WO2014114987A1 - Chiffrage de dispositif personnel - Google Patents

Chiffrage de dispositif personnel Download PDF

Info

Publication number
WO2014114987A1
WO2014114987A1 PCT/IB2013/050671 IB2013050671W WO2014114987A1 WO 2014114987 A1 WO2014114987 A1 WO 2014114987A1 IB 2013050671 W IB2013050671 W IB 2013050671W WO 2014114987 A1 WO2014114987 A1 WO 2014114987A1
Authority
WO
WIPO (PCT)
Prior art keywords
metadata
encrypted
file
content
keyword
Prior art date
Application number
PCT/IB2013/050671
Other languages
English (en)
Inventor
Debmalya BISWAS
Original Assignee
Nokia Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Corporation filed Critical Nokia Corporation
Priority to PCT/IB2013/050671 priority Critical patent/WO2014114987A1/fr
Publication of WO2014114987A1 publication Critical patent/WO2014114987A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1458Management of the backup or restore process
    • G06F11/1464Management of the backup or restore process for networked environments
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Definitions

  • Embodiments relate ⁇ o security of data on a device.
  • the data may be backed up to a storage means.
  • a method comprising: encrypting a file comprising content and metadata for storage in a storage means by: encrypting the file content; and encrypting a first part of the metadata and at least a second part of the metadata; wherein the first part and the second part are encrypted independently of one another.
  • Encrypting a first part of the metadata may comprise providing a first encrypted value and encrypting the at least a second part of the metadata may further comprise providing a respective at least a second encrypted value.
  • the method may further comprise: providing the encrypted file content, first encrypted value and the respective at least a second encrypted value for storage at the storage means.
  • the metadata may comprise a plurality of keywords and the first part may comprise a first keyword of the metadata and the at least a second part may comprise a respective at least a second keyword.
  • Each keyword of the plurality of keywords may be one of an attribute, field and property of the file.
  • the first and at least second part of the metadata may be encrypted using a first encryption algorithm.
  • the first encryption algorithm may be one of a: hashing algorithm and a probabilistic encryption algorithm.
  • the method may further comprise requesting the retrieval of the encrypted file content from the storage means by; encrypting the first part of the metadata using a seeond encryption algorithm; and providing the encrypted first part of the metadata to the storage means as part of a request for retrieval of the encrypted file content.
  • the method may further comprise: determining whether the encrypted first part of the metadata in the request corresponds to the encrypted first part of the metadata stored at the storage means; and providing the corresponding encrypted file content when the encrypted first part of the metadata in the request corresponds to the encrypted metadata stored at the storage means.
  • the method may further comprise: encrypting the changed first part of the metadata; and providing the encrypted changed first part of the metadata to the storage means.
  • the method may further comprise: receiving the encrypted changed first part of the metadata; and updating the encrypted first part of the metadata stored at the storage means to correspond to the received encrypted changed first part of the metadata.
  • the method may further comprise: providing an indication of the updated metadata to at least one other device. At least one other device may be configured to access the file.
  • the first encryption algorithm may be a probabilistic encryption algorithm and may comprise encrypting the first and at least second part of the metadata in dependence on a public key and a reference to the location of the encrypted file content in the storage means.
  • an apparatus comprising: encryption means for encrypting a file comprising content and metadata for storage in a storage means by. encrypting the file content; and encrypting a first part of the metadata and at least a second part of the metadata; wherein the first part and the second part are encrypted independently of one another.
  • Encrypting a first part of the metadata may comprise providing a first encrypted value and encrypting the at least a second part of the metadata further comprises providing a respective at least a second encrypted value.
  • the apparatus may further comprise: communicating means for providing the encrypted file content, first encrypted value and the respective at least a second encrypted value for storage at the storage means.
  • the metadata may comprise a plurality of keywords and the first part may comprise a first keyword of the metadata and the at least a second part may comprise a respective at least a second keyword.
  • Each keyword of the plurality of keywords may be one of an attribute, field and property of the file.
  • the encryption means may be further configured to encrypt the first and at least second part of the metadata using a first encryption algorithm.
  • the first encryption algorithm may be one of: a hashing algorithm and a probabilistic encryption algorithm.
  • the apparatus may be configured to request the retrieval of the encrypted file content from the storage means, wherein the encryption means may be further configured to encrypt the first part of the metadata using a second encryption algorithm and the communication means may be further configured to provide the encrypted first part of the metadata to the storage means as part of a request for retrieval of the encrypted file content.
  • the encryption means may be further configured to encrypt the changed first part of the metadata; and the communicating means may be further configured to provide the encrypted changed first part of the metadata to the storage means
  • the first encryption algorithm may be a probabilistic encryption algorithm and may comprises encrypting the first and at least second part of the metadata in dependence on a public key and a reference to the location of the encrypted file content in the storage means.
  • an apparatus comprising: storage means for storing a file comprising encrypted file content, a first encrypted first part of the file metadata and an encrypted at least a second part of the file metadata; wherein the first part and the second part are encrypted independently of one another.
  • the apparatus may further comprise: communication means for receiving a request for retrieval of file content comprising a second encrypted first part of the file metadata encrypted using a second encryption algorithm; and determining means for determining whether the second encrypted first part of the metadata corresponds to first encrypted first part of the metadata; wherein the communication means is further configured to provide the corresponding encrypted file content when the second encrypted first part of the metadata corresponds to the second encrypted first part of the metadata.
