EA044169B1 - METHOD AND SYSTEM FOR SECURE INFORMATION STORAGE IN FILE DATA STORAGES - Google Patents

Description

Field of technology

This technical solution, in general, relates to the field of computer technology, and in particular to methods and systems for the secure transfer of critical data to a publicly accessible environment.

State of the art

Currently, data protection is one of the main problems that must be addressed when developing a corporate data storage system, for a small business or a large corporation. Often, data can be transferred to various storage media, such as cloud storage or local storage. When transferring data, a security concern is that someone could gain virtual or physical access to the storage and then access the data. An attacker could hack into the system, mount the storage media, and then gain access to the data. Some prior art solutions address these issues by encrypting all or most of the data on storage media, however these approaches suffer from a number of disadvantages in terms of security weaknesses, implementation problems and/or complexity. For example, in simple technical solutions that store encrypted data on a medium along with a data key used to encrypt the data, anyone with physical access to the medium can retrieve the data key from the medium and use it to decrypt the data. In addition, prior solutions typically provide access to encrypted data to anyone who has the encryption data key, but do not allow different parties to separately access encrypted data using their own access keys. Taking into account the above, there is a need for improved methods for protecting data in enterprise storage systems. Sensitive data should be accessible only to authorized persons, only in a manner permitted by the security policy, and only through means specified by the security policy.

The essence of the invention

The technical solution is aimed at eliminating the disadvantages inherent in existing solutions from the prior art.

The technical task posed in this technical solution is to ensure secure storage of information in file data storages.

The technical result that appears when solving the above problem is to increase the security of secure storage of information in file data storages.

This technical result is achieved by implementing a method for securely storing information in file data storages, in which at least one public key of at least one user is obtained; obtain at least one file on at least one client; generating at least one key for encrypting at least one file, which is stored in the file data storage; encrypting at least one file with the previously obtained at least one key for encrypting the file; encrypting at least one key that encrypts at least one file with the public keys of those users who are granted access to at least one file; storing at least one key encrypted in the previous step in the encryption key database, and at least one encrypted file in the file data storage.

In some embodiments, the file storage is cloud-based and/or local.

In some embodiments, the file storage is public and/or private and/or hybrid.

In some embodiments, to provide access to an encrypted file within the file storage, a personalized or public link to the file is created and stored in a file link registry.

In some embodiments, when using multiple file stores, the files and folder structure from all file stores are displayed in a single interface as a single file store.

In some embodiments, when using multiple file shares, a single interface displays files from other users' file shares based on a registry of file links.

Brief description of drawings

The features and advantages of the present technical solution will become apparent from the following detailed description of the invention and the accompanying drawings.

In fig. Figure 1 shows a block diagram of a method for securely storing information in file data storages.

In fig. Figure 2 shows an example of the implementation of a system for secure storage of information in file data storages.

In fig. 3 shows an example of encrypting the key with which a file is encrypted with the public keys of those users who are granted access to at least one file.

In fig. Figure 4 shows an example of user registration in a system for secure storage of information in file data storages.

In fig. Figure 5 shows an example of downloading a user file in a system for secure information storage in file data storages.

Detailed Description of the Invention

Below we will describe the concepts and terms necessary to understand this technical solution.

In this technical solution, a system means, including a computer system, a computer (electronic computer), CNC (computer numerical control), PLC (programmable logic controller), computerized control systems and any other devices capable of performing a given, clearly defined sequence of operations (actions, instructions).

A command processing device is an electronic unit or an integrated circuit (microprocessor) that executes machine instructions (programs).

A command processing device reads and executes machine instructions (programs) from one or more storage devices. Storage devices can include, but are not limited to, hard drives (HDD), flash memory, ROM (read-only memory), solid-state drives (SSD), and optical drives.

A program is a sequence of instructions intended to be executed by a computer control device or a command processing device.

Asymmetric keys - keys used in asymmetric algorithms (encryption, digital signature), which are a key pair.

Public key is a key that can be published and is used to verify the authenticity of a signed document, as well as to prevent fraud on the part of the certifier in the form of his refusal to sign the document. The public key of the signature is calculated as the value of some function of the private key, but knowledge of the public key does not make it possible to determine the private key.

Private key (English public key) - a key known only to its owner. Only the user keeping his private key secret guarantees that attackers cannot forge a document and a digital signature on behalf of the certifier.

Encryption is the reversible transformation of information in order to hide it from unauthorized persons, while at the same time providing authorized users with access to it. Encryption mainly serves the purpose of maintaining the confidentiality of transmitted information.

Authorization token is a software token that is issued to the user after successful authorization and is the key to access a resource (for example, to access cloud storage).

A digital certificate is an electronic or printed document issued by a certification center that confirms the ownership of the owner of a public key or any attributes.

Advanced Encryption Standard (AES) is a symmetric block encryption algorithm adopted by the US government based on the results of a competition as an encryption standard and replacing the less reliable Data Encryption Standard (DES) algorithm. The approved algorithm has become widely used to protect electronic data as a unified encryption standard.

An initialization vector is a vector that represents an arbitrary number that can be used along with a secret key to encrypt data.

Cipher block chaining (CBC) - ciphertext block chaining mode - one of the encryption modes for a symmetric block cipher using a feedback mechanism. Each plaintext block (except the first) is added bitwise modulo 2 to the previous result. One error in a bit of a ciphertext block affects the decryption of all subsequent blocks. Rearranging the order of ciphertext blocks causes damage to the decryption result.

In some embodiments, the method shown in FIG. 1 includes the following steps.

At least one digital security certificate is first generated for user 200, as shown in FIG. 2. User 200 sets a password for the digital certificate. The password can be character, numeric or a combination. In some embodiments, the biometric data of the user 200 may be used as the password. The system 202, including a certificate authority for issuing a digital certificate, for example, through a server, generates a digital certificate and displays a QR code (which contains link to download the generated digital certificate) for scanning, for example, by the user's mobile communication device 230 or other scanning device. A public key certificate in the X.509 v3 format, which is described in RFC 5280, can be used as a digital certificate.

The user 200 then scans, through a mobile application installed on the mobile communication device 203, a QR code as shown in FIG. 4, which was previously generated, receives the URL link to the digital security certificate, downloads it, requests the user's previously specified password for the certificate, and installs it.

- 2 044169

After installing the user's digital certificate, the mobile application installed on the mobile communication device 203 transmits to the system 202, for example, the following data from the digital certificate: full name, e-mail. In some embodiments, an SSL certificate may be used.

The following information can be stored in a digital certificate: full (unique) name of the certificate owner; owner's public key; date of issue of the certificate; certificate expiration date; full (unique) name of the certification authority; publisher's digital signature.

System 202 receives this data, creates a user in its data store, generates a unique User ID for him, for example, based on random numbers or by using a hash function from his data, and adds an entry for the new user to the list of users , which may be stored in data storage 204. A user record may contain the following data: a unique User ID, full name, e-mail, mobile phone number, etc., but not limited to.

The user 200 then opens the mobile application on the mobile communication device 203:

if this is the first login of user 200, then user 200 sets a password and/or enters a sample of his fingerprint;

If user 200 logs into the application for more than the first time, then user 200 enters a password and/or attaches a previously entered fingerprint.

In the mobile application, a password/fingerprint entry form is displayed on the user's mobile communication device 203. User 200 enters a password/fingerprint. The mobile application installed on the mobile communication device 203 checks the correctness of the entered password/fingerprint:

if the verification was successful, then a request to verify the digital certificate is made to the system 202;

if the verification is not successful, the process ends with an error, and a message is sent to the user (in the messenger, via SMS and/or PUSH), for example, with the following content: Incorrectly entered password or Fingerprint is not suitable.

The mobile application installed on the mobile communication device 203 sends a request to verify the user's certificate to the system 202, which verifies the user's certificate:

if the certificate has been verified, the process ends (the user has been authenticated);

If the certificate fails verification, the process ends with an error. The message Certificate failed verification may appear on the user 200's mobile application screen.

The mobile application automatically generates a key pair for each user 200 of the system 202, which is stored in the mobile application in its data store:

public key (public key);

private key (secret key).

As an algorithm for generating a key pair, well-known prior art algorithms for generating keys in asymmetric encryption can be used, for example, such as RSA (Rivest Shamir-Adleman), DSA (Digital Signature Algorithm), Elgamal (El-Gamal cipher system), Diffie-Hellman ( Diffie-Hellman key exchange), but not limited to.

Step 101: At least one public key (PubllserKey) of at least one user is obtained.

The mobile application installed on the user's mobile communication device 203 transmits to the system 202 a copy of the user's public key (PubllserKey) via a telecommunications channel for sharing (from English to share), or in other words, exchange with other users, and also transmits the User This user ID is 200.

Additionally, at this step, the previously generated private key of the user (UserKey) is obtained.

In one embodiment, the telecommunications channel for exchanging data between the mobile communication device and the automated system uses a telecommunications protocol selected from the group consisting of the following SS/7 data transfer protocols (Signaling System #7, see, for example, ITU-T Recommendation Q. 700) and ISDN (Integrated Services Digital Network), WiFi (see, for example, IEEE Standard 802.11).

In one embodiment, the telecommunications channel operates according to a standard selected from the group consisting of Ethernet, WiFi (see, for example, IEEE Standard 802.11) and Bluetooth (see, for example, IEEE Standard 802.15), ATM (Asynchronous Transfer Mode) , SS/7 (Signaling System #7; see, for example, ITU-T Recommendation Q.700), X.25 (see, for example, ITU-T Recommendation X.25), WiMAX (Worldwide Interoperability for Microwave Access, see for example IEEE Standards 802.16-802.16e), SCCP (Signalling Connection Control Part), DUP (Data User Part), B-ISUP (B-ISDN User Part), ISUP (ISDN User Part), TUP (Telephone User Part), TCAP (Transaction Capabilities Application Part), SSCOP (ServiceSpecific Connection Oriented Protocol), H.323, SIP (Session Initial Protocol), BICC (Bearer Independent Call Control protocol), IS-41, IS-634, CAS, CS1 , CS2, R2, CAMEL (Customized Applications for Mobile network Enhanced Logic), INAP (Intelligent Network Application Part), MAP (Mobile Application Part). In one of

- 3 044169 embodiments the telecommunication channel uses the TCP/IP protocol stack (Transmission Control Protocol/Internet Protocol, see IETF RFC 1122).

The system 202 may transfer media files using the Real-time Transport Protocol (RTP), which is widely used for transferring real-time synchronized media data, such as audio and video data. The RTP protocol can operate on the basis of the User Datagram Protocol (UDP), which, in turn, can operate on the Internet Protocol (IP). In the RTP transport protocol, multimedia data is encapsulated in RTP packets. Typically, each media type or media encoding format has a separate RTP payload format.

An RTP session is a connection between a group of participants communicating using the RTP protocol. It is a group communication channel through which several RTP streams can potentially be transmitted. An RTP stream is a stream of RTP packets containing multimedia data.

System 202 receives, from a mobile application installed on mobile communication device 203 of user 200, a copy of the public key (PubUserKey) and User ID of the user. System 202 then searches the user list for the user in the data store by User ID and adds the user's public key (PubUserKey) in the data store to the user's record.

User 200 then generates a passphrase to access the key backup and stores it in the data storage on his mobile communication device. The mobile application transmits a copy of the key pair to the data file storage 204 that has been selected to store the information. In some embodiments, file data storage 204 can be cloud-based (on the Dropbox, Yandex Drive, Google Drive, etc.) or remote (local) platform.

Step 102: At least one file is obtained on at least one client.

User 200 selects one or more files to be uploaded to data store 204, as shown in FIG. 5, and confirms their downloading to the data file storage 204 through the use of a mobile application installed on the user's mobile communication device. In some embodiments, the mobile application checks the names of the downloaded files against the names of the files that are already in the storage list to identify possible collisions.

