PGP encrypted data transfer

US 9,246,890 B2
Filed: 02/18/2014
Issued: 01/26/2016
Est. Priority Date: 02/18/2014
Status: Active Grant

First Claim

Patent Images

1. A sending processing system for Pretty Good Protection (PGP) encrypting a data file to form a PGP-encrypted data file and for on-the-fly delivering of the PGP-encrypted data file to a receiving processing system, where the sending and receiving processing systems are coupled to a network, the sending processing system comprising:

one or more processors;

a transport sender initialized to open a socket channel between the sending and receiving processing systems and configured to send data from the sending processing system to the receiving processing system;

a PGP encrypter configured to symmetrically encrypt data using a symmetric PGP session key;

a storage unit storing a file to be encrypted;

logic encoded in one or more non-transitory computer readable storage media for execution by the one or more processors and with the one or more processors, when executing the logic, performing the acts of;

defining a hash variable holding a message digest/hash value;

initializing a pipe object with a source channel assigned to an input stream of the transport sender and a sink channel assigned as an output stream of the PGP encrypter;

generating a PGP header packet including an asymmetrically encrypted PGP session key, with the PGP session key encrypted using the public key of a PGP asymmetric public key/private key pair;

sending the PGP header packet to the sink channel of the pipe, where the PGP header packet is sent by the transport sender to the receiving processing system;

computing an initial message digest/hash value equal to the hash value of the PGP header packet;

encrypting a first chunk of the data file with the PGP encrypter to form a first encrypted data file chunk;

sending the first encrypted data file chunk to the sink channel of the pipe, where the first encrypted data file chunk is sent by the transport sender to the receiving processing system;

recomputing the message digest/hash value based on bytes of the first encrypted data file chunk and a previously generated message digest/hash value;

if all data in the data file has not been encrypted, encrypting a next chunk of the data file with the PGP encrypter to form a next encrypted data file chunk;

sending the next encrypted data file chunk to the sink channel of the pipe, where the next encrypted data file chunk is sent by the transport sender to the receiving processing system;

recomputing the message digest/hash value based on bytes of the next encrypted data file chunk and a previously generated message digest/hash value;

if all data in the data file has been encrypted, generating a PGP footer packet including a last recomputed message digest hash value; and

sending the PGP footer packet to the sink channel of the pipe, where the PGP footer packet is sent by the transport sender to the receiving processing system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Example embodiments perform on-the-fly delivery of PGP encrypted data. A large data file is broken into chunks which are encrypted and delivered to a pipe object. The bytes of a chunk are read from the pipe object in the same order as they were written. Header and footer packets are prepared and delivered.

19 Citations

View as Search Results

20 Claims

1. A sending processing system for Pretty Good Protection (PGP) encrypting a data file to form a PGP-encrypted data file and for on-the-fly delivering of the PGP-encrypted data file to a receiving processing system, where the sending and receiving processing systems are coupled to a network, the sending processing system comprising:
- one or more processors;
  
  a transport sender initialized to open a socket channel between the sending and receiving processing systems and configured to send data from the sending processing system to the receiving processing system;
  
  a PGP encrypter configured to symmetrically encrypt data using a symmetric PGP session key;
  
  a storage unit storing a file to be encrypted;
  
  logic encoded in one or more non-transitory computer readable storage media for execution by the one or more processors and with the one or more processors, when executing the logic, performing the acts of;
  
  defining a hash variable holding a message digest/hash value;
  
  initializing a pipe object with a source channel assigned to an input stream of the transport sender and a sink channel assigned as an output stream of the PGP encrypter;
  
  generating a PGP header packet including an asymmetrically encrypted PGP session key, with the PGP session key encrypted using the public key of a PGP asymmetric public key/private key pair;
  
  sending the PGP header packet to the sink channel of the pipe, where the PGP header packet is sent by the transport sender to the receiving processing system;
  
  computing an initial message digest/hash value equal to the hash value of the PGP header packet;
  