  • the communication means may be further configured to receiving an encrypted changed first part of the metadata and the apparatus may be further configured to update the encrypted first part of the metadata stored at the storage means to correspond to the received encrypted changed first part of the metadata.
  • the apparatus may be further configured to: provide an Indication of the updated metadata to at least one other device. At least one other device may be configured to access the file.
  • a computer program product comprising program instructions, when executed, performing the steps ofs encrypting a file comprising content and metadata for storage in a storage means bys encrypting the file content; and encrypting a first part of the metadata and at least a second part of the metadata; wherein the first part and the second part are encrypted independently of one another.
  • a computer program product comprising program instructions, when executed, performing the steps ofs storing a file comprising encrypted file content, a first encrypted first part of the file metadata and an encrypted at least a second part of the file metadata; wherein the first part and the second part are encrypted independently of one another.
  • an apparatus comprising a memory and at least one processor, the apparatus configured to: encrypt a file comprising content and metadata for storage In a storage means by: encrypting the file content; and encrypting a first pari of the metadata and at least a second part of the metadata; wherein the first part and the second part are encrypted independently of one another.
  • an apparatus comprising a memory and at least one processor, the apparatus configured to store a file comprising encrypted file content, a first encrypted first part of the file metadata and an encrypted at least a second part of the file metadata; wherein the first part and the second part are encrypted independently of one another.
  • Figure 1 shows schematically an example of encrypted data being backed up
  • Figure 2 shows schematically an example of a user interface according to some embodiments
  • Figure 3 shows a flow diagram of a method of some embodiments
  • Figure 4 shows schematically an example of encrypted data being backed up according to a first embodiment
  • Figures 5a and b are flow diagrams depicting the method steps of storing and retrieving files according to a first embodiment
  • Figures ⁇ , b and c show schematically data being backed up, retrieved and updated according to a second embodiment
  • Figures 7a, b and c are flow diagrams depicting the method steps for storing, retrieving and updating data in accordance with the second embodiment
  • Figure 8 schematically shows and example of a multi-device environment
  • Figures 9a and 9b are flow diagrams depicting the method of Initializing a device and synchronising devices of the multi-device environment.
  • Figure 10 schematically shows an apparatus according to some embodiments.
  • Embodiments of the present application aim to provide a system for the encryption of business data on devices that may be used for both business and personal activities. Embodiments may back up such data while addressing potential security risks.
  • Secure storage solutions exist in which data on a device, for example a mobile phone or personal digital assistant ⁇ PDA ⁇ , may be backed up fa a remote storage location in order to protect against the corruption of the data.
  • a remote storage location Before being backed up to the remote storage, the sensitive data or content on the device being may be encrypted in order to increase the security surrounding such data.
  • a variety of encryption algorithms are available for encryption.
  • Devices that operate as business devices as well as personal deyices provide a unique security threat to any sensitive business data. These devices may be backed up using and interact with software programs selected by a user of the device and these programs may not adhere to the security requirements of a system administrator of the business.
  • One approach to securing the sensitive data is to provide encryption on the device for encrypting the data for storage.
  • This encryption of sensitive data may be carried out in a variety of ways.
  • the sensitive data for example data files on the device
  • the sensitive data may be encrypted with both the metadata and the content of the files being encrypted together. While this provides security of the files, it becomes difficult for a user to search for a specific file as both the file content and metadata identifying the file is encrypted.
  • Some systems may encrypt the data so that it can be searched by encrypting only the content of the file and storing the metadata associated with the file in an unencrypted or plain text form, in this way, while the content of the file is encrypted, a user may still search for specific file based on the metadata of that file.
  • metadata of a file may contain sensitive information and storing such information in plain text may comprise the security of the file.
  • a file name may be associated with the file comprising metadata and content.
  • the metadata and associated content may then both be encrypted and stored with the unencrypted file name being associated with the encrypted data. Searching of the encrypted data may be possible based on the unencrypted associated filename.
  • the file name may be descriptive of the contents of the file and a security risk.
  • the searching functionality is restricted as searches may be only carried out based on the filename and not on any attributes of a file stored in the metadata.
  • a system may be provided where metadata associated with a file content may be encrypted such that the metadata is searchable.
  • file metadata may be broken up info one or more keywords. These keywords may correspond to an aspect, field or property of the file metadata.
  • a keyword may be encrypted to form a first encrypted value or encrypted searchable keyword and stored in a file storage means. The encryption of the keyword before storage may prevent the file storage means (which may be provided by an untrusted third party) from being aware of the plaintext data in the keyword.
  • an encrypted searchable keyword may be associated with a location of corresponding file content in the file storage means.
  • a keyword may be encrypted to form a second encrypted value or trapdoor when the file contents stored by the file storage means are to be retrieved.
  • the trapdoor may be compared to the encrypted searchable keyword to determine if the keyword used to generate the trapdoor matches the keyword used to generate the encrypted searchable keyword. If the keywords match, the comparison returns a reference to the location at which the corresponding file content has been stored.
  • metadata keywords and file content are encrypted using a public key before being stored in the storage means.
  • the file storage means may therefore not have access to the plaintext value of either the file content or the metadata.
  • each keyword may be individually encrypted by a first encryption algorithm ⁇ o provide encrypted searchable keywords, These searchable encrypted keywords may each be associated with the location of the file content associated with the keyword.
  • the searchable encrypted keywords may be searchable using encrypted keywords to recover information associated with the location of the file content In the storage means.
  • Embodiments may deal with the back-up, retrieval and updating of files in a storage means. Embodiments may be implemented in a single active device environment and/or in a multiple device active environment.
  • Figure 1 shows an example of backing up a device according to one embodiment.
  • Figure 1 shows a first device 110 and a second device 1 20, in embodiments, the first device 110 may be a personal device that Is used for both personal and business purposes.
  • a device may be a mobile telephone such as a smart phone, a PDA, laptop, netbook, tablet computer or any other device that may be used to process both personal and business data.
  • the first device 110 may comprise a storage area 114 which may store number of files 111 , 112 and 113.
  • Each file 111 , 112 and 113 may comprise a metadata section 115 and a content section 116,
  • the first file 111 comprises metadata M1 and content C1 .
  • the second and third files 112 and 113 may comprise metadata M2 and M3 and content C2 and C3 respectively.
  • One or more of the files 111 , 112 and 113 stored on the device 110 may be backed up to a second device 1 20.
  • the first device 110 may be connected to the second device 1 20 via any suitable means. This may be for example a wired connection for example a USB cable, or through a wireless interface, for example Wi-Fi or any access network.
  • these files may be encrypted or otherwise secured before or during the copying and transfer of the files to the second device 1 20.
  • the files may transferred for storage to the second device 1 20.
  • the files 111 , 112 and 113 may be moved to the second device 1 20 for a variety of reasons for example for backing up of the data, for extra storage and/or for synchronisation of data among multiple devices.
  • the second device 1 20 may be any device suitable to store the secured data from the first device 110 or any other suitable device. It will be appreciated that while the second device 1 20 has been depicted as a passive device (providing storage of the data only), in some embodiments, the second device may edit and otherwise process the data.
  • the second device 1 20 may be for example a database, network storage, personal computer, business computer or any other device suitable for the storage of data files.
  • the second device 1 20 may have a storage area 124 which may be operable to store the first, second and/or third files 111 , 112 and 113 in an encrypted or otherwise secured form.
  • the storage area 1 24 of the second advice 1 20 may compromise a first section 125 which stores secured metadata 115 of the files and a second section 126 which may store the encrypted contents 126 of the files 111 , 112 and/or 113.
  • the files 1 21 , 1 22 and 1 23 stored in the storage area 124 of the second device 1 20 correspond to the secured and encrypted files 111 , 112 and 113 stored in the storage area 114 of the first device 110.
  • the securing of the metadata and encryption of the contents of the files 111 , 112 and/or 113 may be done by the suitable software residing on one of the first device 110 and the second device 1 20, both of these devices and/or a third party device.
  • the securing of the files may be carried out by the first device 110 before being transferred to the second device.
  • the securing may be carried out by the second device 1 20 in communication with the first device 110.
  • the second device 1 20 will be a trusted deyice.
  • the securing may be carried out by a third device and/or a combination of the devices.
  • the functionality for the securing of the fifes may in some embodiments be provided by an application or program for backing up or storing data.
  • the functionality may be provided by a computer program or software designed as a plug-in or wrapper to work with an existing backing up or storage solution.
  • a user may use their preferred software or application for the backing up of data on their device and the securing carried out by some embodiments may be provided as a plug-in wrapper for the existing backup application and/or storage solution.
  • a user may be making use of the mobile to PC synchronisation tool. It will be appreciated that embodiments of the present application may be used in conjunction with any backup storage solution.
  • the first device 110 has been described as being used for both business and personal reasons, it will be appreciated that this is by way of example only and the device may be any device making use of data files having different security concerns. For example so-called "business" data may be associated with a higher security needs and personal data may be associated with lower security needs. Additionally or alternatively a user may designate data or a data type as being higher or lower security.
  • a user may select which documents are to be backed up securely.
  • a system administrator may preeonflgure the system to have a default selection of files for securing in the manner of embodiments of the present application.
  • FIG. 2 shows an example of an user interface for data securing in accordance with some embodiments.
  • the securing system may be implemented on the first device 110.
  • the system may be implemented as a standalone storage system or as a plugin for an existing storage solution.
  • the interface may ask a user to select which files the user wishes to securely backup.
  • the user may be a system administrator and may set the default preferences to backing up a certain file type securely.
  • Figure 2 shows the first device 110 and the second device 1 20. It will be appreciated that in figure 2, the first device 110 is shown as a smart phone and the second device 1 20 is shown as a personal computer. It will be appreciated that this is by way of example only and these devices may take a different form.
  • the first device 110 of figure 2 shows a user interface 201 providing a selection of file types to be backed up.
  • the files may be documents, pictures, music and/or videos. It will be appreciated that any suitable file type or identification of a file may be used for the selection.
  • the selection may be based on a security need for a file, for example a low, medium or high security need.
  • the user has selected documents and videos to be backed up securely. It will be appreciated that in some embodiments, only these files may be backed up. In other embodiments all the files may be backed up with only the selected files being backed up in accordance with the securing of embodiments of the present application.
  • Figure 3 shows an example of a method carried out by some embodiments of the present application.
  • the contents C1 of the one or more selected files 111 , 112 and 113 are encrypted to E1 .
  • the files to be encrypted may have previously been selected for example according to the user interface of figure 2.
  • step 302 the metadata M1 associated with the selected content C 1 encrypted at step 301 is secured.
  • the metadata may be secured by generating a hash of the metadata Ml .
  • the metadata Ml may be secured by encrypting the metadata.
  • the secured metadata via hashing or encryption
  • the secured metadata may be such that the metadata is searchable in the storage means 1 24 of the second device 1 20 in its secured form.
  • the method then proceeds to step 303, where the encrypted content E1 and associated secured metadata S 1 is stored in the storage device, for example the storage means 124 of the second device 120. It will be appreciated that this is by way of example only and in some embodiments the secured metadata S 1 may be stored before or after the encrypted file content E1 is stored.
  • Metadata Ml , M2 and/or M3 of a file may comprise a plurality of aspects.
  • An aspect may be for example a field or property of the metadata in some embodiments.
  • metadata may comprise aspects such as name, path, type, properties, access permissions, exchangeable Image file format (EXIF) metadata in the case of images and/or other information associated with the content of the file.
  • EXIF exchangeable Image file format
  • Metadata may be constant. For example the type of data may remain unchanged even if the content of a file is edited or changed in some way.
  • Other aspects of the metadata may change when the content associated with that metadata is changed. For example properties or access permissions of the content may be changed.
  • the metadata may comprise a section of constant data and a section of variable data.
  • the constant data may correspond to fixed aspects of the file, for example the type, and the variable data may correspond to the aspects of the metadata that change when the content or characteristics of the file is edited.
  • the metadata may be divided into a constant data section and a variable data section and each section may be secured independently. In this manner, while a user of the data may change the metadata associated with the file, the constant part of the metadata remains unchanged and may be used to searchable information.
  • Figures 4a and 4b show the backup and retrieval of file contents according to a first embodiment of the present application.
  • file contents may be securely backed up by encrypting the contents of the file and hashing the metadata of the file.
  • hashing is a deterministic encryption, in other words hashing the same value always produces the same value and the hashed value may be a function of the contents of data being hashed.
  • Figure 4a shows a first device 110 having a storage means 114 storing a first file 111 and a second file 112.
  • the first and second files 111 and 112 may comprise a metadata section 115 and content section 116.
  • a second device 120 has a storage means 124 where a back up of the first file 111 and the second file 112 may be stored.
  • the first and second files 111 and 112 may be backed up in the second device 120 having an encrypted content section 126 and a secured metadata section 125. It will be appreciated that the secured metadata section 125 may be considered as a key to the content. Each backed up file may therefore be stored as a key 125 and content 126 pair.
  • Each aspect of the metadata may be a keyword that can be used to search for a file.
  • metadata may comprise one or more aspects or keywords and each of these keywords may be used to locate a file in the storage means 120.
  • a keyword may be stored in a hashed format in the storage means.
  • the vendor of the storage means or of the backing up software may therefore not have access to the plaintext metadata.
  • a plaintext keyword stored at the first device 110 may be hashed and matched against the hashed keywords in the storage means.
  • a file for example file 111 and/or 112 is securely backed up to the second device 120
  • the contents of the file for example C1
  • the metadata of the file is secured, in this example by hashing the metadata to provide H1 and stored as the key 125 in association with the encrypted content.
  • Figure 5a shows the method steps carried out in the backing up of a file according to this embodiment.
  • a constant part or keyword of the metadata of the file 111 is hashed.
  • the method then proceeds to step 502 where a second part or keyword of the metadata, namely the variable metadata !s hashed.
  • the hashed first and second keywords may form the key H 1.
  • the metadata may comprise more than two aspects or keywords.
  • Each keyword of the variable part of the metadata may be individually hashed in some embodiments.
  • One or more keywords of the constant part of the metadata may be hashed together or separately.
  • the content C1 associated with the hashed metadata is encrypted to produce E1 .
  • step 504 the hashed metadata H 1 and the encrypted content E1 is stored at the storage device 120 in the storage means 124 as a key 125 and content 126 pair.
  • Figure 4b shows the retrieval of information stored at the second device 120 in accordance with the first embodiment.
  • figure 4b comprises a first device 110 and a second device 120 having a storage means 124 and a first and second securely stored file 121 and 122.
  • the securely stored files comprise a key 125 and content 126 pair.
  • any editing of the file resulting in changed metadata will render the file unsearchable as the metadata of the file in the first device 110 will no longer match the metadata of the file in the storage deyice 120
  • one or more keywords of the constant part of the metadata stored at the first device 110 is hashed and matched to the key 125 in the second device 120. This is shown by step 511 of figure 5b.
  • the key may comprise the hashed constant part of the backed up metadata and the hashed variable part of the backed up metadata and in retrieval the hashed constant part of the metadata of the first device 110 may be matched the that part of the key corresponding to the backed-up constant part of the metadata.
  • the associated encrypted content 126 may be retrieved from the second device 120 and returned to the first device 110 at step 513.
  • the encrypted content may be decrypted for use of the user.
  • the decryption may for example be carried out by the second device 120 or by the first in device 110. In other embodiments the decryption may be carried out by third party.
  • the hashed metadata at the storage device may be updated as changes occur.
  • the first device may identify a file in the storage means by the hashed constant part of the metadata and provide and updated hashed variable part of the metadata to replace the outdated variable part.
  • the data stored on the second device 120 is described as a key content pair, it will be apparent that the content may correspond to the encrypted content C1 of the first device and the key may correspond to the secured metadata Ml of the first device 110. It will be appreciated that key may comprise a hashed constant part of the metadata and a hashed variable part of the metadata.
  • the hashed constant part may comprise one or more keywords of the constant part of the metadata hashed together or separately.
  • the hashed cariable part may comprise one or more keywords of ⁇ he variable part of the metadata hashed together or separately.
  • hashing can be considered to be a deterministic encryption, In other words hashing the same value always produces the same hash value. While hashing may be simple operation that may be associated with performance, it will be appreciated that a hashing mechanism is not as secure as a probabilistic encryption mechanism.
  • a probabilistic encryption may be applied to the metadata.
  • the same encryption may be applied to the metadata and content and may make use of a public key infrastructure scheme, in probabilistic encryption, a same value encrypted twice may produce different cipherfexts. This may provide a higher security then the use of hashing algorithms.
  • Figures 6 and 7 show an example of a backup, retrieval and update of content stored at a second device 120 in accordance with the second embodiment.
  • the public key encryption scheme may further provide indexing and searching functionality for the stored content.
  • a public key encryption keyword based indexing and search may make use of the following polynomials time randomised algorithms
  • KGEN ( 1 k); outputs a public-private key pair (A_pb, A_pr),
  • ENC(A_pb, C l )s outputs the ciphertext E l corresponding to the content C1 encrypted under public key A__pb.
  • TEST(A_pb, sw, tw'): outputs the value ref1 if w w'.
  • a reference to the location of encrypted file content E1 is encrypted together with a metadata keyword to form an searchable encrypted keyword sw n which is stored in the storage means.
  • the keyword w (stored at the first device) is encrypted to form a trapdoor tw.
  • the trapdoor tw is compared to the searchable encrypted keyword using a test algorithm, if the keyword in the searchable encrypted keyword matches the keyword in the trapdoor, the test algorithm returns the reference refl to the location of the encrypted file content E1 of the associated file in plaintext.
  • Figures 6 and 7 show the backup, retrieval and updating of securely stored content by a first device 110 on a second device 120.
  • the first device may comprise storage means 114 for storing a first and second file 111 and 112.
  • the first and second files 111 and 112 may comprise a metadata section 115 and a content section 116.
  • the second device 120 may similarly comprises storage means 124 which may store encrypted content 126. It will be appreciated that the first and second devices 110 and 120 may be similar to those of figure 1 and like numerals may denote like.
  • the content C1 of a file 111 may be encrypted.
  • the content may be encrypted using the encryption algorithm ENC.
  • the file contents C1 may be encrypted using the public key A__pb to form E1 .
  • the public private key pair A_pb, A__pv may not be symmetrical. It will be appreciated that the encrypted content E1 may be decrypted later using the private key A_pv.
  • ENC encryption algorithm
  • E1 ENC(A_pb, C1 )
  • the encrypted content E1 may be stored in the storage means 124 of the second device 120.
  • a reference ref l to the stored location of the encrypted content E1 may be provided. It will be appreciated that this reference may be provided by the a computer program being used ⁇ o back up the information and may for example be provided by software running on the first device 110, the second device 1 20 and/or a third device at.
  • the reference ref ! to the stored location of the encrypted content E1 is provided.
  • the metadata may comprise a set of attributes, fields or properties. These may be for example name, last modified date, creator, access permissions, content properties etc. it may be desired to be able to search the securely store content E1 based on one or more of these attributes, fields or properties.
  • Each attribute may correspond ⁇ o a keyword and a search of the backed up file contents may be carried out based an that keyword.
  • one or more keywords of the metadata may be encrypted, it will be appreciated that in some embodiments, each keyword of the metadata may be independently searched while in other embodiments only some keywords may be chosen to be searchable. The remaining keywords may be encrypted together in some embodiments.
  • each keyword may be encrypted using the searchable encryption (SENC) algorithm.
  • SENC searchable encryption
  • W may denote the set of keywords of a file metadata and may comprise individual keywords w 1, w 2 , w 3 etc.
  • One or more of the keywords may be individually encrypted.
  • a keyword w n may be encrypted to form a searchable encrypted keyword sw detox.
  • the searchable encrypted keyword sw n may include information corresponding to the reference ref 1 to the location of the encrypted content E1 associated with the file.
  • w n may be encrypted as follows:
  • the metadata keywords may be encrypted at step 704.
  • the encrypted keywords may be sent for storage at the second storage device 120.
  • Figure 6b shows an example of the retrieval of encrypted content E1 stored at the second device 120 based on a keyword of the metadata of the file F1 .
  • the user wishes to retrieve content stored at the second device 120, it is determined which keyword ( w 1 , w 2 , w 3 etc) of the metadata is to be used for searching for the content. For example the keyword w' n , may be selected for searching for the encrypted content E1 ,
  • the selected keyword w' n is encoded using the private key to provide a trapdoor tw' n .
  • the private key For example:
  • the encrypted selected keyword w' n for searching may be compared against the metadata of the keys stored in the second storage device 1 20.
  • a reference ref 1 to the storage location of the associated file content is provided. The reference may be used to return the encrypted content to the first device 110. This is shown at step 71 3 figure 7b.
  • this comparison may be carried out using the test algorithm where the reference refl is output if w' n in twV. matches w n of sw n .:
  • the encrypted content E1 may be retrieved from the location indicated by the reference refl . It will be appreciated that any suitable algorithm for the test algorithm may be used.
  • one or more attributes or keywords of a file may be changed during the editing and/or manipulation of the content of a file, in some embodiments, the metadata itself may be directly changed through the editing of file characteristics, for example permissions of a file.
  • Figure 6c and 7c shows the updating of a metadata attribute in the secure storage device 1 20 when such a change has occurred.
  • Figure 6c shows the first device 110 having a first and second file 111 and 112 in a storage means 114. Each file may comprise a metadata section 115 and a content section 116.
  • the second device 1 20 may securely store encrypted content of a backed up file in the storage means 1 24. Stored encrypted metadata in the second device 1 20 of figure 6c may be updated in accordance with the method steps of figure 7c.
  • step 721 it is determined whether a keyword of a file to be updated has changed, If the metadata has not been updated, the method proceeds to step 722 and the content of the file is encrypted and stored in storage means 124 of the second device 1 20.
