Systems, methods, and computer program products for accelerated dynamic protection of data
First Claim
1. A computer implemented method for encrypting and decrypting using a first key and a second key, comprising:
- encrypting said data element with said first key and a current encryption state to produce a first encrypted data and an updated , encryption state;
encrypting said first encrypted data with said second key to produce a second encrypted data;
transmitting said second encrypted data with said current encryption state to a receiving computer system;
encrypting a subsequent data element with said first key and said updated encryption state to produce a subsequent first encrypted data and a subsequent updated encryption state;
encrypting said subsequent first encrypted data with said second key to produce a subsequent second encrypted data;
transmitting said subsequent second encrypted data with said updated encryption state to a receiving computer system;
decrypting, on said receiving computer system, said subsequent second encrypted data with said second key to produce a decrypted subsequent second encrypted data; and
decrypting said decrypted subsequent second encrypted data with said first key and said updated encryption state transmitted with said subsequent second encrypted data to produce a decrypted subsequent data element.
3 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer product that accelerates encryption and decryption of data while using both a static key and a dynamic key. The present invention eliminates intermediate decryption of data that is transmitted between computer systems. More particularly, encryption efficiency is improved by eliminating decryption of the statically encrypted data while incorporating the advantages of a dynamic key such as enabling rapid change of the dynamic key. The efficiency improvements reduce the computer resources required to protect the data and therefore stronger data encryption may be enabled with the saved computer resources. End-to-end security of the data is maintained without the need for trusted data servers.
-
Citations
42 Claims
-
1. A computer implemented method for encrypting and decrypting using a first key and a second key, comprising:
-
encrypting said data element with said first key and a current encryption state to produce a first encrypted data and an updated , encryption state; encrypting said first encrypted data with said second key to produce a second encrypted data; transmitting said second encrypted data with said current encryption state to a receiving computer system; encrypting a subsequent data element with said first key and said updated encryption state to produce a subsequent first encrypted data and a subsequent updated encryption state; encrypting said subsequent first encrypted data with said second key to produce a subsequent second encrypted data; transmitting said subsequent second encrypted data with said updated encryption state to a receiving computer system; decrypting, on said receiving computer system, said subsequent second encrypted data with said second key to produce a decrypted subsequent second encrypted data; and decrypting said decrypted subsequent second encrypted data with said first key and said updated encryption state transmitted with said subsequent second encrypted data to produce a decrypted subsequent data element. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An article of manufacture comprising a program storage medium readable by a computer and embodying one or more instructions executable by the computer for causing a computer system to encrypt and decrypt using a first key and a second key, comprising:
-
encrypting a data element with said first key and a current encryption state to produce a first encrypted data and an updated encryption state; encrypting said first encrypted data with said second key to produce a second encrypted data; transmitting said second encrypted data with said current encryption state to a receiving computer system; encrypting a subsequent data element with said first key and said updated encryption state to produce a subsequent first encrypted data and a subsequent updated encryption state; encrypting said subsequent first encrypted data with said second key to produce a subsequent second encrypted data; transmitting said subsequent second encrypted data with said updated encryption state to said receiving computer system; decrypting, on said receiving computer system, said subsequent second encrypted data with said second key to produce a decrypted subsequent second encrypted data; and decrypting said decrypted subsequent second encrypted data with said first key and said updated encryption state transmitted with said subsequent second encrypted data to produce a decrypted subsequent data element. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A computer implemented method for encrypting and decrypting using a first key and a second key, wherein a data element is partitioned into chunks, comprising:
-
encrypting said a data element chunk with said first key and a current encryption state to provide a first encrypted chunk data and an updated encryption state; encrypting a subsequent data element chunk with said first key and said updated encryption state to provide a subsequent first encrypted chunk data and a subsequent updated encryption state; encrypting said first encrypted chunk data with said second key to provide second encrypted chunk data; transmitting said second encrypted chunk data and said current encryption state to a receiving computer system; encrypting said subsequent first encrypted chunk data with said second key to provide subsequent second encrypted chunk data; transmitting said subsequent second encrypted chunk data and said updated encryption state to said receiving computer system; decrypting said subsequent second encrypted chunk data with said second key; and decrypting said decrypted subsequent second encrypted chunk data with said first key and said updated encryption state that is transmitted with said subsequent second encrypted chunk data to provide a decrypted subsequent data element chunk. - View Dependent Claims (20, 21, 22, 23, 24)
-
-
25. An article of manufacture comprising a program storage medium readable by a computer and embodying one or more instructions executable by the computer for causing a computer system to encrypt and decrypt using a first key and a second key, wherein a data element is partitioned into chunks, comprising:
-
encrypting a data element chunk with said first key and a current encryption state to produce a first encrypted chunk data and an updated encryption state; encrypting a subsequent data element chunk with said first key and said updated encryption state to produce a subsequent first encrypted chunk data and a subsequent updated encryption state; encrypting said second encrypted chunk data with said second key to produce a second encrypted chunk data; encrypting said subsequent second encrypted chunk data with said second key to produce a subsequent second encrypted chunk data; transmitting said second encrypted chunk data with said current encryption state to a receiving computer system; transmitting said subsequent encrypted chunk data with said updated encryption state to said receiving computer system; decrypting said subsequent second encrypted chunk data with said second key; and decrypting said decrypted subsequent second encrypted chunk data with said first key and said updated encryption state that is transmitted with said subsequent second encrypted chunk data. - View Dependent Claims (26, 27, 28, 29, 30)
-
-
31. A computer implemented method for encrypting and decrypting using a first key and a second key, comprising:
-
encrypting a data element with said first key to produce a first encrypted data; encrypting said first encrypted data with said second key and a current encryption state to produce a second encrypted data and an updated encryption state; transmitting said second encrypted data with said current encryption state to a receiving computer system; encrypting a subsequent data element with said first key to produce a subsequent first encrypted data; encrypting said subsequent first encrypted data with said second key and said updated encryption state to produce a subsequent second encrypted data and another updated encryption state; transmitting said subsequent second encrypted data with said updated encryption state to a receiving computer system; decrypting, on said receiving computer system, said subsequent second encrypted data with said second key and said updated encryption state that is transmitted with said second encrypted data; and decrytping, on said receiving computer system, said decrypted subsequent second encrypted dats with said first key. - View Dependent Claims (32, 33, 34, 35, 36)
-
-
37. An article of manufacture comprising a program storage medium readable by a computer and embodying one or more instructions executable by the computer for causing a computer system to encrypt and decrypt using a first key and a second key, comprising:
-
encrypting a data element with said first key to produce a first encrypted data; encrypting said first encrypted data with said second key and a current encryption state to produce a second encrypted data and an updated encryption state; transmitting said second encrypted data with said current encryption state to a receiving computer system; encrypting a subsequent data element with said first key to produce a subsequent first encrypted data; encrypting said subsequent first encrypted data with said second key and said updated encryption state to produce a subsequent second encrypted data and another updated encryption state; transmitting said subsequent second encrypted data with said updated encryption state to a receiving computer system; decrypting, on said receiving computer system, said subsequent second encrypted data with said second key and said updated encryption state that is transmitted with said second encrypted data; and decrypting, on said receiving computer system, said decrypted subsequent second encrypted data with said first key. - View Dependent Claims (38, 39, 40, 41, 42)
-
Specification