Multiply-Encrypting Data Requiring Multiple Keys for Decryption
First Claim
Patent Images
1. A method executed on a server, comprising:
- receiving a request to encrypt a piece of data;
encrypting the piece of data such that no single key can decrypt the encrypted piece of data and any combination of a first plurality of unique keys taken a second plurality at a time are capable of decrypting the encrypted piece of data, wherein each one of the first plurality of unique keys is tied to account credentials of a different user, and wherein the second plurality is less than or equal to the first plurality; and
returning the encrypted piece of data.
0 Assignments
0 Petitions
Accused Products
Abstract
A server receives a piece of data for encryption. The server encrypts the piece of data such that no single key can decrypt the encrypted piece of data and any combination of a first multiple of unique keys taken a second multiple at a time are capable of decrypting the encrypted piece of data. Each of the first multiple of unique keys is tied to account credentials of a different user. The second multiple is less than or equal to the first multiple. The encrypted piece of data is returned.
7 Citations
18 Claims
-
1. A method executed on a server, comprising:
-
receiving a request to encrypt a piece of data; encrypting the piece of data such that no single key can decrypt the encrypted piece of data and any combination of a first plurality of unique keys taken a second plurality at a time are capable of decrypting the encrypted piece of data, wherein each one of the first plurality of unique keys is tied to account credentials of a different user, and wherein the second plurality is less than or equal to the first plurality; and returning the encrypted piece of data. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus for encrypting and decrypting data, comprising:
-
a set of one or more processors; a non-transitory machine-readable storage medium that stores instructions that, when executed by the set of processors, generate the following; an encryption module that is configured to encrypt a piece of data such that no single key can decrypt the encrypted piece of data and any combination of a first plurality of unique keys taken a second plurality at a time are capable of decrypting the encrypted piece of data, wherein each one of the first plurality of unique keys is tied to account credentials of a different user, and wherein the second plurality is less than or equal to the first plurality; and a decryption module that is configured to decrypt the piece of data when there is access to at least one combination of the first plurality of unique keys taken the second plurality at a time. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A method executed on a server for encrypting and decrypting data, comprising:
-
receiving a request to encrypt data from a requester, the request indicating at least the following; the data to encrypt, a list of a plurality of users, and a minimum number of the plurality of users whose credentials are required in order to decrypt the data, wherein the minimum number is at least two; encrypting the data with a data key; for each of the plurality of users, generating a unique data key encryption key; for each unique combination of the minimum number of the plurality of users whose credentials are required in order to decrypt the data, generating a unique encrypted data key including encrypting the data key a number of times according to the number of users in that unique combination, each time with a different unique data key encryption key of the users in that unique combination; for each of the plurality of users, encrypting the unique data key encryption key of that user using account credentials of that user; returning to the requester the encrypted data, the unique encrypted data key for each unique combination, and the unique data key encryption key for each of the plurality of users; and discarding the data and the data key. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification