Method and apparatus for controlling access to encrypted data files in a computer system

US 5,787,169 A
Filed: 12/28/1995
Issued: 07/28/1998
Est. Priority Date: 12/28/1995
Status: Expired due to Term

First Claim

Patent Images

1. Apparatus for controlling access to secured information by quorums of authorized users, each of whom has a password, the secured information being encrypted and stored in a memory, the apparatus comprising:

means for creating in the memory a table having an entry for each of the plurality of authorized users, the first entry including a cryptographic hash of the each user'"'"'s password;

means for receiving a plurality of passwords from a group of users;

means for cryptographically hashing each of the received passwords;

means responsive to each cryptographically hashed password for identifying the corresponding user as an authorized user when the received cryptographically hashed password matches any of the cryptographically hashed passwords in the memory; and

means responsive to passwords received from authorized users for determining whether the group of authorized users constitutes a valid quorum; and

means for decrypting the secured information when the group of authorized users constitutes a valid quorum.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a system in which encrypted information can be protected and maintained by multiple users using passwords in concert, a file with secure data contains both an unencrypted header and an encrypted data portion. The data portion contains both the secured data and a list of hashed passwords and is encrypted with a single file key. The unencrypted file header contains two tables. The first table is a list passwords, where each password is cryptographically hashed using a second, different hashing technique than the hashed passwords in the data portion of the file. The second table is a list of cryptographically hashed combinations of cryptographically hashed passwords, where the combinations correspond to authorized user quorums and the passwords are hashed using the same technique as the passwords stored in the data portion of the file. Each hashed combination on the list is also used as a password key to encrypt the file key. During use of the system, an authorized user must enter a password which, when hashed, can be found in the first table. If the entered password is found in the first table, a check is made to determine if enough authorized users have entered passwords to form a quorum. If there is a quorum, then passwords of the users in the quorum are hashed with the first hashing technique, combined and hashed again to form a password key. The file key can be decrypted with the password key and used to decrypt the file. The hashed passwords in the protected portion of the file can then be used to maintain the password lists.

194 Citations

28 Claims

1. Apparatus for controlling access to secured information by quorums of authorized users, each of whom has a password, the secured information being encrypted and stored in a memory, the apparatus comprising:
- means for creating in the memory a table having an entry for each of the plurality of authorized users, the first entry including a cryptographic hash of the each user'"'"'s password;
  
  means for receiving a plurality of passwords from a group of users;
  
  means for cryptographically hashing each of the received passwords;
  
  means responsive to each cryptographically hashed password for identifying the corresponding user as an authorized user when the received cryptographically hashed password matches any of the cryptographically hashed passwords in the memory; and
  
  means responsive to passwords received from authorized users for determining whether the group of authorized users constitutes a valid quorum; and
  
  means for decrypting the secured information when the group of authorized users constitutes a valid quorum.

2. Apparatus for maintaining password information which controls access to secured information by quorums of authorized users, each of whom has a password, the secured information being encrypted with a file key and stored in a memory, the apparatus comprising:
- means for creating in the memory a table having a first entry for each of the plurality of authorized users, the first entry being derived from the each user'"'"'s password;
  
  means for receiving a plurality of passwords from a group of authorized users;
  
  means responsive to the plurality of received passwords for determining whether the group of users constitutes a valid quorum;
  
  means for computing the file key from a plurality of first entries corresponding to supplied passwords; and
  
  means for encrypting the first entries with the file key.
- View Dependent Claims (3, 4)
- - 3. Apparatus according to claim 2 wherein the determining means comprises means for generating the file key when the group of users constitutes a valid quorum.
  - 4. Apparatus according to claim 3 further comprising means cooperating with the determining means for decrypting the second entries with the generated file key;
    - andmeans responsive to the decrypted second entries for recreating the table in the memory.

