AUTOMATIC CHANGE OF SYMMETRICAL ENCRYPTION KEY
First Claim
Patent Images
1. A method for changing an encryption key, the method comprising:
- encrypting data using a first encryption key; and
changing from the first encryption key to a second, different encryption key for encrypting subsequent data in response to an amount of data encrypted with the first encryption key.
2 Assignments
0 Petitions
Accused Products
Abstract
An encryption system and a method for automatically changing an encryption key. The key is changed in response to an amount of data that has been encrypted. When the amount of data encrypted with a first key reaches or exceeds a byte count threshold, the first key is deactivated and a new key is generated and used for subsequent data encryption.
80 Citations
20 Claims
-
1. A method for changing an encryption key, the method comprising:
-
encrypting data using a first encryption key; and changing from the first encryption key to a second, different encryption key for encrypting subsequent data in response to an amount of data encrypted with the first encryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for changing an encryption key, the method comprising:
-
determining a maximum number of bytes to encrypt with a first encryption key; determining a minimum number of bytes to encrypt with the first encryption key; determining a byte count threshold between the minimum number of bytes and the maximum number of bytes; counting a number of bytes being encrypted by an encryption operation using the first encryption key; and inactivating the first key when the number of bytes being encrypted reaches a byte count threshold; and generating a second key for encrypting subsequent data. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. An encryption system comprising:
-
a back-up manager for managing back-up of secret data; a back-up medium coupled to the back-up manager, the back-up medium configured to store encrypted data; a host system coupled to the back-up manager, the host system configured to execute an encryption operation using an active encryption key such that the secret data is encrypted and stored on the back-up medium; and a key management module coupled to the host system and configured to compare a byte count to a threshold and deactivate a first encryption key and activate a second encryption key, to be used as the active encryption key, in response to the byte count being equal to or greater than the threshold. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification