Systematic erasure code encoding of data packages
First Claim
Patent Images
1. A method of storing a data segment in a distributed storage (DS) processing unit, the method comprising:
- combining integrity information and a data segment to produce a data package;
encrypting the data package using a secret key to produce an encrypted data package;
dispersed storage error encoding the encrypted data package, using a systematic erasure code employing first dispersed storage error coding parameters, to produce a set of encoded encrypted slices;
encoding the secret key utilizing a secret sharing algorithm to produce a set of secret shares, wherein the secret sharing algorithm employs second dispersed storage error coding parameters, and at least one parameter of the second dispersed storage error coding parameters is different from a corresponding parameter of the first dispersed storage error coding parameters;
sending the set of encoded encrypted slices to a distributed storage network (DSN) memory for storage; and
sending the set of secret shares to the DSN memory for storage.
4 Assignments
0 Petitions
Accused Products
Abstract
A method begins by combining integrity information and a data segment to produce a data package. The data package is encrypted using a secret key to produce an encrypted data package, which is dispersed storage error encoded using a systematic erasure code, to produce a set of encoded encrypted slices. The secret key is encoded utilizing a secret sharing algorithm to produce a set of secret shares. The set of encoded encrypted slices is sent to a distributed storage network (DSN) memory for storage; and the set of secret shares is sent to the DSN memory for storage.
84 Citations
20 Claims
-
1. A method of storing a data segment in a distributed storage (DS) processing unit, the method comprising:
-
combining integrity information and a data segment to produce a data package; encrypting the data package using a secret key to produce an encrypted data package; dispersed storage error encoding the encrypted data package, using a systematic erasure code employing first dispersed storage error coding parameters, to produce a set of encoded encrypted slices; encoding the secret key utilizing a secret sharing algorithm to produce a set of secret shares, wherein the secret sharing algorithm employs second dispersed storage error coding parameters, and at least one parameter of the second dispersed storage error coding parameters is different from a corresponding parameter of the first dispersed storage error coding parameters; sending the set of encoded encrypted slices to a distributed storage network (DSN) memory for storage; and sending the set of secret shares to the DSN memory for storage. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer readable medium tangibly embodying a program of computer executable instructions, the program of computer executable instructions including:
-
at least one instruction to combine integrity information and a data segment to produce a data package; at least one instruction to encrypt the data package using a secret key to produce an encrypted data package; at least one instruction to dispersed storage error encode the encrypted data package, using a systematic erasure code employing first dispersed storage error coding parameters, to produce a set of encoded encrypted slices; at least one instruction to encode the secret key utilizing a secret sharing algorithm to produce a set of secret shares, wherein the secret sharing algorithm employs second dispersed storage error coding parameters, and at least one parameter of the second dispersed storage error coding parameters is different from a corresponding parameter of the first dispersed storage error coding parameters; at least one instruction to send the set of encoded encrypted slices to a distributed storage network (DSN) memory for storage; and at least one instruction to send the set of secret shares to the DSN memory for storage. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A distributed storage (DS) processing unit comprising:
-
a processing unit; memory coupled to the processing unit and configured to store a program of computer executable instructions, the program of computer executable instructions including; at least one instruction to combine integrity information and a data segment to produce a data package; at least one instruction to encrypt the data package using a secret key to produce an encrypted data package; at least one instruction to dispersed storage error encode the encrypted data package, using a systematic erasure code employing first dispersed storage error coding parameters, to produce a set of encoded encrypted slices; at least one instruction to encode the secret key utilizing a secret sharing algorithm to produce a set of secret shares, wherein the secret sharing algorithm employs second dispersed storage error coding parameters, and at least one parameter of the second dispersed storage error coding parameters is different from a corresponding parameter of the first dispersed storage error coding parameters; at least one instruction to send the set of encoded encrypted slices to a distributed storage network (DSN) memory for storage; and at least one instruction to send the set of secret shares to the DSN memory for storage. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification