System and method for creating and protecting secrets for a plurality of groups
First Claim
Patent Images
1. A method for creating a shared secret for use in communicating confidential information, the method comprising:
- receiving, via a member user interface, a group identification, user id, and user passcode;
generating, by a n-bit generator using the group identification, the user id, and the user passcode as inputs, a first m-bit result, the first m-bit result including a file name and encryption key;
generating, by the n-bit generator using a group-agreed seed as input, a second m bit result, the second m-bit result including a shared secret;
encrypting said shared secret using said encryption key to produce an encrypted shared secret, wherein encrypting the shared secret comprises selecting the encryption algorithm from among a plurality of encryption algorithms according to an encryption algorithm identifier according to information extracted from the first m-bit result;
assigning the file name to the encrypted shared secret; and
storing the encrypted shared secret in a secrets directory under the assigned file name.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for protecting a first secrets file. The method includes an n-bit generator generating a secrets file name for the secrets file and generating a decoy file names for decoy files. The secrets file includes a secret. Each of the decoy files includes decoy file contents, are a same size as the secrets file, and is associated with a modification time within a range of modification times. The modification time of the secrets file is within the range of modification times. The secrets file and decoy files are stored in a secrets directory.
66 Citations
14 Claims
-
1. A method for creating a shared secret for use in communicating confidential information, the method comprising:
-
receiving, via a member user interface, a group identification, user id, and user passcode; generating, by a n-bit generator using the group identification, the user id, and the user passcode as inputs, a first m-bit result, the first m-bit result including a file name and encryption key; generating, by the n-bit generator using a group-agreed seed as input, a second m bit result, the second m-bit result including a shared secret; encrypting said shared secret using said encryption key to produce an encrypted shared secret, wherein encrypting the shared secret comprises selecting the encryption algorithm from among a plurality of encryption algorithms according to an encryption algorithm identifier according to information extracted from the first m-bit result; assigning the file name to the encrypted shared secret; and storing the encrypted shared secret in a secrets directory under the assigned file name. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for creating a single sign-on identity for a plurality of different groups, the method comprising:
-
for each respective group of the plurality of different groups, receiving, via an interface, a selected group identification, a user id and a user passcode; generating, by a n-bit generator from the group identification, user id and user passcode, a n-bit result, wherein the n-bit result includes a shared secret for the respective group; and storing, in encrypted form, each shared secret for each respective group of the plurality of different groups in a secrets directory, the secrets directory further including one or more decoy files, each of the decoy files being of similar size as the encrypted shared secrets, wherein the storing in encrypted form each shared secret comprises selecting the encryption algorithm from among a plurality of encryption algorithms according to an encryption algorithm identifier according to information extracted from the n-bit result. - View Dependent Claims (13, 14)
-
Specification