RETRIEVING ACCESS INFORMATION IN A DISPERSED STORAGE NETWORK
First Claim
1. A method comprises:
- decoding at least a decode threshold number of stored random number slices to produce a set of recovered random numbers;
decoding at least a decode threshold number of encrypted share slices to produce a set of encrypted shares;
obtaining a set of personalized authenticating values regarding user access to data;
generating a set of hidden passwords based on the set of personalized authenticating values;
generating a set of blinded passwords based on the set of hidden passwords and a set of blinded random numbers;
generating a set of passkeys based on the set of blinded passwords and the set of recovered random numbers;
generating a set of decryption keys based on the set of blinded random numbers and the set of passkeys;
decrypting the set of encrypted shares utilizing the set of decryption keys to produce a set of shares; and
decoding the set of shares to reproduce the data.
5 Assignments
0 Petitions
Accused Products
Abstract
A method begins by a processing module obtaining a set of recovered random numbers, decoding encrypted share slices to produce a set of encrypted shares, and obtaining a set of personalized authenticating values regarding user access to data. The method continues with the processing module generating a set of hidden passwords based on the set of personalized authenticating values, generating a set of blinded passwords based on the set of hidden passwords and a set of blinded random numbers, and generating a set of passkeys based on the set of blinded passwords and the set of recovered random numbers. The method continues with the processing module generating a set of decryption keys based on the set of blinded random numbers and the set of passkeys, decrypting the set of encrypted shares to produce a set of shares, and decoding the set of shares to reproduce the data.
-
Citations
22 Claims
-
1. A method comprises:
-
decoding at least a decode threshold number of stored random number slices to produce a set of recovered random numbers; decoding at least a decode threshold number of encrypted share slices to produce a set of encrypted shares; obtaining a set of personalized authenticating values regarding user access to data; generating a set of hidden passwords based on the set of personalized authenticating values; generating a set of blinded passwords based on the set of hidden passwords and a set of blinded random numbers; generating a set of passkeys based on the set of blinded passwords and the set of recovered random numbers; generating a set of decryption keys based on the set of blinded random numbers and the set of passkeys; decrypting the set of encrypted shares utilizing the set of decryption keys to produce a set of shares; and decoding the set of shares to reproduce the data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer comprises:
-
an interface; a memory; and a processing module operable to; decode at least a decode threshold number of stored random number slices to produce a set of recovered random numbers; decode at least a decode threshold number of encrypted share slices to produce a set of encrypted shares; obtain a set of personalized authenticating values regarding user access to data; generate a set of hidden passwords based on the set of personalized authenticating values; generate a set of blinded passwords based on the set of hidden passwords and a set of blinded random numbers; generate a set of passkeys based on the set of blinded passwords and the set of recovered random numbers; generate a set of decryption keys based on the set of blinded random numbers and the set of passkeys; decrypt the set of encrypted shares utilizing the set of decryption keys to produce a set of shares; and decode the set of shares to reproduce the data. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification