Method and system for secure use of services by untrusted storage providers

摘要

A method for encrypting data. The method comprises receiving, from a user, via a client terminal, digital content including at least one textual string for filling in at least one field in a document managed by a network node via a computer network, encrypting the at least one textual string, and sending the at least one encrypted textual string to the network node via the computer network so as to allow filling in the at least one field with the at least one encrypted textual string. The network node is configured for storing and retrieving the at least one textual encrypted string without decrypting.

主权项

1. A method for encrypting data, comprising the steps of:
a) presenting, on a display of a client terminal, a document managed by a network node in communication with said client terminal via a computer network, said document including at least one unencrypted first textual string and at least one field for filing in by a user; b) receiving, from said user, via said client terminal, another at least one second textual string for filling in said at least one field; c) encrypting said another at least one second textual string, and maintaining said at least one unencrypted first textual string in an unencrypted state; d) adding an identifier to said at least one encrypted second textual string, said identifier used for identifying said at least one encrypted second textual string for decryption of said at least one encrypted second textual string by an entity separate from said network node, said entity for retrieving said at least one encrypted second textual string; and, e) sending said at least one encrypted second textual string and said added identifier, to said network node via said computer network f) filling in, by said network node, said at least one field of said document with said at least one encrypted second textual string and said added identifier, and maintaining said at least one unencrypted first textual string in said unencrypted state; wherein said network node is configured for storing and retrieving said document comprising said at least one unencrypted first textual string and said at least one encrypted second textual string and said added identifier without decrypting said at least one encrypted second textual string.