System and method for secure storage, transfer and retrieval of content addressable information
First Claim
1. A method comprising:
- generating a first unique identifier for said a binary asset, said first unique identifier being computed from at least a portion of the contents of said binary asset and uniquely identifying said binary asset;
encrypting said binary asset using said first unique identifier as a key, said encrypting resulting in an encrypted version of said binary asset;
generating a second unique identifier for said encrypted version of said binary asset, said second unique identifier being computed from at least a portion of said encrypted version of said binary asset and uniquely identifying said encrypted version of said binary asset;
providing said second unique identifier for the retrieval of said encrypted version of said binary asset, whereby said second unique identifier may be used to locate said encrypted version;
creating a descriptor file that includes said unique identifier and said second unique identifier;
generating a first file identifier, said first file identifier being computed from at least a portion of said descriptor file and uniquely identifying said descriptor file;
encrypting said descriptor file using said first file identifier as a key, said encrypting producing an encrypted descriptor file; and
generating a second file identifier for said encrypted descriptor file, said second file identifier being computed from at least a portion of said encrypted descriptor file and uniquely identifying said encrypted descriptor file, whereby said first file identifier and said second file identifier may be used to access the contents of said binary asset.
11 Assignments
0 Petitions
Accused Products
Abstract
An algorithm (such as the MD5 hash function) is applied to a file to produce an intrinsic unique identifier (IUI) for the file (or message digest). The file is encrypted using its IUI as the key for the encryption algorithm. An algorithm is then applied to the encrypted file to produce an IUI for the encrypted file. The encrypted file is safely stored or transferred within a network and is uniquely identifiable by its IUI. The encrypted file is decrypted using the IUI of the plaintext file as the key. The IUI serves as both a key to decrypt the file and also as verification that the integrity of the plaintext file has not been compromised. IUIs for any number of such encrypted files may be assembled into a descriptor file that includes meta data for each file, the IUI of the plaintext file and the IUI of the encrypted file. An algorithm is applied to the descriptor file to produce an IUI for the descriptor file. The plaintext descriptor file is then encrypted using the descriptor file IUI as a key for the encryption algorithm. An algorithm is applied to the encrypted descriptor file to produce an IUI for the encrypted descriptor file. The IUI of the encrypted descriptor file is a location-independent identifier to locate the encrypted descriptor file. A flattened descriptor file includes the IUIs of encrypted data files and the IUI of the encrypted descriptor file. An algorithm is applied to the flattened descriptor file to produce its own IUI.
203 Citations
7 Claims
-
1. A method comprising:
-
generating a first unique identifier for said a binary asset, said first unique identifier being computed from at least a portion of the contents of said binary asset and uniquely identifying said binary asset; encrypting said binary asset using said first unique identifier as a key, said encrypting resulting in an encrypted version of said binary asset; generating a second unique identifier for said encrypted version of said binary asset, said second unique identifier being computed from at least a portion of said encrypted version of said binary asset and uniquely identifying said encrypted version of said binary asset; providing said second unique identifier for the retrieval of said encrypted version of said binary asset, whereby said second unique identifier may be used to locate said encrypted version; creating a descriptor file that includes said unique identifier and said second unique identifier; generating a first file identifier, said first file identifier being computed from at least a portion of said descriptor file and uniquely identifying said descriptor file; encrypting said descriptor file using said first file identifier as a key, said encrypting producing an encrypted descriptor file; and generating a second file identifier for said encrypted descriptor file, said second file identifier being computed from at least a portion of said encrypted descriptor file and uniquely identifying said encrypted descriptor file, whereby said first file identifier and said second file identifier may be used to access the contents of said binary asset. - View Dependent Claims (2, 3)
-
-
4. A method comprising:
-
generating a first identifier for a file, said first identifier being computed from at least a portion said file and uniquely identifying said file; encrypting said file using said first identifier as a key, said encrypting producing an encrypted file; generating a second file identifier for said encrypted file, said second file identifier being computed from at least a portion of said encrypted file and uniquely identifying said encrypted file; providing said first file identifier and second file identifier for the retrieval of said file, whereby said second unique identifier may be used to locate said encrypted file, and said first file identifier may be used to decrypt said encrypted file to produce said file; creating a descriptor file that includes said first file identifier and said second file identifier; generating a third file identifier, said third file identifier being computed from at least a portion of said descriptor file and uniquely identifying said descriptor file; encrypting said descriptor file using said third file identifier as a key, said encrypting producing an encrypted descriptor file; and generating a fourth file identifier for said encrypted descriptor file, said fourth file identifier being computed from at least a portion of said encrypted descriptor file and uniquely identifying said encrypted descriptor file, whereby said third file identifier and said fourth file identifier may be used to access the contents of said file. - View Dependent Claims (5, 6, 7)
-
Specification