  encrypting a first chunk of the data file with the PGP encrypter to form a first encrypted data file chunk;
  
  sending the first encrypted data file chunk to the sink channel of the pipe, where the first encrypted data file chunk is sent by the transport sender to the receiving processing system;
  
  recomputing the message digest/hash value based on bytes of the first encrypted data file chunk and a previously generated message digest/hash value;
  
  if all data in the data file has not been encrypted, encrypting a next chunk of the data file with the PGP encrypter to form a next encrypted data file chunk;
  
  sending the next encrypted data file chunk to the sink channel of the pipe, where the next encrypted data file chunk is sent by the transport sender to the receiving processing system;
  
  recomputing the message digest/hash value based on bytes of the next encrypted data file chunk and a previously generated message digest/hash value;
  
  if all data in the data file has been encrypted, generating a PGP footer packet including a last recomputed message digest hash value; and
  
  sending the PGP footer packet to the sink channel of the pipe, where the PGP footer packet is sent by the transport sender to the receiving processing system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The sending processing system of claim 1 where the PGP encrypter is an open source application programming interface for performing PGP encryption.
  - 3. The sending processing system of claim 1 where the pipe object is a java pipe object.
  - 4. The sending processing system of claim 1 where a chunk of the data file includes 64 KB of data.
  - 5. The sending processing system of claim 1 where the transport sender is a File Transfer Protocol (FTP) client.
  - 6. The sending processing system of claim 5 where the FTP client is a java FTP client.
  - 7. The sending processing system of claim 1 where the message digest/hash value is computed using an SHA-1 hashing algorithm.
  - 8. The method of claim 1 where computing the message digest/hash value includes computing the message digest/hash value using an SHA-1 hashing algorithm.

9. One or more non-transitory computer readable storage media storing program code for execution by one or more processors included in a sending processing system for Pretty Good Protection (PGP) encrypting a data file to form a PGP-encrypted data file and for on-the-fly delivering of the PGP-encrypted data file to a receiving processing system, where the sending and receiving processing systems are coupled to a network, the sending processing system further comprising a transport sender initialized to open a socket channel between the sending and receiving processing systems and configured to send data from the sending processing system to the receiving processing system, a PGP encrypter configured to symmetrically encrypt data using a symmetric PGP session key and a storage unit storing a file to be encrypted, where the program code, when executed by the one or more processors performs the following acts:
- defining a hash variable holding a message digest/hash value;
  
  initializing a pipe object with a source channel assigned to an input stream of the transport sender and a sink channel assigned as an output stream of the PGP encrypter;
  
  generating a PGP header packet including an asymmetrically encrypted PGP session key, with the PGP session key encrypted using the public key of a PGP asymmetric public key/private key pair;
  
  sending the PGP header packet to the sink channel of the pipe, where the PGP header packet is sent by the transport sender to the receiving processing system;
  
  computing an initial message digest/hash value equal to the hash value of the PGP header packet;
  
  encrypting a first chunk of the data file with the PGP encrypter to form a first encrypted data file chunk;
  
  sending the first encrypted data file chunk to the sink channel of the pipe, where the first encrypted data file chunk is sent by the transport sender to the receiving processing system;
  
  recomputing the message digest/hash value based on bytes of the first encrypted data file chunk and a previously generated message digest/hash value;
  
  if all data in the data file has not been encrypted, encrypting a next chunk of the data file with the PGP encrypter to form a next encrypted data file chunk;
  
  sending the next encrypted data file chunk to the sink channel of the pipe, where the next encrypted data file chunk is sent by the transport sender to the receiving processing system;
  
  recomputing the message digest/hash value based on bytes of the next encrypted data file chunk and a previously generated message digest/hash value;
  
  if all data in the data file has been encrypted, generating a PGP footer packet including a last recomputed message digest hash value; and
  
