claim 56 wherein said symmetrically encrypting said data file uses a 3DES encryption encoding operation.
  - 74. The data container of claim 56 wherein said data container is constructed in accordance with a .Zip file format.

75. A method of placing data in a .Zip file format data container, said method including:
- receiving a data file;
  
  symmetrically encrypting said data file using a first symmetric key;
  
  generating first symmetric key data based on said first symmetric key;
  
  symmetrically encrypting said data file using a second symmetric key;
  
  generating second symmetric key data based on said second symmetric key; and
  
  placing said data file encrypted using said first symmetric key, said data file encrypted using said second symmetric key, said first symmetric key data, and said second symmetric key data in a data container, wherein said data container is constructed in accordance with a .Zip file format.
- View Dependent Claims (76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92)
- - 76. The method of claim 75 further including:
    - compressing said data file before symmetrically encrypting said data file.
  - 77. The method of claim 76 wherein said compressing employs a Lempel-Ziv (LZ)-type data compression algorithm.
  - 78. The method of claim 76 wherein said compressing employs a Deflate-type data compression algorithm.
  - 79. The method of claim 76 wherein said compressing employs a Burrows-Wheeler Transform (BWT)-type data compression algorithm.
  - 80. The method of claim 75 wherein said data file is not compressed before symmetrically encrypting.
  - 81. The method of claim 75 wherein at least part of one of said first symmetric key and said second symmetric key is composed of random data.
  - 82. The method of claim 81 wherein at least part of said first symmetric key is composed of a first set of random data and at least part of said second key is composed of a second set of random data.
  - 83. The method of claim 82 wherein said first set of random data is not equal to said second set of random data.
  - 84. The method of claim 75 wherein said at least part of one of said first symmetric key and said second symmetric key is received from a user.
  - 85. The method of claim 84 wherein said at least part of one of said first symmetric key and said second symmetric key is a password.
  - 86. The method of claim 85 wherein at least part of said first symmetric key is a first password and at least part of said second key is a second password
  - 87. The method of claim 86 wherein said first password is not equal to said second password.
  - 88. The method of claim 75 wherein at least one of said first symmetric key and said second symmetric key has a key length of at least 128 bits.
  - 89. The method of claim 75 wherein at least one of said first symmetric key and said second symmetric key has a key length of at least 192 bits.
  - 90. The method of claim 75 wherein at least one of said first symmetric key and said second symmetric key has a key length of at least 256 bits.
  - 91. The method of claim 75 wherein at least one of symmetrically encrypting said data file using said first symmetric key and symmetrically encrypting said data file using said second symmetric key uses an AES encryption encoding operation.
  - 92. The method of claim 75 wherein at least one of symmetrically encrypting said data file using said first symmetric key and symmetrically encrypting said data file using said second symmetric key uses an 3DES encryption encoding operation.

93. A .Zip file format data container including:
- a first symmetrically encrypted data file, said first symmetrically encrypted data file formed by symmetrically encrypting a data file; and
  
  a second symmetrically encrypted data file, said second symmetrically encrypted data file formed by symmetrically encrypting said data file;
  
  a first set of symmetric key data associated with said first symmetrically encrypted data file data file, said first set of symmetric key data generated from a first symmetric key used to symmetrically encrypt said data file; and
  
