Recovery of encrypted data from a secure storage device
First Claim
Patent Images
1. A method for recovering encrypted data from a target portable secure storage device having a user interface for receiving a user code to access the encrypted data, the method comprising:
- coupling the target portable secure storage device to a recovery module;
receiving a recovery request to recover the encrypted data when the user code is unavailable from the user interface;
sending a transfer command to the target portable secure storage device;
receiving an authorization request from the target portable secure storage device in response to the transfer command;
responding to the authorization request with an authorization response;
authenticating the authorization response without verifying the user code;
receiving the encrypted data from the target portable secure storage device;
coupling a plurality of authorized secure storage devices to the recovery module;
retrieving a plurality of encryption keys from the plurality of authorized secure storage devices;
unlocking a decryption key with the plurality of encryption keys; and
decrypting the encrypted data with the decryption key.
3 Assignments
0 Petitions
Accused Products
Abstract
An exemplary software product to recover encrypted data from a target secure storage device can comprise software operational when executed by a processor to receive a recovery request to recovery the encrypted data, send a transfer command to the target secure storage device, receive an authorization request from the target secure storage device in response to the transfer command, respond to the authorization request, and receive the encrypted data from the target secure storage device.
-
Citations
33 Claims
-
1. A method for recovering encrypted data from a target portable secure storage device having a user interface for receiving a user code to access the encrypted data, the method comprising:
-
coupling the target portable secure storage device to a recovery module; receiving a recovery request to recover the encrypted data when the user code is unavailable from the user interface; sending a transfer command to the target portable secure storage device; receiving an authorization request from the target portable secure storage device in response to the transfer command; responding to the authorization request with an authorization response; authenticating the authorization response without verifying the user code; receiving the encrypted data from the target portable secure storage device; coupling a plurality of authorized secure storage devices to the recovery module; retrieving a plurality of encryption keys from the plurality of authorized secure storage devices; unlocking a decryption key with the plurality of encryption keys; and decrypting the encrypted data with the decryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system comprising:
-
a portable secure storage device having a user interface for receiving a user code to access data on the portable secure storage device; and a recovery module for accessing the data when the user code is unavailable, the recovery module comprising; a communication interface configured to couple with the portable secure storage device; and a processor connected to the communication interface, the processor configured to; receive a recovery request to recover the data; send a transfer command to the portable secure storage device; receive an authorization request from the portable secure storage device in response to the transfer command; respond to the authorization request by providing an authorization response to the portable secure storage device; receive the data from the portable secure storage device based on authentication of the authorization response without verifying the user code; retrieve a plurality of encryption keys from a plurality of authorized secure storage devices coupled to the communication interface; unlock a decryption key with the plurality of encryption keys; and decrypt the encrypted data with the decryption key. - View Dependent Claims (15, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
16. A non-transitory computer readable storage medium having a program embodied thereon, the program executable by the processor to perform a method for recovering data from a target portable secure storage device having a user interface for receiving a user code to access the data, the method comprising:
-
receiving a recovery request to recover the data when the user code is unavailable from the user interface; sending a transfer command to the target portable secure storage device; receiving an authorization request from the target portable secure storage device in response to the transfer command; responding to the authorization request by sending an authorization response from the recovery module to the target portable secure storage device, wherein the authorization response is authenticated without verifying the user code; receiving the encrypted data from the target portable secure storage device, coupling a plurality of authorized secure storage devices to the recovery module; retrieving a plurality of encryption keys from the plurality of authorized secure storage devices; unlocking a decryption key with the plurality of authorized secure storage devices; unlocking a decryption key with the plurality of encryption keys; and decrypting the encrypted data with the decryption key. - View Dependent Claims (31, 32, 33)
-
Specification