System and method for creating and protecting secrets for a plurality of groups

US 9,411,972 B2
Filed: 09/22/2015
Issued: 08/09/2016
Est. Priority Date: 03/25/2009
Status: Active Grant

First Claim

Patent Images

1. A method for creating a shared secret for use in communicating confidential information, the method comprising:

receiving, via a member user interface, a group identification, user id, and user passcode;

generating, by a n-bit generator using the group identification, the user id, and the user passcode as inputs, a first m-bit result, the first m-bit result including a file name and encryption key;

generating, by the n-bit generator using a group-agreed seed as input, a second m bit result, the second m-bit result including a shared secret;

encrypting said shared secret using said encryption key to produce an encrypted shared secret, wherein encrypting the shared secret comprises selecting the encryption algorithm from among a plurality of encryption algorithms according to an encryption algorithm identifier according to information extracted from the first m-bit result;

assigning the file name to the encrypted shared secret; and

storing the encrypted shared secret in a secrets directory under the assigned file name.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for protecting a first secrets file. The method includes an n-bit generator generating a secrets file name for the secrets file and generating a decoy file names for decoy files. The secrets file includes a secret. Each of the decoy files includes decoy file contents, are a same size as the secrets file, and is associated with a modification time within a range of modification times. The modification time of the secrets file is within the range of modification times. The secrets file and decoy files are stored in a secrets directory.

66 Citations

14 Claims

1. A method for creating a shared secret for use in communicating confidential information, the method comprising:
- receiving, via a member user interface, a group identification, user id, and user passcode;
  
  generating, by a n-bit generator using the group identification, the user id, and the user passcode as inputs, a first m-bit result, the first m-bit result including a file name and encryption key;
  
  generating, by the n-bit generator using a group-agreed seed as input, a second m bit result, the second m-bit result including a shared secret;
  
  encrypting said shared secret using said encryption key to produce an encrypted shared secret, wherein encrypting the shared secret comprises selecting the encryption algorithm from among a plurality of encryption algorithms according to an encryption algorithm identifier according to information extracted from the first m-bit result;
  
  assigning the file name to the encrypted shared secret; and
  
  storing the encrypted shared secret in a secrets directory under the assigned file name.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising storing in the secrets directory one or more decoy files, each of the decoy files being of similar size as the encrypted shared secret file.
  - 3. The method of claim 1, wherein the shared secret comprises multiple shared secret elements.
  - 4. The method of claim 3, wherein at least some of the shared secret elements are dynamic and others of the shared secret elements are static.
  - 5. The method of claim 4, wherein one or more of the dynamic shared secret elements change each time the shared secret is accessed.
  - 6. The method of claim 1, wherein the information extracted from the first m-bit result is a key length of the encryption key.
  - 7. The method of claim 1, further comprising notifying, via the user interface, a user of a communication from a member of a group.
  - 8. The method of claim 7, further comprising exchanging communications with the member of the group using the encrypted shared secret.
  - 9. The method of claim 8, wherein the communications are exchanged via the Internet.
  - 10. The method of claim 8, wherein the communications comprise SMS messages.
  - 11. The method of claim 1, further comprising storing a plurality of encrypted shared secrets in the secrets directory, each shared secret being associated with a respective group, and the plurality of shared secrets being organized in the secrets directory according to a type of communication.

12. A method for creating a single sign-on identity for a plurality of different groups, the method comprising:
- for each respective group of the plurality of different groups,receiving, via an interface, a selected group identification, a user id and a user passcode;
  
  generating, by a n-bit generator from the group identification, user id and user passcode, a n-bit result, wherein the n-bit result includes a shared secret for the respective group; and
  
  storing, in encrypted form, each shared secret for each respective group of the plurality of different groups in a secrets directory, the secrets directory further including one or more decoy files, each of the decoy files being of similar size as the encrypted shared secrets, wherein the storing in encrypted form each shared secret comprises selecting the encryption algorithm from among a plurality of encryption algorithms according toan encryption algorithm identifier according to information extracted from the n-bit result.
- View Dependent Claims (13, 14)
- - 13. The method of claim 12, wherein each shared secret is unique to each respective group of the plurality of different groups.
  - 14. The method of claim 12, wherein each respective group of the plurality of different groups is comprised of two or more members.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PACid Technologies, LLC
Original Assignee
PACid Technologies, LLC
Inventors
Fielder, Guy
Primary Examiner(s)
Shaw, Brian

Application Number

US14/861,630
Publication Number

US 20160012243A1
Time in Patent Office

322 Days
Field of Search

713/168, 713/169, 713/171, 713/181, 713/189, 370/338, 709/204
US Class Current

1/1
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06F 21/6209   to a single file or object,...

G06F 2221/2123   Dummy operation

H04L 2209/24   Key scheduling, i.e. genera...

H04L 2463/121   Timestamp cryptographic mec...

H04L 63/0428   wherein the data content is...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/14   using a plurality of keys o...

H05K 999/99   dummy group

System and method for creating and protecting secrets for a plurality of groups

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

66 Citations

14 Claims

Specification

Use Cases

Quick Links

Others

System and method for creating and protecting secrets for a plurality of groups

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

14 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others