Encrypting data in a storage system using a plurality of encryption keys

US 10,284,367 B1
Filed: 01/05/2017
Issued: 05/07/2019
Est. Priority Date: 09/26/2012
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

transforming an initial master secret into a final master secret using one or more external secrets, wherein the one or more external secrets are stored separately from a computing system;

for each storage device of a plurality of storage devices of the computing system, encrypting data on the storage device with a device key, wherein the device key that encrypts the data on one storage device is different than another device key that encrypts data on another storage device; and

using the final master secret to both encrypt all of the device keys used to encrypt data on the plurality of storage devices, and to generate a plurality of shares from the final master secret.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and computer-readable storage medium for protecting a set of storage devices using a secret sharing scheme. The data of each storage device is encrypted with a key, and the key is encrypted based on a shared secret and a device-specific value. Each storage device stores a share and its encrypted key, and if a number of storage devices above a threshold are available, then the shared secret can be reconstructed from the shares and used to decrypt the encrypted keys. Otherwise, the secret cannot be reconstructed if less than the threshold number of storage devices are accessible, and then data on the storage devices will be unreadable.

Citations

20 Claims

1. A method comprising:
- transforming an initial master secret into a final master secret using one or more external secrets, wherein the one or more external secrets are stored separately from a computing system;
  
  for each storage device of a plurality of storage devices of the computing system, encrypting data on the storage device with a device key, wherein the device key that encrypts the data on one storage device is different than another device key that encrypts data on another storage device; and
  
  using the final master secret to both encrypt all of the device keys used to encrypt data on the plurality of storage devices, and to generate a plurality of shares from the final master secret.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as recited in claim 1, wherein the plurality of shares are generated from the final master secret independent of data being encrypted on any given storage device.
  - 3. The method as recited in claim 2, further comprising:
    - encrypting each device key using the final master secret and a value unique to a respective storage device of the plurality of storage devices; and
      
      storing each encrypted device key on the respective storage device.
  - 4. The method as recited in claim 3, further comprising:
    - reconstructing the final master secret using a given number of shares of the plurality of shares and decrypt encrypted device keys using the final master secret to generate decrypted device keys;
      
      storing the decrypted device keys in a volatile memory; and
      
      using the decrypted device keys to perform a plurality of accesses to one or more storage devices.
  - 5. The method as recited in claim 1, wherein a number of shares needed to reconstruct the final master secret is greater than a number of shares associated with any single physical grouping of storage devices.
  - 6. The method as recited in claim 5, wherein in response to detecting a failed storage device, the method further comprises:
    - generating a new master secret;
      
      encrypting each device key using the new master secret;
      
      generating a plurality of new shares from the new master secret; and
      
      storing a separate new share of the plurality of new shares on each storage device of the plurality of storage devices.
  - 7. The method as recited in claim 1, further comprising:
    - periodically generating a new master secret on a predetermined schedule;
      
      encrypting each device key using the new master secret;
      
      generating a plurality of new shares from the new master secret; and
      
      storing a separate new share of the plurality of new shares on each storage device of the plurality of storage devices, wherein each new share replaces a previous share stored on each storage device.

8. A computing system comprising a plurality of storage devices, wherein the computing system is configured to:
- transform an initial master secret into a final master secret using one or more external secrets, wherein the one or more external secrets are stored separately from the computing system;
  
  for each storage device of the plurality of storage devices, encrypt data on the storage device with a device key, wherein the device key that encrypts the data on one storage device is different than another device key that encrypts data on another storage device; and
  
  use the final master secret to both encrypt all of the device keys used to encrypt data on the plurality of storage devices, and to generate a plurality of shares from the final master secret.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computing system as recited in claim 8, wherein the plurality of shares are generated from the final master secret independent of data being encrypted on any given storage device.
  - 10. The computing system as recited in claim 9, wherein the computing system is further configured to:
    - encrypt each device key using the final master secret and a value unique to a respective storage device of the plurality of storage devices; and
      
      store each encrypted device key on the respective storage device.
  - 11. The computing system as recited in claim 10, wherein the computing system is further configured to:
    - reconstruct the final master secret using a given number of shares of the plurality of shares and decrypt encrypted device keys using the final master secret to generate decrypted device keys;
      
      store the decrypted device keys in a volatile memory; and
      
      use the decrypted device keys to perform a plurality of accesses to one or more storage devices.
  - 12. The computing system as recited in claim 8, wherein a number of shares needed to reconstruct the final master secret is greater than a number of shares associated with any single physical grouping of storage devices.
  - 13. The computing system as recited in claim 12, wherein in response to detecting a failed storage device, the computing system is further configured to:
    - generate a new master secret;
      
      encrypt each device key using the new master secret;
      
      generate a plurality of new shares from the new master secret; and
      
      store a separate new share of the plurality of new shares on each storage device of the plurality of storage devices.
  - 14. The computing system as recited in claim 8, wherein the computing system is further configured to:
    - periodically generate a new master secret on a predetermined schedule;
      
      encrypt each device key using the new master secret;
      
      generate a plurality of new shares from the new master secret; and
      
      store a separate new share of the plurality of new shares on each storage device of the plurality of storage devices, wherein each new share replaces a previous share stored on each storage device.

15. A non-transitory computer readable storage medium comprising program instructions, wherein the program instructions are executable to:
- transform an initial master secret into a final master secret using one or more external secrets, wherein the one or more external secrets are stored separately from a computing system;
  
  for each storage device of a plurality of storage devices of the computing system, encrypt data on the storage device with a device key, wherein the device key that encrypts the data on one storage device is different than another device key that encrypts data on another storage device; and
  
  use the final master secret to both encrypt all of the device keys used to encrypt data on the plurality of storage devices, and to generate a plurality of shares from the final master secret.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer readable storage medium as recited in claim 15, wherein the plurality of shares are generated from the final master secret independent of data being encrypted on any given storage device.
  - 17. The non-transitory computer readable storage medium as recited in claim 16, wherein the program instructions are further executable to:
    - encrypt each device key using the final master secret and a value unique to a respective storage device of the plurality of storage devices; and
      
      store each encrypted device key on the respective storage device.
  - 18. The non-transitory computer readable storage medium as recited in claim 17, wherein the program instructions are further executable to:
    - reconstruct the final master secret using a given number of shares of the plurality of shares and decrypt encrypted device keys using the final master secret to generate decrypted device keys;
      
      store the decrypted device keys in a volatile memory; and
      
      use the decrypted device keys to perform a plurality of accesses to one or more storage devices.
  - 19. The non-transitory computer readable storage medium as recited in claim 15, wherein a number of shares needed to reconstruct the final master secret is greater than a number of shares associated with any single physical grouping of storage devices.
  - 20. The non-transitory computer readable storage medium as recited in claim 15, wherein the program instructions are further executable to:
    - periodically generate a new master secret on a predetermined schedule;
      
      encrypt each device key using the new master secret;
      
      generate a plurality of new shares from the new master secret; and
      
      store a separate new share of the plurality of new shares on each storage device of the plurality of storage devices, wherein each new share replaces a previous share stored on each storage device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pure Storage, Inc.
Original Assignee
Pure Storage, Inc.
Inventors
Miller, Ethan, Colgrove, John, Hayes, John
Primary Examiner(s)
Song, Hosuk
Assistant Examiner(s)
Murphy, J. Brant

Application Number

US15/398,898
Time in Patent Office

852 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/78   to assure secure storage of...

G06F 2221/2107   File encryption

G06F 2221/2131   Lost password, e.g. recover...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/085   Secret sharing or secret sp...

Encrypting data in a storage system using a plurality of encryption keys

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Encrypting data in a storage system using a plurality of encryption keys

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links