System, apparatus and method for encryption and decryption of data transmitted over a network

US 9,338,139 B2
Filed: 12/30/2010
Issued: 05/10/2016
Est. Priority Date: 09/15/2008
Status: Expired due to Fees

First Claim

Patent Images

1. A method for securing data between a client device and a server comprising:

obtaining input text at an intermediate module;

processing the input text at said intermediate module to obtain processed text by applying an order-preserving transformation, said order-preserving transformation comprising;

generating order information by applying an order-preserving and secret-key dependent function in the form of a numerical monotonously increasing function to information related to said input text, said order information indicative of a relative order of the input text within a set of possible input texts according to a collation rule;

andtransmitting the processed text to the server,wherein the applying of the function includes;

obtaining an input numeric value based on at least a portion of the input text;

providing an input range and an output range;

dividing the input and output ranges into two input ranges and two output ranges based on a secret key;

selecting a pair of input and output ranges from the divided ranges according to which of the input ranges includes the input numeric value;

iteratively repeating the dividing and selecting steps until the output range is smaller than a predetermined parameter, said output range being a final output range; and

returning an output numeric value lying within the final output range.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for securing data transmitted between a client device and a server by obtaining input text at an intermediate module, processing the input text to obtain processed text, and transmitting the processed text to the server. Embodiments of the invention include securing data between a client device and a server by processing the input text at the intermediate module by applying an order-preserving transformation, the order-preserving transformation comprising: generating order information based on the input text, the order information indicative of a relative order of the input text within a set of possible input texts according to a collation rule.

Citations

10 Claims

1. A method for securing data between a client device and a server comprising:
- obtaining input text at an intermediate module;
  
  processing the input text at said intermediate module to obtain processed text by applying an order-preserving transformation, said order-preserving transformation comprising;
  
  generating order information by applying an order-preserving and secret-key dependent function in the form of a numerical monotonously increasing function to information related to said input text, said order information indicative of a relative order of the input text within a set of possible input texts according to a collation rule;
  
  andtransmitting the processed text to the server,wherein the applying of the function includes;
  
  obtaining an input numeric value based on at least a portion of the input text;
  
  providing an input range and an output range;
  
  dividing the input and output ranges into two input ranges and two output ranges based on a secret key;
  
  selecting a pair of input and output ranges from the divided ranges according to which of the input ranges includes the input numeric value;
  
  iteratively repeating the dividing and selecting steps until the output range is smaller than a predetermined parameter, said output range being a final output range; and
  
  returning an output numeric value lying within the final output range.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising transmitting the order information to the server in association with said processed input text by adding the order information as a prefix to the processed input data and transmitting the combined order information and processed input data to the server.
  - 3. The method of claim 1, wherein said order information is produced based on a truncated version of the input text.
  - 4. The method of claim 3, wherein said order information is produced based on a plurality of truncated words in the input text, in the order in which they appear therein.
  - 5. The method of claim 1, wherein transforming the input text to obtain processed text comprises:
    - including a statistically significant feature in the processed text;
      
      receiving the processed text and unencrypted text from the server;
      
      based on the statistically significant feature, identifying the processed text within the unencrypted text; and
      
      applying a reverse transformation to the processed text to obtain unprocessed text.

6. A system for securing data between a client device and a server, the system comprising:
- an intermediate module device configured to;
  
  obtain input text;
  
  process the input text by applying an order-preserving transformation to obtain processed text, said order-preserving transformation comprising;
  
  generating order information by applying an order-preserving and secret-key dependent function in the form of a numerical monotonously increasing to information related to said input text, said order information indicative of a relative order of the input text within a set of possible input texts according to a collation rule, the applying of the function including;
  
  obtaining an input numeric value based on at least a portion of the input text;
  
  providing an input range and an output range;
  
  dividing the input and output ranges into two input ranges and two output ranges based on a secret key;
  
  selecting a pair of input and output ranges from the divided ranges according to which of the input ranges includes the input numeric value;
  
  iteratively repeating the dividing and selecting steps until the output range is smaller than a predetermined parameter, said output range being a final output range; and
  
  returning an output numeric value lying within the final output range; and
  
  transmit the processed text to the server.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The system of claim 6, wherein said intermediate module device is configured to transmit the order information to the server in association with said processed input text by:
    - adding the order information as a prefix to the processed input data, andtransmitting the combined order information and processed input data to the server.
  - 8. The system of claim 6, wherein said intermediate module device is configured to generate said order information based on a truncated version of the input text.
  - 9. The system of claim 8, wherein said intermediate module device is configured to generate said order information based on a plurality of truncated words in the input text, in the order in which they appear therein.
  - 10. The system of claim 6, wherein the intermediate module device is configured to:
    - include a statistically significant feature in the processed text;
      
      receive the processed text and unencrypted text from the server;
      
      based on the statistically significant feature, identifying the processed text within the unencrypted text; and
      
      applying a reverse transformation to the processed text to obtain unprocessed text.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vaultive Ltd.
Original Assignee
Vaultive Ltd.
Inventors
Matzkel, Ben, Tal, Maayan, Lahav, Aviad
Primary Examiner(s)
Shiferaw, Eleni
Assistant Examiner(s)
GIDDINS, NELSON S

Application Number

US12/982,691
Publication Number

US 20110167255A1
Time in Patent Office

1,958 Days
Field of Search

713/153
US Class Current

1/1
CPC Class Codes

G06F 15/16   Combinations of two or more...

G06F 21/6227   where protection concerns t...

H04L 51/00   User-to-user messaging in p...

H04L 51/066   Format adaptation, e.g. for...

H04L 51/212   using filtering or selectiv...

H04L 51/226   Delivery according to prior...

H04L 51/42   Mailbox-related aspects, e....

H04L 63/0428   wherein the data content is...

H04L 63/045   wherein the sending and rec...

H04L 63/0471   applying encryption by an i...

H04L 63/126   the source of the received ...

H04L 67/01   Protocols

H04L 67/06   specially adapted for file ...

H04L 67/535   Tracking the activity of th...

H04L 67/568   Storing data temporarily at...

H04L 9/00   Cryptographic mechanisms or...

H04L 9/40   Network security protocols

System, apparatus and method for encryption and decryption of data transmitted over a network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

System, apparatus and method for encryption and decryption of data transmitted over a network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links