  • the encrypted content may replace previously stored content corresponding to that file in the second device 1 20, It will be appreciated that the updated content will be stored in the same location as the previous content and the reference to the location ref 1 will remain unchanged.
  • each keyword of the metadata that has been updated is re-encrypted with the searchable encryption. This is shown in step 723.
  • the method then progresses to step 724 where an old keyword is used to identify the file being updated.
  • the old keyword may correspond to the metadata at the previous backup of a file. In other words the old keyword corresponds to the keyword before it was changed.
  • the metadata and content of the identified file stored at the second device 1 20 is then updated by storing the new searchable encrypted keyword and encrypted file content at step 725.
  • the foregoing has been described with reference to an environment having an active device 110 and a passive device 1 20.
  • the active device 110 may edit and/or change information held in files whereas the passive device 1 20 merely stores this information. It will be appreciated however that embodiments may be applicable to multi-device environments comprising more than one active device. Such an environment is shown for example in figure 8.
  • the multi-device environment 800 may comprise a first active device 110, a second actiye device 801 , a third active device 802, a fourth active device 803 and file storage ] 20, While four active devices have been exemplified in figure 8, it will be appreciated that the environment 800 may comprise more or less devices.
  • the active devices may be a variety of devices, for example a mobile telephone, such as a smart phone, a personal digital assistant (PDA), a tablet computer, a laptop or other personal or business computer or any other suitable device for the communication of information for remote storage.
  • a mobile telephone such as a smart phone, a personal digital assistant (PDA), a tablet computer, a laptop or other personal or business computer or any other suitable device for the communication of information for remote storage.
  • PDA personal digital assistant
  • file storage 1 20 may be one or more devices or storage systems providing backup and storage of files of the actiye devices.
  • the storage system 1 20 may comprise one or more processors and a memory as well as, in some embodiments, encryption and decryption capabilities and communication interfaces.
  • file storage 1 20 of figure 8 may have similar functionality to the storage device 1 20 of figure 1.
  • the file storage 1 20 may comprise a device that may not only provide storage of sensitive information but also edit and change such information, in other words the file storage 1 20 may additionally act as an active device.
  • the first active device 110, second active device 801 , third active device 802 and fourth active device 803 may be related in that they may have permissions to access the same or similar files stored in the file storage 1 20.
  • the active devices may be all associated with a specific user or group of users.
  • the actiye devices may have been registered and, in some embodiments, verified as belonging to a particular user or as having access permissions. It will be appreciated that each device may backup, retrieve and/or update data stored in the file storage 1 20 in accordance with one or more of the preceding embodiments.
  • the joining device When an active device joins the multi-device environment 800, the joining device may be initialised. This initialisation is shown in method step 901 figure 9 A,
  • a joining device may be synchronised with encryption information of the system and file metadata stored in the file storage 1 20.
  • This encryption information may be, for example, the information used to encrypt and/or secure data when it Is stored in the file storage 120 and may be for example a hashing algorithm or a key pair.
  • the joining device may be made aware of the metadata of the files that if can access in the file storage 120.
  • the joining device is made aware of this metadata so that it may search, retrieve and update the information (including the metadata and file contents) stored at the file storage 1 20.
  • the joining device is synchronised with the metadata stored in the file storage 1 20. it will be appreciated that the foining device need not be synched to all the metadata held in the file storage 1 20 but only selected metadata and/or metadata of files which the joining device is allowed to access.
  • This synchronisation of the metadata and encryption/securing information may be performed using a secure direct transfer mechanism, for example via a USB cable or other physical transfer method.
  • the initialisation may be carried out using a crypto protocol (for example proxy re ⁇ encryption) If the initialisation is fa be carried via a cloud (for example the cloud 120).
  • a public private user key pair (A pb , A pr ) and the file metadata for each file to be synchronised between the joining device and other devices of the environment 800 may be transferred to the foining device.
  • this may be via a USB cable or a physical information transfer such as a flashcard or memory stick. It will be appreciated that the transfer itself may be further secured via for example password protection or other authentication mechanism.
  • the joining device may update and/or retrieve file content and information from the file storage 1 20 using the security information and the metadata provided to the foining device during the initialisation, it will be appreciated that the retrieval and update of information may be in accordance with the described embodiments.
  • more than one active device may edit or change the file metadata.
  • the file metadata in the file storage 1 20 may be updated to reflect the changes made by the active device.
  • the second active device 801 of environment 800 edits a files metadata and updates the corresponding metadata in the file storage 1 20
  • the updated metadata in the file storage 120 may no longer match the metadata stored In the other active devices 110, 802 and 803.
  • a search issued by one of the other active devices 110, 802 and 803 using a metadata based keyword would not return the desired result as the corresponding metadata keyword at the file storage 120 has changed. Therefore when the metadata at the file storage 1 20 is updated by an active device, the metadata of all the active devices with access to that file In the multi-device environment should be updated.
  • Some embodiments of the present application provide the synchronisation of updated metadata amongst active devices of a multi-device system.
  • One example of the method of synchronisation is depicted in figure 9b.
  • the file storage 1 20 may provide the updated metadata to the other devices in the multi-device environment when it is determined that metadata has been updated at the file storage by one of the active devices.
  • the other active devices may then update their metadata accordingly to be in line with the updated metadata
