Deriving a symmetric key from an asymmetric key for file encryption or decryption
First Claim
Patent Images
1. A method comprising:
- accessing a private key of an asymmetric key pair in a key device;
deriving a symmetric master key from the private key of the asymmetric key pair;
storing the symmetric master key in a computer storage location outside of the key device;
retrieving the symmetric master key from the computer storage location for encrypting a file encryption key;
encrypting the file encryption key using the symmetric master key retrieved from the computer storage location, the encryption occurring while the key device is deactivated; and
encrypting a file using the file encryption key.
1 Assignment
0 Petitions
Accused Products
Abstract
One aspect relates to a process and associated device that provides a private key of an asymmetric key pair in a key device. A symmetric master key is derived from the private key of the asymmetric key pair. The symmetric master key is stored in a computer memory location. The symmetric master key is used to encrypt or decrypt a file encryption key. The file encryption key can encrypt or decrypt files. In another aspect, the user can still access the files even if a user deactivates the key device by encrypting or decrypting the file encryption key directly from the symmetric master key.
67 Citations
19 Claims
-
1. A method comprising:
-
accessing a private key of an asymmetric key pair in a key device; deriving a symmetric master key from the private key of the asymmetric key pair; storing the symmetric master key in a computer storage location outside of the key device; retrieving the symmetric master key from the computer storage location for encrypting a file encryption key; encrypting the file encryption key using the symmetric master key retrieved from the computer storage location, the encryption occurring while the key device is deactivated; and encrypting a file using the file encryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method comprising:
-
receiving an encrypted file and an encrypted file encryption key; retrieving a symmetric master key from a computer storage location, wherein the symmetric master key was derived from a private key on a key device and the retrieving of the symmetric master key is performed while the key device is deactivated; decrypting the encrypted file encryption key using the symmetric master key; and decrypting the encrypted file using the file encryption key. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A computer-readable storage medium having computer-executable instructions for performing steps comprising:
-
accessing a private key associated with a first user, of an asymmetric key pair associated with the first user, the private key of the first user being in a key device; deriving a symmetric master key associated with the first user from the private key associated with the first user; storing the symmetric master key associated with the first user in a computer storage location outside of the key device; retrieving the symmetric master key associated with the first user from the computer storage location for encrypting a file encryption key; encrypting the file encryption key using the symmetric master key associated with the first user, encrypting the file encryption key is performed while the key device is deactivated; decrypting the encrypted file encryption key to create a decrypted file encryption key; encrypting a file using the decrypted file encryption key; decrypting the encrypted file using the decrypted file encryption key; obtaining a public key associated with a second user; and
encrypting the file encryption key with the public key associated with the second user. - View Dependent Claims (19)
-
Specification