Secure file transfer
First Claim
1. A system, comprising:
- a processor configured to;
obtain a first file to upload to a secure file repository;
generate a first encryption key, wherein the first encryption key is generated at least in part by obtaining ephemeral environmental noise from a kernel operation executing on a sender device;
generate a random file name for the first file, wherein the random file name is a universally unique identifier;
encrypt the first file via an encryption algorithm using the first encryption key;
assign the first encrypted file the generated random file name;
upload the first encrypted file to the secure file repository;
receive, from the secure file repository, a location of the first encrypted file and the random file name assigned to the first encrypted file by the secure file repository;
update metadata associated with the first encrypted file, including at least one of the first encryption key, the location of the first encrypted file on the secure file repository, and the random file name assigned to the first encrypted file;
generate a second encryption key;
encrypt the metadata associated with the first encrypted file, including the first encryption key, using the second encryption key; and
transmit, in a first communication, the encrypted file metadata to one or more receivers of the first encrypted file; and
a memory coupled to the processor and configured to provide the processor with instructions.
4 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure describes techniques for storing encrypted files in a secure file repository and transferring those encrypted files to one or more recipients. A user selects a file to upload to a secure file repository. A secure collaboration app on the user'"'"'s device generates a first encryption key that is used to encrypt the file. The encrypted file is then uploaded to the secure file repository, which provides the secure collaboration app with a random file name and a location of the encrypted file. The secure collaboration app updates locally stored metadata of the first encrypted file. To securely transfer the file, the user generates a second encryption key, encrypts the metadata with the second encryption key, and transmits the encrypted metadata to one or more receivers. The one or more receivers decrypt the encrypted metadata and use the decrypted metadata to retrieve the file and decrypt it.
-
Citations
18 Claims
-
1. A system, comprising:
-
a processor configured to; obtain a first file to upload to a secure file repository; generate a first encryption key, wherein the first encryption key is generated at least in part by obtaining ephemeral environmental noise from a kernel operation executing on a sender device; generate a random file name for the first file, wherein the random file name is a universally unique identifier; encrypt the first file via an encryption algorithm using the first encryption key; assign the first encrypted file the generated random file name; upload the first encrypted file to the secure file repository; receive, from the secure file repository, a location of the first encrypted file and the random file name assigned to the first encrypted file by the secure file repository; update metadata associated with the first encrypted file, including at least one of the first encryption key, the location of the first encrypted file on the secure file repository, and the random file name assigned to the first encrypted file; generate a second encryption key; encrypt the metadata associated with the first encrypted file, including the first encryption key, using the second encryption key; and transmit, in a first communication, the encrypted file metadata to one or more receivers of the first encrypted file; and a memory coupled to the processor and configured to provide the processor with instructions. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method comprising:
-
obtaining a first file to upload to a secure file repository; generating a first encryption key, wherein the first encryption key is generated at least in part by obtaining ephemeral environmental noise from a kernel operation executing on a sender device; generating a random file name for the first file, wherein the random file name is a universally unique identifier; encrypting the first file via an encryption algorithm using the first encryption key; assigning the first encrypted file the generated random file name; uploading the first encrypted file to the secure file repository; receiving, from the secure file repository, a location of the first encrypted file and the random file name assigned to the first encrypted file by the secure file repository; updating metadata associated with the first encrypted file, including at least one of the first encryption key, the location of the first encrypted file on the secure file repository, and the random file name assigned to the first encrypted file; generating a second encryption key; encrypting the metadata associated with the first encrypted file, including the first encryption key, using the second encryption key; and transmitting, in a first communication, the encrypted file metadata to one or more receivers of the first encrypted file. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable medium comprising instructions that, when executed by at least one processor, perform the steps of:
-
obtaining a first file to upload to a secure file repository; generating a first encryption key, wherein the first encryption key is generated at least in part by obtaining ephemeral environmental noise form a kernel operation executing on a sender device; generating a random file name for the first file, wherein the random file name is a universally unique identifier; encrypting the first file via an encryption algorithm using the first encryption key; assigning the first encrypted file the generated random file name; uploading the first encrypted file to the secure file repository; receiving, from the secure file repository, a location of the first encrypted file and a random file name assigned to the first encrypted file by the secure file repository; updating metadata associated with the first encrypted file, including at least one of the first encryption key, the location of the first encrypted file on the secure file repository, and the random file name assigned to the first encrypted file; generating a second encryption key; encrypting the metadata associated with the first encrypted file, including the first encryption key, using the second encryption key; and transmitting, in a first communication, the encrypted file metadata to one or more receivers of the first encrypted file. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification