Authenticator device facilitating file security
First Claim
Patent Images
1. A non-transitory computer-readable medium embodying a program executable in a computing device, the program, when executed by the computing device, being configured to cause the computing device to at least:
- receive an encrypted security key from a computing environment in the computing device, the encrypted security key corresponding to a secured file and being encrypted using a public key associated with a second computing device on which the secured file is accessed;
generate a time-varying password in the computing device, the time-varying password based at least in part upon a shared secret between the computing device and the second computing device;
generate a double-encrypted security key by encrypting the encrypted security key based at least in part upon the time-varying password; and
transmit the double-encrypted security key to the second computing device via a localized communication mechanism, wherein the second computing device is configured to independently generate the time-varying password and decrypt the double-encrypted security key using the time-varying password and a private key corresponding to the public key, wherein the security key is employed by the second computing device to access the secured file or a collection of keys associated with the secured file.
3 Assignments
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for facilitating the encryption of files as well as facilitating requiring a user to employ an authenticator device in order to access a file that is encrypted or otherwise secured. The authenticator device can provide an authenticator code in which a security key used to access a secured file can be embedded. An additional layer of encryption can also be applied in the authenticator code.
-
Citations
21 Claims
-
1. A non-transitory computer-readable medium embodying a program executable in a computing device, the program, when executed by the computing device, being configured to cause the computing device to at least:
-
receive an encrypted security key from a computing environment in the computing device, the encrypted security key corresponding to a secured file and being encrypted using a public key associated with a second computing device on which the secured file is accessed; generate a time-varying password in the computing device, the time-varying password based at least in part upon a shared secret between the computing device and the second computing device; generate a double-encrypted security key by encrypting the encrypted security key based at least in part upon the time-varying password; and transmit the double-encrypted security key to the second computing device via a localized communication mechanism, wherein the second computing device is configured to independently generate the time-varying password and decrypt the double-encrypted security key using the time-varying password and a private key corresponding to the public key, wherein the security key is employed by the second computing device to access the secured file or a collection of keys associated with the secured file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system, comprising:
-
a computing device; programming code executable in the computing device, the programming code comprising; logic that receives a request to access a secured file via the computing device; logic that obtains a data representation of a double-encrypted security key from an authenticator device, the double-encrypted security key comprising a security key corresponding to the secured file or a collection of keys associated with the secured file; logic that generates a time-varying password based upon a current time and a shared secret corresponding to the time-varying password; logic that generates an encrypted security key by removing a first layer of encryption from the double-encrypted security key, the first layer of encryption being removed based at least in part upon the time-varying password; and logic that extracts the security key from the encrypted security key by removing a second layer of encryption from the double-encrypted security key, the second layer of encryption being removed based at least in part upon a private key, wherein the second layer of encryption is applied using a public key corresponding to the private key. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A method, comprising:
-
obtaining, within a server, a request to store a file in association with a storage account associated with at least one of a user or at least one computing device; generating, within the server, a security key corresponding to at least one of the file or the storage account; generating, within the server, a secured file corresponding to the file based at least in part upon the security key; storing, via the server, the secured file in storage accessible to the server; identifying, within the server, at least one public key corresponding to the storage account; generating, within the server, at least one encrypted security key corresponding to the security key, the at least one encrypted security key being encrypted using the at least one public key corresponding to the storage account; and storing, via the server, the at least one encrypted security key in storage accessible to the server. - View Dependent Claims (19, 20, 21)
-
Specification