Encrypted data search
First Claim
1. A method for performing a search on non-deterministically encrypted data in a database system, the method comprising:
- determining, transparently to a user, an indexing value for a desired plaintext item of data provided by the user, the indexing value being based, at least partially on the desired plaintext item of data and a cryptographic key;
using the indexing value to access a corresponding entry in an indexing structure to obtain a database entry including non-deterministically encrypted ciphertext corresponding to the desired plaintext item of data.
3 Assignments
0 Petitions
Accused Products
Abstract
An indexing value may be determined, transparently with respect to a requester, based on a desired plaintext item of data and a cryptographic key. The indexing value may be used to access an entry in an indexing structure to obtain a corresponding database entry which includes a non-deterministically encrypted ciphertext item. In another embodiment, an indexing structure for a database may be accessed. Positions of items of the indexing structure may be based on corresponding plaintext items. References related to the corresponding plaintext items in the indexing structure may be encrypted and other information in the indexing structure may be unencrypted. A portion of the indexing structure may be loaded into a memory and at least one of the encrypted references related to one of the plaintext items may be decrypted. The decrypted reference may be used to access a corresponding non-deterministically encrypted data item from the database.
-
Citations
20 Claims
-
1. A method for performing a search on non-deterministically encrypted data in a database system, the method comprising:
-
determining, transparently to a user, an indexing value for a desired plaintext item of data provided by the user, the indexing value being based, at least partially on the desired plaintext item of data and a cryptographic key; using the indexing value to access a corresponding entry in an indexing structure to obtain a database entry including non-deterministically encrypted ciphertext corresponding to the desired plaintext item of data. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A machine-readable medium having instructions stored therein for at least one processor, the machine-readable medium comprising:
-
instructions for accessing an indexing structure for a database, a position of items in the indexing structure being based on corresponding plaintext items, references related to the corresponding plaintext items in the indexing structure being encrypted and other information in the indexing structure being unencrypted; instructions for loading at least a portion of the indexing structure into a memory; instructions for decrypting at least one of the references related to a corresponding one of the plaintext items in the at least a portion of the indexing structure; and instructions for using the decrypted at least one of the references to access a corresponding non-deterministically encrypted data item from the database. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method for providing a remote database for performing a search on non-deterministically encrypted data in a database system, the method comprising:
-
receiving a remote request from a requester, via a network, to search the non-deterministically encrypted data in the database system for a database entry corresponding to a desired plaintext data item; calculating, transparently to the requester, a code based on the desired plaintext data item and a cryptographic key; using the code as an index to an indexing structure to obtain the database entry corresponding to the desired plaintext data item; and returning data to the requester, the returned data including the database entry corresponding to the desired plaintext data item obtained from the database system. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification