Saving and retrieving data based on symmetric key encryption

US 7,487,365 B2
Filed: 04/04/2003
Issued: 02/03/2009
Est. Priority Date: 04/17/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method, implemented in a computing device, the method comprising:

receiving a bit string from a calling program;

checking an identifier of the calling program to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string, the checking comprising;

obtaining, from the bit string, identifiers of multiple target programs that are allowed to access the data;

checking whether one of the identifiers of the multiple target programs is the same as the identifier of the calling program;

determining that the calling program is allowed to access the data if one of the identifiers of the multiple target programs is the same as the identifier of the calling program; and

determining that the calling program is not allowed to access the data if none of the identifiers of the multiple target programs is the same as the identifier of the calling program;

verifying the integrity of the data;

decrypting the data using a symmetric key; and

returning the data to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using a symmetric cipher, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with other aspects, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The integrity of the data is also verified, and the data is decrypted using a symmetric key. The data is returned to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.

179 Citations

70 Claims

1. A method, implemented in a computing device, the method comprising:
- receiving a bit string from a calling program;
  
  checking an identifier of the calling program to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string, the checking comprising;
  
  obtaining, from the bit string, identifiers of multiple target programs that are allowed to access the data;
  
  checking whether one of the identifiers of the multiple target programs is the same as the identifier of the calling program;
  
  determining that the calling program is allowed to access the data if one of the identifiers of the multiple target programs is the same as the identifier of the calling program; and
  
  determining that the calling program is not allowed to access the data if none of the identifiers of the multiple target programs is the same as the identifier of the calling program;
  
  verifying the integrity of the data;
  
  decrypting the data using a symmetric key; and
  
  returning the data to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A method as recited in claim 1, wherein the data comprises a cryptographic key.
  - 3. A method as recited in claim 1, further comprising:
    - returning, to the calling program, an identifier of a program that previously sealed the data.
  - 4. A method as recited in claim 3, wherein the identifier of the program that previously sealed the data comprises a digest value generated by applying a cryptographic hash function to the program that previously sealed the data.
  - 5. A method as recited in claim 1, wherein the identifier of the calling program comprises a digest value generated by applying a cryptographic hash function to the target program.
  - 6. A method as recited in claim 1, wherein receiving the bit string comprises receiving the bit string as part of an UnSeal operation.
  - 7. A method as recited in claim 1, wherein the bit string comprises a combination of the ciphertext and a message authentication code (MAC) value for the ciphertext.
  - 8. A method as recited in claim 1, wherein the bit string comprises a combination of the ciphertext and a message authentication code (MAC) value for the data.
  - 9. A method as recited in claim 1, wherein the bit string comprises a ciphertext generated from a combination of the data and a message authentication code (MAC) value for the data.
  - 10. A method as recited in claim 1, wherein the verifying comprises:
    - obtaining the data by decrypting the ciphertext;
      
      generating a message authentication code (MAC) value for the obtained data;
      
      comparing the generated MAC value to a MAC value received as part of the bit string; and
      
      successfully verifying the integrity of the data only if the generated MAC value is equal to the MAC value received as part of the bit string.
  - 11. A method as recited in claim 10, wherein the generating the MAC value comprises generating the MAC value using a first part of the symmetric key, and wherein the decrypting the data comprises decrypting the data using a second part of the symmetric key.

12. One or more computer storage media having stored thereon a plurality of instructions that, when executed by one or more processors of a computing device, causes the one or more processors to:
- receive data from a calling program;
  
  generate, using a symmetric cipher, ciphertext that includes the data and identifiers of multiple target programs that are allowed to access the data;
  
  after the ciphertext is generated, receive a bit string from another calling program;
  
  check an identifier of the other calling program to determine whether the other calling program is one of the multiple target programs;
  
  verify the integrity of the data;
  
  decrypt the data using a symmetric key; and
  
  return the data to the other calling program only if the other calling program is one of the multiple target programs and if the integrity of the data is successfully verified.
- View Dependent Claims (13, 14)
- - 13. One or more computer storage media as recited in claim 12, wherein the calling program and the other calling program are the same program.
  - 14. One or more computer storage media as recited in claim 12, wherein to verify the integrity of the data is to verify the integrity using one part of the symmetric key and wherein to decrypt the data is to decrypt the data using another part of the symmetric key.

15. One or more computer storage media having stored thereon a plurality of instructions that, when executed by one or more processors of a computing device, causes the one or more processors to:
- obtain an identifier of a calling application;
  
  generate a bit string including the identifier of the calling application, data to be sealed for the calling application, and identifiers of multiple target applications that are allowed to unseal the data;
  
  generate a message authentication code (MAC) value for the bit string;
  
  encrypt the bit string using a symmetric key and a symmetric cipher; and
  
  return the MAC value and the encrypted bit string to the calling application.
- View Dependent Claims (16, 17, 18, 19)
- - 16. One or more computer storage media as recited in claim 15, wherein the instructions that cause the one or more processors to obtain the identifier of the calling application comprise instructions that cause the one or more processors to generate a digest of the calling application using a cryptographic hash function.
  - 17. One or more computer storage media as recited in claim 15, wherein the instructions further cause the one or more processors to receive, from the calling application, the data.
  - 18. One or more computer storage media as recited in claim 15, wherein the instructions further cause the one or more processors to generate a random value to be used as the data.
  - 19. One or more computer storage media as recited in claim 15, wherein the symmetric key includes a first part and a second part that are independent of one another, wherein to generate the MAC value is to generate the MAC value with the first part of the symmetric key, and wherein to encrypt the bit string is to encrypt the bit string with the second part of the symmetric key.

20. One or more computer storage media having stored thereon a plurality of instructions that, when executed by one or more processors of a computing device, causes the one or more processors to:
- receive, from a calling program, a bit string including ciphertext and a message authentication code (MAC) value;
  
  decrypt the ciphertext in the bit string using a symmetric key to generate plaintext data;
  
  generate a message authentication code (MAC) value for at least a portion of the plaintext data;
  
  check whether the MAC value in the bit string is equal to the generated MAC value;
  
  check whether an identifier of the calling program is included as one of multiple target program identifiers in the plaintext data, the multiple target program identifiers identifying multiple target programs that are allowed to unseal the plaintext data; and
  
  return the plaintext data to the calling program only if the MAC value in the bit string is equal to the generated MAC value and if the identifier of the calling program is included as one of the multiple target program identifiers in the plaintext data.
- View Dependent Claims (21, 22)
- - 21. One or more computer storage media as recited in claim 20, wherein the identifier of the calling program comprises a digest of the calling program generated using a cryptographic hash function.
  - 22. One or more computer storage media as recited in claim 20, wherein to generate the MAC value is to generate the MAC value using a first part of the symmetric key, and wherein to decrypt the ciphertext in the bit string is to decrypt the ciphertext in the bit string using a second part of the symmetric key.

23. A device comprising a plurality of hardware means, the plurality of hardware means including:
- means for receiving a bit string from a calling program;
  
  means for checking an identifier of the calling program to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string, the means for checking determining that the calling program is allowed to access the data if the identifier of the calling program is included as one of multiple target program identifiers in the ciphertext;
  
  means for verifying the integrity of the data;
  
  means for decrypting the data using a symmetric key; and
  
  means for returning the data to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.

24. One or more computer storage media having stored thereon a plurality of instructions that, when executed by one or more processors of a computing device, causes the one or more processors to:
- receive a bit string from a calling program;
  
  check an identifier of the calling program to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string, wherein to check the identifier is to;
  
  obtain, from the bit string, identifiers of multiple target programs that are allowed to access the data;
  
  check whether one of the identifiers of the multiple target programs is the same as the identifier of the calling program;
  
  determine that the calling program is allowed to access the data if one of the identifiers of the multiple target programs is the same as the identifier of the calling program; and
  
  determine that the calling program is not allowed to access the data if none of the identifiers of the multiple target programs is the same as the identifier of the calling program;
  
  verify the integrity of the data;
  
  decrypt the data using a symmetric key; and
  
  return the data to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 25. One or more computer storage media as recited in claim 24, wherein the data comprises a cryptographic key.
  - 26. One or more computer storage media as recited in claim 24, wherein the plurality of instructions further causes the one or more processors to:
    - return, to the calling program, an identifier of a program that previously sealed the data.
  - 27. One or more computer storage media as recited in claim 26, wherein the identifier of the program that previously sealed the data comprises a digest value generated by applying a cryptographic hash function to the program that previously sealed the data.
  - 28. One or more computer storage media as recited in claim 24, wherein the identifier of the calling program comprises a digest value generated by applying a cryptographic hash function to the target program.
  - 29. One or more computer storage media as recited in claim 24, wherein to receive the bit string is to receive the bit string as part of an UnSeal operation.
  - 30. One or more computer storage media as recited in claim 24, wherein the bit string comprises a combination of the ciphertext and a message authentication code (MAC) value for the ciphertext.
  - 31. One or more computer storage media as recited in claim 24, wherein the bit string comprises a combination of the ciphertext and a message authentication code (MAC) value for the data.
  - 32. One or more computer storage media as recited in claim 24, wherein the bit string comprises a ciphertext generated from a combination of the data and a message authentication code (MAC) value for the data.
  - 33. One or more computer storage media as recited in claim 24, wherein to verify the integrity of the data is to:
    - obtain the data by decrypting the ciphertext;
      
      generate a message authentication code (MAC) value for the obtained data;
      
      compare the generated MAC value to a MAC value received as part of the bit string; and
      
      successfully verify the integrity of the data only if the generated MAC value is equal to the MAC value received as part of the bit string.
  - 34. One or more computer storage media as recited in claim 33, wherein to generate the MAC value is to generate the MAC value using a first part of the symmetric key, and wherein to decrypt the data is to decrypt the data using a second part of the symmetric key.

35. A computing device comprising:
- a processor; and
  
  a memory, coupled to the processor, storing a plurality of instructions causing the processor to perform acts comprising;
  
  receiving a bit string from a calling program;
  
  checking an identifier of the calling program to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string, the checking comprising;
  
  obtaining, from the bit string, identifiers of multiple target programs that are allowed to access the data;
  
  checking whether one of the identifiers of the multiple target programs is the same as the identifier of the calling program;
  
  determining that the calling program is allowed to access the data if one of the identifiers of the multiple target programs is the same as the identifier of the calling program; and
  
  determining that the calling program is not allowed to access the data if none of the identifiers of the multiple target programs is the same as the identifier of the calling program;
  
  verifying the integrity of the data;
  
  decrypting the data using a symmetric key; and
  
  returning the data to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.
- View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
- - 36. A computing device as recited in claim 35, wherein the data comprises a cryptographic key.
  - 37. A computing device as recited in claim 35, the plurality of instructions further causing the processor to perform acts comprising:
    - returning, to the calling program, an identifier of a program that previously sealed the data.
  - 38. A computing device as recited in claim 37, wherein the identifier of the program that previously sealed the data comprises a digest value generated by applying a cryptographic hash function to the program that previously sealed the data.
  - 39. A computing device as recited in claim 35, wherein the identifier of the calling program comprises a digest value generated by applying a cryptographic hash function to the target program.
  - 40. A computing device as recited in claim 35, wherein receiving the bit string comprises receiving the bit string as part of an UnSeal operation.
  - 41. A computing device as recited in claim 35, wherein the bit string comprises a combination of the ciphertext and a message authentication code (MAC) value for the ciphertext.
  - 42. A computing device as recited in claim 35, wherein the bit string comprises a combination of the ciphertext and a message authentication code (MAC) value for the data.
  - 43. A computing device as recited in claim 35, wherein the bit string comprises a ciphertext generated from a combination of the data and a message authentication code (MAC) value for the data.
  - 44. A computing device as recited in claim 35, wherein the verifying comprises:
    - obtaining the data by decrypting the ciphertext;
      
      generating a message authentication code (MAC) value for the obtained data;
      
      comparing the generated MAC value to a MAC value received as part of the bit string; and
      
      successfully verifying the integrity of the data only if the generated MAC value is equal to the MAC value received as part of the bit string.
  - 45. A computing device as recited in claim 44, wherein the generating the MAC value comprises generating the MAC value using a first part of the symmetric key, and wherein the decrypting the data comprises decrypting the data using a second part of the symmetric key.

