Off-loading data re-encryption in encrypted data management systems

US 20060093150A1
Filed: 10/29/2004
Published: 05/04/2006
Est. Priority Date: 10/29/2004
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for maintaining security of encrypted data despite a compromised private key comprising:

re-encrypting a previously encrypted version of a symmetric key using a public key of a new asymmetric key pair wherein an unencrypted version of the symmetric key can decrypt an encrypted data unit; and

storing the re-encrypted version of the symmetric key, and a version of the compromised private key encrypted using the public key wherein an unencrypted version of the compromised private key is capable of decrypting the previously encrypted version of the symmetric key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described is a solution for maintaining the security of encrypted data despite a compromised private key by using a re-encryption process that does not require decryption of the encrypted data. The compromised private key is re-encrypted using a new public key as is the encrypted symmetric key which the compromised private key can decrypt. When a decrypted version of the encrypted data is requested, the private key corresponding to the new public key decrypts both the encrypted version of the compromised private key and the re-encrypted version of the symmetric key resulting in the unencrypted compromised private key and the previously encrypted version of the symmetric key, which when decrypted using the compromised private key decrypts the encrypted data. The unencrypted symmetric key can then be encrypted using the new public key any encrypted compromised private key can be deleted.

94 Citations

View as Search Results

30 Claims

1. A computer-implemented method for maintaining security of encrypted data despite a compromised private key comprising:
- re-encrypting a previously encrypted version of a symmetric key using a public key of a new asymmetric key pair wherein an unencrypted version of the symmetric key can decrypt an encrypted data unit; and
  
  storing the re-encrypted version of the symmetric key, and a version of the compromised private key encrypted using the public key wherein an unencrypted version of the compromised private key is capable of decrypting the previously encrypted version of the symmetric key.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 further comprising:
    - encrypting the compromised private key using the public key of the asymmetric key pair.
  - 3. The method of claim 1 further comprising:
    - generating the new asymmetric key pair including the public key.
  - 4. The method of claim 1 further comprising:
    - (a) responsive to a request for a decrypted version of the encrypted data unit associated with the compromised private key, decrypting the encrypted compromised private key using a private key of the new asymmetric pair resulting in the compromised private key;
      
      (b) decrypting the re-encrypted symmetric key using a private key of the new asymmetric pair resulting in the previously encrypted version of the symmetric key;
      
      (c) decrypting the previously encrypted version of the symmetric key using the compromised private key resulting in a resultant symmetric key; and
      
      (d) responsive to the resultant symmetric key being the unencrypted version of the symmetric key, decrypting content data of the encrypted data unit using the unencrypted version of the symmetric key.
  - 5. The method of claim 4 further comprising:
    - (e) responsive to the resultant symmetric key being another encrypted version of the symmetric key and there being stored in an encrypted compromised private key chain data structure in meta-data for the encrypted data unit another encrypted compromised private key, repeating acts (a), (b), (c), (d) and (e) using the decrypted compromised key as the private key of the asymmetric pair, using the other encrypted compromised private key as the encrypted compromised private key; and
      
      the resultant symmetric key as the re-encrypted symmetric key.
  - 6. The method of claim 4 further comprising:
    - generating a new symmetric key;
      
      encrypting the content data using the new symmetric key;
      
      encrypting the new symmetric key using the public key;
      
      replacing the stored re-encrypted symmetric key with the new symmetric key encrypted with the public key in the meta-data for the encrypted data unit; and
      
      deleting from the meta-data any stored encrypted compromised private key.

7. A computer-implemented method for decrypting encrypted data wherein security of the encrypted data has been maintained despite the compromised private key, the method comprising:
- (a) responsive to a request for a decrypted version of an encrypted data unit associated with the compromised private key, decrypting an encrypted version of the compromised private key using a private key of a new asymmetric pair resulting in the compromised private key;
  
  (b) decrypting a re-encrypted symmetric key using the private key of the new asymmetric pair resulting in a previously encrypted version of the symmetric key;
  
  (c) decrypting the previously encrypted version of the symmetric key using the compromised private key resulting in a resultant symmetric key; and
  
  (d) responsive to the resultant symmetric key being an unencrypted version of the symmetric key, decrypting content data of the encrypted data unit using the unencrypted version of the symmetric key.
- View Dependent Claims (8, 9)
- - 8. The method of claim 7 further comprising:
    - (e) responsive to the resultant symmetric key being another encrypted version of the symmetric key and there being stored in a compromised private key chain data structure in the meta-data for this encrypted data unit another encrypted compromised private key, repeating acts (a), (b), (c), (d) and (e) using the private key of the new asymmetric pair as the decrypted compromised key, using the encrypted compromised private key as the other encrypted compromised private key; and
      
      using the resultant symmetric key as the re-encrypted symmetric key.
  - 9. The method of claim 7 further comprising:
    - generating a new symmetric key;
      
      encrypting the content data using the new symmetric key;
      
      encrypting the new symmetric key using the public key;
      
      replacing the stored re-encrypted symmetric key with the new symmetric key encrypted with the public key in the meta-data for the encrypted data unit; and
      
      deleting from the meta-data any stored encrypted compromised private key.

