SYSTEMS FOR STRUCTURED ENCRYPTION USING EMBEDDED INFORMATION IN DATA STRINGS
First Claim
1. A method for encrypting data entries in a data file using an encryption engine in a data processing system, comprising:
- encrypting a first data entry in the data file using an encryption key; and
embedding information associated with the encryption key that was used to encrypt the first data entry in a second data entry in the data file.
12 Assignments
0 Petitions
Accused Products
Abstract
A data processing system is provided that includes applications, databases, encryption engines, and decryption engines. Encryption and decryption engines may be used to perform format-preserving encryption on data strings stored in a database. Encryption and decryption engines may include embedded-format-preserving encryption and decryption engines. Embedded-format-preserving encryption engines may be used to encrypt data strings and embed information in data strings. Information corresponding to a format-preserving encryption operation of a data string may be embedded in an associated data string. The associated data string may be encrypted before or after embedding the information in the associated data string. The embedded information may include key management data that corresponds to a managed encryption key that was used to encrypt the data string.
-
Citations
24 Claims
-
1. A method for encrypting data entries in a data file using an encryption engine in a data processing system, comprising:
-
encrypting a first data entry in the data file using an encryption key; and embedding information associated with the encryption key that was used to encrypt the first data entry in a second data entry in the data file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for decrypting encrypted data entries in a data file using a decryption engine in a data processing system, comprising:
-
obtaining a data entry that includes information associated with an encryption key and additional information; extracting the information associated with the encryption key from the data entry; obtaining an encrypted data entry associated with the additional information, wherein the encrypted data entry has been encrypted using the encryption key; and decrypting the encrypted data entry using the extracted information associated with the encryption key. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
-
23. A method for securely storing a data string in a database implemented using computing equipment, comprising:
-
encrypting the data string using a format-preserving encryption engine and an encryption key; embedding key management data associated with the encryption key in an additional data string; and storing the encrypted data string and the additional data string that includes the embedded key management data in associated fields of the database. - View Dependent Claims (24)
-
Specification