5. Apparatus for maintaining password information which controls access to secured information by quorums of authorized users, each of whom has a password, the secured information being encrypted with a file key and stored in a memory, the apparatus comprising:
- means for creating in the memory a table having a first entry for each of the plurality of authorized users, the first entry including a cryptographic hash of the each user'"'"'s password;
  
  means for creating in the memory for each group of users constituting a valid quorum, a second entry comprising a combination of passwords for users in the each group and the file key encrypted with a password key comprised of a cryptographic hash of the first entries for each of the users in the each group;
  
  means for receiving a plurality of passwords from a group of authorized users;
  
  means for checking the plurality of received passwords against the password combinations in each of the second entries and for generating a password key from the plurality of received passwords; and
  
  means responsive to the generated password key for decrypting the file key.

6. Apparatus for controlling access to secured data by quorums of authorized users, the secured data being encrypted with a file key and stored in a memory, the apparatus comprising:
- means for creating in the memory for each authorized user a first entry having a cryptographic hash of a corresponding password;
  
  means for receiving a plurality of passwords from a group of users;
  
  means responsive to the plurality of received passwords and to the cryptographic hashes created in the memory for determining whether the group of users constitutes a valid quorum of authorized users;
  
  means for creating in the memory for each authorized user, a second entry comprising a password for the each authorized user cryptographically hashed with a technique different from a cryptographic technique used to cryptographically hash passwords in the first entries; and
  
  means for encrypting each of the second entries with the file key.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 7. Apparatus according to claim 6 wherein the means for creating the first entries comprises means for combining each password with a predetermined salt value and means for cryptographically hashing the combination of the salt value and the password.
  - 8. Apparatus according to claim 6 wherein the means for determining whether the group of users constitutes a valid quorum of authorized users comprises means for creating in the memory for each quorum of authorized users, a third entry comprising a combination of passwords in the each quorum and the file key encrypted with a password key comprised of a cryptographically hashed combination of cryptographically hashed passwords of the users in the each quorum.
  - 9. Apparatus according to claim 8 wherein in each of the plurality of third entries, the hashed passwords are cryptographically hashed using the same technique as that used to cryptographically hash passwords in the second entry.
  - 10. Apparatus according to claim 7 wherein the means for cryptographically hashing the combination of the salt value and the password comprises means for concatenating the salt value and the password.
  - 11. Apparatus according to claim 7 wherein the means for cryptographically hashing the combination of the salt value and the password comprises means for passing the combination through a one-way function.
  - 12. Apparatus according to claim 11 wherein the one-way function is an MD2 function.
  - 13. Apparatus according to claim 8 wherein the means for creating the third entries comprises:
    - means for combining each password with a predetermined salt value;
      
      means for cryptographically hashing the combination of the salt value and the password; and
      
      means for forming a combination of cryptographically hashed passwords in the each quorum; and
      
      means for cryptographically hashing the combination of cryptographically hashed passwords.
  - 14. Apparatus according to claim 13 wherein the means for combining each password with the predetermined salt value comprises means for concatenating the each password and the salt value.
  - 15. Apparatus according to claim 13 wherein the means for cryptographically hashing the combination of the salt value and the password comprising means for passing the combination of the salt value and the password through a oneway function.
  - 16. Apparatus according to claim 15 wherein the one-way function comprises means for passing the combination through a first MD2 function and the result therefrom through a second MD2 function.
  - 17. Apparatus according to claim 8 wherein the file key is encrypted with the password key by exclusive-ORing the file key and the password key.

