Method and apparatus for controlling access to encrypted data files in a computer system
First Claim
1. Apparatus for controlling access to secured information by quorums of authorized users, each of whom has a password, the secured information being encrypted and stored in a memory, the apparatus comprising:
- means for creating in the memory a table having an entry for each of the plurality of authorized users, the first entry including a cryptographic hash of the each user'"'"'s password;
means for receiving a plurality of passwords from a group of users;
means for cryptographically hashing each of the received passwords;
means responsive to each cryptographically hashed password for identifying the corresponding user as an authorized user when the received cryptographically hashed password matches any of the cryptographically hashed passwords in the memory; and
means responsive to passwords received from authorized users for determining whether the group of authorized users constitutes a valid quorum; and
means for decrypting the secured information when the group of authorized users constitutes a valid quorum.
1 Assignment
0 Petitions
Accused Products
Abstract
In a system in which encrypted information can be protected and maintained by multiple users using passwords in concert, a file with secure data contains both an unencrypted header and an encrypted data portion. The data portion contains both the secured data and a list of hashed passwords and is encrypted with a single file key. The unencrypted file header contains two tables. The first table is a list passwords, where each password is cryptographically hashed using a second, different hashing technique than the hashed passwords in the data portion of the file. The second table is a list of cryptographically hashed combinations of cryptographically hashed passwords, where the combinations correspond to authorized user quorums and the passwords are hashed using the same technique as the passwords stored in the data portion of the file. Each hashed combination on the list is also used as a password key to encrypt the file key. During use of the system, an authorized user must enter a password which, when hashed, can be found in the first table. If the entered password is found in the first table, a check is made to determine if enough authorized users have entered passwords to form a quorum. If there is a quorum, then passwords of the users in the quorum are hashed with the first hashing technique, combined and hashed again to form a password key. The file key can be decrypted with the password key and used to decrypt the file. The hashed passwords in the protected portion of the file can then be used to maintain the password lists.
194 Citations
28 Claims
-
1. Apparatus for controlling access to secured information by quorums of authorized users, each of whom has a password, the secured information being encrypted and stored in a memory, the apparatus comprising:
-
means for creating in the memory a table having an entry for each of the plurality of authorized users, the first entry including a cryptographic hash of the each user'"'"'s password; means for receiving a plurality of passwords from a group of users; means for cryptographically hashing each of the received passwords; means responsive to each cryptographically hashed password for identifying the corresponding user as an authorized user when the received cryptographically hashed password matches any of the cryptographically hashed passwords in the memory; and means responsive to passwords received from authorized users for determining whether the group of authorized users constitutes a valid quorum; and means for decrypting the secured information when the group of authorized users constitutes a valid quorum.
-
-
2. Apparatus for maintaining password information which controls access to secured information by quorums of authorized users, each of whom has a password, the secured information being encrypted with a file key and stored in a memory, the apparatus comprising:
-
means for creating in the memory a table having a first entry for each of the plurality of authorized users, the first entry being derived from the each user'"'"'s password; means for receiving a plurality of passwords from a group of authorized users; means responsive to the plurality of received passwords for determining whether the group of users constitutes a valid quorum; means for computing the file key from a plurality of first entries corresponding to supplied passwords; and means for encrypting the first entries with the file key. - View Dependent Claims (3, 4)
-
-
5. Apparatus for maintaining password information which controls access to secured information by quorums of authorized users, each of whom has a password, the secured information being encrypted with a file key and stored in a memory, the apparatus comprising:
-
means for creating in the memory a table having a first entry for each of the plurality of authorized users, the first entry including a cryptographic hash of the each user'"'"'s password; means for creating in the memory for each group of users constituting a valid quorum, a second entry comprising a combination of passwords for users in the each group and the file key encrypted with a password key comprised of a cryptographic hash of the first entries for each of the users in the each group; means for receiving a plurality of passwords from a group of authorized users; means for checking the plurality of received passwords against the password combinations in each of the second entries and for generating a password key from the plurality of received passwords; and means responsive to the generated password key for decrypting the file key.
-
-
6. Apparatus for controlling access to secured data by quorums of authorized users, the secured data being encrypted with a file key and stored in a memory, the apparatus comprising:
-
means for creating in the memory for each authorized user a first entry having a cryptographic hash of a corresponding password; means for receiving a plurality of passwords from a group of users; means responsive to the plurality of received passwords and to the cryptographic hashes created in the memory for determining whether the group of users constitutes a valid quorum of authorized users; means for creating in the memory for each authorized user, a second entry comprising a password for the each authorized user cryptographically hashed with a technique different from a cryptographic technique used to cryptographically hash passwords in the first entries; and means for encrypting each of the second entries with the file key. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for controlling access to secured data by quorums of authorized users, the secured data being encrypted with a file key and stored in a memory, the method using a table in the memory having a first entry for each authorized user, the first entry having the name of the each authorized user and a corresponding encrypted password, and for each of the quorums, a second entry comprising a combination of passwords in the each quorum and the file key encrypted with a password key comprised of a cryptographically hashed combination of cryptographically hashed passwords of the users in the each quorum, wherein a second cryptographic hashing technique used to create the second entry differs from a first cryptographic hashing technique to create the first entry, the method comprising the steps of:
-
A. hashing an entered password with the first cryptographic hashing technique; B. comparing the cryptographically hashed password with the plurality of first entries; C. cryptographically hashing the entered password with the second hashing technique when a match is detected in step B; D. checking whether a quorum of entered passwords has been obtained E. computing a password key by combining passwords hashed with the second cryptographic hashing technique and cryptographically hashing the combination with the second hashing technique and using the password key to decrypt the file key when a quorum has been obtained in step D; and F. repeating steps A to C when a quorum has not been obtained in step D. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A computer program product for controlling access to secured data by quorums of authorized users, the secured data being encrypted with a file key and stored in a memory, the computer program product comprising:
-
means for creating in the memory for each authorized user a first entry having the name of the each authorized user and a cryptographic hash of a corresponding password; means for creating in the memory for each authorized user a second cryptographic hash of a corresponding password; means for receiving a plurality of passwords from a group of authorized users; means responsive to the plurality of received passwords and to the cryptographic hashes created in the memory for determining whether the group of users constitutes a valid quorum; means for creating in the memory for each authorized user, a third entry comprising a password for the each authorized user cryptographically hashed with the same technique used to cryptographically hash passwords in the second cryptographic hash; and means for encrypting each of the third entries with the file key. - View Dependent Claims (28)
-
Specification