| 发明名称 |
ENCRYPTING DATA FOR STORAGE IN A DISPERSED STORAGE NETWORK |
| 摘要 |
A method begins by a dispersed storage (DS) processing module encrypting a plurality of data segments of the data using a plurality of encryption keys to produce a plurality of encrypted data segments and generating a plurality of deterministic values from the plurality of encrypted data segments. The method continues with the DS processing module establishing a data intermingling pattern and generating a plurality of masked keys by selecting one or more of the plurality of deterministic values in accordance with the data intermingling pattern and performing a masking function on the plurality of encryption keys and the selected one or more of the plurality of deterministic values. The method continues with the DS processing module appending the plurality of masked keys to the plurality of encrypted data segments to produce a plurality of secure data packages and outputting the plurality of secure data packages. |
| 申请公布号 |
US2015052388(A1) |
申请公布日期 |
2015.02.19 |
| 申请号 |
US201414499570 |
申请日期 |
2014.09.29 |
| 申请人 |
CLEVERSAFE, INC. |
发明人 |
Grube Gary W.;Markison Timothy W. |
| 分类号 |
G06F11/10;H04L9/14;H04L9/32 |
主分类号 |
G06F11/10 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for storing data, the method comprises:
partitioning a first portion of the data into a plurality of data units, wherein the first portion of the data is recoverable from a threshold number of data units, wherein the plurality of data units includes a total number of data units, and wherein the threshold number is at least two less than the total number; generating a plurality of encryption keys; encrypting the plurality of data units using the plurality of encryption keys to produce a plurality of encrypted data units; generating a plurality of masked keys based on the plurality of encrypted data units and the plurality of encryption keys; determining a data intermingling pattern for associating the plurality of masked keys with the plurality of encrypted data units, wherein the data intermingling pattern insures that, when the threshold number of encrypted data units are available, the plurality of masked keys are retrievable regardless of which encrypted data units of the plurality of encrypted data units are included in the threshold number of encrypted data units; appending the plurality of masked keys to the plurality of encrypted data units in accordance with the data intermingling pattern to produce a plurality of secure data packages; and outputting the plurality of secure data packages for storage. |
| 地址 |
Chicago IL US |