  • a first active device may try to retrieve a file based on the old (prior to the update) metadata keyword before the file storage 1 20 has Informed the first active device that the metadata keyword has been updated, in this case, the file storage may store both the old metadata keyword and the updated metadata keyword In association with each other.
  • the first device sends a request using the old metadata keyword
  • the old metadata keyword may be matched to the old metadata keyword at the storage device 120 and the associated new or updated metadata keyword may be returned to the first active device.
  • the first active device may then generate a request using the new or updated metadata keyword.
  • the second active device 801 may store metadata W1 associated with a first file Fl .
  • the metadata W1 may comprise a plurality of keywords w 1 , w 2 , w 3 ect.
  • searchable keywords sw 1 , sw 2 , sw 3 etc. comprising the encrypted keyword may be stored in the file storage 1 20 and associated with the location of the encrypted file content E1 of the first file Fl stored at the file storage 1 20.
  • One or more keywords corresponding to fields or aspect of the metadata W 1 may be changed at the second active device.
  • the keyword w 1 may be changed to w 1 '.
  • the file content and other fields of the metadata may also have been changed. This can been seen by step 911 of figure 9b.
  • the second device may then update the metadata keyword held at the file storage 1 20 to correspond to the updated metadata keyword w 1 '.
  • the second device 1 20 may provide an encrypted version of the updated metadata keyword E w 1 ' to the file storage. This may be in accordance with step 91 2 of figure 9b.
  • the second active device 801 may encrypt the updated metadata keyword ws' to create a new searchable keyword s w 1 '. This may be done by, for example, using the algorithm SENC and provide the updated searchable keyword sw 1 ' to the file storage to replace the previous searchable keyword s w 1 .
  • the second active device may further encrypt the updated metadata keyword w 1 ' to be provided to the file storage 1 20. This may done for example using the encryption algorithm ENC to provide Ew 1 '.
  • ENC encryption algorithm
  • the different in the encryption of the searchable keyword and the encrypted keyword is that the searchable keyword is encrypted using both the updated metadata and a location reference for the file contents.
  • the file storage 120 may then send the encrypted updated metadata keyword Ew 1 ' to the remaining active devices in the multi-device environment 800. This can be seen at step 913 of figure 9b.
  • the remaining devices may then update their locally stored metadata keywords in accordance with the updated metadata. Now when the remaining active devices wish to issue a search query, they may encrypt the updated metadata keyword w 1 ' to form a trapdoor tw' 1 to access the content of the file at the file storage 1 20.
  • situation may arrive where an active device attempts to retrieve the file contents based on an outdated metadata keyword, for example before that device has been informed of the updated metadata keyword from the file storage 1 20.
  • the file storage 1 20 may store both the previous value of the searchable keyword sw 1 as well as the updated version of the searchable keyword s w 1 '.
  • the search On reception of a search request using the old metadata keyword, for example a trapdoor tw based on the old metadata keyword, the search may be carried out against the old metadata sw 1 . If it is determined that the search matches old metadata in the form of the old searchable keyword sw 1 , the file storage 1 20 may request the device to retry requesting a search and provide the device with the updated encoded metadata keyword E w 1 '.
  • FIG. 10 shows an example of an apparatus of some embodiments.
  • the apparatus 1000 comprises a memory or other storage means 1001 and one or more processors 1002. It will be appreciated that the apparatus may form part of the first device 110 and/or second device 120 and may carry out the functionality of with these devices.
  • the apparatus 1000 may further comprise a user interface and/or a communication means for communicating with further devices in any suitable form.
  • the various embodiments of the invention may be implemented in hardware or special purpose circuits, software, logic or any combination thereof.
  • some aspects may be implemented In hardware; while other aspects may be implemented in firmware or software which may be executed by a controller, microprocessor or other computing apparatus, although the invention is not limited thereto.
  • firmware or software which may be executed by a controller, microprocessor or other computing apparatus, although the invention is not limited thereto.
  • While various aspects of the invention may be illustrated and described as block diagrams, flow charts, or using some other pictorial representation, it is well understood that these blocks, apparatus, systems, techniques or methods described herein may be implemented in, as non-limiting examples, hardware, software, firmware, special purpose circuits or logic, general purpose hardware or controller or other computing devices, or some combination thereof.
  • the embodiments of this invention may be implemented by computer software executable by a data processor of the mobile device, such as in the processor entity, or by hardware, or by a combination of software and hardware.
  • any blocks of the logic flow as in the Figures may represent program steps, or interconnected logic circuits, blocks and functions, or a combination of program steps and logic circuits, blocks and functions.
  • the software may be stored on such physical media as memory chips, or memory blocks implemented within the processor, magnetic media such as hard disk or floppy disks, and optical media such as for example DVD and the data variants thereof, CD.
  • the memory may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as semiconductor-based memory devices, magnetic memory devices and systems, optical memory devices and systems, fixed memory and removable memory.
  • the data processors may be of any type suitable to the local technical environment, and may include one or more of general purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs), application specific integrated circuits (ASIC), gate level circuits and processors based on multi-core processor architecture, as non-limiting examples.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Medical Informatics (AREA)
  • Software Systems (AREA)
  • Quality & Reliability (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé et un appareil. Un fichier comprenant un contenu et des métadonnées à stocker dans un dispositif de stockage est chiffré en chiffrant le contenu du fichier ; et en chiffrant une première partie des métadonnées et au moins une seconde partie des métadonnées. La première partie et la seconde partie sont chiffrées indépendamment l'une de l'autre.
PCT/IB2013/050671 2013-01-25 2013-01-25 Chiffrage de dispositif personnel WO2014114987A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/IB2013/050671 WO2014114987A1 (fr) 2013-01-25 2013-01-25 Chiffrage de dispositif personnel

