System and method for data recovery
First Claim
1. A controller for enabling a processor to process a request from an emergency decrypting user to gain access to user secret data in a data recovery field, the data recovery field comprising the user secret data and an access rule index encrypted using a data recovery center public key, wherein emergency decrypting comprises decryption using the data recovery fields, said access rule index allowing the data recovery center to locate an access rule, the access rule defining at least a portion of a procedure for authenticating a party'"'"'s identity, wherein the access rule includes an authentication test or a compound authorization rule, the controller comprising:
- means for enabling said processor to transfer said data recovery field to a data recovery center, wherein said data recovery center decrypts encrypted user secret data and access rule index using a data recovery center private key, and wherein said data recovery center uses said decrypted access rule index to obtain an access rule from a storage device coupled to said data recovery center;
means for enabling said processor to receive from said data recovery center at least one challenge as defined at least partially by said access rule;
means for enabling said processor to communicate to said data recovery center a response to each of said at least one challenge; and
means for enabling said processor to receive from said data recovery center said decrypted user secret data if said at least one challenge was correctly answered as defined at least partially by said access rule.
4 Assignments
0 Petitions
Accused Products
Abstract
A system and method for dam escrow cryptography are described. An encrypting user encrypts a message using a secret storage key (KS) and attaches a data recovery field (DRF), including an access rule index (ARI) and KS, to the encrypted message. The DRF and the encrypted message are stored in a storage device. To recover KS, a decrypting user extracts and sends the DRF to a data recovery center (DRC) that issues a challenge based on access rules (ARs) originally defined by the encrypting user. If the decrypting user meets the challenge, the DRC sends KS in a message to the decrypting user. Generally, KS need not be an encryption key but could represent any piece of confidential information that can fit inside the DRF. In all cases, the DRC limits access to decrypting users who can meet the challenge defined in either the ARs defined by the encrypting user or the ARs defined for override access.
302 Citations
68 Claims
-
1. A controller for enabling a processor to process a request from an emergency decrypting user to gain access to user secret data in a data recovery field, the data recovery field comprising the user secret data and an access rule index encrypted using a data recovery center public key, wherein emergency decrypting comprises decryption using the data recovery fields, said access rule index allowing the data recovery center to locate an access rule, the access rule defining at least a portion of a procedure for authenticating a party'"'"'s identity, wherein the access rule includes an authentication test or a compound authorization rule, the controller comprising:
-
means for enabling said processor to transfer said data recovery field to a data recovery center, wherein said data recovery center decrypts encrypted user secret data and access rule index using a data recovery center private key, and wherein said data recovery center uses said decrypted access rule index to obtain an access rule from a storage device coupled to said data recovery center; means for enabling said processor to receive from said data recovery center at least one challenge as defined at least partially by said access rule; means for enabling said processor to communicate to said data recovery center a response to each of said at least one challenge; and means for enabling said processor to receive from said data recovery center said decrypted user secret data if said at least one challenge was correctly answered as defined at least partially by said access rule. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for controlling an emergency decrypting user'"'"'s access to a file encrypted by a file encrypting user with a storage key, wherein emergency decypting comprises decryption using a data recovery field, access to the file being controlled by an access rule, wherein the access rule includes an authentication test or a compound authorization rule, comprising the steps of:
-
(1) defining by an access rule defining user an access rule to control access to a storage key and sending said access rule to a data recovery center; (2) returning an access rule index by said data recovery center to said access rule defining user, wherein said access rule index allows said data recovery center to locate said access rule; (3) retrieving said access rule index by a file encrypting user and generating a data recovery field, said data recovery field comprising said access rule index and said storage key encrypted by a data recovery center public key; (4) attaching by the file encrypting user said data recovery field to an encrypted file; (5) extracting by an emergency decrypting user said data recovery field and sending said data recovery field to said data recovery center; (6) presenting by said data recovery center to said emergency decrypting user a challenge using said access rule referenced by said access rule index in said data recovery field; and (7) sending said storage key by said data recovery center to said emergency decrypting user if said emergency decrypting user meets said challenge.
