System and method for protecting secrets file
First Claim
Patent Images
1. A method for protecting a secrets file, comprising:
- initiating configuration of a group;
obtaining a group agreed connect name corresponding to the group;
obtaining a username and password of a user of a member of the group;
generating a first message digest using the group agreed connect name, the username, the password, and an n-bit generator;
extracting a secrets file name and a secrets file encryption key from the first message digest;
obtaining a group agreed seed for a secrets file;
generating a second message digest using the group agreed seed and the n-bit generator;
extracting a first secret from the second message digest;
encrypting, using the secrets file encryption key, the secrets file in a security directory, wherein the secrets file is associated with the secrets file name, and wherein the secrets file comprises the first secret;
generating a third message digest using the first secret;
extracting a first decoy file name and first decoy file contents from the third message digest;
creating a first decoy file using the first decoy file name and the first decoy file contents; and
storing the first decoy file in the security directory,wherein the security directory comprises a plurality of decoy files comprising the first decoy file, andwherein each of the plurality of decoy files comprises decoy file contents, wherein each of the plurality of decoy files are a same size as the secrets file.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for protecting a first secrets file. The method includes an n-bit generator generating a secrets file name for the secrets file and generating a decoy file names for decoy files. The secrets file includes a secret. Each of the decoy files includes decoy file contents, are a same size as the secrets file, and is associated with a modification time within a range of modification times. The modification time of the secrets file is within the range of modification times. The secrets file and decoy files are stored in a secrets directory.
55 Citations
19 Claims
-
1. A method for protecting a secrets file, comprising:
-
initiating configuration of a group; obtaining a group agreed connect name corresponding to the group; obtaining a username and password of a user of a member of the group; generating a first message digest using the group agreed connect name, the username, the password, and an n-bit generator; extracting a secrets file name and a secrets file encryption key from the first message digest; obtaining a group agreed seed for a secrets file; generating a second message digest using the group agreed seed and the n-bit generator; extracting a first secret from the second message digest; encrypting, using the secrets file encryption key, the secrets file in a security directory, wherein the secrets file is associated with the secrets file name, and wherein the secrets file comprises the first secret; generating a third message digest using the first secret; extracting a first decoy file name and first decoy file contents from the third message digest; creating a first decoy file using the first decoy file name and the first decoy file contents; and storing the first decoy file in the security directory, wherein the security directory comprises a plurality of decoy files comprising the first decoy file, and wherein each of the plurality of decoy files comprises decoy file contents, wherein each of the plurality of decoy files are a same size as the secrets file. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer readable medium comprising computer readable program code embodied therein for performing a method for protecting a secrets file, the non-transitory computer readable medium comprising:
-
initiating configuration of a group; obtaining a group agreed connect name corresponding to the group; obtaining a username and password of a user of a member of the group; generating a first message digest using the group agreed connect name, the username, the password, and an n-bit generator; extracting a secrets file name and a secrets file encryption key from the first message digest; obtaining a group agreed seed for a secrets file; generating a second message digest using the group agreed seed and the n-bit generator; extracting a first secret from the second message digest; encrypting, using the secrets file encryption key, the secrets file in a security directory, wherein the secrets file is associated with the secrets file name, and wherein the secrets file comprises the first secret; generating a third message digest using the first secret; extracting a first decoy file name and first decoy file contents from the third message digest; creating a first decoy file using the first decoy file name and the first decoy file contents; and storing the first decoy file in the security directory, wherein the security directory comprises a plurality of decoy files comprising the first decoy file, and wherein each of the plurality of decoy files comprises decoy file contents, wherein each of the plurality of decoy files are a same size as the secrets file. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computing device for protecting a secrets file comprising:
-
a processor; a memory; and software instructions stored in the memory for causing the computing device to; initiate configuration of a group; obtain a group agreed connect name corresponding to the group; obtain a username and password of a user of a member of the group; generate a first message digest using the group agreed connect name, the username, the password, and an n-bit generator; extract a secrets file name and a secrets file encryption key from the first message digest; obtain a group agreed seed for a secrets file; generate a second message digest using the group agreed seed and the n-bit generator; extract a first secret from the second message digest; encrypt, using the secrets file encryption key, the secrets file in a security directory, wherein the secrets file is associated with the secrets file name, and wherein the secrets file comprises the first secret; generate a third message digest using the first secret; extract a first decoy file name and first decoy file contents from the third message digest; create a first decoy file using the first decoy file name and the first decoy file contents; and store the first decoy file in the security directory, wherein the security directory comprises a plurality of decoy files comprising the first decoy file, and wherein each of the plurality of decoy files comprises decoy file contents, wherein each of the plurality of decoy files are a same size as the secrets file. - View Dependent Claims (16, 17, 18, 19)
-
Specification