Deriving a symmetric key from an asymmetric key for file encryption or decryption
First Claim
Patent Images
1. A method comprising:
- accessing a private key of an asymmetric key pair in a key device;
deriving a symmetric master key from the private key of the asymmetric key pair using a single sign-on process, the single sign-on process allowing a user to encrypt or decrypt files in response to a file encryption key, the file encryption key being encrypted or decrypted using the symmetric master key;
storing the symmetric master key in a computer memory location, wherein the files can be encrypted or decrypted in response to the symmetric master key even if the user deactivates the key device;
deactivating the key device; and
following the deactivation of the key device, accessing a process that encrypts or decrypts the file encryption key using the previously stored symmetric master key, wherein accessing the process uses the single sign-on process on a remote computer that is remote from a computer that is used to derive the symmetric master key from the private key of the asymmetric key pair.
2 Assignments
0 Petitions
Accused Products
Abstract
One aspect relates to a process and associated device that provides a private key of an asymmetric key pair in a key device. A symmetric master key is derived from the private key of the asymmetric key pair. The symmetric master key is stored in a computer memory location. The symmetric master key is used to encrypt or decrypt a file encryption key. The file encryption key can encrypt or decrypt files. In another aspect, the user can still access the files even if a user deactivates the key device by encrypting or decrypting the file encryption key directly from the symmetric master key.
-
Citations
19 Claims
-
1. A method comprising:
-
accessing a private key of an asymmetric key pair in a key device; deriving a symmetric master key from the private key of the asymmetric key pair using a single sign-on process, the single sign-on process allowing a user to encrypt or decrypt files in response to a file encryption key, the file encryption key being encrypted or decrypted using the symmetric master key; storing the symmetric master key in a computer memory location, wherein the files can be encrypted or decrypted in response to the symmetric master key even if the user deactivates the key device; deactivating the key device; and following the deactivation of the key device, accessing a process that encrypts or decrypts the file encryption key using the previously stored symmetric master key, wherein accessing the process uses the single sign-on process on a remote computer that is remote from a computer that is used to derive the symmetric master key from the private key of the asymmetric key pair. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer readable storage medium having computer executable instructions for performing steps comprising:
-
providing a private key of the asymmetric key pair in a key device; deriving a symmetric master key from the private key of the asymmetric key pair using a hash function, wherein the deriving act uses a single sign-on process, the single sign-on process allowing a user to encrypt or decrypt files in response to a file encryption key, the file encryption key being encrypted or decrypted using the symmetric master key; storing the symmetric master key in a computer memory location that encrypts or decrypts the file encryption key, wherein the file encryption key can encrypt or decrypt the files even if the user deactivates the key device; deactivating the key device; and following the deactivation of the key device, accessing a process that encrypts or decrypts the file encryption key using the previously stored symmetric master key, wherein accessing the process uses the single sign-on process on a remote computer that is remote from a computer that is used to derive the symmetric master key from the private key of the asymmetric key pair. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification