GENERATING AN ENCRYPTED MESSAGE FOR STORAGE

US 20120290830A1
Filed: 04/18/2012
Published: 11/15/2012
Est. Priority Date: 05/09/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprises:

generating a shared secret key from a public key of another entity and a private key using a first modulo prime polynomial function, wherein a public key is generated from the private key using a second modulo prime polynomial function and wherein the public key of the other entity is derived using the second modulo prime polynomial function on a private key of the other entity;

encrypting a message using the shared secret key to produce an encrypted message; and

outputting the encrypted message to the other entity.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method begins by a dispersed storage (DS) processing module generating a shared secret key from a public key of another entity and a private key using a first modulo prime polynomial function, wherein a public key is generated from the private key using a second modulo prime polynomial function and wherein the public key of the other entity is derived using the second modulo prime polynomial function on a private key of the other entity. The method continues with the DS module encrypting a message using the shared secret key to produce an encrypted message. The method continues with the DS module outputting the encrypted message to the other entity.

87 Citations

View as Search Results

22 Claims

1. A method comprises:
- generating a shared secret key from a public key of another entity and a private key using a first modulo prime polynomial function, wherein a public key is generated from the private key using a second modulo prime polynomial function and wherein the public key of the other entity is derived using the second modulo prime polynomial function on a private key of the other entity;
  
  encrypting a message using the shared secret key to produce an encrypted message; and
  
  outputting the encrypted message to the other entity.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the generating the public key comprises:
    - generating a primitive root polynomial “
      
      g”
      
      ;
      
      generating a prime “
      
      p”
      
      ; and
      
      generating the public key as a modulo “
      
      p”
      
      of “
      
      g”
      
      raised to a power of the private key.
  - 3. The method of claim 1, wherein the generating the shared secret key comprises:
    - obtaining a prime “
      
      p”
      
      ; and
      
      generating the shared secret key as a modulo “
      
      p”
      
      of the public key of the other entity raised to a power of the private key.
  - 4. The method of claim 1, wherein the generating the shared secret key comprises:
    - obtaining a prime “
      
      p”
      
      ;
      
      obtaining a constant “
      
      K”
      
      ;
      
      generating a shared secret as a modulo “
      
      p”
      
      of the public key of the other entity raised to a power of the private key; and
      
      generating the shared secret key based on the constant K and the shared secret.
  - 5. The method of claim 1, wherein the encrypting the message comprises:
    - encoding data in accordance with an encoding function to produce a set of encoded shares;
      
      for an encoded share of the set of encoded shares;
      
      generating an encryption key based on a random number affiliated with the other entity and a prime “
      
      p”
      
      ;
      
      encrypting the encoded share utilizing the encryption key to produce an encrypted share; and
      
      generating the message as a parameter package that includes the encrypted share and a secret exponent.
  - 6. The method of claim 1, wherein generating the shared secret key comprises:
    - outputting a key agreement request to the other entity, wherein the key agreement request includes a primitive root polynomial “
      
      g”
      
      , a prime “
      
      p”
      
      , and the public key; and
      
      receiving a key agreement response from the other entity, wherein the key agreement response includes the public key of the other entity and authentication information.

7. A method comprises:
- receiving an encrypted message from another entity;
  
  generating a shared secret key from a public key of the other entity and a private key using a first modulo prime polynomial function, wherein a public key is generated from the private key using a second modulo prime polynomial function and wherein the public key of the other entity is derived using the second modulo prime polynomial function on a private key of the other entity; and
  
  decrypting the encrypted message using the shared secret key to recapture a message.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method of claim 7, wherein the generating the public key comprises:
    - obtaining a primitive root polynomial “
      
      g”
      
      ;
      
      obtaining a prime “
      
      p”
      
      ; and
      
      generating the public key as a modulo “
      
      p”
      
      of “
      
      g”
      
      raised to a power of the private key.
  - 9. The method of claim 7, wherein the generating the shared secret key comprises:
    - obtaining a prime “
      
      p”
      
      ; and
      
      generating the shared secret key as a modulo “
      
      p”
      
      of the public key of the other entity raised to a power of the private key.
  - 10. The method of claim 7, wherein the generating the shared secret key comprises:
    - obtaining a prime “
      
      p”
      
      ;
      
      obtaining a constant “
      
      K”
      
      ;
      
      generating a shared secret as a modulo “
      
      p”
      
      of the public key of the other entity raised to a power of the private key; and
      
      generating the shared secret key based on the constant K and the shared secret.
  - 11. The method of claim 7 further comprises:
    - verifying the message; and
      
      when the message is verified, storing at least a portion of the message.

12. A dispersed storage (DS) module comprises:
- a first module, when operable within a computing device, causes the computing device to;
  
  generate a shared secret key from a public key of another entity and a private key using a first modulo prime polynomial function, wherein a public key is generated from the private key using a second modulo prime polynomial function and wherein the public key of the other entity is derived using the second modulo prime polynomial function on a private key of the other entity;
  
  a second module, when operable within the computing device, causes the computing device to;
  
  encrypt a message using the shared secret key to produce an encrypted message; and
  
  a third module, when operable within the computing device, causes the computing device to;
  
  output the encrypted message to the other entity.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The DS module of claim 12 further comprises:
    - a fourth module, when operable within the computing device, causes the computing device to;
      
      generate the public key by;
      
      generating a primitive root polynomial “
      
      g”
      
      ;
      
      generating a prime “
      
      p”
      
      ; and
      
      generating the public key as a modulo “
      
      p”
      
      of “
      
      g”
      
      raised to a power of the private key.
  - 14. The DS module of claim 12, wherein the first module functions to generate the shared secret key by:
    - obtaining a prime “
      
      p”
      
      ; and
      
      generating the shared secret key as a modulo “
      
      p”
      
      of the public key of the other entity raised to a power of the private key.
  - 15. The DS module of claim 12, wherein the first module further functions to generate the shared secret key by:
    - obtaining a prime “
      
      p”
      
      ;
      
      obtaining a constant “
      
      K”
      
      ;
      
      generating a shared secret as a modulo “
      
      p”
      
      of the public key of the other entity raised to a power of the private key; and
      
      generating the shared secret key based on the constant K and the shared secret.
  - 16. The DS module of claim 12, wherein the second module functions to encrypt the message by:
    - encoding data in accordance with an encoding function to produce a set of encoded shares;
      
      for an encoded share of the set of encoded shares;
      
      generating an encryption key based on a random number affiliated with the other entity and a prime “
      
      p”
      
      ;
      
      encrypting the encoded share utilizing the encryption key to produce an encrypted share; and
      
      generating the message as a parameter package that includes the encrypted share and a secret exponent.
  - 17. The DS module of claim 12, wherein the first module further functions to generate the shared secret key by:
    - outputting a key agreement request to the other entity, wherein the key agreement request includes a primitive root polynomial “
      
      g”
      
      , a prime “
      
      p”
      
      , and the public key; and
      
      receiving a key agreement response from the other entity, wherein the key agreement response includes the public key of the other entity and authentication information.

18. A dispersed storage (DS) module comprises:
- a first module, when operable within a computing device, causes the computing device to;
  
  receive an encrypted message from another entity;
  
  a second module, when operable within the computing device, causes the computing device to;
  
  generate a shared secret key from a public key of the other entity and a private key using a first modulo prime polynomial function, wherein a public key is generated from the private key using a second modulo prime polynomial function and wherein the public key of the other entity is derived using the second modulo prime polynomial function on a private key of the other entity; and
  
  a third module, when operable within the computing device, causes the computing device to;
  
  decrypt the encrypted message using the shared secret key to recapture a message.
- View Dependent Claims (19, 20, 21, 22)
- - 19. The DS module of claim 18 further comprises:
    - a fourth module, when operable within the computing device, causes the computing device to;
      
      generate the public key by;
      
      obtaining a primitive root polynomial “
      
      g”
      
      ;
      
      obtaining a prime “
      
      p”
      
      ; and
      
      generating the public key as a modulo “
      
      p”
      
      of “
      
      g”
      
      raised to a power of the private key.
  - 20. The DS module of claim 18, wherein the second module functions to generate the shared secret key by:
    - obtaining a prime “
      
      p”
      
      ; and
      
      generating the shared secret key as a modulo “
      
      p”
      
      of the public key of the other entity raised to a power of the private key.
  - 21. The DS module of claim 18, wherein the second module functions to generate the shared secret key by:
    - obtaining a prime “
      
      p”
      
      ;
      
      obtaining a constant “
      
      K”
      
      ;
      
      generating a shared secret as a modulo “
      
      p”
      
      of the public key of the other entity raised to a power of the private key; and
      
      generating the shared secret key based on the constant K and the shared secret.
  - 22. The DS module of claim 18 further comprises:
    - a fifth module, when operable within the computing device, causes the computing device to;
      
      verify the message; and
      
      when the message is verified, store at least a portion of the message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pure Storage, Inc.
Original Assignee
Cleversafe Incorporated (International Business Machines Corporation)
Inventors
Resch, Jason K., Leggette, Wesley

Granted Patent

US 9,219,604 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/150
CPC Class Codes

H04L 9/0841 involving Diffie-Hellman or...

H04L 9/3093 involving Lattices or polyn...

GENERATING AN ENCRYPTED MESSAGE FOR STORAGE

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

87 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

GENERATING AN ENCRYPTED MESSAGE FOR STORAGE

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

87 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others