Upload and download streaming encryption to/from a cloud-based platform
First Claim
Patent Images
1. A computer-implemented encryption method for recovering from a compromised key included in an encryption key pool in a cloud-based collaborative platform comprising:
- identifying a plurality of data files, the plurality of data files encrypted with a first plurality of encryption keys, wherein the first plurality of encryption keys are included in the encryption key pool;
determining a plurality of encryption key files, wherein the plurality of encryption key files are generated by encrypting the first plurality of encryption keys with the compromised key, wherein the compromised key is included in the encryption key pool;
adjusting the encryption key pool by;
removing the compromised key from the key pool andgenerating a new key in the encryption key pool;
adjusting the plurality of encrypted data files by;
decrypting the data files using the compromised key andreencrypting the data files using the new key; and
adjusting the plurality of encryption key files by;
decrypting the plurality of encryption key files using the compromised key andreencrypting the first plurality of encryption keys using the new key,wherein, the plurality of data files are accessed by and/or collaborated upon among multiple users or collaborators in the cloud-based encryption platform.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present disclosure include systems and methods for upload and/or download streaming encryption to/from an online service, or cloud-based platform or environment. The encryption process includes the following parts: Upload encryption, download decryption, and a central piece of infrastructure called the Interval Key Server (IKS). During both upload and download, the encryption and decryption processes are performed while the files are being uploaded/downloaded, (e.g., the files are being encrypted/decrypted as they are being streamed).
579 Citations
15 Claims
-
1. A computer-implemented encryption method for recovering from a compromised key included in an encryption key pool in a cloud-based collaborative platform comprising:
-
identifying a plurality of data files, the plurality of data files encrypted with a first plurality of encryption keys, wherein the first plurality of encryption keys are included in the encryption key pool; determining a plurality of encryption key files, wherein the plurality of encryption key files are generated by encrypting the first plurality of encryption keys with the compromised key, wherein the compromised key is included in the encryption key pool; adjusting the encryption key pool by; removing the compromised key from the key pool and generating a new key in the encryption key pool; adjusting the plurality of encrypted data files by; decrypting the data files using the compromised key and reencrypting the data files using the new key; and adjusting the plurality of encryption key files by;
decrypting the plurality of encryption key files using the compromised key andreencrypting the first plurality of encryption keys using the new key, wherein, the plurality of data files are accessed by and/or collaborated upon among multiple users or collaborators in the cloud-based encryption platform. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus for recovering from a compromised key included in an encryption key pool in a cloud-based collaborative platform, wherein the apparatus includes a hardware processor configured to perform the steps of:
-
identifying a plurality of data files, the plurality of data files encrypted with a first plurality of encryption keys, wherein the first plurality of encryption keys are included in the encryption key pool; determining a plurality of encryption key files, wherein the plurality of encryption key files are generated by encrypting the first plurality of encryption keys with a compromised key and one or more keys in the encryption key pool that precede the compromised key, wherein the compromised key and the one or more keys are included in the encryption key pool; adjusting the encryption key pool by; removing the compromised key and the one or more keys in the encryption key pool that precede the compromised key and generating new keys in the encryption key pool; identifying one or more encrypted data files that are generated by encrypting one or more data files using the compromised key and the one or more keys that precede the compromised key; adjusting one or more encrypted data files by; decrypting the one or more encrypted data files using the compromised key and the one or more keys that precede the compromised key and reencrypting the one or more data files using the new keys; and adjusting the plurality of encryption key files by; decrypting the plurality of encryption key files using the compromised key and the one or more keys that precede the compromised key and reencrypting the first plurality of encryption keys using the new keys, wherein, the plurality of data files are accessed by and/or collaborated upon among multiple users or collaborators in the cloud-based encryption platform. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer-readable storage medium storing a set of instructions which when executed by a computing system causes the computing system to perform a method of recovering from a compromised key included in an encryption key pool in a cloud-based collaborative platform comprising:
-
identifying a plurality of data files, the plurality of data files encrypted with a first plurality of encryption keys, wherein the first plurality of encryption keys are included in the encryption key pool; determining a plurality of encryption key files, wherein the plurality of encryption key files are generated by encrypting the first plurality of encryption keys with a compromised key and one or more keys in the encryption key pool that precede the compromised key, wherein the compromised key and the one or more keys are included in the encryption key pool; adjusting the encryption key pool by; removing the compromised key and the one or more keys in the encryption key pool that precede the compromised key and generating new keys in the encryption key pool; identifying one or more encrypted data files that are generated by encrypting one or more data files using the compromised key and the one or more keys that precede the compromised key; adjusting one or more encrypted data files by; decrypting the one or more encrypted data files using the compromised key and the one or more keys that precede the compromised key and reencrypting the one or more data files using the new keys; and adjusting the plurality of encryption key files by; decrypting the plurality of encryption key files using the compromised key and the one or more keys that precede the compromised key and reencrypting the first plurality of encryption keys using the new keys, wherein, the plurality of data files are accessed by and/or collaborated upon among multiple users or collaborators in the cloud-based encryption platform. - View Dependent Claims (12, 13, 14, 15)
-
Specification