Secure method of data transmission and encryption and decryption system allowing such transmission

US 20110145576A1
Filed: 11/16/2010
Published: 06/16/2011
Est. Priority Date: 11/17/2009
Status: Abandoned Application

First Claim

Patent Images

1. A method of securely transmitting data between at least one sender and one recipient, said method comprising:

a step of authenticating the sender to a trusted network to request the encryption of said data;

a step of encryption of said data by the trusted network with the aid of an encryption key;

a step of slicing the encryption key into arbitrary blocks;

a step of storing the blocks in a memory space;

a step of generation of an index comprising the sequence of addresses, of said blocks in the memory space;

a step of delivery, by the trusted network, of the encrypted data and of the index to the sender;

the encrypted data and the index being transmitted to the recipient via a network, the recipient being able to authenticate himself with the trusted network to provide it with the encrypted data and the index, the trusted network reconstructing the encryption key on the basis of the index decrypt the encrypted data and restoring the decrypted data to the recipient.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure transmission is performed between at least one sender and one recipient, a method of which includes: a step of authenticating the sender to a trusted network to request the encryption of the data; a step of encryption of the data by the trusted network with the aid of an encryption key; a step of slicing the encryption key into arbitrary blocks; a step of storing the blocks in a memory space; a step of generation of an index including the sequence of addresses of the blocks in the memory space; a step of delivery, by the trusted network, of the encrypted data and of the index to the sender; the encrypted data and the index being transmitted to the recipient via a network, the recipient being able to authenticate himself with the trusted network to provide it with the encrypted data and the index, the trusted network reconstructing the encryption key on the basis of the index to decrypt the encrypted data and restoring the decrypted data to the recipient.

Citations

10 Claims

1. A method of securely transmitting data between at least one sender and one recipient, said method comprising:
- a step of authenticating the sender to a trusted network to request the encryption of said data;
  
  a step of encryption of said data by the trusted network with the aid of an encryption key;
  
  a step of slicing the encryption key into arbitrary blocks;
  
  a step of storing the blocks in a memory space;
  
  a step of generation of an index comprising the sequence of addresses, of said blocks in the memory space;
  
  a step of delivery, by the trusted network, of the encrypted data and of the index to the sender;
  
  the encrypted data and the index being transmitted to the recipient via a network, the recipient being able to authenticate himself with the trusted network to provide it with the encrypted data and the index, the trusted network reconstructing the encryption key on the basis of the index decrypt the encrypted data and restoring the decrypted data to the recipient.
- View Dependent Claims (2, 3)
- - 2. The method according to claim 1, wherein the encryption key is a single-use disposable encryption key.
  - 3. The method according to claim 1, wherein the blocks of the encryption key are stored according to a deduplication mechanism.

4. A system for encrypting and decrypting data, said system allowing secure transmission of encrypted data between a sender user and a receiver user, and comprising at least one trusted network and one infrastructure for authentication of the users on said trusted network, the infrastructure for authentication comprising:
- means for encrypting and decrypting data by means of an encryption key;
  
  means for storing the encryption key and generating an index upon each data encryption request, said request being sent by a user, the index being created according to the following steps;
  
  slicing of the encryption key into arbitrary blocks;
  
  storing the blocks in a memory space;
  
  generation of index comprising the sequence of addresses of said blocks in the memory space, the encrypted data being delivered to the sender user with the index; and
  
  a step of delivery, by the trusted network, of the encrypted data and of the index to the sender; and
  
  means for reconstructing the encryption key on the basis of an index upon a decryption request sent by a user, said request being accompanied by said index and encrypted data, the encryption and decryption means performing the decryption of the data by means of the reconstructed encryption key.
- View Dependent Claims (5, 6, 7, 8, 9, 10)
- - 5. The system according to claim 4, wherein the encryption and decryption means generate before each encryption a single-use disposable encryption key, said key being used for encryption.
  - 6. The system according to, claim 4, wherein the means for storing and for generating the index store the blocks of the encryption key according to a deduplication mechanism.
  - 7. The system according to claim 4, wherein the means for storing, for generating the index and for reconstructing the encryption key are integrated into one and the same server.
  - 8. The system according to claim 4, wherein the means for encrypting and decrypting data comprise an encryption server configured for:
    - receiving the encryption requests with the data to be encrypted;
      
      providing the encryption keys to the index generation and storage means;
      
      receiving the encrypted data and the reconstructed encryption key that are sent by the means for reconstructing the encryption key; and
      
      restoring the decrypted data.
  - 9. The system according to claim 4, wherein the trusted network comprises an exchange server configured for:
    - receiving the decryption requests with the encrypted data and the index;
      
      transmitting the encrypted data and their index to the means for reconstructing the encryption key;
      
      receiving the encrypted data and their index sent by the index generation and storage means; and
      
      delivering the encrypted data and their index.
  - 10. The system according to claim 4, further comprising a deduplication server, which comprises the means for storing, for generating the index and for reconstructing the encryption key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Thales SA
Original Assignee
Thales SA
Inventors
BETTAN, Olivier

Application Number

US12/947,756
Publication Number

US 20110145576A1
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

H04L 63/0435   wherein the sending and rec...

H04L 63/067   using one-time keys cryptog...

H04L 9/083   involving central third par...

H04L 9/321   involving a third party or ...

Secure method of data transmission and encryption and decryption system allowing such transmission

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Secure method of data transmission and encryption and decryption system allowing such transmission

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links