-
-
9. A method for controlling an emergency decrypting user'"'"'s access to a secret encrypted by a file encrypting user in a data recovery field, wherein emergency decrypting comprises decryption using a data recovery field, access to the message being controlled by an access rule, wherein the access rule includes an authentication test or a compound authorization rule, comprising the steps of:
-
(1) defining by an access rule defining user an access rule to control access to a secret and sending said access rule to a data recovery center; (2) returning by said data recovery center to said access rule defining user an access rule index, wherein said access rule index allows said data recovery center to locate said access rule; (3) retrieving said access rule index by a file encrypting user and generating said data recovery field, said data recovery field comprising said access rule index and said secret encrypted by a data recovery center public key; (4) sending said data recovery field by said emergency decrypting user to said data recovery center; (5) presenting a challenge by said data recovery center to said emergency decrypting user using said access rule referenced by said access rule index in said data recovery field; and (6) sending said secret by said data recovery center to said emergency decrypting user if said emergency decrypting user meets said challenge.
-
-
10. A method for a data recovery center to control access by an emergency decrypting user to a file encrypted with a storage key, wherein emergency decrypting comprises decryption using a data recovery field, the data recovery field comprising the storage key and an access rule index encrypted with a data recovery center public key, wherein an access rule referenced by the access rule index includes an authentication test or a compound authorization rule, the method comprising the steps of:
-
(1) receiving a data recovery field from an emergency decrypting user requesting access to a storage key encrypted in said data recovery field; (2) challenging said emergency decrypting user with an access rule referenced by an access rule index in said received data recovery field; and (3) sending said storage key to said emergency decrypting user if said emergency decrypting user successfully meets said data recovery center'"'"'s challenge. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A method for a data recovery center to control access by an emergency decrypting user to a secret, wherein emergency decrypting comprises decryption using a data recovery field, the data recovery field comprising the secret and an access rule index encrypted with a data recovery center public key, wherein an access rule referenced by the access rule index includes an authentication test or a compound authorization rule, the method comprising the steps of:
-
(1) receiving a data recovery field from an emergency decrypting user requesting access to a secret encrypted in said data recovery field; (2) challenging said emergency decrypting user with an access rule referenced by an access rule index in said received data recovery field; and (3) sending said secret to said emergency decrypting user if said emergency decrypting user successfully meets said data recovery center'"'"'s challenge. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
-
24. A method for an emergency decrypting user to gain access to a storage key used to encrypt a file, the encrypted file stored with a data recovery field, wherein emergency decrypting comprises decryption using a data recovery field, the data recovery field comprising an access rule index and the storage key encrypted by a data recovery center public key, the access rule index allowing the data recovery center to locate the access rule, wherein the access rule includes an authentication test or a compound authorization rule, the method comprising the steps of:
-
(1) extracting a data recovery field; (2) sending said data recovery field to a data recovery center; (3) meeting a challenge from said data recovery center, said challenge based on an access rule referenced by an access rule index in said data recovery field; and (4) receiving a storage key from said data recovery center if said challenge is successfully met. - View Dependent Claims (25, 26, 27, 28, 29, 30)
-
-
31. A method for an emergency decrypting user to gain access to a secret that is stored in a data recovery field, wherein emergency decrypting comprises decryption using the data recovery field, the data recovery field comprising an access rule index and the secret encrypted by a data recovery center public key, the access rule index allowing the data recovery center to locate the access rule, wherein the access rule includes an authentication test or a compound authorization rule, the method comprising the steps of:
-
(1) sending a data recovery field to a data recovery center; (2) meeting a challenge from said data recovery center, said challenge based on an access rule referenced by an access rule index in said data recovery field; and (3) receiving a secret from said data recovery center if said challenge is successfully met. - View Dependent Claims (32, 33, 34, 35, 36, 37)
-
-
38. A system for controlling access to a file that is encrypted with a storage key, the system comprising:
-
a data recovery center for storing at least one access rule, wherein an access rule includes an authentication test or a compound authorization rule; an access rule defining user that defines an access rule to control access to a storage key, said access rule defining user registering said access rule with said data recovery center, said data recovery center returning an access rule index that said access rule defining user stores in an access rule index file; a file encrypting user that attaches a data recovery field to an encrypted file, wherein said data recovery field comprises an access rule index retrieved from said access rule index file and said storage key encrypted by a data recovery center public key; and an emergency decrypting user that initiates an emergency decryption process that comprises decryption using said data recovery field, said emergency decrypting user sending said data recovery field to said data recovery center and receiving said storage key if a challenge defined by said access rule referenced by said access rule index in said data recovery field is satisfied.
