×

File system support for rolling keys on file extents

  • US 10,454,679 B2
  • Filed: 09/23/2016
  • Issued: 10/22/2019
  • Est. Priority Date: 06/10/2016
  • Status: Active Grant
First Claim
Patent Images

1. A method for re-encrypting file extents of files at a computing device, the method comprising, by a processor of the computing device:

  • receiving a request to update an encryption scheme applied to a file, wherein;

    the file is comprised of a plurality of file extents,the file is included in a plurality of files accessible to the computing device, andeach file of the plurality of files is associated with a respective metadata;

    identifying, based on the respective metadata associated with the file, a subset of file extents among the plurality of file extents, wherein each file extent of the subset of file extents is encrypted using a first encryption key that is to be updated; and

    for each file extent of the subset of file extents;

    reserving a respective portion of a memory of the computing device, wherein the respective portion of the memory is sized in accordance with a size of the file extent,decrypting the file extent using the first encryption key to produce a decrypted file extent,encrypting the decrypted file extent using a second encryption key that is different than the first encryption key to produce a new encrypted file extent,storing the new encrypted file extent into the respective portion of memory, andupdating the respective metadata associated with the file to indicate that the file extent is encrypted with the second encryption key and is stored in the respective portion of memory.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×