System and method for secure storage, transfer and retrieval of content addressable information
First Claim
1. A method comprising:
- generating a first unique identifier for a binary asset, said first unique identifier being computed from at least a portion of the contents of said binary asset and uniquely identifying said binary asset; and
encrypting said binary asset using said first unique identifier as a key, said encrypting resulting in an encrypted version of said binary asset.
2 Assignments
0 Petitions
Accused Products
Abstract
An algorithm (such as the MD5 hash function) is applied to a file to produce an intrinsic unique identifier (IUI) for the file (or message digest). The file is encrypted using its IUI as the key for the encryption algorithm. An algorithm is then applied to the encrypted file to produce an IUI for the encrypted file. The encrypted file is safely stored or transferred within a network and is uniquely identifiable by its IUI. The encrypted file is decrypted using the IUI of the plaintext file as the key. The IUI serves as both a key to decrypt the file and also as verification that the integrity of the plaintext file has not been compromised. IUIs for any number of such encrypted files may be assembled into a descriptor file that includes meta data for each file, the IUI of the plaintext file and the IUI of the encrypted file. An algorithm is applied to the descriptor file to produce an IUI for the descriptor file. The plaintext descriptor file is then encrypted using the descriptor file IUI as a key for the encryption algorithm. An algorithm is applied to the encrypted descriptor file to produce an IUI for the encrypted descriptor file. The IUI of the encrypted descriptor file is a location-independent identifier to locate the encrypted descriptor file. A flattened descriptor file includes the IUIs of encrypted data files and the IUI of the encrypted descriptor file. An algorithm is applied to the flattened descriptor file to produce its own IUI.
-
Citations
33 Claims
-
1. A method comprising:
-
generating a first unique identifier for a binary asset, said first unique identifier being computed from at least a portion of the contents of said binary asset and uniquely identifying said binary asset; and
encrypting said binary asset using said first unique identifier as a key, said encrypting resulting in an encrypted version of said binary asset. - View Dependent Claims (2, 31, 32)
-
-
3. (canceled)
-
4. A method comprising:
-
generating a first file identifier for a file, said first file identifier being computed from at least a portion of said file and uniquely identifying said file;
encrypting said file using said first file identifier as a key, said encrypting producing an encrypted file;
generating a second file identifier for said encrypted file, said second file identifier being computed from at least a portion of said encrypted file and uniquely identifying said encrypted file; and
providing said first file identifier and said second file identifier for the retrieval of said file, whereby said second file identifier may be used to locate said encrypted file, and said first file identifier may be used to decrypt said encrypted file to produce said file. - View Dependent Claims (5, 6, 33)
-
-
7. (canceled)
-
8. A method of uniquely and securely identifying a group of binary assets, each binary asset representing digital information, said method comprising:
-
computing an intrinsic unique identifier (IUI) for each of said binary assets;
encrypting each of said binary assets using the IUI of each asset as its key to produce an encrypted version of each of said binary assets;
computing an IUI of each of said encrypted versions;
creating a file that includes said IUIs of said binary assets and said IUIs of said encrypted versions;
computing a key IUI for said file;
encrypting said file using said key IUI to produce an encrypted file; and
computing a master IUI for said encrypted file, whereby said key IUI and said master IUI uniquely represent said binary assets and may be used to locate said assets. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A descriptor file data structure that reliably identifies a plurality of files, said data structure comprising:
-
a file name for each of said files;
meta data for each file indicating attributes of each file;
a first intrinsic unique identifier (IUI) for each of said files, each IUI being calculated from the contents of its corresponding file and uniquely identifying its corresponding file; and
a second IUI associated with each of said files, each second IUI being calculated from an encrypted version of its associated file, each file being encrypted using its associated first IUI as a key, wherein said second IUIs may be used to locate said encrypted versions of said files, and said first IUIs may be used to decrypt said encrypted versions to obtain the non-encrypted versions of said files. - View Dependent Claims (14)
-
-
15. A method of uniquely and securely identifying a group of files, said method comprising:
-
creating a key file that includes a plurality of cryptographic keys, each key being associated with one of said group of files;
computing a unique identifier for said key file, said key file identifier being calculated from a portion of the contents of said key file;
encrypting said key file using said key file identifier to produce an encrypted key file;
computing a unique identifier for said encrypted key file, said encrypted key file identifier be calculated from a portion of the contents of said encrypted key file;
creating a flattened file that includes said encrypted key file identifier and unique identifiers for encrypted version of said files, each unique identifier of one of said encrypted files being calculated from the contents of its associated encrypted file, each encrypted file having been encrypted using its associated key to encrypted the plaintext version of the file; and
computing a user unique identifier for said flattened file, said user unique identifier be calculated from a portion of the contents of said flattened file, whereby a user provided with said user unique identifier may retrieve said flattened file and said encrypted versions of said files, and when provided with said key file identifier said user may decrypt said encrypted files. - View Dependent Claims (16, 17)
-
-
18. A method of reliably retrieving a secure file, said method comprising:
-
receiving an intrinsic unique identifier for an encrypted version of said file;
retrieving said encrypted version of said file using said IUI of said encrypted versions;
receiving an IUI for the non-encrypted version of said file; and
decrypting said encrypted version of said file using said IUI of said non-encrypted version as a key to obtain the non-encrypted version of said file, whereby said IUI of said encrypted version and said IUI of said non-encrypted version provide access to the contents of said file. - View Dependent Claims (19, 20)
-
-
21. A method of obtaining a data file that has been securely stored, said method comprising:
-
receiving a master identifier that uniquely identifies an encrypted file;
retrieving said encrypted file using said master identifier;
receiving a key identifier that uniquely identifies the non-encrypted version of said encrypted file;
decrypting said encrypted file using said key identifier to obtain said non-encrypted version, said non-encrypted version including a data file identifier that uniquely identifies a data file and an encrypted version of said data file;
retrieving said encrypted version of said data file using said encrypted identifier; and
decrypting said encrypted data file using said data file identifier as a decryption key, whereby said non-encrypted version of said data file is obtained. - View Dependent Claims (22, 23, 24, 25)
-
-
26. A method of obtaining a data file that has been securely stored, said method comprising:
-
receiving a user identifier that uniquely identifies a non-encrypted first file, said non-encrypted first file including a unique identifier identifying an encrypted version of said data file and a master identifier that uniquely identifies an encrypted version of a descriptor file;
retrieving said non-encrypted first file using said user identifier;
retrieving said encrypted descriptor file using said master identifier;
retrieving said encrypted data file using said unique identifier for said encrypted version of said data file;
receiving a key identifier that uniquely identifies the non-encrypted version of said encrypted descriptor file;
decrypting said encrypted descriptor fie using said key identifier to obtain said non-encrypted version of said descriptor file, said non-encrypted version including a data file identifier that uniquely identifies said data file; and
decrypting said encrypted data file using said data file identifier as a decryption key, whereby said non-encrypted version of said data file is obtained. - View Dependent Claims (27, 28, 29, 30)
-
Specification