Secure file transfer
First Claim
1. A system, comprising:
- a processor configured to;
receive a first encrypted communication from a sender'"'"'s device, wherein the first encrypted communication includes notification of an encrypted shared file and encrypted file metadata;
decrypt the encrypted file metadata using a second encryption key to obtain file metadata and a first encryption key, wherein the first encryption key was previously generated at least in part by obtaining ephemeral environmental noise from a kernel operation executing on the sender'"'"'s device;
retrieve the encrypted shared file from a secure file repository using the file metadata obtained from the first encrypted communication;
decrypt the encrypted shared file using the first encryption key; and
provide the decrypted shared file to the receiver;
a memory coupled to the processor and configured to provide the processor with instructions.
4 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure describes techniques for storing encrypted files in a secure file repository and transferring those encrypted files to one or more recipients. A user selects a file to upload to a secure file repository. A secure collaboration app on the user'"'"'s device generates a first encryption key that is used to encrypt the file. The encrypted file is then uploaded to the secure file repository, which provides the secure collaboration app with a random file name and a location of the encrypted file. The secure collaboration app updates locally stored metadata of the first encrypted file. To securely transfer the file, the user generates a second encryption key, encrypts the metadata with the second encryption key, and transmits the encrypted metadata to one or more receivers. The one or more receivers decrypt the encrypted metadata and use the decrypted metadata to retrieve the file and decrypt it.
383 Citations
18 Claims
-
1. A system, comprising:
-
a processor configured to; receive a first encrypted communication from a sender'"'"'s device, wherein the first encrypted communication includes notification of an encrypted shared file and encrypted file metadata; decrypt the encrypted file metadata using a second encryption key to obtain file metadata and a first encryption key, wherein the first encryption key was previously generated at least in part by obtaining ephemeral environmental noise from a kernel operation executing on the sender'"'"'s device; retrieve the encrypted shared file from a secure file repository using the file metadata obtained from the first encrypted communication; decrypt the encrypted shared file using the first encryption key; and provide the decrypted shared file to the receiver; a memory coupled to the processor and configured to provide the processor with instructions. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method comprising:
-
receiving a first encrypted communication from a sender'"'"'s device, wherein the first encrypted communication includes notification of an encrypted shared file and encrypted file metadata; decrypting the encrypted file metadata using a second encryption key to obtain file metadata and a first encryption key, wherein the first encryption key was previously generated at least in part by obtaining ephemeral environmental noise from a kernel operation executing on the sender'"'"'s device; retrieving the encrypted shared file from a secure file repository using the file metadata obtained from the first encrypted communication; decrypting the encrypted shared file using the first encryption key; and providing the decrypted shared file to the receiver. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable medium comprising instructions that, when executed by at least one processor, perform the steps of:
-
receiving a first encrypted communication from a sender'"'"'s device, wherein the first encrypted communication includes notification of an encrypted shared file and encrypted file metadata; decrypting the encrypted file metadata using a second encryption key to obtain file metadata and a first encryption key, wherein the first encryption key was previously generated at least in part by obtaining ephemeral environmental noise from a kernel operation executing on the sender'"'"'s device; retrieving the encrypted shared file from a secure file repository using the file metadata obtained from the first encrypted communication; decrypting the encrypted shared file using the first encryption key; and providing the decrypted shared file to the receiver. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification