<p>A system and method for encryption and decryption of files. The system and method operate in conjunction with the file system to transparently encrypt and decrypt files in using a public key-private key pair encryption scheme. When a user puts a file in an encrypted directory or encrypts a file, all data writes to the disk for that file are encrypted with a random file encryption key generated from a random number and encrypted with the public key of a user and the public key of at least one recovery agent. The encrypted key information is stored with the file, whereby the user or a recovery agent can decrypt the file data using the private key thereof. When a proper private key is used, encrypted reads from the disk are decrypted transparently by the file system and returned to the user.</p>
申请公布号
WO9914652(A1)
申请公布日期
1999.03.25
申请号
WO1998US19049
申请日期
1998.09.11
申请人
MICROSOFT CORPORATION
发明人
BRUNDRETT, PETER;GARG, PRAERIT;GU, JIANRONG;KELLY, JAMES, W., JR.;KAPLAN, KEITH, S.;REICHEL, ROBERT, P.;ANDREW, BRIAN;KIMURA, GARY, D.;MILLER, THOMAS, J.