| 主权项 |
1. A portable electronic device comprising:
a hardware processor; a memory; an encrypted data structure area associated with a user on the portable electronic device that contains individual file encryption keys; a file storage area that stores files associated with a user on the portable electronic device, each file encrypted using a unique random encryption key that is stored in the encrypted data structure area; a user interface module that receives a password from a user of the portable electronic device and derives from the user-provided password, a serial number of the portable electronic device, and a hard coded private string an encryption key to the data structure area which is used to decrypt the data structure area, and where neither the user-provided password or the encryption key to the data structure area based upon the user-provided password are stored anyplace within the portable electronic device or anywhere else;a data structure interface module that, provided the data structure area has been successfully decrypted by the encryption key to the data structure area, generates random encryption keys for each file, encrypts each file, and stores the file encryption keys in the data structure area; and
a file storage interface module, wherein the data structure interface module passes the encrypted files to the file storage interface module, the file storage interface module stores files received from the data structure interface module in the file storage area and retrieves files from the file storage area and passes them to the data structure interface module, the data structure interface module only being able to provide or accept such files after the data structure area has been successfully decrypted with the data structure area encryption key. |
