DATA PROTECTION IN A STORAGE SYSTEM USING EXTERNAL SECRETS

US 20150127946A1
Filed: 11/06/2013
Published: 05/07/2015
Est. Priority Date: 11/06/2013
Status: Active Grant

First Claim

Patent Images

1. A computing system comprising a plurality of storage devices, wherein the computing system is configured to:

generate a plurality of shares from an initial master secret;

store one or more shares on one or more storage devices of the plurality of storage devices;

transform the initial master secret into a final master secret using one or more external secrets, wherein the one or more external secrets are stored separately from the computing system; and

utilize the final master secret to encrypt at least a portion of data stored on each storage device of the plurality of storage devices.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and computer-readable storage medium for protecting a set of storage devices using a secret sharing scheme in combination with an external secret. An initial master secret is generated and then transformed into a final master secret using an external secret. A plurality of shares are generated from the initial master secret and distributed to the storage devices. The data of each storage device is encrypted with a device-specific key, and this key is encrypted using the final master secret. In order to read the data on a given storage device, the initial master secret reconstructed from a threshold number of shares and the external secret is retrieved. Next, the initial master secret is transformed into the final master secret using the external secret, and then the final master secret is used to decrypt the encrypted key of a given storage device.

55 Citations

View as Search Results

20 Claims

1. A computing system comprising a plurality of storage devices, wherein the computing system is configured to:
- generate a plurality of shares from an initial master secret;
  
  store one or more shares on one or more storage devices of the plurality of storage devices;
  
  transform the initial master secret into a final master secret using one or more external secrets, wherein the one or more external secrets are stored separately from the computing system; and
  
  utilize the final master secret to encrypt at least a portion of data stored on each storage device of the plurality of storage devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computing system as recited in claim 1, wherein the computing system is further configured to:
    - use a device key to encrypt data on each storage device of the plurality of storage devices, wherein each storage device uses a separate device key; and
      
      encrypt each device key using the final master secret.
  - 3. The computing system as recited in claim 2, wherein the computing system is further configured to:
    - store a corresponding encrypted device key on each storage device; and
      
      store a separate share of the plurality of shares on each storage device of the plurality of storage devices.
  - 4. The computing system as recited in claim 1, wherein each storage device uses a separate device key, the one or more external secrets is a password, and the computing system is further configured to:
    - encrypt each device key using the final master secret and a device-specific value;
      
      store information on how to retrieve the one or more external secrets, wherein the information is stored on at least one storage device of the plurality of storage devices; and
      
      store a checksum on at least one storage device, wherein the checksum is used to validate the final master secret.
  - 5. The computing system as recited in claim 1, wherein the computing system is further configured to:
    - reconstruct the initial master secret using a threshold number of shares of the plurality of shares;
      
      transform the initial master secret into the final master secret using the one or more external secrets;
      
      decrypt an encrypted device key using the final master secret;
      
      store the decrypted device key in a volatile memory; and
      
      use the decrypted device key to access a corresponding storage device.
  - 6. The computing system as recited in claim 1, further comprising a server configured to:
    - store the one or more external secrets; and
      
      destroy data stored in the computing system by making the one or more external secrets inaccessible.
  - 7. The computing system as recited in claim 1, wherein the one or more external secrets are stored on a universal serial bus (USB) key token, smart card, or remote server, and the computing system is further configured to:
    - encrypt each device key using the final master secret and a device-specific value; and
      
      decrypt each encrypted device key using the final master secret and a device-specific value.

