File system support for rolling keys on file extents

US 10,454,679 B2
Filed: 09/23/2016
Issued: 10/22/2019
Est. Priority Date: 06/10/2016
Status: Active Grant

First Claim

Patent Images

1. A method for re-encrypting file extents of files at a computing device, the method comprising, by a processor of the computing device:

receiving a request to update an encryption scheme applied to a file, wherein;

the file is comprised of a plurality of file extents,the file is included in a plurality of files accessible to the computing device, andeach file of the plurality of files is associated with a respective metadata;

identifying, based on the respective metadata associated with the file, a subset of file extents among the plurality of file extents, wherein each file extent of the subset of file extents is encrypted using a first encryption key that is to be updated; and

for each file extent of the subset of file extents;

reserving a respective portion of a memory of the computing device, wherein the respective portion of the memory is sized in accordance with a size of the file extent,decrypting the file extent using the first encryption key to produce a decrypted file extent,encrypting the decrypted file extent using a second encryption key that is different than the first encryption key to produce a new encrypted file extent,storing the new encrypted file extent into the respective portion of memory, andupdating the respective metadata associated with the file to indicate that the file extent is encrypted with the second encryption key and is stored in the respective portion of memory.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This application sets forth a key rolling technique for a file system of a computing device. The key rolling technique allows for files to be transparently re-encrypted in a background process while still allowing applications to access the files being re-encrypted. During re-encryption, at least one file extent of a file is decrypted using a current key for the file extent and re-encrypted using a new key for the file extent. Moreover, the file extent can be relocated to another location in memory during re-encryption to enhance accessibility and crash protection features. Metadata associated with the file can be updated to include information pertaining to both the location of the re-encrypted file extent as well as the new key that can be used to decrypt the re-encrypted file extent. In this manner, the metadata can be used to properly construct a complete file when the file needs to be accessed.

Citations

20 Claims

1. A method for re-encrypting file extents of files at a computing device, the method comprising, by a processor of the computing device:
- receiving a request to update an encryption scheme applied to a file, wherein;
  
  the file is comprised of a plurality of file extents,the file is included in a plurality of files accessible to the computing device, andeach file of the plurality of files is associated with a respective metadata;
  
  identifying, based on the respective metadata associated with the file, a subset of file extents among the plurality of file extents, wherein each file extent of the subset of file extents is encrypted using a first encryption key that is to be updated; and
  
  for each file extent of the subset of file extents;
  
  reserving a respective portion of a memory of the computing device, wherein the respective portion of the memory is sized in accordance with a size of the file extent,decrypting the file extent using the first encryption key to produce a decrypted file extent,encrypting the decrypted file extent using a second encryption key that is different than the first encryption key to produce a new encrypted file extent,storing the new encrypted file extent into the respective portion of memory, andupdating the respective metadata associated with the file to indicate that the file extent is encrypted with the second encryption key and is stored in the respective portion of memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein at least one other file extent of the plurality of file extents is encrypted using a third encryption key that is different from both the first encryption key and the second encryption key.
  - 3. The method of claim 1, further comprising, for each file extent of the subset of file extents:
    - prior to decrypting the file extent, writing the file extent to a new memory span that is different than a current memory span of the file extent.
  - 4. The method of claim 3, further comprising:
    - updating the respective metadata associated with the file to reference the new memory span.
  - 5. The method of claim 3, further comprising:
    - designating the current memory span as free space.
  - 6. The method of claim 1, wherein, for each file extent of the subset of file extents, encrypting the file extent comprises locking the file extent from being accessed until the respective metadata associated with the file is updated.
  - 7. The method of claim 1, further comprising, for each file extent of the subset of file extents:
    - permitting, while encrypting the file extent using the second encryption key, an application of the computing device to access other file extents included in the plurality of file extents.

