This invention pertains to the art of securely and confidentially storing and retrieving data on many types of storage media, including data stored and retrieved using the public Internet, also known as the “cloud.” Portable storage media, such as USB drives, SD cards, and cell phones may store large amounts of data yet typically have no or limited means of protecting the data they contain. Storing data in the cloud puts the data at risk of being compromised—whether by interception during transmission to the cloud service provider or by hacking the service provider when the data is stored. Typical file encryption uses HTTPS during transmission and disk encryption by the cloud service provider when the data is stored; both of these put the keys in control of the service providers and require the user to trust that the encryption access keys are secure—not hacked, taken by disloyal employees, or compelled to be given to the government. And even if the encryption keys are kept safe, once the files are acquired by a hacker, the files are in the hacker's control. At that point, large computational resources can be applied to decrypt the files, or the files may be kept until decryption technologies improve.
Current private and public key encryption methods use a small amount of random data (an initialization vector and a key) in conjunction with a deterministic algorithm to disorder the information into secure data. The weakness is the deterministic algorithm and the size of the randomness to start the encryption process.
Information Dispersal Algorithms (IDA) break apart confidential data for transmission and storage to make it harder to reconstitute the confidential data. However, the dispersed packets pass through “pinch points” in the network through which all packets are routed and thus can be collected (for example, by sniffers or by the Internet service provider). These dispersed packets have headers that can be used to reassemble the confidential data. Also, cloud storage services may add their own headers to the dispersed packets of confidential data stored by the services, where the headers may also be used to recollect and reassemble the confidential data.
All-Or-Nothing Transforms (AONT) require the collection of all pieces of a secret in order to decrypt the secret. AONT depends on a bad actor not being able to collect all pieces of a secret (for example, all fragmented pieces of a dispersed confidential data). However, transmitting confidential data protected by AONT to the cloud requires the data to go through the same pinch points as discussed above, which make it likely that all of the pieces can be collected and thus decrypted or cracked.
Users should be able to share and store files securely, including through the Internet, keeping control of the keys and preventing access to their files. To limit the risk of compromise, this method and system are disclosed.