If a file with an identical name already exists in the user’s storage, then a dialog box is displayed on the screen of the mobile application, for example, like the following: A file with an identical name is already in the list. The user is prompted to either replace the file or rename the downloaded file to avoid collisions. In some embodiments of the invention, a new uploaded file that has an identical name to a file that is in the list is renamed automatically, adding, for example, a version at the end of the file: document for approval (1), and each subsequent file with the same name will receive an increased index .

In the context of this invention, the use of the term client implies a client-server architecture. It is a computing or networking architecture well known in the art in which jobs or network load are distributed among service providers, called servers, and service customers, called clients. In fact, the client and server are software. Typically, these programs are located on different computers and interact with each other through a computer network using network protocols, but they can also be located on the same machine. Server programs wait for requests from client programs and provide them with their resources in the form of data (for example, downloading files via HTTP, FTP, BitTorrent, streaming multimedia or working with databases) or in the form of service functions (for example, working with email, communication via instant messaging systems or browsing web pages on the World Wide Web). Since one server program can fulfill requests from many client programs, it is placed on a specially dedicated computer configured in a special way, usually together with other server programs, so the performance of this machine must be high. Due to the special role of such a machine in the network, the specifics of its hardware and software, it is also called a server, and machines that run client programs are, respectively, clients. In this technical solution, for example, a media file can be received for loading into a data storage. Moreover, as media file standards, all existing ones from the prior art can be used without limitation, which include the basic media file format of the ISO standard (ISO/IEC 14496-12, which has the abbreviation ISOBMFF), MPEG-4 file format (ISO/IEC 14496-14, also called MP4 format), NAL block video file format (ISO/IEC 14496-15) and 3 GPP file format (3 GPP TS 26.244, also known as 3GP format). The ISO file format is the base for deriving all the file formats mentioned above (except for the actual ISO file format). These file formats (including the ISO file format itself) are called the ISO family of file formats.

Step 103: at least one key (FileKey) is generated for encrypting at least one file that is stored in the file data storage.

In this step, the mobile application installed on the mobile communication device 203 of the user 200 generates a unique key (FileKey) for encrypting at least one file with which the file will be encrypted.

To encrypt files that the user plans to upload to the file data storage, for example, the AES/CBC/PKCS5Padding or AES/CBC/PKCS7Padding algorithm is used. The length of such a file key (FileKey) is 128 bits (digits with values from 0 or 1). In some embodiments of the invention, a key size of 192 or 256 bits may be used.

In a particular embodiment, a symmetric algorithm is used to encrypt the file. For each file, its own unique file key (FileKey) is generated. Due to the use of a 128-bit key (AES algorithm), the possible number of combinations for attackers to select a unique key is 3.4 * 10 ^L 38, which even the fastest supercomputer at the moment cannot cope with, which increases the reliability of this technical solution.

In order to create a key (FileKey) for each round, the AES algorithm uses a key expansion process. The number of file encryption rounds depends on the key size: length 128 bits - 10 rounds; length 192 bits - 12 rounds; length 256 bits - 14 rounds.

The FileKey consists of 128 bits divided into 16 bytes and is written into the columns of the matrix. Each column of the matrix forms a word, i.e. in fact, the encryption key is four words. From these words, using a special algorithm, a sequence of 44 words is formed (each word is 32 bits). For each round of encryption, four words of this sequence are supplied.

The so-called round keys are generated from the generated file key using the key expansion procedure, as a result of which an array of round keys is formed, from which the required round key is then directly selected. Each round key is 128 bits long (or 4 four-byte words), and the bit length of all round keys is 128 bits (10 rounds+1) = 1408 bits (or 44 four-byte words). The first four words in the key array are filled with the cipher key, from the remaining 40 words generated, 4 words are selected for the round key. The choice of words is used known from the prior art: the first four words (they coincide with the cipher key) are the key number 0, the next four words are the round key for the first full round, etc.

As an example of implementation, a file key for encrypting one file may have the following form: OF 15 71 C9 47 D9 E8 59 OS B7 AD DF AF 7F 67 98.

Step 104: at least one file is encrypted with a previously generated at least one file encryption key.