18. A method for controlling access to secured data by quorums of authorized users, the secured data being encrypted with a file key and stored in a memory, the method using a table in the memory having a first entry for each authorized user, the first entry having the name of the each authorized user and a corresponding encrypted password, and for each of the quorums, a second entry comprising a combination of passwords in the each quorum and the file key encrypted with a password key comprised of a cryptographically hashed combination of cryptographically hashed passwords of the users in the each quorum, wherein a second cryptographic hashing technique used to create the second entry differs from a first cryptographic hashing technique to create the first entry, the method comprising the steps of:
- A. hashing an entered password with the first cryptographic hashing technique;
  
  B. comparing the cryptographically hashed password with the plurality of first entries;
  
  C. cryptographically hashing the entered password with the second hashing technique when a match is detected in step B;
  
  D. checking whether a quorum of entered passwords has been obtainedE. computing a password key by combining passwords hashed with the second cryptographic hashing technique and cryptographically hashing the combination with the second hashing technique and using the password key to decrypt the file key when a quorum has been obtained in step D; and
  
  F. repeating steps A to C when a quorum has not been obtained in step D.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26)
- - 19. A method according to claim 18 wherein the memory includes for each authorized user, a third entry comprising a password for the each authorized user hashed with the same cryptographic hashing technique used to hash passwords in the second entry and the method further includes the steps of:
    - G. receiving new quorum rules; and
      
      H. using the third entries to compute new second entries based on the new quorum rules.
  - 20. A method according to claim 18 wherein step A comprises the steps of:
    - A1. concatenating the password with a predetermined salt value; and
      
      A2. passing the concatenation through a one-way function.
  - 21. A method according to claim 20 wherein step A2 comprises the step of:
    - A2A. passing the concatenation through an MD2 function.
  - 22. A method according to claim 18 wherein step C comprises the steps of:
    - C1. concatenating the password with a predetermined salt value; and
      
      C2. passing the concatenation through a one-way function.
  - 23. A method according to claim 22 wherein step C2 comprises the step of:
    - C2A. passing the concatenation through two MD2 functions.
  - 24. A method according to claim 18 wherein step E comprises the step of:
    - E1. decrypting the file key by exclusive-ORing it with the password key.
  - 25. A method according to claim 18 wherein step E further comprises the steps of:
    - E2. concatenating passwords in the quorum subset; and
      
      E3. cryptographically hashing the concatenation computed in step E2.
  - 26. A method according to claim 25 wherein step E3 comprises the step of:
    - E3A. passing the concatenation through two MD2 functions.

27. A computer program product for controlling access to secured data by quorums of authorized users, the secured data being encrypted with a file key and stored in a memory, the computer program product comprising:
- means for creating in the memory for each authorized user a first entry having the name of the each authorized user and a cryptographic hash of a corresponding password;
  
  means for creating in the memory for each authorized user a second cryptographic hash of a corresponding password;
  
  means for receiving a plurality of passwords from a group of authorized users;
  
  means responsive to the plurality of received passwords and to the cryptographic hashes created in the memory for determining whether the group of users constitutes a valid quorum;
  
  means for creating in the memory for each authorized user, a third entry comprising a password for the each authorized user cryptographically hashed with the same technique used to cryptographically hash passwords in the second cryptographic hash; and
  
  means for encrypting each of the third entries with the file key.
- View Dependent Claims (28)
- - 28. A computer program product according to claim 27 wherein the means for determining whether the group of users constitutes a valid quorum comprises means for creating in the memory for each quorum of authorized users, a second entry comprising a combination of passwords in the each quorum and the file key encrypted with a password key comprised of a cryptographically hashed combination of cryptographically hashed passwords of the users in the each quorum.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Kaufman, Charles W., Eldridge, Alan D.
Primary Examiner(s)
CANGIALOSI, SALVATORE A

Application Number

US08/579,812
Time in Patent Office

943 Days
Field of Search

380/4, 380/25, 380/30
US Class Current

713/165
CPC Class Codes

G06F 21/40   by quorum, i.e. whereby two...

G06F 21/6209   to a single file or object,...

G06F 21/6218   to a system of files or obj...

G06F 21/6227   where protection concerns t...

G06F 2221/2107   File encryption

Method and apparatus for controlling access to encrypted data files in a computer system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

194 Citations

28 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for controlling access to encrypted data files in a computer system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

194 Citations

28 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others