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/IB2013/050671 WO2014114987A1 (fr) 2013-01-25 2013-01-25 Chiffrage de dispositif personnel

Publications (1)

Publication Number Publication Date
WO2014114987A1 true WO2014114987A1 (fr) 2014-07-31

Family

ID=51226974

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2013/050671 WO2014114987A1 (fr) 2013-01-25 2013-01-25 Chiffrage de dispositif personnel

Country Status (1)

Country Link
WO (1) WO2014114987A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016147066A1 (fr) * 2015-03-19 2016-09-22 Yuga Computing Solutions Inc. Procédé et appareil de protection de confidentialité d'image
CN115801397A (zh) * 2022-11-15 2023-03-14 成都理工大学 一种抗合谋攻击的代理可搜索加密方法

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100153403A1 (en) * 2008-12-12 2010-06-17 Electronics And Telecommunications Research Institute Method for data encryption and method for conjunctive keyword search of encrypted data
US20100318782A1 (en) * 2009-06-12 2010-12-16 Microsoft Corporation Secure and private backup storage and processing for trusted computing and data services
US20110004607A1 (en) * 2009-05-28 2011-01-06 Microsoft Corporation Techniques for representing keywords in an encrypted search index to prevent histogram-based attacks
US20110138190A1 (en) * 2009-12-09 2011-06-09 Microsoft Corporation Graph encryption
US20110145593A1 (en) * 2009-12-15 2011-06-16 Microsoft Corporation Verifiable trust for data through wrapper composition
US20110145594A1 (en) * 2009-12-16 2011-06-16 Electronics And Telecommunications Research Institute Method for performing searchable symmetric encryption

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100153403A1 (en) * 2008-12-12 2010-06-17 Electronics And Telecommunications Research Institute Method for data encryption and method for conjunctive keyword search of encrypted data
US20110004607A1 (en) * 2009-05-28 2011-01-06 Microsoft Corporation Techniques for representing keywords in an encrypted search index to prevent histogram-based attacks
US20100318782A1 (en) * 2009-06-12 2010-12-16 Microsoft Corporation Secure and private backup storage and processing for trusted computing and data services
US20110138190A1 (en) * 2009-12-09 2011-06-09 Microsoft Corporation Graph encryption
US20110145593A1 (en) * 2009-12-15 2011-06-16 Microsoft Corporation Verifiable trust for data through wrapper composition
US20110145594A1 (en) * 2009-12-16 2011-06-16 Electronics And Telecommunications Research Institute Method for performing searchable symmetric encryption

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016147066A1 (fr) * 2015-03-19 2016-09-22 Yuga Computing Solutions Inc. Procédé et appareil de protection de confidentialité d'image
US10489603B2 (en) 2015-03-19 2019-11-26 Kbytes Solutions Private Limited Method and apparatus for image privacy protection
CN115801397A (zh) * 2022-11-15 2023-03-14 成都理工大学 一种抗合谋攻击的代理可搜索加密方法
CN115801397B (zh) * 2022-11-15 2024-04-09 成都理工大学 一种抗合谋攻击的代理可搜索加密方法

Similar Documents

Publication Publication Date Title
US10762229B2 (en) Secure searchable and shareable remote storage system and method
CN105678189B (zh) 加密数据文件存储和检索系统及方法
US10063372B1 (en) Generating pre-encrypted keys
US10204235B2 (en) Content item encryption on mobile devices
US8621240B1 (en) User-specific hash authentication
US8930691B2 (en) Dynamic symmetric searchable encryption
US8565422B2 (en) Method and system for enryption key versioning and key rotation in a multi-tenant environment
US9137222B2 (en) Crypto proxy for cloud storage services
US9483486B1 (en) Data encryption for a segment-based single instance file storage system
Salam et al. Implementation of searchable symmetric encryption for privacy-preserving keyword search on cloud storage
US8181028B1 (en) Method for secure system shutdown
CN104331408A (zh) 分级内容可寻址存储系统中的块级客户端侧加密
US11256662B2 (en) Distributed ledger system
JP2010061103A (ja) 高速検索可能な暗号化のための方法、装置およびシステム
US9886448B2 (en) Managing downloads of large data sets
US10152487B1 (en) System and method for a cloud storage provider to safely deduplicate encrypted backup objects
JP2004126639A (ja) データ管理システム、データ管理方法及びプログラム
US10120870B2 (en) System and method for searching distributed files across a plurality of clients
KR101979267B1 (ko) 클라우드 저장 기반 암호화 시스템 및 방법
CN112685753B (zh) 一种用于加密数据存储的方法及设备
Lee et al. A secure index management scheme for providing data sharing in cloud storage
JP2019079280A (ja) ファイル検証装置、ファイル移行システムおよびプログラム
WO2014141802A1 (fr) Dispositif de traitement d'informations, système de traitement d'informations, procédé de traitement d'informations et programme
JP5511925B2 (ja) アクセス権付き暗号化装置、アクセス権付き暗号システム、アクセス権付き暗号化方法およびアクセス権付き暗号化プログラム
WO2014114987A1 (fr) Chiffrage de dispositif personnel

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13872454

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13872454

Country of ref document: EP

Kind code of ref document: A1