Portable Data Encryption Device with Configurable Security Functionality and Method for File Encryption

Abstract

A portable encryption device with logon access controlled by an encryption key, with an on board cryptographic processor for reconstituting the encryption key from a plurality of secrets generated by a secret sharing algorithm, optionally shrouded with external secrets using an invertible transform resistant to quantum computing attacks. Another embodiment provides file decryption controlled by a file encryption key, with the on board cryptographic processor reconstituting the file encryption key from a version of the file encryption key which has been shrouded with a network authorization code. A method for encryption of a plaintext file by hashing, compressing, and encrypting the plaintext file, hashing the ciphertext, hashing the plaintext hash and the ciphertext hash, and sealing the ciphertext together with the resulting hash. A portable encryption device for performing the method is also disclosed.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS[0001]The present application claims the benefit of U.S. Provisional Patent Application No. 60 / 886,087 titled “Modular Portable Storage Device And System With Configurable Security Functionality” filed Jan. 22, 2007, the contents of which is incorporated by reference in this disclosure.BACKGROUND OF THE INVENTION[0002]The creation of proprietary digital information is arguably the most valuable intellectual asset developed, shared, and traded among individuals, businesses, institutions, and countries today. This information is mostly defined in electronic digital formats, e.g., alphanumeric, audio, video, photographic, scanned image, etc. The exposed storage and transport of this proprietary information, particularly for the purposes of sharing among separate collaboration groups, has significantly increased the risk of interception and theft by criminal elements, competitors, amateur thieves, computer hackers, terrorists, or political or indus...

AI Technical Summary

Benefits of technology

[0029]The present invention addresses these issues and severely mitigates or eliminates vulnerabilities or requires levels of time and effort that could well render the value of the information as insignificant by the time it could be exposed as plaintext. Through the use of the methods, apparatus, and system represented by the invention, together with the selection of available manufacturing techniques for prot...

Problems solved by technology

The exposed storage and transport of this proprietary information, particularly for the purposes of sharing among separate collaboration groups, has significantly increased the risk of interception and theft by criminal elements, competitors, amateur thieves, computer hackers, terrorists, or political or industrial spies.

The physical mobility of these storage devices makes them vulnerable to theft, capture, loss, and possible misuse.

However, thin client software greatly increases the vulnerability of such data to hackers who are able to penetrate the firewalls and other mechanisms, unless the data is encrypted on the storage medium in such a way that only authorized users could make sense of it, even if an unauthorized user were able to access the encrypted files.

The sophistication of literally millions of mathematicians, computer engineers and scientists, many of whom can be hostile to the protection of digital intellectual property for economic, political, or frivolous purposes, represents a great threat to the efficacy of simple implementations of password security and software encryption systems currently implemented on such portable encryption devices.

Furthermore, the difficulty and, in some cases, the inability to change security policies for access to such data forms yet another barrier to the commercial and institutional interests of the owners of the intellectual property in controlled and directed sharing of such information, and of the user's ability to retrieve, search, and store such data in their daily activities.

In contrast, some users have adopted the use of hardware-based encryption solutions in order to prevent these problems, only to discover a few years later that their data was irretrievable because their cryptographic token was lost, stolen, or malfunctioned and they had no backup or recovery agent capability, or that interesting or even vital historical records could not be read because no information exists as to what keys were used to encrypt the documents, or what tokens or PINs were used.

It is easy to imagine that if these issues are a significant problem today, then the problem of encrypting data for personal privacy for 40 or 50 years, or even the life of the individual, will become overwhelming.

Because the secure portable encryption device may be used in a high threat and high-risk environment, there is the possibility that the device could be lost, stolen, or captured by competitive or criminal forces, and later disassembled and even reverse engineered by a sophisticated and capable adversary.

In many environments, it is not sufficient merely to restrict the physical access and ability to log on to the device to certain host computers within a given enclave.

Finally, it must be recognized that the long-term storage of encrypted data presents some very difficult problems in sorting, searching, or even finding any data that is relevant to a particular subject, without being forced to decrypt the entire archive in order to find something.

This process is difficult enough if the document is a text document that can be searched relatively easily, but if the information that is sought is a photograph, drawing, sound recording, musical score, computer program, or other more abstract data type, then the search process can be very difficult indeed.

In addition to the search difficulty, there is a cost associated with the long-term storage of any kind of data, encrypted or not, and it is often necessary to make an intelligent decision as to what to save and what to discard.

But if the information is encrypted, making that decision effectively r...

Images