  a second set of symmetric key data associated with said data file, said second set of symmetric key data generated from a second symmetric key used to symmetrically encrypt said data file, wherein said data container is constructed in accordance with a .Zip file format.
- View Dependent Claims (94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112)
- - 94. The .Zip file format data container of claim 93 wherein said data file is compressed prior to symmetric encryption.
  - 95. The .Zip file format data container of claim 94 wherein said data file is compressed using a Lempel-Ziv (LZ)-type data compression algorithm.
  - 96. The .Zip file format data container of claim 94 wherein said data file is compressed using a Deflate-type data compression algorithm.
  - 97. The .Zip file format data container of claim 94 wherein said data file is compressed using a Burrows-Wheeler Transform (BWT)-type data compression algorithm.
  - 98. The .Zip file format data container of claim 93 wherein said data file is not compressed before symmetric encryption.
  - 99. The .Zip file format data container of claim 93 wherein at least part of one of said first symmetric key and said second symmetric key is composed of random data.
  - 100. The .Zip file format data container of claim 99 wherein at least part of said first symmetric key is composed of a first set of random data and at least part of said second key is composed of a second set of random data.
  - 101. The .Zip file format data container of claim 100 wherein said first set of random data is not equal to said second set of random data.
  - 102. The .Zip file format data container of claim 93 wherein said at least part of one of said first symmetric key and said second symmetric key is received from a user.
  - 103. The .Zip file format data container of claim 102 wherein said at least part of one of said first symmetric key and said second symmetric key is a password.
  - 104. The .Zip file format data container of claim 103 wherein at least part of said first symmetric key is a first password and at least part of said second key is a second password
  - 105. The .Zip file format data container of claim 104 wherein said first password is not equal to said second password.
  - 106. The .Zip file format data container of claim 93 wherein at least one of said first symmetric key and said second symmetric key has a key length of at least 128 bits.
  - 107. The .Zip file format data container of claim 93 wherein at least one of said first symmetric key and said second symmetric key has a key length of at least 192 bits.
  - 108. The .Zip file format data container of claim 93 wherein at least one of said first symmetric key and said second symmetric key has a key length of at least 256 bits.
  - 109. The .Zip file format data container of claim 93 wherein at least one of said first symmetric key data and said second symmetric key data is derived from a symmetric key used in an AES encryption encoding operation.
  - 110. The .Zip file format data container of claim 93 wherein at least one of said first symmetric key data and said second symmetric key data is derived from a symmetric key used in a 3DES encryption encoding operation.
  - 111. The .Zip file format data container of claim 93 wherein said data file is encrypted using an AES encryption encoding operation.
  - 112. The .Zip file format data container of claim 93 wherein said data file is encrypted using a 3DES encryption encoding operation.

113. A method of placing data in a data container, said method including:
- receiving a data file;
  
  symmetrically encrypting said data file using a first symmetric key;
  
  generating first symmetric key data based on said first symmetric key;
  
  symmetrically encrypting said data file using a second symmetric key;
  
  generating second symmetric key data based on said second symmetric key;
  
  placing said data file encrypted using said first symmetric key, said data file encrypted using said second symmetric key, said first symmetric key data, and said second symmetric key data in a data container, wherein said data container is designed for containing compressed files.
- View Dependent Claims (114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131)
- - 114. The method of claim 113 further including:
    - compressing said data file before symmetrically encrypting said data file.
  - 115. The method of claim 114 wherein said compressing employs a Lempel-Ziv (LZ)-type data compression algorithm.
  - 116. The method of claim 114 wherein said compressing employs a Deflate-type data compression algorithm.
  - 117. The method of claim 114 wherein said compressing employs a Burrows-Wheeler Transform (BWT)-type data compression algorithm.
  - 118. The method of claim 113 wherein said data file is not compressed before symmetrically encrypting.
  - 119. The method of claim 113 wherein at least part of one of said first symmetric key and said second symmetric key is composed of random data.
  - 120. The method of claim 119 wherein at least part of said first symmetric key is composed of a first set of random data and at least part of said second key is composed of a second set of random data.
  - 121. The method of claim 120 wherein said first set of random data is not equal to said second set of random data.
  - 122. The method of claim 113 wherein said at least part of one of said first symmetric key and said second symmetric key is received from a user.
  - 123. The method of claim 122 wherein said at least part of one of said first symmetric key and said second symmetric key is a password.
  - 124. The method of claim 123 wherein at least part of said first symmetric key is a first password and at least part of said second key is a second password
  - 125. The method of claim 124 wherein said first password is not equal to said second password.
  - 126. The method of claim 113 wherein at least one of said first symmetric key and said second symmetric key has a key length of at least 128 bits.
  - 127. The method of claim 113 wherein at least one of said first symmetric key and said second symmetric key has a key length of at least 192 bits.
  - 128. The method of claim 113 wherein at least one of said first symmetric key and said second symmetric key has a key length of at least 256 bits.
  - 129. The method of claim 113 wherein at least one of symmetrically encrypting said data file using said first symmetric key and symmetrically encrypting said data file using said second symmetric key uses an AES encryption encoding operation.
  - 130. The method of claim 113 wherein at least one of symmetrically encrypting said data file using said first symmetric key and symmetrically encrypting said data file using said second symmetric key uses an 3DES encryption encoding operation.
  - 131. The method of claim 113 wherein said data container is constructed in accordance with a .Zip file format.

