Method for revoking computer backup files using cryptographic techniques

US 6,134,660 A
Filed: 06/30/1997
Issued: 10/17/2000
Est. Priority Date: 06/30/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method for preventing the reading of all backup copies of electronic information, the method comprising:

using an encryption key, encrypting only the electronic information being backed up;

storing the encrypted electronic information on a backup medium;

creating a key file;

storing the encryption key in the key file;

encrypting the key file with a master key;

backing up the encripted key file; and

destroying any record of the encryption key.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system enables a user to remove a file from a file system and from all backup tapes without ever mounting a single tape. When a file is backed up, it is first encrypted using a randomly generated key and then backed up. When the user wishes to remove the file from the backup tape, the key used to encrypt the file is deleted. Deleting the encryption key renders the data on the tape inaccessible. No one, including the file owner, can ever access the file again. The encrypt before-backup method is completely transparent to the user. Only the computer system'"'"'s operating system knows which key was used to encrypt the file during backup. This ensures that when the operating system is instructed to delete the encryption key, the key is "lost" forever and thus the backed up files become unreadable. Unlike prior cryptographic file systems, the revoked backup files are inaccessible to both the user and others.

Citations

10 Claims

1. A method for preventing the reading of all backup copies of electronic information, the method comprising:
- using an encryption key, encrypting only the electronic information being backed up;
  
  storing the encrypted electronic information on a backup medium;
  
  creating a key file;
  
  storing the encryption key in the key file;
  
  encrypting the key file with a master key;
  
  backing up the encripted key file; and
  
  destroying any record of the encryption key.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising the steps of of generating a new master key each time the encrypted key file is backed up and destroying any record of the most recent previous master key.
  - 3. The method of claim 1, further comprising;
    - a. generating a new encryption key each time the electronic information is backed up;
      
      b. encrypting the electronic information with the new encryption key;
      
      c. storing the new encryption key in the key file;
      
      d. saving a predetermined number of previously used encryption keys in the key file; and
      
      e. deleting from the key file encryption keys exceeding the predetermined number.
  - 4. The method of claim 1, further comprising:
    - a. a computer system storing the encrypted electronic information obtaining a public encryption key from a master key storage server; and
      
      b. using the public encryption key, encrypting the master key.
  - 5. The method of claim 4, further comprising:
    - a. transmitting the encrypted master key to the master key storage server; and
      
      b. using a private key, the master key storage server decrypting the encrypted master key; and
      
      c. the master key storage server transmitting the decrypted master key to the computer system.
  - 6. The method of claim 5, wherein the master key storage server loses the private key after a predetermined time.

7. An apparatus for backing up electronic information on a computer system comprising:
- a. a system memory storing;
  
  (1) a file of electronic information; and
  
  (2) a key file configured to store encryption keys;
  
  b. an encryption means configured to;
  
  (1) receive and encrypt the file of electronic information using a first encryption key; and
  
  (2) receive and encrypt the key file using a master key; and
  
  c. a backup system configured to receive and store the encrypted file of electronic information and the key file, wherein said stored encrypted file of electronic inform ation and key file are rendered unreadable without access to said first encryption key and the master key.
- View Dependent Claims (8, 9)
- - 8. The apparatus of claim 7, wherein the key file further comprises:
    - a. a current encryption key used to encrypt the file onto a current back up;
      
      b. a predetermined number of previously used encryption keys used to encrypt the file on previous backups, wherein an encryption key which was used on one of the earlier backups is deleted when the total number of encryption keys in said key file exceeds the predetermined number.
  - 9. The apparatus of claim 7, wherein the encryption keys, including the first encryption key, are not revealed.

10. A method for backing up electronic information stored on a computer system so that reading of all copies of the backed up information is prevented when the electronic information stored on the computer system is deleted, the method comprising:
- generating a first encryption key;
  
  encrypting said stored electronic information using the first encryption key;
  
  backing up the encrypted electronic, information by making a copy of said encrypted electronic information on a backup storage medium;
  
  generating a second encryption key when a second backup copy of said electronic information is made;
  
  creating an encryption key file for storing said first and second encryption keys; and
  
  storing in said encryption key file a date associated with each encryption key upon which each of said first and second encryption keys will expire.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tumbleweed Holdings LLC (Equitable IP Corporation)
Original Assignee
Telcordia Technologies Incorporated (Telefonaktiebolaget LM Ericsson)
Inventors
Boneh, Dan, Lipton, Richard J.
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US08/885,403
Time in Patent Office

1,205 Days
Field of Search

380/4, 380/9, 380/21, 380/23, 380/25, 380/30, 380/49, 380/50, 380/59, 380/200, 380/201, 380/255, 380/277-287, 395/186, 713/150, 713/189, 713/193, 713/194, 713/200, 713/201, 713/202
US Class Current

713/193
CPC Class Codes

G06F 11/1456   Hardware arrangements for b...

G06F 21/6209   to a single file or object,...

G06F 21/6218   to a system of files or obj...

G06F 2221/2143   Clearing memory, e.g. to pr...

Method for revoking computer backup files using cryptographic techniques

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Method for revoking computer backup files using cryptographic techniques

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links