The mobile application on the user's mobile communication device encrypts the file selected by the user for download with a file encryption key. Thus, in the case of using a 128-bit key, 10 rounds of encryption (data transformation procedures, as it is called in AES) are carried out. Before the first round of encryption, a modulo-2 summation operation is performed on the initial file key.

Transformations performed in one round are denoted as Round (State, RoundKey), where the State variable is a matrix describing the data at the input of the round and at its output after encryption; RoundKey variable is a matrix containing the round key. A round consists of 4 different transformations:

byte-byte substitution in an S-box with a fixed replacement table;

byte-by-byte shift of rows of the State matrix by a different number of bytes;

shuffling bytes in columns;

addition with a round key (XOR operation).

The last round is somewhat different from the previous ones in that it does not use the function of shuffling bytes in columns.

For AES, the length of the input data and state block is constant and equal to 128 bits, and the length of the encryption key is 128, 192, or 256 bits.

If there is no file with an identical name in the user data file storage 204, the file is encrypted. After file encryption is completed, it is loaded into the file data storage in encrypted form.

In some embodiments, if the digital certificate changes, the system 202 re-encrypts all file keys with the new certificate.

After encrypting the document, the file key (FileKey) is deleted from the user's mobile application.

Step 105: at least one key (FileKey), which encrypts at least one file, is encrypted with the public keys (PubllserKey) of those users who are given access to at least one file.

To encrypt file keys (FileKey), an algorithm such as

- 5 044169

RSA/ECB/PKCS1 Padding. The length of such a key can be 2048 bits. This is an asymmetric algorithm: there are private and public keys. For each user 200, a key pair is generated, the private key remains with the user. The public key is transferred to the server and is available to any potential user of the system 202. The file key (FileKey) is encrypted with it when the file is shared.

This ensures secure transmission of data to the system 202 on the server and storage of file keys (FileKey) in encrypted form, because If an attacker gains access to the system 202, he will not be able to decrypt the file because the file key (FileKey) is stored in encrypted form.

To encrypt a file (FileKey), the operation of exponentiation modulo N is used. To decrypt, it is necessary to calculate the Euler function of the number N, for this you need to know the decomposition of the number n into prime factors.

The key pair is generated as follows.

1. Choose two prime numbers p and q at random (such that p is not equal to q).

2. Determine the modulus of the expression N=p*q.

3. Determine the value of the Euler function from module N: f(N)=(p-1)(q-1).

4. Select a number e, called an open exponent, and the number e must lie in the interval 1 <e<fSh), and also be coprime with the value of the function fSh). Fermat prime numbers can be used as an open exponent, for example: 17 or 257, or 65537, etc.

5. Determine the number d, called the secret exponent, such that d*e=1(modφ(N)), that is, it is the multiplicative inverse of the number e modulo φ(N). So we get a key pair:

Pair (e, N) - public key. Pair (d, N) - private key.

In some embodiments, the technical solution uses OpenSSL, an open source cryptographic package for working with SSL/TLS, to generate a key pair.

Then, after generating a key pair, as shown in Fig. 3, the generated public key (e, N) is used to encrypt at least one file key m, which encrypts at least one file: C=E(M)=M ^Le mod(N).

Step 106: at least one key encrypted in the previous step is stored in the encryption key database, and at least one encrypted file is stored in the file data storage.

In some embodiments, the key encrypted in the previous step is stored in hex format in the encryption key database. HEX is a file format designed to represent arbitrary binary data in text form. For example, an encrypted key with the value 6131 would be stored as a string like 0x6 0xd 0x1. The mobile application transmits data to the system: the encrypted file encryption key (FileKey) and the user ID UserID. However, a copy of the file encryption key is not saved in the mobile application. System 202 generates a unique File ID based on the received file encryption key. The mobile application receives the file's unique File ID and stores it in the list of files. The mobile application then transfers the encrypted file and File ID, for example, to a cloud data storage. Cloud storage receives the encrypted file and stores it.

Upon receiving the encrypted key c, decrypt it using the private key (d,N), and decrypt the key as follows: M=D(C)=^d mod(N).