132. A data container including:
- a first symmetrically encrypted data file, said first symmetrically encrypted data file formed by symmetrically encrypting a data file; and
  
  a second symmetrically encrypted data file, said second symmetrically encrypted data file formed by symmetrically encrypting said data file;
  
  a first set of symmetric key data associated with said first symmetrically encrypted data file data file, said first set of symmetric key data generated from a first symmetric key used to symmetrically encrypt said data file; and
  
  a second set of symmetric key data associated with said data file, said second set of symmetric key data generated from a second symmetric key used to symmetrically encrypt said data file, wherein said data container is designed for containing compressed files.
- View Dependent Claims (133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152)
- - 133. The data container of claim 132 wherein said data file is compressed prior to symmetric encryption.
  - 134. The data container of claim 133 wherein said data file is compressed using a Lempel-Ziv (LZ)-type data compression algorithm.
  - 135. The data container of claim 133 wherein said data file is compressed using a Deflate-type data compression algorithm.
  - 136. The data container of claim 133 wherein said data file is compressed using a Burrows-Wheeler Transform (BWT)-type data compression algorithm.
  - 137. The data container of claim 132 wherein said data file is not compressed before symmetric encryption.
  - 138. The data container of claim 132 wherein at least part of one of said first symmetric key and said second symmetric key is composed of random data.
  - 139. The data container of claim 138 wherein at least part of said first symmetric key is composed of a first set of random data and at least part of said second key is composed of a second set of random data.
  - 140. The data container of claim 139 wherein said first set of random data is not equal to said second set of random data.
  - 141. The data container of claim 132 wherein said at least part of one of said first symmetric key and said second symmetric key is received from a user.
  - 142. The data container of claim 141 wherein said at least part of one of said first symmetric key and said second symmetric key is a password.
  - 143. The data container of claim 142 wherein at least part of said first symmetric key is a first password and at least part of said second key is a second password
  - 144. The data container of claim 143 wherein said first password is not equal to said second password.
  - 145. The data container of claim 132 wherein at least one of said first symmetric key and said second symmetric key has a key length of at least 128 bits.
  - 146. The data container of claim 132 wherein at least one of said first symmetric key and said second symmetric key has a key length of at least 192 bits.
  - 147. The data container of claim 132 wherein at least one of said first symmetric key and said second symmetric key has a key length of at least 256 bits.
  - 148. The data container of claim 132 wherein at least one of said first symmetric key data and said second symmetric key data is derived from a symmetric key used in an AES encryption encoding operation.
  - 149. The data container of claim 132 wherein at least one of said first symmetric key data and said second symmetric key data is derived from a symmetric key used in a 3DES encryption encoding operation.
  - 150. The data container of claim 132 wherein said data container is constructed in accordance with a .Zip file format.
  - 151. The data container of claim 132 wherein said data file is encrypted using an AES encryption encoding operation.
  - 152. The data container of claim 132 wherein said data file is encrypted using a 3DES encryption encoding operation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PKWARE, Inc. (PKW Holdings, Inc.)
Original Assignee
PKWARE, Inc. (PKW Holdings, Inc.)
Inventors
Peterson, James C.

Application Number

US10/945,352
Publication Number

US 20050094817A1
Time in Patent Office

Days
Field of Search
US Class Current

380/269
CPC Class Codes

G06F 16/1744   using compression, e.g. spa...

G06F 21/6209   to a single file or object,...

G06F 21/6218   to a system of files or obj...

G06F 2221/2107   File encryption

G06F 2221/2153   Using hardware token as a s...

H04L 2209/30   Compression, e.g. Merkle-Da...

H04L 9/0819   Key transport or distributi...

H04L 9/088   Usage controlling of secret...

Method and system for multiple symmetric encryption for .ZIP files

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

152 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for multiple symmetric encryption for .ZIP files

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

152 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links