Automatic change of symmetrical encryption key
First Claim
Patent Images
1. A method for changing an encryption key, the method comprising:
- encrypting data using a first encryption key;
counting bytes of the data in order to determine an amount of data encrypted with the first encryption key; and
changing from the first encryption key to a second, different encryption key for encrypting subsequent data in response to the amount of data encrypted with the first encryption key wherein a byte count threshold for switching from the first encryption key to the second encryption key is determined in response to a byte count range between an upper byte count limit and a lower byte count limit wherein the byte count threshold is determined by Datamin+((Datamax−
Datamin)/xmax)*x where Datamin is the lower byte count limit, Datamax is the upper byte count limit, and xmaxε
{N} where N is a set of natural numbers.
2 Assignments
0 Petitions
Accused Products
Abstract
An encryption system and a method for automatically changing an encryption key. The key is changed in response to an amount of data that has been encrypted. When the amount of data encrypted with a first key reaches or exceeds a byte count threshold, the first key is deactivated and a new key is generated and used for subsequent data encryption.
5 Citations
17 Claims
-
1. A method for changing an encryption key, the method comprising:
-
encrypting data using a first encryption key; counting bytes of the data in order to determine an amount of data encrypted with the first encryption key; and changing from the first encryption key to a second, different encryption key for encrypting subsequent data in response to the amount of data encrypted with the first encryption key wherein a byte count threshold for switching from the first encryption key to the second encryption key is determined in response to a byte count range between an upper byte count limit and a lower byte count limit wherein the byte count threshold is determined by Datamin+((Datamax−
Datamin)/xmax)*x where Datamin is the lower byte count limit, Datamax is the upper byte count limit, and xmaxε
{N} where N is a set of natural numbers. - View Dependent Claims (2, 3, 4)
-
-
5. A method for changing an encryption key, the method comprising:
-
determining a maximum number of bytes to encrypt with a first encryption key; determining a minimum number of bytes to encrypt with the first encryption key; determining a byte count threshold between the minimum number of bytes and the maximum number of bytes; counting a number of bytes being encrypted by an encryption operation using the first encryption key; inactivating the first key when the number of bytes being encrypted reaches a byte count threshold; and generating a second key for encrypting subsequent data; wherein the byte count threshold is determined by Datamin+((Datamax−
Datamin)/xmax)*x where Datamin is the minimum number of bytes to encrypt with the first encryption key, Datamax is the maximum number of bytes to encrypt with the first encryption key, x is a user input such that xε
{0, N}, and xmaxε
{N} where N is a set of natural numbers. - View Dependent Claims (6, 7, 8, 9, 10)
-
-
11. An encryption system comprising:
-
a back-up manager for managing back-up of secret data; a back-up medium coupled to the back-up manager, the back-up medium configured to store encrypted data; a host system coupled to the back-up manager, the host system configured to execute an encryption operation using an active encryption key such that the secret data is encrypted and stored on the back-up medium; and a key management module coupled to the host system and configured to compare a byte count to a threshold and deactivate a first encryption key and activate a second encryption key, to be used as the active encryption key, in response to the byte count being equal to or greater than the threshold wherein the threshold is determined in response to a byte count range between an upper byte count limit and a lower byte count limit wherein the threshold is determined by Datamin+((Datamax−
Datamin)/xmax)*x where Datamin is the lower byte count limit, Datamax is the upper byte count limit, xε
{0, N}, and xmaxε
{N} where N is a set of natural numbers. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
Specification