8. A non-transitory computer readable storage medium configured to store instructions that, when executed by a processor included in a computing device, cause the computing device to re-encrypt file extents of files at the computing device, by carrying out steps that include:
- receiving a request to update an encryption scheme applied to a file, wherein;
  
  the file is comprised of a plurality of file extents,the file is included in a plurality of files accessible to the computing device, andeach file of the plurality of files is associated with a respective metadata;
  
  identifying, based on the respective metadata associated with the file, a subset of file extents among the plurality of file extents, wherein each file extent of the subset of file extents is encrypted using a first encryption key that is to be updated; and
  
  for each file extent of the subset of file extents;
  
  reserving a respective portion of a memory of the computing device, wherein the respective portion of the memory is sized in accordance with a size of the file extent,decrypting the file extent using the first encryption key to produce a decrypted file extent,encrypting the decrypted file extent using a second encryption key that is different than the first encryption key to produce a new encrypted file extent,storing the new encrypted file extent into the respective portion of memory, andupdating the respective metadata associated with the file to indicate that the file extent is encrypted with the second encryption key and is stored in the respective portion of memory.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The non-transitory computer readable storage medium of claim 8, wherein at least one other file extent of the plurality of file extents is encrypted using a third encryption key that is different from both the first encryption key and the second encryption key.
  - 10. The non-transitory computer readable storage medium of claim 8, wherein, for each file extent of the subset of file extents, encrypting the file extent comprises locking the file extent from being accessed until the respective metadata associated with the file is updated.
  - 11. The non-transitory computer readable storage medium of claim 8, wherein the request is received in response to the computing device being connected to an external power supply.
  - 12. The non-transitory computer readable storage medium of claim 8, wherein the file is associated with a group of users, and the request is received in response to a user leaving the group.
  - 13. The non-transitory computer readable storage medium of claim 8, wherein the first encryption key and the second encryption key have different times of origination.

14. A computing device configured to re-encrypt file extents of files, the computing device comprising a processor configured to cause the computing device to carry out steps that include:
- receiving a request to update an encryption scheme applied to a file, wherein;
  
  the file is comprised of a plurality of file extents,the file is included in a plurality of files accessible to the computing device, andeach file of the plurality of files is associated with a respective metadata;
  
  identifying, based on the respective metadata associated with the file, a subset of file extents among the plurality of file extents, wherein each file extent of the subset of file extents is encrypted using a first encryption key that is to be updated; and
  
  for each file extent of the subset of file extents;
  
  reserving a respective portion of a memory of the computing device, wherein the respective portion of the memory is sized in accordance with a size of the file extent,decrypting the file extent using the first encryption key to produce a decrypted file extent,encrypting the decrypted file extent using a second encryption key that is different than the first encryption key to produce a new encrypted file extent,storing the new encrypted file extent into the respective portion of memory, andupdating the respective metadata associated with the file to indicate that the file extent is encrypted with the second encryption key and is stored in the respective portion of memory.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The computing device of claim 14, wherein at least one other file extent of the plurality of file extents is encrypted using a third encryption key that is different from both the first encryption key and the second encryption key.
  - 16. The computing device of claim 14, wherein the steps further include, for each file extent of the subset of file extents:
    - prior to decrypting the file extent, writing the file extent to a new memory span that is different than a current memory span of the file extent.
  - 17. The computing device of claim 16, wherein the steps further include:
    - updating the respective metadata associated with the file to reference the new memory span.
  - 18. The computing device of claim 16, wherein the steps further include:
    - designating the current memory span as free space.
  - 19. The computing device of claim 14, wherein, for each file extent of the subset of file extents, encrypting the file extent comprises locking the file extent from being accessed until the respective metadata associated with the file is updated.
  - 20. The computing device of claim 14, wherein the steps further include, for each file extent of the subset of file extents:
    - permitting, while encrypting the file extent using the second encryption key, an application of the computing device to access other file extents included in the plurality of file extents.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Tamura, Eric B., Giampaolo, Dominic B., Yancey, Kelly B.
Primary Examiner(s)
Song, Hee K

Application Number

US15/274,706
Publication Number

US 20170359174A1
Time in Patent Office

1,124 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/164   File meta data generation

G06F 21/602   Providing cryptographic fac...

G06F 21/6218   to a system of files or obj...

H04L 9/0891   Revocation or update of sec...

H04L 9/16   the keys or algorithms bein...

File system support for rolling keys on file extents

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

File system support for rolling keys on file extents

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links