MULTI-KEY CRYPTOGRAPHY FOR ENCRYPTING FILE SYSTEM ACCELERATION
First Claim
Patent Images
3-1. The method defined in claim 1, wherein the third key is encrypted in conjunction with the second key.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of methods and systems for encrypting and decrypting with encryption attributes are presented. An encryption attribute contains information to identify one or more segments of a file to be encrypted. An encryption process encrypts those one or more segments to generate a partly encrypted file instead of encrypting the entire file. That is, the file includes some data that are encrypted and some data that are not. In one embodiment, at least three encryption keys are used such that the encryption attribute is encrypted with using a third key.
-
Citations
26 Claims
-
3-1. The method defined in claim 1, wherein the third key is encrypted in conjunction with the second key.
-
10. A method for decrypting comprising:
-
accessing first data including partly encrypted data, an encrypted version of an encryption attribute, a version of a first key encrypted by using a second key which is a public key, and an encrypted version of a third key, wherein the partly encrypted data comprises a plurality of segments; decrypting the encrypted encryption attribute with the third key to retrieve the encryption attribute, wherein the encryption attribute includes information to identify one or more segments of the partly encrypted data that are encrypted; and decrypting the one or more segments of the partly encrypted data with the first key. - View Dependent Claims (11, 12, 13)
-
-
14. A system for encrypting comprising:
-
a controller to receive a request to encrypt first data associated with at least one encryption attribute, wherein the first data includes a plurality of segments, wherein the encryption attribute includes information to identify one or more segments of the first data to encrypt; a first encryption engine to encrypt the one or more segments of the first data with a first key to produce partly encrypted data, wherein the first key is to be encrypted with a second key which is a public key; a second encryption engine is operable to encrypt the encryption attribute with a third key to create an encrypted encryption attribute; and a storage to store at least a part of second data, wherein the second data includes the encrypted encryption attribute, the partly encrypted data, and an encrypted version of the third key. - View Dependent Claims (15, 16)
-
-
17. A system for decrypting comprising:
-
a controller to access first data including partly encrypted data and an encrypted version of an encryption attribute, wherein the partly encrypted data comprises a plurality of segments, wherein the partly encrypted data is encrypted using a first key, wherein an encrypted version of the first key is created in conjunction with a second key which is a public key; a first decryption engine to decrypt the encrypted encryption attribute with a third key to retrieve the encryption attribute, wherein the encryption attribute includes information to identify one or more segments of the partly encrypted data that are encrypted; and a second decryption engine to decrypt the one or more segments of the partly encrypted data with a first key. - View Dependent Claims (18, 19)
-
-
20. An article of manufacture comprising a computer readable storage medium including data storing instructions thereon that, when accessed by a machine, cause the machine to perform a method comprising:
-
encrypting one or more segments of first data with a first key, the first data being associated with at least one encryption attribute and having a plurality of segments, wherein the encryption attribute includes information to identify the one or more segments of the first data to encrypt; encrypting the first key with a second key which is a public key; encrypting the encryption attribute with a third key to create an encrypted encryption attribute, wherein the first key, the second key, and the third key are different; and storing at least a part of second data including partly encrypted data, an encrypted encryption attribute, an encrypted version of the first key, and an encrypted version of the third key. - View Dependent Claims (21, 22, 23)
-
-
24. An article of manufacture comprising a computer readable storage medium including data storing instructions thereon that, when accessed by a machine, cause the machine to perform a method comprising:
-
accessing first data including partly encrypted data, an encrypted version of an encryption attribute, a version of a first key encrypted by using a second key which is a public key, and an encrypted version of a third key, wherein the partly encrypted data comprises a plurality of segments; decrypting the encrypted encryption attribute with the third key to retrieve the encryption attribute, wherein the encryption attribute includes information to identify one or more segments of the partly encrypted data that are encrypted; and decrypting the one or more segments of the partly encrypted data with the first key. - View Dependent Claims (25, 26)
-
Specification