10. A computer-implemented system for maintaining security of encrypted data despite a compromised private key comprising:
- a re-encryption module for re-encrypting a previously encrypted version of a symmetric key using a public key of a new asymmetric key pair wherein an unencrypted version of the symmetric key can decrypt an encrypted data unit; and
  
  a data-store accessible to the re-encryption module for storing the re-encrypted version of the symmetric key, and a version of the compromised private key encrypted using the public key wherein an unencrypted version of the compromised private key is capable of decrypting the previously encrypted version of the symmetric key.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The system of claim 10 further comprising:
    - an encryption module for encrypting the compromised private key using the public key of the asymmetric key pair communicatively coupled to the re-encryption module.
  - 12. The system of claim 10 further comprising:
    - an asymmetric pair generator module for generating the new asymmetric key pair including the public key.
  - 13. The system of claim 10 further comprising a decryption module communicatively coupled to the encryption module for performing the following:
    - (a) responsive to a request for a decrypted version of the encrypted data unit associated with the compromised private key, decrypting the encrypted compromised private key using a private key of the new asymmetric pair resulting in the compromised private key;
      
      (b) decrypting the re-encrypted symmetric key using a private key of the new asymmetric pair resulting in the previously encrypted version of the symmetric key;
      
      (c) decrypting the previously encrypted version of the symmetric key using the compromised private key resulting in a resultant symmetric key; and
      
      (d) responsive to the resultant symmetric key being the unencrypted version of the symmetric key, decrypting content data of the encrypted data unit using the unencrypted version of the symmetric key.
  - 14. The system of claim 13 wherein the decryption module further performs:
    - (e) responsive to the resultant symmetric key being another encrypted version of the symmetric key and there being stored in an encrypted compromised private key chain data structure in meta-data for the encrypted data unit another encrypted compromised private key, repeating acts (a), (b), (c), (d) and (e) using the decrypted compromised key as the private key of the asymmetric pair, using the other encrypted compromised private key as the encrypted compromised private key; and
      
      the resultant symmetric key as the re-encrypted symmetric key.
  - 15. The system of claim 13 wherein the encryption module further performs:
    - generating a new symmetric key;
      
      encrypting the content data using the new symmetric key;
      
      encrypting the new symmetric key using the public key;
      
      replacing the stored re-encrypted symmetric key with the new symmetric key encrypted with the public key in the meta-data for the encrypted data unit; and
      
      deleting from the meta-data any stored encrypted compromised private key.

16. A computer-implemented system for decrypting encrypted data wherein security of the encrypted data has been maintained despite the compromised private key, the system comprising a decryption module for performing the following:
- (a) responsive to a request for a decrypted version of an encrypted data unit associated with the compromised private key, decrypting an encrypted version of the compromised private key using a private key of a new asymmetric pair resulting in the compromised private key;
  
  (b) decrypting a re-encrypted symmetric key using the private key of the new asymmetric pair resulting in a previously encrypted version of the symmetric key;
  
  (c) decrypting the previously encrypted version of the symmetric key using the compromised private key resulting in a resultant symmetric key; and
  
  (d) responsive to the resultant symmetric key being an unencrypted version of the symmetric key, decrypting content data of the encrypted data unit using the unencrypted version of the symmetric key.
- View Dependent Claims (17, 18)
- - 17. The system of claim 16 wherein the decryption module further performs:
    - (e) responsive to the resultant symmetric key being another encrypted version of the symmetric key and there being stored in a compromised private key chain data structure in the meta-data for this encrypted data unit another encrypted compromised private key, repeating acts (a), (b), (c), (d) and (e) using the private key of the new asymmetric pair as the decrypted compromised key, using the encrypted compromised private key as the other encrypted compromised private key; and
      
      using the resultant symmetric key as the re-encrypted symmetric key.
  - 18. The system of claim 16 further comprising an encryption module for performing:
    - generating a new symmetric key;
      
      encrypting the content data using the new symmetric key;
      
      encrypting the new symmetric key using the public key;
      
      replacing the stored re-encrypted symmetric key with the new symmetric key encrypted with the public key in the meta-data for the encrypted data unit; and
      
      deleting from the meta-data any stored encrypted compromised private key.

19. A computer usable medium comprising instructions for causing a processor to execute a method for maintaining security of encrypted data despite a compromised private key, the method comprising:
- re-encrypting a previously encrypted version of a symmetric key using a public key of a new asymmetric key pair wherein an unencrypted version of the symmetric key can decrypt an encrypted data unit; and
  
  storing the re-encrypted version of the symmetric key, the, and a version of the compromised private key encrypted using the public key wherein an unencrypted version of the compromised private key is capable of decrypting the previously encrypted version of the symmetric key.
- View Dependent Claims (20, 21)
- - 20. The computer usable medium of claim 19 wherein the method further comprises:
    - encrypting the compromised private key using the public key of the asymmetric key pair.
  - 21. The computer usable medium of claim 19 wherein the method further comprises:
    - generating the new asymmetric key pair including the public key.

