SECURING DATA IN A DISPERSED STORAGE NETWORK USING SHARED SECRET SLICES
First Claim
1. A method comprising:
- encoding a data element using an encoder algorithm having an encoding function and at least one encoder constant to generate a plurality of encoded data elements and to organize the encoded data elements into a plurality of pillars, each pillar encoded with a respective pillar number;
transmitting the plurality of pillars to a plurality of different storage units of a distributed storage network; and
wherein the encoded data element from a single pillar is insufficient to identify the at least one encoder constant, but the at least one encoder constant can be identified based on encoded data elements from a plurality of pillars.
5 Assignments
0 Petitions
Accused Products
Abstract
A data element can be encoded into multiple encoded data elements using an encoding algorithm that includes an encoding function and one or more encoder constant. The encoded data elements can be organized into multiple pillars, each having a respective pillar number. Each of the pillars is sent to a different storage unit of a distributed storage network. To recover the original data element, the encoded data elements are retrieved from storage, and the encoder constant is recovered using multiple encoded data elements. Recovering the encoder constant allows the encoding algorithm originally used to encode the data elements to be determined, and used to recover the original data element. The security of the stored data is enhanced, because an encoded data element from a single pillar is insufficient to identify the encoder constant.
125 Citations
20 Claims
-
1. A method comprising:
-
encoding a data element using an encoder algorithm having an encoding function and at least one encoder constant to generate a plurality of encoded data elements and to organize the encoded data elements into a plurality of pillars, each pillar encoded with a respective pillar number; transmitting the plurality of pillars to a plurality of different storage units of a distributed storage network; and wherein the encoded data element from a single pillar is insufficient to identify the at least one encoder constant, but the at least one encoder constant can be identified based on encoded data elements from a plurality of pillars. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An apparatus comprising:
-
an encoder to encode a data element using an encoder algorithm having an encoding function and at least one encoder constant to generate a plurality of encoded data elements and to organize the encoded data elements into a plurality of pillars, each pillar encoded with a respective pillar number; an output to transmit the plurality of pillars to a plurality of different storage units of a distributed storage network; and wherein the encoded data element from a single pillar is insufficient to identify the at least one encoder constant, but the at least one encoder constant can be identified based on encoded data elements from a plurality of pillars. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. An apparatus comprising:
-
an input to receive a plurality of encoded data elements from a plurality of different storage units included in a vault of a distributed storage network, each of the encoded data elements associated with a pillar having a respective pillar number, and encoded using an encoder algorithm including an encoding function and at least one encoder constant; a decoder to recover the at least one encoder constant and determine the encoder algorithm using the plurality of encoded data elements, the respective pillar number, and the encoding function, wherein a single one of the plurality of encoded data elements is insufficient to recover the at least one encoder constant; the decoder further to decode at least one of the plurality of encoded data elements to generate a decoded data element using the encoding algorithm. - View Dependent Claims (14, 15, 16)
-
-
17. A method comprising:
-
receiving a plurality of encoded data elements from a plurality of different storage units included in a vault of a distributed storage network, each of the encoded data elements associated with a pillar having a respective pillar number, and encoded using an encoder algorithm including an encoding function and at least one encoder constant; recovering the at least one encoder constant and determining the encoder algorithm using the plurality of encoded data elements, the respective pillar number, and the encoding function, wherein a single one of the plurality of encoded data elements is insufficient to recover the at least one encoder constant; decoding at least one of the plurality of encoded data elements to generate a decoded data element using the encoding algorithm. - View Dependent Claims (18, 19, 20)
-
Specification