46. A method, implemented in a computing device, the method comprising:
- receiving data from a calling program;
  
  generating, using a symmetric cipher, ciphertext that includes the data and identifiers of multiple target programs that are allowed to access the data;
  
  after the ciphertext is generated, receiving a bit string from another calling program;
  
  checking an identifier of the other calling program to determine whether the other calling program is one of the multiple target programs;
  
  verifying the integrity of the data;
  
  decrypting the data using a symmetric key; and
  
  returning the data to the other calling program only if the other calling program is one of the multiple target programs and if the integrity of the data is successfully verified.
- View Dependent Claims (47, 48)
- - 47. A method as recited in claim 46, wherein the calling program and the other calling program are the same program.
  - 48. A method as recited in claim 46, wherein verifying the integrity of the data comprises verifying the integrity using one part of the symmetric key and wherein decrypting the data comprises decrypting the data using another part of the symmetric key.

49. A computing device comprising:
- a processor; and
  
  a memory, coupled to the processor, storing a plurality of instructions that cause the processor to;
  
  receive data from a calling program;
  
  generate, using a symmetric cipher, ciphertext that includes the data and identifiers of multiple target programs that are allowed to access the data;
  
  after the ciphertext is generated, receive a bit string from another calling program;
  
  check an identifier of the other calling program to determine whether the other calling program is one of the multiple target programs;
  
  verify the integrity of the data;
  
  decrypt the data using a symmetric key; and
  
  return the data to the other calling program only if the other calling program is one of the multiple target programs and if the integrity of the data is successfully verified.
- View Dependent Claims (50, 51)
- - 50. A computing device as recited in claim 49, wherein the calling program and the other calling program are the same program.
  - 51. A computing device as recited in claim 49, wherein to verify the integrity of the data is to verify the integrity using one part of the symmetric key and wherein to decrypt the data is to decrypt the data using another part of the symmetric key.

52. A method, implemented in a computing device, the method comprising:
- obtaining an identifier of a calling application;
  
  generating a bit string including the identifier of the calling application, data to be sealed for the calling application, and identifiers of multiple target applications that are allowed to unseal the data;
  
  generating a message authentication code (MAC) value for the bit string;
  
  encrypting the bit string using a symmetric key and a symmetric cipher; and
  
  returning the MAC value and the encrypted bit string to the calling application.
- View Dependent Claims (53, 54, 55, 56)
- - 53. A method as recited in claim 52, wherein obtaining the identifier of the calling application comprises generating a digest of the calling application using a cryptographic hash function.
  - 54. A method as recited in claim 52, further comprising receiving, from the calling application, the data.
  - 55. A method as recited in claim 52, further comprising generating a random value to be used as the data.
  - 56. A method as recited in claim 52, wherein the symmetric key includes a first part and a second part that are independent of one another, wherein generating the MAC value comprises generating the MAC value with the first part of the symmetric key, and wherein encrypting the bit string comprises encrypting the bit string with the second part of the symmetric key.

57. A computing device comprising:
- a processor; and
  
  a memory, coupled to the processor, storing a plurality of instructions that cause the processor to;
  
  obtain an identifier of a calling application;
  
  generate a bit string including the identifier of the calling application, data to be sealed for the calling application, and identifiers of multiple target applications that are allowed to unseal the data;
  
  generate a message authentication code (MAC) value for the bit string;
  
  encrypt the bit string using a symmetric key and a symmetric cipher; and
  
  return the MAC value and the encrypted bit string to the calling application.
- View Dependent Claims (58, 59, 60, 61)
- - 58. A computing device as recited in claim 57, wherein the instructions that cause the processor to obtain the identifier of the calling application comprise instructions that cause the processor to generate a digest of the calling application using a cryptographic hash function.
  - 59. A computing device as recited in claim 57, wherein the instructions further cause the processor to receive, from the calling application, the data.
  - 60. A computing device as recited in claim 57, wherein the instructions further cause the processor to generate a random value to be used as the data.
  - 61. A computing device as recited in claim 57, wherein the symmetric key includes a first part and a second part that are independent of one another, wherein to generate the MAC value is to generate the MAC value with the first part of the symmetric key, and wherein to encrypt the bit string is to encrypt the bit string with the second part of the symmetric key.

