公开(公告)号：US20220083511A1

公开(公告)日：2022-03-17

申请号：US17533106

申请日：2021-11-22

Applicant: Apple Inc.

Inventor： Per Love HORNQUIST ASTRAND ,  Van HONG ,  Nihar SHARMA ,  Xixi LU ,  Steven A. MYERS ,  Michelle D. LININGTON ,  Yannick L. SIERRA

IPC: G06F16/178 ,  G06F16/182 ,  H04L9/30 ,  H04L9/08 ,  H04L9/12 ,  H04L9/32

Abstract: The subject technology may be implemented by a device that includes at least one processor configured to encrypt a data object based at least in part on an encryption key. The at least one processor may be further configured to sign the encrypted data object with a private key and transmit the signed encrypted data object to a server for retrieval by another device. The at least one processor may be further configured to generate a sharing object corresponding to the data object, wherein the sharing object includes an encryption key and a public key that corresponds to the private key. The at least one processor may be further configured to encrypt the sharing object using a key of the other device and transmit, over a secure channel, the encrypted sharing object to the other device for subsequent retrieval and verification of the signed data object from the server.

公开(公告)号：US20220393867A1

公开(公告)日：2022-12-08

申请号：US17649924

申请日：2022-02-03

Applicant: Apple Inc.

Inventor： Gokul P. THIRUMALAI ,  Alexandre A. AYBES ,  Dmitry V. BELOV ,  Jean-Luc GIRAUD ,  Kalyan C. GOPAVARAPU ,  Sudhakar N. MAMBAKKAM ,  Rebekah H. MERCER ,  Keaton F. MOWERY ,  Steven A. MYERS ,  Munish K. POONIA ,  Nihar SHARMA ,  Assar E. WESTERLUND ,  Frederic JACOBS

IPC: H04L9/08 ,  G06F21/60

Abstract: This Application sets forth techniques for establishing a custodial relationship between a user device and a custodian device for recovering access to a user account and/or to encrypted user data with assistance provided by the custodian device to effect access recovery. A server of a cloud network service provides an anonymous identifier to associate with the custodian device and an account recovery key to store at the custodian device. Identity of an account of the cloud network service associated with the custodian device can be hidden from the server. The user device generates a data recovery key and provides a first portion of the data recovery key to the custodian device and a second portion of the data recovery key to the server. Integrity of the stored account recovery key and portions of the data recovery key are checked regularly by the custodian device and the user device.