Encrypting file system and method

Patent 6249866 Issued on June 19, 2001. Estimated Expiration Date:

September 16, 2017. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.

Abstract Claims Description Full Text

Patent References

Cryptographic file security for single domain networks
Patent #: 4238854
Issued on: 12/09/1980
Inventor: Ehrsam , et al.

Cryptographic communication and file security using terminals
Patent #: 4386234
Issued on: 05/31/1983
Inventor: Ehrsam , et al.

Hybrid public key algorithm/data encryption algorithm key distribution method based on control vectors
Patent #: 5142578
Issued on: 08/25/1992
Inventor: Matyas, et al.

System for seamless processing of encrypted and non-encrypted data and instructions
Patent #: 5224166
Issued on: 06/29/1993
Inventor: Hartman, Jr.

Method and system for multimedia access control enablement
Patent #: 5319705
Issued on: 06/07/1994
Inventor: Halter, et al.

Method and apparatus for enabling trial period use of software products: Method and apparatus for utilizing a decryption block
Patent #: 5598470
Issued on: 01/28/1997
Inventor: Cooper, et al.

Enhanced data privacy for portable computers
Patent #: 5870468
Issued on: 02/09/1999
Inventor: Harrison

Enciphering/deciphering device and method, and encryption/decryption communication system Patent #: 5870477
Issued on: 02/09/1999
Inventor: Sasaki, et al.

Inventors

Assignee

Microsoft Corporation

Application

No. 931774 filed on 09/16/1997

US Classes:

713/165, File protection380/286Key escrow or recovery

Examiners

Primary: Barron, Gilberto Jr.

Attorney, Agent or Firm

Michalik & Wylie, PLLC

Foreign Patent References

0 681 233 A1 EP. 11/13/1995

International Class

H04L 009/30

Abstract

A system and method for encryption and decryption of files. The system and method operate in conjunction with the file system to transparently encrypt and decrypt files in using a public key-private key pair encryption scheme. When a user puts a file in an encrypted directory or encrypts a file, all data writes to the disk for that file are encrypted with a random file encryption key generated from a random number and encrypted with the public key of a user and the public key of at least one recovery agent. The encrypted key information is stored with the file, whereby the user or a recovery agent can decrypt the file data using the private key thereof. When a proper private key is used, encrypted reads from the disk are decrypted transparently by the file system and returned to the user.

Other References

Copy of Written Opinion in Corresponding PCT Application No. PCT/US98/19049
Copy of International Search Report in Corresponding PCT Application No. PCT/US98/19049
Denning, Dorothy E.; Branstad, Dennis K. "A Taxonomy for Key Escrow Encryption Systems" Communications of the ACM vol. 39, No. 3: 34-39. Mar. 1996
Blaze, Matt. "A Cryptographic File System for Unix" First ACM conference Nov. 3-5, 1993
Rivest, R. L.; Shamir, A.; Adleman, L. "A Method for Obtaining Kigital Signatures and Public Key Cryptosystems" Communications of the ACM vol. 21, No. 2: 120-126. Feb. 1978
Cattaneo, G.; Persiano, G. "Design and Implementation of a Transparent Cryptographic File System for Unix" Dep. Informatica ed Appl., Universita di Salerno, Baronissi(SA)--Italy
Blaze, Matt. "Key Management in an Encrypting File System" 1994 Summer USENIX 27-35. Boston, MA Jun. 6-10, 1994
Eastlake, et al. "RFC 1750: Randomness Recommendations for Security" GlobeCom Network 1-28 Dec. 1994
Editors: Foot, G. H.; Sewell, R. F. "The Public Key Cryptography" vol. 1, No. 1. Jan. 1991
Editors: Foot, G. H.; Sewell, R. F. "The Public Key" vol. 1, No. 2. Jun. 199