LOCATING CRYPTOGRAPHIC KEYS STORED IN A CACHE
First Claim
1. A method comprising:
- receiving a first key packet that includes a cryptographic key identifier and an encrypted cryptographic key;
locating a second key packet stored in a cache by using the cryptographic key identifier of the first key packet, the cryptographic key identifier being an actual memory address in the cache;
retrieving the second key packet from the cache;
determining that the first key packet matches the second key packet by comparing a portion of the first key packet with a portion of the second key packet;
in response to determining that the first key packet matches the second key packet, retrieving a cryptographic key associated with the second key packet from the cache; and
performing a cryptographic key operation using the retrieved cryptographic key.
2 Assignments
0 Petitions
Accused Products
Abstract
Example embodiments provide various techniques for locating cryptographic keys stored in a cache. The cryptographic keys are temporarily stored in the cache until retrieved for use in a cryptographic operation. The cryptographic key may be located or found through reference to its cryptographic key identifier. In an example, a particular cryptographic key may be needed for a cryptographic operation. The cache is first searched to locate this cryptographic key. To locate the cryptographic key, the cryptographic key identifier that is associated with this cryptographic key is provided. In turn, the cryptographic key identifier may be used as an address into the cache. The address identifies a location of the cryptographic key within the cache. The cryptographic key may then be retrieved from the cache at the identified address and then used in the cryptographic operation.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving a first key packet that includes a cryptographic key identifier and an encrypted cryptographic key; locating a second key packet stored in a cache by using the cryptographic key identifier of the first key packet, the cryptographic key identifier being an actual memory address in the cache; retrieving the second key packet from the cache; determining that the first key packet matches the second key packet by comparing a portion of the first key packet with a portion of the second key packet; in response to determining that the first key packet matches the second key packet, retrieving a cryptographic key associated with the second key packet from the cache; and performing a cryptographic key operation using the retrieved cryptographic key. - View Dependent Claims (2, 4, 5, 6, 7, 8)
-
-
3. The method of claim 3, wherein locating the second key packet stored in the cache includes comparing the cryptographic key identifier of the first key packet with each memory address of the plurality of memory addresses in the cache.
-
9. A non-transitory computer-readable medium storing instructions that, when executed by a processor, cause the processor to perform operations comprising:
-
receiving a first key packet that includes a cryptographic key identifier and an encrypted cryptographic key; locating a second key packet stored in a cache by using the cryptographic key identifier of the first key packet, the cryptographic key identifier being an actual memory address in the cache; retrieving the second key packet from the cache; determining that the first key packet matches the second key packet by comparing a portion of the first key packet with a portion of the second key packet; in response to determining that the first key packet matches the second key packet, retrieving a cryptographic key associated with the second key packet from the cache; and performing a cryptographic key operation using the retrieved cryptographic key. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system comprising:
-
one or more client devices; a storage system coupled to a plurality of storage devices; and a computing device to communicate with the one or more client devices and the storage system, the computing device comprising; a processor; and a memory storing instructions that cause the processor to perform operations comprising; receiving a first key packet that includes a cryptographic key identifier and an encrypted cryptographic key; locating a second key packet stored in a cache by using the cryptographic key identifier of the first key packet, the cryptographic key identifier being an actual memory address in the cache; retrieving the second key packet from the cache; determining that the first key packet matches the second key packet by comparing a portion of the first key packet with a portion of the second key packet; in response to determining that the first key packet matches the second key packet, retrieving a cryptographic key associated with the second key packet from the cache; and performing a cryptographic key operation using the retrieved cryptographic key. - View Dependent Claims (18, 19, 20)
-
Specification