In this case, the file key (FileKey), encrypted with the user's public key (PubllserKey), can only be decrypted using the user's private key UserKey (always stored on the user's mobile communication device).

Aspects of the present invention may also be implemented by a processing device, which is a computer of a system (or such as a CPU/GPU or microprocessor) that reads and executes a program recorded on a storage device to perform the functions of the embodiment(s) described above. ) implementation, and the method shown in FIG. 1, the steps of which are performed by a computer from a system or device by, for example, reading and executing a program recorded on a storage device to perform the functions of the above-described embodiment(s). For this purpose, the program is provided to the computer, for example, via a network or from a recording medium of various types serving as a storage device (eg, a computer-readable medium).

The data processing device may have additional features or functionality. For example, the data processing device may also include additional storage devices (removable and non-removable), such as, for example, magnetic disks, optical disks, or tape. Computer storage media may include volatile and non-volatile, removable and non-removable media implemented in any method or technology for storing information such as computer-readable instructions, data structures, program modules or other data. Storage device, removable storage and non-removable storage are examples of computer storage media. Computer storage media

-

Claims (1)

include, but are not limited to, random access memory (RAM), read-only memory (ROM), electrically erasable programmable ROM (EEPROM), flash memory or other memory technology, compact disc ROM (CD) -ROM), digital versatile disks (DVDs) or other optical storage devices, magnetic cassettes, magnetic tapes, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to store desired information and be accessed access data processing device. Any such computer storage medium may be part of a system for identifying and classifying the causes of user complaints in the ATM channel. The processing device may also include input device(s), such as a keyboard, mouse, pen, speech input device, touch input device, and so on. Output device(s) such as a display, speakers, printer, and the like may also be included in the system. A computing device contains communication connections that allow the device to communicate with other computing devices, such as over a network. Networks include local area networks and wide area networks along with other large, scalable networks including, but not limited to, corporate networks and extranets. A communication connection is an example of a communication medium. Typically, a communication medium may be implemented by computer-readable instructions, data structures, program modules, or other data in a modulated information signal, such as a carrier wave, or other transport mechanism, and includes any information delivery medium. The term modulated information signal means a signal where one or more of its characteristics are changed or set in such a way as to encode information in the signal. By way of example, and without limitation, communications media include wired media, such as a wired network or direct wired connection, and wireless media, such as acoustic, radio frequency, infrared, and other wireless media. The term computer-readable media as used herein includes both storage media and communication media. The process sequences described in this document may be performed using hardware, software, or a combination thereof. When processes are executed by software, the program in which the sequence of processes is recorded may be installed and executed in the memory of a computer embedded in specialized hardware, or the program may be installed and executed on a general purpose computer that can execute various processes . For example, the program may be pre-recorded on a recording medium such as a hard disk or ROM (read only memory). Alternatively, the program may be temporarily or permanently stored (recorded) on a removable recording medium such as a floppy disk, CDROM (compact disc playback only), MO (magneto-optical) disc, DVD (digital versatile disc), magnetic disk or semiconductor memory. The removable recording medium may be distributed in the form of so-called retail software. The program may be installed from the removable recording medium described above onto a computer, or may be transferred via cable from a download site to a computer, or may be transferred to a computer via a network data link such as a LAN (Local Area Network) or the Internet. The computer can receive the program thus transmitted and can install it on a recording medium such as a built-in hard disk. The processes described in this document may be performed sequentially in time as described, or may be performed in parallel or separately, depending on the processing characteristics of the device executing the processes or as needed. The system described in this document is a logical collection of multiple devices and is not limited to a structure in which these devices are installed in a single housing. CLAIM 1. A method for securely storing information in file data storages, including the following steps: obtaining at least one public key and at least one private key of at least one user, wherein said public key and private key are generated in at least one user data processing device; obtain at least one file on at least one client; generating at least one key for encrypting at least one file, which is stored in the file data storage, and said encryption key is generated in at least one user data processing device; encrypting at least one file with the previously obtained at least one key for encrypting the file; -