62. A method, implemented in a computing device, the method comprising:
- receiving, from a calling program, a bit string including ciphertext and a message authentication code (MAC) value;
  
  decrypting the ciphertext in the bit string using a symmetric key to generate plaintext data;
  
  generating a message authentication code (MAC) value for at least a portion of the plaintext data;
  
  checking whether the MAC value in the bit string is equal to the generated MAC value;
  
  checking whether an identifier of the calling program is included as one of multiple target program identifiers in the plaintext data, the multiple target program identifiers identifying multiple target programs that are allowed to unseal the plaintext data; and
  
  returning the plaintext data to the calling program only if the MAC value in the bit string is equal to the generated MAC value and if the identifier of the calling program is included as one of the multiple target program identifiers in the plaintext data.
- View Dependent Claims (63, 64)
- - 63. A method as recited in claim 62, wherein the identifier of the calling program comprises a digest of the calling program generated using a cryptographic hash function.
  - 64. A method as recited in claim 62, wherein the generating the MAC value comprises generating the MAC value using a first part of the symmetric key, and wherein decrypting the ciphertext in the bit string comprises decrypting the ciphertext in the bit string using a second part of the symmetric key.

65. A computing device comprising:
- a processor; and
  
  a memory, coupled to the processor, storing a plurality of instructions that cause the processor to;
  
  receive, from a calling program, a bit string including ciphertext and a message authentication code (MAC) value;
  
  decrypt the ciphertext in the bit string using a symmetric key to generate plaintext data;
  
  generate a message authentication code (MAC) value for at least a portion of the plaintext data;
  
  check whether the MAC value in the bit string is equal to the generated MAC value;
  
  check whether an identifier of the calling program is included as one of multiple target program identifiers in the plaintext data, the multiple target program identifiers identifying multiple target programs that are allowed to unseal the plaintext data; and
  
  return the plaintext data to the calling program only if the MAC value in the bit string is equal to the generated MAC value and if the identifier of the calling program is included as one of the multiple target program identifiers in the plaintext data.
- View Dependent Claims (66, 67)
- - 66. A computing device as recited in claim 65, wherein the identifier of the calling program comprises a digest of the calling program generated using a cryptographic hash function.
  - 67. A computing device as recited in claim 65, wherein to generate the MAC value is to generate the MAC value using a first part of the symmetric key, and wherein to decrypt the ciphertext in the bit string is to decrypt the ciphertext in the bit string using a second part of the symmetric key.

68. A method, implemented in a computing device, the method comprising:
- receiving a bit string from a calling program;
  
  checking an identifier of the calling program to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string, the checking determining that the calling program is allowed to access the data if the identifier of the calling program is included as one of multiple target program identifiers in the ciphertext;
  
  verifying the integrity of the data;
  
  decrypting the data using a symmetric key; and
  
  returning the data to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.

69. One or more computer storage media having stored thereon a plurality of instructions that, when executed by one or more processors of a computing device, causes the one or more processors to:
- receive a bit string from a calling program;
  
  check an identifier of the calling program to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string, wherein to check the identifier is to determine that the calling program is allowed to access the data if the identifier of the calling program is included as one of multiple target program identifiers in the ciphertext;
  
  verify the integrity of the data;
  
  decrypt the data using a symmetric key; and
  
  return the data to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.

70. A computing device comprising:
- a processor; and
  
  a memory, coupled to the processor, storing a plurality of instructions that cause the processor to;
  
  receive a bit string from a calling program;
  
  check an identifier of the calling program to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string, wherein to check the identifier is to determine that the calling program is allowed to access the data if the identifier of the calling program is included as one of multiple target program identifiers in the ciphertext;
  
  verify the integrity of the data;
  
  decrypt the data using a symmetric key; and
  
  return the data to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
England, Paul, Peinado, Marcus
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
JACKSON, JENISE E

Application Number

US10/406,861
Publication Number

US 20030200440A1
Time in Patent Office

2,132 Days
Field of Search

713/167, 713/193, 380/28
US Class Current

713/193
CPC Class Codes

G06F 21/6218 to a system of files or obj...

Saving and retrieving data based on symmetric key encryption

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

179 Citations

70 Claims

Specification

Solutions

Use Cases

Quick Links

Saving and retrieving data based on symmetric key encryption

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

179 Citations

70 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links