Good cryptographic practice requires using different keys and initialization vectors (IVs) for different files instead of using one key or IV per file system or host. If all files share a same key, then an attacker who has broken the key can decrypt all files encrypted with that key. Since some files are of greater value than others, and may have different ownerships or access rights, this means that security of the encrypted files is determined by the least well-protected file. On the other hand, reusing IVs means that anyone who can read the ciphertext can see if two files' first N blacks are identical, which poses an information leak.
These are but a subset of the problems and issues associated with file encryption, and are intended to characterize weaknesses in the prior art by way of example. The foregoing examples of the related art and limitations related therewith are intended to be illustrative and not exclusive. Other limitations of the related art will become apparent to those of skill in the art upon a reading of the specification and a study of the drawings.
The following embodiments and aspects thereof are described and illustrated in conjunction with systems, tools, and methods that are meant to be exemplary and illustrative, not limiting in scope. In various embodiments, one or more of the above-described problems have been reduced or eliminated, while other embodiments are directed to other improvements.
A technique for secure file encryption first choose a file encryption key randomly among a set of file encryption keys and encrypts a file using the chosen file encryption key based on a set of encryption rules. The file encryption key can then be encrypted via a directory master secret (DMS) key for an extra layer of security so that an intruder cannot decrypt the encrypted file even if the intruder gains access to the DMS-encrypted file encryption key. Finally, the DMS-encrypted file encryption key can be stored in a metadata associated with the file.
The proposed system can offer, among other advantages, encryption keys that are secret even to users of the encryption keys. This and other advantages of the techniques described herein will become apparent to those skilled in the art upon a reading of the following descriptions and a study of the several figures of the drawings.
Embodiments of the invention are illustrated in the figures. However, the embodiments and figures are illustrative rather than limiting; they provide examples of the invention.
In the following description, several specific details are presented to provide a thorough understanding of embodiments of the invention. One skilled in the relevant art will recognize, however, that the invention can be practiced without one or more of the specific details, or in combination with other components, etc. In other instances, well-known implementations or operations are not shown or described in detail to avoid obscuring aspects of various embodiments, of the invention.
The host 102 in the example of
Conceptually, the filter driver 114 is inserted, as part of the operating system, between the file system 112 and a process that will use files from the file system 112. The filter driver 114 applies the encryption rules provided from the encryption rule database 108 by the authentication engine 104. The encryption rules may include, by way of example but not limitation, a rule that everything in a first directory is to be encrypted using a first key provided from the key database 106 by the authentication engine 104. (Alternatively, the first key could be generated locally or received from some place other than the key database 106.) As another example, the encryption rules may include a rule that a first user receives encrypted data (e.g., cipher text) when accessing a particular file.
In an illustrative embodiment, each file in the file system 112 should have a unique file key (and some or all of the files could have multiple unique file keys) from the key database 106. The file keys may then be encrypted in a directory master secret (DMS) key. Advantageously, having files encrypted in their own keys allows flexibility in the location of the DMS keys—they can be local for faster performance.
Dependent upon the embodiment, the DMS keys could reside, by way of example but not limitation, in masked software, on a secure server (e.g., a NETWORK ATTACHED ENCRYPTION™ server), or in some other convenient location. In the example of
The authentication engine 104 in the example of
The authentication engine 104 may be administered by the same admin as administers the host 102. Alternatively, an admin may be responsible for administering the authentication engine 104, and a lower level administrator may be responsible for administering the host 102. The latter would be more typical in a relatively large enterprise. It may be noted that the administrator of the authentication engine 104 might be able to crack at least some of the security of the host 102 (since the admin of the authentication engine 104 has access to the keys and encryption rules provided to the host 102), but the reverse is not necessarily true.
The encryption engine 111 is coupled to the host 102. In an alternative embodiment, the file encryption engine 111 may be on the host 102. By “on the host” it is intended to mean that executable code of the encryption engine 111 is stored on or off of the host 102 in secondary memory, and at least partially loaded into primary memory of the host 102 for execution by a processor, such as the processor 116.
The encryption engine 111 may be referred to as including or sharing a computer-readable medium (e.g., memory), including executable software code stored in the computer-readable medium, and including or sharing a processor capable of executing the code on the computer-readable medium. As such, the file encryption engine 111 may be referred to as being embodied in a computer-readable medium.
In the example of
In the example of
In the example of
In the example of
In the example of
In the example of
In the example of
In the example of
In the example of
Some portions of the detailed description are presented in terms of algorithms and symbolic representations of operations on data bits within a computer memory. These algorithmic descriptions and representations are the means used by those skilled in the data processing arts to most effectively convey the substance of their work to others skilled in the art. An algorithm is here, and generally, conceived to be a self-consistent sequence of operations leading to a desired result. The operations are those requiring physical manipulations of physical quantities. Usually, though not necessarily, these quantities take the form of electrical or magnetic signals capable of being stored, transferred, combined, compared, and otherwise manipulated. It has proven convenient at times, principally for reasons of common usage, to refer to these signals as bits, values, elements, symbols, characters, terms, numbers, or the like.
It should be borne in mind, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities. Unless specifically stated otherwise as apparent from the following discussion, it is appreciated that throughout the description, discussions utilizing terms such as “processing” or “computing” or “calculating” or “determining” or “displaying” or the like, refer to the action and processes of a computer system, or similar electronic computing device, that manipulates and transforms data represented as physical (electronic) quantities within the computer system's registers and memories into other data similarly represented as physical quantities within the computer system memories or registers or other such information storage, transmission or display devices.
The algorithms and techniques described herein also relate to apparatus for performing the algorithms and techniques. This apparatus may be specially constructed for the required purposes, or it may comprise a general purpose computer selectively activated or reconfigured by a computer program stored in the computer. Such a computer program may be stored in a computer readable storage medium, such as, but is not limited to, read-only memories (ROMs), random access memories (RAMs), EPROMs, EEPROMs, magnetic or optical cards, any type of disk including floppy disks, optical disks, CD-ROMs, and magnetic-optical disks, or any type of media suitable for storing electronic instructions, and each coupled to a computer system bus.
As used herein, the term “embodiment” means an embodiment that serves to illustrate by way of example but not limitation.
It will be appreciated to those skilled in the art that the preceding examples and embodiments are exemplary and not limiting to the scope of the present invention. It is intended that all permutations, enhancements, equivalents, and improvements thereto that are apparent to those skilled in the art upon a reading of the specification and a study of the drawings are included within the true spirit and scope of the present invention. It is therefore intended that the following appended claims include all such modifications, permutations and equivalents as fall within the true spirit and scope of the present invention.
Filing Document | Filing Date | Country | Kind | 371c Date |
---|---|---|---|---|
PCT/US08/52228 | 1/28/2008 | WO | 00 | 6/24/2009 |
Number | Date | Country | |
---|---|---|---|
60897802 | Jan 2007 | US |