Cryptography – Cryptanalysis
Patent
1995-12-28
1998-07-28
Cangialosi, Salvatore
Cryptography
Cryptanalysis
380 25, 380 30, H04L 900
Patent
active
057871698
ABSTRACT:
In a system in which encrypted information can be protected and maintained by multiple users using passwords in concert, a file with secure data contains both an unencrypted header and an encrypted data portion. The data portion contains both the secured data and a list of hashed passwords and is encrypted with a single file key. The unencrypted file header contains two tables. The first table is a list passwords, where each password is cryptographically hashed using a second, different hashing technique than the hashed passwords in the data portion of the file. The second table is a list of cryptographically hashed combinations of cryptographically hashed passwords, where the combinations correspond to authorized user quorums and the passwords are hashed using the same technique as the passwords stored in the data portion of the file. Each hashed combination on the list is also used as a password key to encrypt the file key. During use of the system, an authorized user must enter a password which, when hashed, can be found in the first table. If the entered password is found in the first table, a check is made to determine if enough authorized users have entered passwords to form a quorum. If there is a quorum, then passwords of the users in the quorum are hashed with the first hashing technique, combined and hashed again to form a password key. The file key can be decrypted with the password key and used to decrypt the file. The hashed passwords in the protected portion of the file can then be used to maintain the password lists.
REFERENCES:
patent: 5052040 (1991-09-01), Preston et al.
patent: 5210795 (1993-05-01), Lipner et al.
patent: 5276737 (1994-01-01), Micali
patent: 5315658 (1994-05-01), Micali
patent: 5319705 (1994-06-01), Halter et al.
patent: 5369707 (1994-11-01), Folendore
patent: 5373559 (1994-12-01), Kaufman et al.
patent: 5394471 (1995-02-01), Ganesan et al.
patent: 5418854 (1995-05-01), Kaufman et al.
patent: 5421006 (1995-05-01), Jablow et al.
patent: 5497421 (1996-03-01), Kaufman et al.
patent: 5519778 (1996-05-01), Leighton et al.
patent: 5647000 (1997-07-01), Leighton
patent: 5666415 (1997-09-01), Kaufman
Eldridge Alan D.
Kaufman Charles W.
Cangialosi Salvatore
International Business Machines Corp.
LandOfFree
Method and apparatus for controlling access to encrypted data fi does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for controlling access to encrypted data fi, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for controlling access to encrypted data fi will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-29380