-
-
39. A system for controlling access to user secret data, the system comprising:
-
a data recovery center for storing at least one access rule, wherein an access rule includes an authentication test or a compound authorization rule; an access rule defining user that defines an access rule to control access to a user secret data, said access rule defining user registering said access rule with said data recovery center, wherein said data recovery center returns an access rule index that said access rule defining user stores in an access rule index file; a file encrypting user that creates a data recovery field, wherein said data recovery field comprises said access rule index retrieved from said access rule index file and said user secret data encrypted by a data recovery center public key; and an emergency decrypting user that initiates an emergency decryption process that comprises decryption using said data recovery field, said emergency decrypting user sending said data recovery field to said data recovery center and receiving said user secret data if a challenge defined by said access rule referenced by said access rule index in said data recovery field is satisfied.
-
-
40. A data recovery center to control access by an emergency decrypting user to a user secret, wherein emergency decryption comprises decryption using a data recovery field that includes the user secret data and an access rule index encrypted with a data recovery center public key, the access rule index referencing an access rule that includes an authentication test or a compound authorization rule, the data recovery center comprising:
-
means for receiving a data recovery field from an emergency decrypting user requesting access to a user secret encrypted in a data recovery field; means for challenging said emergency decrypting user with an access rule referenced by an access rule index in said received data recovery field; and means for sending said user secret to said emergency decrypting user if said emergency decrypting user successfully meets the data recovery center'"'"'s challenge. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47)
-
-
48. An access rule defining user that registers, with a data recovery center, an access rule that controls an emergency decrypter'"'"'s access to a user secret, wherein the access rule includes an authentication test or a compound authorization rule, wherein emergency decryption comprises decryption using a data recovery field that includes the user secret and an access rule index encrypted with a data recovery center public key, the access rule defining user comprising:
-
means for defining an access rule to control access to a user secret; means for sending said access rule to a data recovery center; means for receiving from said data recovery center an access rule index that references said access rule; and means for storing said access rule index in an access rule index file. - View Dependent Claims (49, 50, 51, 52, 53)
-
-
54. A method for an access rule defining user to register an access rule with a data recovery center, the access rule controlling an emergency decrypter'"'"'s access to a user secret, wherein the access rule includes an authentication test or a compound authorization rule, wherein emergency decryption comprises decryption using a data recovery field that includes the user secret and an access rule index encrypted with a data recovery center public key, the method comprising the steps of:
-
(1) defining a first access rule to control access to a user secret; (2) sending said first access rule to a data recovery center; (3) receiving from said data recovery center an access rule index that references said access rule; (4) storing said access rule index in an access rule index file; (5) sending a second access rule and said access rule index to said data recovery center, said access rule index referencing said first access rule that the access rule defining user desires to redefine with said second access rule; and (6) responding to a challenge presented by said data recovery center, said challenge based on said first access rule.
-
-
55. An emergency decrypting user that gains access to a storage key used to encrypt a file, the encrypted file stored with a data recovery field, the data recovery field comprises an access rule index and the storage key encrypted by a data recovery center public key, the access rule index allowing the data recovery center to locate the access rule, wherein the access rule includes an authentication test or a compound authorization rule, wherein emergency decrypting comprises decryption using the data recovery field, the emergency decrypting user comprising:
-
means for extracting a data recovery field; means for sending said data recovery field to a data recovery center; means for responding to a challenge from said data recovery center, said challenge based on an access rule referenced by said access rule index in said data recovery field; and means for receiving a storage key from said data recovery center if said challenge is successfully met. - View Dependent Claims (56, 57, 58, 59, 60, 61)
-
-
62. An emergency decrypting user that gains access to a user secret, the user secret data being stored in a data recovery field, the data recovery field comprising an access rule index and the user secret data encrypted by a data recovery center public key, the access rule index allowing the data recovery center to locate the access rule, wherein the access rule includes an authentication test or a compound authorization rule, wherein emergency decrypting comprises decryption using the data recovery field, the emergency decrypting user comprising:
-
means for sending a data recovery field to a data recovery center; means for responding to a challenge from said data recovery center, said challenge based on an access rule referenced by an access rule index in said data recovery field; and means for receiving user secret data from said data recovery center if said challenge is successfully met. - View Dependent Claims (63, 64, 65, 66, 67, 68)
-
Specification