  sending the PGP footer packet to the sink channel of the pipe, where the PGP footer packet is sent by the transport sender to the receiving processing system.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The one or more non-transitory computer readable storage media of claim 9 where the PGP encrypter included in the sending processing system is an open source application programming interface for performing PGP encryption.
  - 11. The one or more non-transitory computer readable storage media of claim 9 where initializing the pipe object includes initializing a java pipe object.
  - 12. The one or more non-transitory computer readable storage media of claim 9 where sending a chunk of data includes sending a chunk of the data file including 64 KB of data.
  - 13. The one or more non-transitory computer readable storage media of claim 9 where the transport sender included in the sending processing system is a File Transfer Protocol (FTP) client.
  - 14. The one or more non-transitory computer readable storage media of claim 9 where the FTP client is a java FTP client.
  - 15. The one or more non-transitory computer readable storage media of claim 9 where computing the message digest/hash value includes computing the message digest/hash value using an SHA-1 hashing algorithm.

16. A method performed by a one or more processors in a sending processing system for Pretty Good Protection (PGP) encrypting a data file to form a PGP-encrypted data file and for on-the-fly delivering of the PGP-encrypted data file to a receiving processing system, where the sending and receiving processing systems are coupled to a network, with the sending processing system further including a transport sender initialized to open a socket channel between the sending and receiving processing systems and configured to send data from the sending processing system to the receiving processing system, a PGP encrypter configured to symmetrically encrypt data using a symmetric PGP session key and a storage unit storing a file to be encrypted, the method comprising:
- defining a hash variable holding a message digest/hash value;
  
  initializing a pipe object with a source channel assigned to an input stream of the transport sender and a sink channel assigned as an output stream of the PGP encrypter;
  
  generating a PGP header packet including an asymmetrically encrypted PGP session key, with the PGP session key encrypted using the public key of a PGP asymmetric public key/private key pair;
  
  sending the PGP header packet to the sink channel of the pipe, where the PGP header packet is sent by the transport sender to the receiving processing system;
  
  computing an initial message digest/hash value equal to the hash value of the PGP header packet;
  
  encrypting a first chunk of the data file with the PGP encrypter to form a first encrypted data file chunk;
  
  sending the first encrypted data file chunk to the sink channel of the pipe, where the first encrypted data file chunk is sent by the transport sender to the receiving processing system;
  
  recomputing the message digest/hash value based on bytes of the first encrypted data file chunk and a previously generated message digest/hash value;
  
  if all data in the data file has not been encrypted, encrypting a next chunk of the data file with the PGP encrypter to form a next encrypted data file chunk;
  
  sending the next encrypted data file chunk to the sink channel of the pipe, where the next encrypted data file chunk is sent by the transport sender to the receiving processing system;
  
  recomputing the message digest/hash value based on bytes of the next encrypted data file chunk and a previously generated message digest/hash value;
  
  if all data in the data file has been encrypted, generating a PGP footer packet including a last recomputed message digest hash value; and
  
  sending the PGP footer packet to the sink channel of the pipe, where the PGP footer packet is sent by the transport sender to the receiving processing system.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16 where the PGP encrypter is an open source application programming interface for performing PGP encryption.
  - 18. The method of claim 16 where initializing the pipe object includes initializing a java pipe object.
  - 19. The method of claim 16 where sending a chunk of data includes sending a chunk of the data file including 64 KB of data.
  - 20. The method of claim 16 where the transport sender is a Java File Transfer Protocol (FTP) client.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Sao, Saurav
Primary Examiner(s)
EDWARDS, LINGLAN E

Application Number

US14/183,363
Publication Number

US 20150237016A1
Time in Patent Office

707 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2463/062   applying encryption of the ...

H04L 63/0428   wherein the data content is...

H04L 63/045   wherein the sending and rec...

H04L 63/123   received data contents, e.g...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/0825   using asymmetric-key encryp...

PGP encrypted data transfer

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

PGP encrypted data transfer

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others