Method and system for multiple symmetric decryption of .ZIP files

Abstract

The present invention provides a method of integrating existing strong encryption methods into the processing of a .ZIP file to provide a highly secure data container which provides flexibility in the use of symmetric and asymmetric encryption technology. The present invention adapts the well established .ZIP file format to support higher levels of security and multiple methods of data encryption and key management, thereby producing a highly secure and flexible digital container for electronically storing and transferring confidential data.

Description

BACKGROUND OF THE INVENTION [0001] The present invention relates generally to a method of using standard .ZIP files and strong encryption technology to securely store files, and more particularly to a method of integrating existing strong encryption methods into the processing of .ZIP files to provide a highly secure data container which provides flexibility in the use of symmetric and asymmetric encryption technology. The present invention adapts the well established and widely used .ZIP file format to support higher levels of security and multiple methods of data encryption and key management, thereby producing an efficient, highly secure and flexible digital container for electronically storing and transferring confidential data. [0002] Compression of computer files has been available for many years. Compressing files can save large amounts of disk space, and can reduce transfer time when downloading files from the Internet or transferring files through email. Almost any file one...

AI Technical Summary

Benefits of technology

[0012] The present invention provides a method of integrating multiple strong encryption methods into the processing of .ZIP files to provide a highly secure data container which provides flexibility in the use of symmetric and asymmetric encryption technology. The present invention adapts the well established .ZIP file format to support higher levels of security and multiple methods of data encryption and key management, thereby producing a highly secure and flexible digital container for storing and transferring confidential electronic data.

[0013] The present invention provides a method of integrating multiple strong encryption methods into the processing of .ZIP files to provide a highly secure data container which provides flexibility in the use of encryption technology. The present invention supports existing weak encryption methods available in .ZIP software programs used today to ensure backward compatibility with existing software programs that use the .ZIP file format. Strong encryption methods are made available to computer users as configurable options to select when compressing and encrypting their files or other data into a .ZIP file.

[0014] The method of the present invention provides the capability of using strong encryption when creating .ZIP files. It is flexible in that it provides that different encryption methods can be applied to a single .ZIP file to meet the security needs of a given computer user or application. Strong encryption algorithms are preferably used in conjunction with either password (symmetric) or any form of public / private key (asymmetric) encryption methods. The symmetric method preferably includes a password defined by the user, while the asymmetric method preferably includes a public / private key associated with digital certificates to process encryption keys. The invention allows one or more passwords and one or more public keys to be used individually, or in combination at the same time when archiving any file of any type of data into a secure .ZIP file. This capability is useful since secure .ZIP files are frequently distributed, or otherwise made accessible, to multiple recipients for decryption. Some of those recipients may require password access while others may require certificate access.

[0016] Specifically, the present invention supports non-repudiation to uniquely bind a .ZIP file with the identity of its creator, and prevent that creator from denying the creation of that .ZIP file. One method of non-repudiation used by this invention is the identity support available with digital signatures that can be generated using public / private key technology. The non-repudiation function provided by the present invention also preferably supports time-stamping methods for fixing the creation of a digital signature in time, as well as time-stamped audit trails providing transaction history.

[0018] The method of the present invention further supports the encryption of file characteristics for each file inside a .ZIP file. Current .ZIP software programs encrypt only the contents of the files in a .ZIP file. The additional characteristics for each file, such as its name, size, etc., remain unencrypted. To remove the possibility that this unencrypted data for a file could be made available to an unauthorized user, this information may preferably also be encrypted as an option. This additional encryption further increases the level of security available to .ZIP file users.

[0022] The present invention provides many advantages or benefits over the prior art. One benefit is the ability to use multiple encryption methods instead of supporting only a single encryption method. A second benefit is the ability to use a mixture of symmetric and asymmetric encryption in a single, secure .ZIP file. A third benefit is that the encryption of individual files using advanced public / private keys provides a significantly higher level of security to computer users. A fourth benefit is that encryption of .ZIP file data can be implemented using a range of commonly available cryptographic toolkits. A fifth benefit is that the present invention supports using packaged or readily available encryption algorithms to provide state-of-the-art security. A sixth benefit is the availability of non-repudiation using digital signatures through the use of public / private key technology. A seventh benefit is that the invention ensures a high degree of interoperability and backward compatibility by extending the current .ZIP file format.

Problems solved by technology

The data encryption method used by these software programs uses a key size of 96 bits or less and is considered weak or moderate encryption by today's standards.

Weak data encryption may not provide sufficient security to computer users that store and transfer their confidential data files using the .ZIP format.

Password-based key generation has been a commonly used method of applying data encryption, however, known vulnerabilities to cracking methods such as “brute force password cracking” make this method of encryption insufficient to meet today's more advanced security needs.

Another known limitation of password-based security is the lack of non-repudiation.

This cannot be achieved with symmetric encryption methods.

Images