Encrypted augmentation storage
First Claim
1. A method performed by a user device, the method comprising:
- sending, by a user device to a server that is separate from the user device, a request for a current version of a first encrypted resource, the current version of the first encrypted resource being an encrypted set of respective index entries, wherein;
each respective index entry includes a combination of a respective first encryption key encrypted as a respective first encrypted key by use of a second encryption key, and a respective storage location of a respective first encrypted data file encrypted by use of the respective first encryption key, the respective storage location generated by the server;
each respective index entry has been previously appended to a respective prior version of the first encrypted resource that did not include the respective index entry to form a respective encrypted data tuple;
the respective encrypted data tuple so formed has been encrypted by the server by to form another prior version of the first encrypted resource; and
a most recent prior version of the first encrypted resource is the current version of the first encrypted resource;
receiving, by the user device and from the server, the first encrypted resource;
decrypting the first encrypted resource to decrypt the encrypted index entries;
selecting one of the respective storage locations that has been decrypted;
sending to the server a request the respective first encrypted data file stored at the respective storage location; and
receiving, from the server, the respective first encrypted data file.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for storing and retrieving encrypted data. In one aspect, a method includes receiving, at a server computer separate from a user device, a first encrypted resource encrypted by use of a public encryption key, wherein the public encryption key is paired with a private encryption key according to an asymmetric encryption key scheme; retrieving, by the server computer, a second encrypted resource encrypted by use of the public key; augmenting, by the server computer, the first encrypted resource with the second encrypted resource to form an encrypted data tuple; encrypting, by the server computer, the encrypted data tuple; and storing, by the server computer, the encrypted data tuple as the second encrypted resource.
80 Citations
15 Claims
-
1. A method performed by a user device, the method comprising:
-
sending, by a user device to a server that is separate from the user device, a request for a current version of a first encrypted resource, the current version of the first encrypted resource being an encrypted set of respective index entries, wherein; each respective index entry includes a combination of a respective first encryption key encrypted as a respective first encrypted key by use of a second encryption key, and a respective storage location of a respective first encrypted data file encrypted by use of the respective first encryption key, the respective storage location generated by the server; each respective index entry has been previously appended to a respective prior version of the first encrypted resource that did not include the respective index entry to form a respective encrypted data tuple; the respective encrypted data tuple so formed has been encrypted by the server by to form another prior version of the first encrypted resource; and a most recent prior version of the first encrypted resource is the current version of the first encrypted resource; receiving, by the user device and from the server, the first encrypted resource; decrypting the first encrypted resource to decrypt the encrypted index entries; selecting one of the respective storage locations that has been decrypted; sending to the server a request the respective first encrypted data file stored at the respective storage location; and receiving, from the server, the respective first encrypted data file. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A user device, comprising:
-
a processing system; and a non-transitory computer readable medium storing instructions executable by the processing system and that upon such execution cause the user device to perform operations comprising; sending, by the user device to a server that is separate from the user device, a request for a current version of a first encrypted resource, the current version of the first encrypted resource being an encrypted set of respective index entries, wherein; each respective index entry includes a combination of a respective first encryption key encrypted as a respective first encrypted key by use of a second encryption key, and a respective storage location of a respective first encrypted data file encrypted by use of the respective first encryption key, the respective storage location generated by the server; each respective index entry has been previously appended to a respective prior version of the first encrypted resource that did not include the respective index entry to form a respective encrypted data tuple; the respective encrypted data tuple so formed has been encrypted by the server by to form another prior version of the first encrypted resource; and a most recent prior version of the first encrypted resource is the current version of the first encrypted resource; receiving, by the user device and from the server, the first encrypted resource; decrypting the first encrypted resource to decrypt the encrypted index entries; selecting one of the respective storage locations that has been decrypted; sending to the server a request the respective first encrypted data file stored at the respective storage location; and receiving, from the server, the respective first encrypted data file. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer readable medium storing instructions executable by a user device and that upon such execution cause the user device to perform operations comprising:
-
sending, by the user device to a server that is separate from the user device, a request for a current version of a first encrypted resource, the current version of the first encrypted resource being an encrypted set of respective index entries, wherein; each respective index entry includes a combination of a respective first encryption key encrypted as a respective first encrypted key by use of a second encryption key, and a respective storage location of a respective first encrypted data file encrypted by use of the respective first encryption key, the respective storage location generated by the server; each respective index entry has been previously appended to a respective prior version of the first encrypted resource that did not include the respective index entry to form a respective encrypted data tuple; the respective encrypted data tuple so formed has been encrypted by the server by to form another prior version of the first encrypted resource; and a most recent prior version of the first encrypted resource is the current version of the first encrypted resource; receiving, by the user device and from the server, the first encrypted resource; decrypting the first encrypted resource to decrypt the encrypted index entries; selecting one of the respective storage locations that has been decrypted; sending to the server a request the respective first encrypted data file stored at the respective storage location; and receiving, from the server, the respective first encrypted data file. - View Dependent Claims (12, 13, 14, 15)
-
Specification