8. A method comprising:
- generating a plurality of shares from an initial master secret;
  
  storing one or more shares on one or more storage devices of a plurality of storage devices of a computing system;
  
  transforming the initial master secret into a final master secret using one or more external secrets, wherein the one or more external secrets are stored separately from the computing system; and
  
  utilizing the final master secret to encrypt at least a portion of data stored on each storage device of the plurality of storage devices.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method as recited in claim 8, further comprising:
    - using a device key to encrypt data on each storage device of the plurality of storage devices, wherein each storage device uses a separate device key; and
      
      encrypting each device key using the final master secret.
  - 10. The method as recited in claim 9, further comprising:
    - storing a corresponding encrypted device key on each storage device; and
      
      storing a separate share of the plurality of shares on each storage device of the plurality of storage devices.
  - 11. The method as recited in claim 9, wherein each storage device uses a separate device key, the one or more external secrets is a password, and the method further comprises:
    - encrypting each device key using the final master secret and a device-specific value;
      
      storing information on how to retrieve the one or more external secrets, wherein the information is stored on at least one storage device of the plurality of storage devices; and
      
      storing a checksum on at least one storage device, wherein the checksum is used to validate the final master secret.
  - 12. The method as recited in claim 8, further comprising:
    - reconstructing the initial master secret using a threshold number of shares of the plurality of shares;
      
      transforming the initial master secret into the final master secret using the one or more external secrets;
      
      decrypting an encrypted device key using the final master secret;
      
      storing the decrypted device key in a volatile memory; and
      
      using the decrypted device key to access a corresponding storage device.
  - 13. The method as recited in claim 8, further comprising:
    - storing the one or more external secrets on a server; and
      
      destroying data stored in the computing system by making the one or more external secrets inaccessible from the server.
  - 14. The method as recited in claim 8, wherein the one or more external secrets is stored on a universal serial bus (USB) key token, smart card, or remote server, and the method further comprises:
    - encrypting each device key using the final master secret and a device-specific value; and
      
      decrypting each encrypted device key using the final master secret and a device-specific value.

15. A non-transitory computer readable storage medium comprising program instructions, wherein the program instructions are executable to:
- generate a plurality of shares from an initial master secret;
  
  store one or more shares on one or more storage devices of a plurality of storage devices of a computing system;
  
  transform the initial master secret into a final master secret using one or more external secrets, wherein the one or more external secrets are stored separately from the computing system; and
  
  utilize the final master secret to encrypt at least a portion of data stored on each storage device of the plurality of storage devices.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer readable storage medium as recited in claim 15, wherein the program instructions are further executable to:
    - use a device key to encrypt data on each storage device of the plurality of storage devices, wherein each storage device uses a separate device key; and
      
      encrypt each device key using the final master secret.
  - 17. The non-transitory computer readable storage medium as recited in claim 16, wherein the program instructions are further executable to:
    - store a corresponding encrypted device key on each storage device; and
      
      store a separate share of the plurality of shares on each storage device of the plurality of storage devices.
  - 18. The non-transitory computer readable storage medium as recited in claim 16, wherein each storage device uses a separate device key, the one or more external secrets is a password, and the program instructions are further executable to:
    - encrypt each device key using the final master secret and a device-specific value;
      
      store information on how to retrieve the one or more external secrets, wherein the information is stored on at least one storage device of the plurality of storage devices; and
      
      store a checksum on at least one storage device, wherein the checksum is used to validate the final master secret.
  - 19. The non-transitory computer readable storage medium as recited in claim 15, wherein the program instructions are further executable to:
    - reconstruct the initial master secret using a threshold number of shares of the plurality of shares;
      
      transform the initial master secret into the final master secret using the one or more external secrets;
      
      decrypt an encrypted device key using the final master secret;
      
      store the decrypted device key in a volatile memory; and
      
      use the decrypted device key to access a corresponding storage device.
  - 20. The non-transitory computer readable storage medium as recited in claim 15, wherein the program instructions are further executable to:
    - store the one or more external secrets on a server; and
      
      destroy data stored in the computing system by making the one or more external secrets inaccessible from the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pure Storage, Inc.
Original Assignee
Pure Storage, Inc.
Inventors
Miller, Ethan, Colgrove, John, Hayes, John

Granted Patent

US 10,263,770 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/171
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 2221/2107   File encryption

H04L 9/0822   using key encryption key

H04L 9/085   Secret sharing or secret sp...

H04L 9/0897   involving additional device...

DATA PROTECTION IN A STORAGE SYSTEM USING EXTERNAL SECRETS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

55 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

DATA PROTECTION IN A STORAGE SYSTEM USING EXTERNAL SECRETS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

55 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links