Apparatus and method for secure file transfer
First Claim
Patent Images
1. A method of secure file transfer comprising:
- determining a desired recipient;
retrieving a public key associated with a recipient;
isolating a metadata record for a file from a content record for the file;
encrypting the metadata record for the file using the public key associated with the desired recipient;
encrypting the content record for the file using the public key associated with the recipient;
uploading the encrypted metadata record for the file to a first server from a transfer device;
uploading the encrypted content record for the file to at least one of the first server or a second server from a transfer device;
downloading the encrypted metadata record for a file on a recipient device;
decrypting the encrypted metadata record for a file using a private key associated with the recipient;
retrieving the encrypted content record for the file from the first server using the decrypted metadata record; and
decrypting the encrypted content record for the file using the private key associated with the recipient,wherein the first server and the second server have no access to the recipient private key, the decrypted metadata record, and the decrypted content record.
0 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method for secure file transfer may be provided. In an exemplary embodiment, a file may include a content record and a metadata record. The content record and metadata record may each be encrypted. The encrypted content record and encrypted metadata record may each be uploaded to at least one server. The metadata record may be decrypted and the content record may subsequently be called from the at least one server and decrypted, resulting in a recreation of the original file. The server may have zero knowledge of the file records.
19 Citations
17 Claims
-
1. A method of secure file transfer comprising:
-
determining a desired recipient; retrieving a public key associated with a recipient; isolating a metadata record for a file from a content record for the file; encrypting the metadata record for the file using the public key associated with the desired recipient; encrypting the content record for the file using the public key associated with the recipient; uploading the encrypted metadata record for the file to a first server from a transfer device; uploading the encrypted content record for the file to at least one of the first server or a second server from a transfer device; downloading the encrypted metadata record for a file on a recipient device; decrypting the encrypted metadata record for a file using a private key associated with the recipient; retrieving the encrypted content record for the file from the first server using the decrypted metadata record; and decrypting the encrypted content record for the file using the private key associated with the recipient, wherein the first server and the second server have no access to the recipient private key, the decrypted metadata record, and the decrypted content record. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer readable medium for zero-knowledge file transfer, comprising instructions stored thereon, that when executed on a processor, perform the steps of:
-
determining a desired recipient; retrieving a public key associated with a recipient; isolating a metadata record for a file from a content record for the file; encrypting the metadata record for the file using the public key associated with the recipient; encrypting the content record for the file using the public key associated with the recipient; uploading the encrypted metadata record for the file to a first server from a transfer device; uploading the encrypted content record for the file to at least one of the first server or a second server from a transfer device; downloading the encrypted metadata record for a file on a recipient device; decrypting the encrypted metadata record for a file using a private key associated with the recipient; retrieving the encrypted content record for the file from the first server using the decrypted metadata record; and decrypting the encrypted content record for the file using the private key associated with the recipient, wherein the first server and the second server have no access to the recipient private key, the decrypted metadata record, and the decrypted content record. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable medium for zero-knowledge mail transfer, comprising instructions stored thereon, that when executed on a processor, perform the steps of:
-
encrypting a content record of a mail file using a file-key, resulting in a ciphertext record; encrypting the file-key using a recipient public key, resulting in an encrypted file-key; uploading the encrypted file-key and ciphertext record to a server; encrypting a metadata record of the mail file using a DB-key, resulting in a ciphertext metadata record; uploading the encrypted metadata record to a server; encrypting the DB-key with a recipient public key, resulting in an encrypted DB-key; uploading the encrypted DB-key to the server; encrypting a mail message record using a recipient public key and storing the mail message record on a mail server; receiving the mail message record from the mail server; decrypting the mail message record using a recipient private key; retrieving an encrypted metadata record and encrypted DB-key; decrypting the DB-key using the private key; recreating the metadata record using the DB-key; retrieving an encrypted mail content record and encrypted file-key; decrypting the encrypted file-key using the private key; recreating the mail content record using the file-key, wherein the server and the mail server have no access to the recipient private key, the decrypted metadata record, and the decrypted content record. - View Dependent Claims (16, 17)
-
Specification