Policy enforcement with associated data
First Claim
Patent Images
1. A computer-implemented method for enforcing policy, comprising:
- under the control of one or more computer systems configured with executable instructions,using an authenticated encryption mode of a cipher to generate an authenticated ciphertext based at least in part on a key, a plaintext, and associated data, the authenticated ciphertext including a message authentication code and a ciphertext, wherein the message authentication code is calculated using the plaintext and the associated data;
associating a policy with the key, the policy specifying a value for the associated data, for providing the plaintext;
receiving, in connection with a request to decrypt the plaintext, a ciphertext, a purported message authentication code, and a purported associated data;
verifying that the purported messaged authentication code matches the message authentication code based at least in part on the received ciphertext and the purported associated data;
as a result of verifying that the purported message authentication code matches the message authentication code, determining, based at least in part on the purported associated data, whether the purported associated data matches the value for the associated data specified by the policy; and
providing the plaintext as a result of determining that the policy allows providing the plaintext, where the policy allows for providing the plaintext if the purported associated data matches the value for the associated data specified by the policy.
1 Assignment
0 Petitions
Accused Products
Abstract
Requests submitted to a computer system are evaluated for compliance with policy to ensure data security. Plaintext and associated data are used as inputs into a cipher to produce ciphertext. Whether a result of decrypting the ciphertext can be provided in response to a request is determined based at least in part on evaluation of a policy that itself is based at least in part on the associated data. Other policies include automatic rotation of keys to prevent keys from being used in enough operations to enable cryptographic attacks intended to determine the keys.
-
Citations
31 Claims
-
1. A computer-implemented method for enforcing policy, comprising:
under the control of one or more computer systems configured with executable instructions, using an authenticated encryption mode of a cipher to generate an authenticated ciphertext based at least in part on a key, a plaintext, and associated data, the authenticated ciphertext including a message authentication code and a ciphertext, wherein the message authentication code is calculated using the plaintext and the associated data; associating a policy with the key, the policy specifying a value for the associated data, for providing the plaintext; receiving, in connection with a request to decrypt the plaintext, a ciphertext, a purported message authentication code, and a purported associated data; verifying that the purported messaged authentication code matches the message authentication code based at least in part on the received ciphertext and the purported associated data; as a result of verifying that the purported message authentication code matches the message authentication code, determining, based at least in part on the purported associated data, whether the purported associated data matches the value for the associated data specified by the policy; and providing the plaintext as a result of determining that the policy allows providing the plaintext, where the policy allows for providing the plaintext if the purported associated data matches the value for the associated data specified by the policy. - View Dependent Claims (2, 3, 4)
-
5. A computer-implemented method for enforcing policy, comprising:
-
under the control of one or more computer systems configured with executable instructions, receiving a request to decrypt a ciphertext, the ciphertext having been generated using an authenticated encryption mode of a cipher to generate an authenticated ciphertext based at least in part on a plaintext, a key, and associated data, the authenticated ciphertext including a message authentication code and the ciphertext, wherein the message authentication code is calculated using the plaintext and the associated data; as a result of verifying that the purported message authentication code matches the message authentication code based at least in part on the ciphertext and a purported associated data, determining, based at least in part on the purported associated data, whether the purported associated data matches a value for the associated data specified by a policy associated with the key, wherein the policy allows providing the plaintext in response to the request if the purported associated data matches the value for the associated data specified by the policy; and providing at least the plaintext in response to determining that the policy allows providing the plaintext. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer system, comprising:
-
one or more processors; and memory including instructions that, when executed by the one or more processors, cause the computer system to; receive a request to decrypt a ciphertext, the ciphertext having been generated using an authenticated encryption mode of a cipher to generate an authenticated ciphertext based at least in part on a plaintext, a key, and associated data, the authenticated ciphertext including a message authentication code and the ciphertext, wherein the message authentication code is calculated using the plaintext and the associated data; as a result of verifying that the purported message authentication code matches the message authentication code based at least in part on the ciphertext and a purported associated data, determine, based at least in part on the purported associated data, whether the purported associated data matches a value for the associated data specified by a policy associated with the key, wherein the policy allows providing the plaintext in response to the request if the purported associated data matches the value for the associated data specified by the policy; and provide at least the plaintext in response to determining that the policy allows providing the plaintext. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A non-transitory computer-readable storage medium having stored thereon instructions that, when executed by one or more processors of a computer system, cause the computer system to:
-
receive a request to decrypt a ciphertext, the ciphertext having been generated using an authenticated encryption mode of a cipher to generate an authenticated ciphertext based at least in part on a plaintext, a key, and associated data, the authenticated ciphertext including a message authentication code and the ciphertext, wherein the message authentication code is calculated using the plaintext and the associated data; verify that a purported message authentication code matches the message authentication code based at least in part on the ciphertext and a purported associated data; as a result of verifying that the purported message authentication code matches the message authentication code, determine, based at least in part on the purported associated data, whether the purported associated data matches a value for the associated data specified by a policy associated with the key, wherein they policy allows providing the plaintext in response to the request if the purported associated data matches the value for the associated data specified by the policy; and provide the plaintext in response to determining that the policy allows providing the plaintext. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31)
-
Specification