Using dispersal techniques to securely store cryptographic resources and respond to attacks
First Claim
1. A method for use in a dispersed storage network (DSN) including a DSN memory employing a plurality of distributed storage (DS) units, the method comprising:
- at the DS unit;
storing encrypted secret material at a DS unit, wherein the encrypted secret material can be decrypted only using an unlock key, and wherein the DS unit is authorized to receive the unlock key only after the DS unit has been authenticated using authentication credentials stored in the DS unit;
transmitting the authentication credentials stored in the DS unit from the DS unit to at least one other device included in the DSN, external to the DS unit;
at the at least one other device;
authenticating the DS unit based on the authentication credentials;
instructing the other DS units to transmit encoded data slices of the unlock key to the DS unit;
at the DS unit;
receiving, from the other DS units, encoded data slices of the unlock key;
reconstructing the unlock key from the encoded data slices of the unlock key received from the other DS units;
in response to a security event, transitioning the DS unit into a secure mode,wherein transitioning the DS unit into the secure mode includes;
erasing from the DS unit the encrypted secret material that has been decrypted using the unlock key;
erasing from the DS unit the unlock key; and
erasing from the DS unit the authentication credentials.
1 Assignment
0 Petitions
Accused Products
Abstract
A dispersed storage network (DSN) includes a DSN memory, which in turn employs multiple distributed storage (DS) units to store encrypted secret material that can be decrypted using an unlock key. The unlock key is stored external to the DS unit, in some cases using multiple data slices dispersed throughout the DSN. To obtain the unlock key, the DS unit transmits authentication credentials to another device included in the DSN, but external to the DS unit. The other device authenticates the DS unit using the authentication credentials, and sends the unlock key to the DS unit. The DS unit uses the unlock key in normal decryption operations. In response to a security event, the DS unit transitions to a secure mode by erasing any material decrypted using the unlock key, the unlock key, and the DS unit'"'"'s authentication credentials.
-
Citations
15 Claims
-
1. A method for use in a dispersed storage network (DSN) including a DSN memory employing a plurality of distributed storage (DS) units, the method comprising:
-
at the DS unit; storing encrypted secret material at a DS unit, wherein the encrypted secret material can be decrypted only using an unlock key, and wherein the DS unit is authorized to receive the unlock key only after the DS unit has been authenticated using authentication credentials stored in the DS unit; transmitting the authentication credentials stored in the DS unit from the DS unit to at least one other device included in the DSN, external to the DS unit; at the at least one other device; authenticating the DS unit based on the authentication credentials; instructing the other DS units to transmit encoded data slices of the unlock key to the DS unit; at the DS unit; receiving, from the other DS units, encoded data slices of the unlock key; reconstructing the unlock key from the encoded data slices of the unlock key received from the other DS units; in response to a security event, transitioning the DS unit into a secure mode, wherein transitioning the DS unit into the secure mode includes; erasing from the DS unit the encrypted secret material that has been decrypted using the unlock key; erasing from the DS unit the unlock key; and erasing from the DS unit the authentication credentials. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A processing system configured to implement a distributed storage (DS) unit, the DS unit comprising:
-
a computing core; a memory coupled to the computing core; a network interface configured to couple the DS unit to a dispersed storage network (DSN) including one or more DSN memory devices employing a plurality of DS units; the computing core configured to; store, in the memory, encrypted secret material wherein the encrypted secret material can be decrypted using an unlock key, and wherein the DS unit is authorized to receive the unlock key only after the DS unit has been authenticated using authentication credentials stored in the DS unit; store, in the memory, authentication credentials used to obtain the unlock key; authenticate with an external device included in the DSN, the external device configured to instruct one or more other external devices included in the DSN to transmit an encrypted version of the unlock key to the DS unit; decrypt and store in the memory, at least temporarily, the unlock key; and transition the DS unit into a secure mode in response to a security event, by erasing the unlock key and the authentication credentials from the memory, while leaving the encrypted secret material stored in the DS unit. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A dispersed storage network (DSN) comprising:
-
a DSN memory including distributed storage (DS) units; at least one processing core implementing a managing unit configured to manage authentication of DS units within the DSN, wherein the at least one processing core is included in a device that is physically separate from the DS units; at least one DS unit-including; a computing core; a memory coupled to the computing core; a network interface configured to couple the at least one DS unit to the DSN; the computing core configured to; store, in the memory, authentication credentials used to obtain an unlock key needed to decrypt secret material stored in the at least one DS unit; transmit the authentication credentials to the managing unit; the at least one processing core implementing the managing unit configured to; authenticate the at least one DS unit based on the authentication credentials; instruct other DS units included in the DSN memory to transmit encoded data slices of the unlock key to the DS unit; the computing core included in the at least one DS unit further configured to; receive, from the other DS units, encoded data slices of the unlock key; reconstruct the unlock key from the encoded data slices of the unlock key received from the other DS units; and erase the authentication credentials from the memory in response to a security event. - View Dependent Claims (13, 14, 15)
-
Specification