US Patent 10097522 Encrypted query-based access to data

A query-based system for sharing encrypted data, comprising at least one hardware processor; and at least one non-transitory memory device having embodied thereon instructions executable by the at least one hardware processor to: receive a file and a plaintext tag and provide secure access to the file using the plaintext tag, and, responsive to receiving a search query matching the plaintext tag, securely retrieve the file, wherein providing secure access to the file comprises: encrypting the file into multiple portions, storing each portion separately, deriving multiple differently encrypted ciphertexts by encrypting the plaintext tag multiple times, separately indexing each portion using a different one of the ciphertexts, wherein securely retrieving the file comprises: deriving multiple differently encrypted search queries by encrypting the search query multiple times, querying using the multiple encrypted search queries, retrieving at least some of the multiple portions, and recovering the file from the retrieved portions.