Data repository and method for promoting network storage of data
First Claim
1. A method for client programs, communicating over a network with a data repository, to store encrypted data items in the data repository, wherein the client programs do not retain information needed to decrypt the data items, the method comprising:
- generating a public key and a private key;
transmitting only the public key to a first client program running on a first client machine;
creating a data key, by the first client program;
encrypting a data item, by the first client program, using the data key as the encryption key;
depositing the encrypted data item in the data repository, in response to a request by the first client program;
encrypting the data key, by the first client program, using the public key;
storing the encrypted data key in the data repository in association with the encrypted data item, in response to a request by the first client program;
erasing the data key from storage on the first client machine;
erasing the data item from storage on the first client machine;
retrieving the encrypted data key from the data repository, in response to a request by a second client program running on a second client machine that is different than the first client machine and that has access to the private key;
andretrieving the encrypted data item and decrypting it;
wherein the private key is needed to decrypt data encoded using the public key;
wherein once both erasing steps have been completed, there is no information stored on the first client machine that would enable the data item to be recovered from the data repository;
wherein the erasing steps guarantee that the data item is no longer accessible using information stored at a site where the first client machine is located;
wherein the retrieving steps occur after the erasing steps have been completed;
wherein the data key erasing step occurs after the encrypted data key is stored in the data repository;
wherein there is no predetermined time limit on when the second client may access the private key;
wherein the storing step associates a repository user with the encrypted data item deposited within the data repository;
wherein the erasing steps guarantee that, using only information present at the site where the first client machine is located and information stored in the data repository, the association of the encrypted data item with the repository user cannot be discovered;
wherein the first client program communicates with the data repository, using hashes of data items to identify their content and determine whether they have content distinct from data items already stored in the data repository, or identical content;
wherein the first client program stores in the data repository data items that have content distinct from data items already stored in the data repository and, for storage of data items that have content identical with data items already stored in the data repository, relies on the data items already stored rather than storing the content again; and
wherein to enable a future retrieval of a data item already stored in the data repository, the first client program communicates to the data repository a proof that it has a data item with identical content and not just a hash used to identify the content, and does this without communicating the full content.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for storing data items in a data repository that allows a client storing a data item to lose the ability to either retrieve the stored data item or enable its retrieval, while preserving controlled access to the stored data item indefinitely. The client storing the data item encrypts it using an encryption key that it creates, which may be derived from the content of the data item. The encryption key is also stored in the data repository in an encrypted form, with its encryption making use of a public key. The method allows storage space to be shared for identical data items encrypted and stored by independent clients of the data repository.
-
Citations
20 Claims
-
1. A method for client programs, communicating over a network with a data repository, to store encrypted data items in the data repository, wherein the client programs do not retain information needed to decrypt the data items, the method comprising:
-
generating a public key and a private key; transmitting only the public key to a first client program running on a first client machine; creating a data key, by the first client program; encrypting a data item, by the first client program, using the data key as the encryption key; depositing the encrypted data item in the data repository, in response to a request by the first client program; encrypting the data key, by the first client program, using the public key; storing the encrypted data key in the data repository in association with the encrypted data item, in response to a request by the first client program; erasing the data key from storage on the first client machine; erasing the data item from storage on the first client machine; retrieving the encrypted data key from the data repository, in response to a request by a second client program running on a second client machine that is different than the first client machine and that has access to the private key; and retrieving the encrypted data item and decrypting it; wherein the private key is needed to decrypt data encoded using the public key; wherein once both erasing steps have been completed, there is no information stored on the first client machine that would enable the data item to be recovered from the data repository; wherein the erasing steps guarantee that the data item is no longer accessible using information stored at a site where the first client machine is located; wherein the retrieving steps occur after the erasing steps have been completed; wherein the data key erasing step occurs after the encrypted data key is stored in the data repository; wherein there is no predetermined time limit on when the second client may access the private key; wherein the storing step associates a repository user with the encrypted data item deposited within the data repository; wherein the erasing steps guarantee that, using only information present at the site where the first client machine is located and information stored in the data repository, the association of the encrypted data item with the repository user cannot be discovered; wherein the first client program communicates with the data repository, using hashes of data items to identify their content and determine whether they have content distinct from data items already stored in the data repository, or identical content; wherein the first client program stores in the data repository data items that have content distinct from data items already stored in the data repository and, for storage of data items that have content identical with data items already stored in the data repository, relies on the data items already stored rather than storing the content again; and wherein to enable a future retrieval of a data item already stored in the data repository, the first client program communicates to the data repository a proof that it has a data item with identical content and not just a hash used to identify the content, and does this without communicating the full content. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification