| CPC H04L 9/0833 (2013.01) [H04L 9/0618 (2013.01); H04L 9/0861 (2013.01); H04L 9/0891 (2013.01)] | 20 Claims |
|
1. One or more non-transitory computer-readable media storing computer-executable instructions that, when executed by a processor, perform a method of providing encryption key management, the method comprising the steps of:
receiving, from a server, an encrypt request, the encrypt request comprising an encryption key request data structure and encrypt request plaintext, wherein the encryption key request data structure comprises one or more keyscope components, and the encrypt request plaintext comprises one or more of a message plaintext, a file plaintext, or a search index plaintext;
upon determining that an encryption key associated with the encryption key request data structure is not stored in at least one local memory, transmitting an encryption key generation request to a key server, the encryption key generation request comprising the encryption key request data structure;
upon determining that the key server has not responded with one or more of the encryption key and encryption key ciphertext, transmitting an encrypt request error to the server, wherein the encrypt request error comprises an electronic message indicating that access to a requested encryption key is denied; and
revoking, on a per keyscope component basis, access to encryption keys associated with the one or more keyscope components.
|