MULTI-LEVEL DATA ENCRYPTION AND DECRYPTION SYSTEM AND METHOD THEREOF
First Claim
1. A multi-level data encryption method, comprising:
- dividing a data into a plurality of sub-data blocks according to a plurality of levels, wherein each of the levels is corresponding to at least one user;
generating an encryption key for each of the levels according to a level generation key and a time key of each the level; and
respectively encrypting the sub-data blocks of the levels by using the encryption keys of the levels,wherein the level generation key and the time key of a lower level are generated according to the level generation key and the time key of an upper level, and the time keys are generated according to a time generation key and a time seed, wherein the time seed is periodically updated according to different encryption periods.
2 Assignments
0 Petitions
Accused Products
Abstract
A multi-level data encryption and decryption system and a method thereof are provided. The method includes dividing a data into a plurality of sub-data blocks corresponding to a plurality of user levels. The method also includes generating an encryption key for each level according to a level generation key and a time key of the level and encrypting the sub-data block of each level by using the encryption key of the level, wherein the level generation key and the time key of a lower level are generated based on the same of an upper level, the time key is generated according to a time generation key and a time seed, and the time seed is periodically updated according to different encryption periods. Thereby, the number of keys to be managed by a user is reduced while the read rights of different users are managed with forward and backward data security.
-
Citations
42 Claims
-
1. A multi-level data encryption method, comprising:
-
dividing a data into a plurality of sub-data blocks according to a plurality of levels, wherein each of the levels is corresponding to at least one user; generating an encryption key for each of the levels according to a level generation key and a time key of each the level; and respectively encrypting the sub-data blocks of the levels by using the encryption keys of the levels, wherein the level generation key and the time key of a lower level are generated according to the level generation key and the time key of an upper level, and the time keys are generated according to a time generation key and a time seed, wherein the time seed is periodically updated according to different encryption periods. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A multi-level data decryption method, comprising:
-
sending encrypted sub-data blocks corresponding to a level of a user and other authorized levels of the user and corresponding to an encryption period to the user; generating encryption keys for the level and the other authorized levels according to level generation keys and time keys of the level and the other authorized levels; and respectively decrypting the encrypted sub-data blocks of the level and the other authorize levels by using the encryption keys of the level and the other authorized levels, wherein the level generation key and the time key of a lower level are generated according to the level generation key and the time key of an upper level, and the time keys are generated according to a time seed and a time generation key corresponding to the encrypted sub-data blocks, wherein the time seed is periodically updated according to different encryption periods. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A multi-level data encryption system, comprising:
-
a data server, for grouping a plurality of users into a plurality of levels and generating a time generation key, a time seed, and a level generation key for each of the levels, wherein the data server generates different time seed according to different encryption periods and generates the level generation key of a lower level according to the level generation key of an upper level; and at least one encryption module, for receiving the time generation key, the time seed, and the level generation key of each of the levels, dividing a data into a plurality of sub-data blocks corresponding to the levels, generating an encryption key for each of the levels according to the level generation key and the time key of each the level, and encrypting the sub-data block of each of the levels by using the encryption key of each the level, wherein the encryption module generates the time key according to the time generation key and the time seed and generates the time key of a lower level according to the time key of an upper level. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A multi-level data decryption system, comprising:
-
a data server, for storing a plurality of encrypted sub-data blocks; and a decryption module, for reading encrypted sub-data blocks corresponding to a level of a user and other authorized levels of the user and corresponding to an encryption period from the data server, generating encryption keys for the level and the other authorized levels according to level generation keys and time keys of the level and the other authorized levels, and decrypting the encrypted sub-data blocks by using the encryption keys of the level and the other authorized levels, wherein the level generation key and the time key of a lower level are generated according to the level generation key and the time key of an upper level, wherein the data server generates and provides the time key corresponding to the level and the encryption period according to a time seed and a time generation key corresponding to the encrypted sub-data blocks to the decryption module, wherein the time seed is generated according to different encryption periods. - View Dependent Claims (33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
Specification