22. A computer usable medium comprising instructions for causing a processor to execute a method for decrypting encrypted data wherein security of the encrypted data has been maintained despite the compromised private key, the method comprising:
- (a) responsive to a request for a decrypted version of an encrypted data unit associated with the compromised private key, decrypting an encrypted version of the compromised private key using a private key of a new asymmetric pair resulting in the compromised private key;
  
  (b) decrypting a re-encrypted symmetric key using the private key of the new asymmetric pair resulting in a previously encrypted version of the symmetric key;
  
  (c) decrypting the previously encrypted version of the symmetric key using the compromised private key resulting in a resultant symmetric key; and
  
  (d) responsive to the resultant symmetric key being an unencrypted version of the symmetric key, decrypting content data of the encrypted data unit using the unencrypted version of the symmetric key.
- View Dependent Claims (23, 24)
- - 23. The computer usable medium of claim 22 further comprising:
    - (e) responsive to the resultant symmetric key being another encrypted version of the symmetric key and there being stored in a compromised private key chain data structure in the meta-data for this encrypted data unit another encrypted compromised private key, repeating acts (a), (b), (c), (d) and (e) using the private key of the new asymmetric pair as the decrypted compromised key, using the encrypted compromised private key as the other encrypted compromised private key; and
      
      using the resultant symmetric key as the re-encrypted symmetric key.
  - 24. The computer usable medium of claim 22 further comprising:
    - generating a new symmetric key;
      
      encrypting the content data using the new symmetric key;
      
      encrypting the new symmetric key using the public key;
      
      replacing the stored re-encrypted symmetric key with the new symmetric key encrypted with the public key in the meta-data for the encrypted data unit; and
      
      deleting from the meta-data any stored encrypted compromised private key.

25. A computer-implemented system for maintaining security of encrypted data despite a compromised private key comprising:
- means for re-encrypting a previously encrypted version of a symmetric key using a public key of a new asymmetric key pair wherein an unencrypted version of the symmetric key can decrypt an encrypted data unit; and
  
  a data-store accessible to the means for re-encrypting for storing the re-encrypted version of the symmetric key, and a version of the compromised private key encrypted using the public key wherein an unencrypted version of the compromised private key is capable of decrypting the previously encrypted version of the symmetric key.
- View Dependent Claims (26, 27)
- - 26. The system of claim 25 further comprising:
    - means for encrypting the compromised private key using the public key of the asymmetric key pair communicatively coupled to the re-encryption module.
  - 27. The system of claim 25 further comprising:
    - means for generating the new asymmetric key pair including the public key.

28. A computer-implemented system for decrypting encrypted data wherein security of the encrypted data has been maintained despite the compromised private key, the system comprising means for decryption for performing the following:
- (a) responsive to a request for a decrypted version of an encrypted data unit associated with the compromised private key, decrypting an encrypted version of the compromised private key using a private key of a new asymmetric pair resulting in the compromised private key;
  
  (b) decrypting a re-encrypted symmetric key using the private key of the new asymmetric pair resulting in a previously encrypted version of the symmetric key;
  
  (c) decrypting the previously encrypted version of the symmetric key using the compromised private key resulting in a resultant symmetric key; and
  
  (d) responsive to the resultant symmetric key being an unencrypted version of the symmetric key, decrypting content data of the encrypted data unit using the unencrypted version of the symmetric key.
- View Dependent Claims (29, 30)
- - 29. The system of claim 28 wherein the means for decryption further performs:
    - (e) responsive to the resultant symmetric key being another encrypted version of the symmetric key and there being stored in a compromised private key chain data structure in the meta-data for this encrypted data unit another encrypted compromised private key, repeating acts (a), (b), (c), (d) and (e) using the private key of the new asymmetric pair as the decrypted compromised key, using the encrypted compromised private key as the other encrypted compromised private key; and
      
      using the resultant symmetric key as the re-encrypted symmetric key.
  - 30. The system of claim 28 further comprising means for encryption for performing:
    - generating a new symmetric key;
      
      encrypting the content data using the new symmetric key;
      
      encrypting the new symmetric key using the public key;
      
      replacing the stored re-encrypted symmetric key with the new symmetric key encrypted with the public key in the meta-data for the encrypted data unit; and
      
      deleting from the meta-data any stored encrypted compromised private key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Reddy, Prakash, Rowson, James

Granted Patent

US 7,454,021 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/282
CPC Class Codes

H04L 2209/60   Digital content management,...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0891   Revocation or update of sec...

Off-loading data re-encryption in encrypted data management systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

94 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Off-loading data re-encryption in encrypted data management systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

94 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links