STORING AND RETRIEVING CIPHERTEXT IN DATA STORAGE
First Claim
1. A system, comprising:
- a data storage engine to;
determine a first ciphertext value for a first data chunk to be saved to a client-server data storage system using, as an initial value for encryption, an encrypted chunk hash value associated with the first data chunk; and
provide the first ciphertext value to a server in the client-server data storage system for storage, when the encrypted chunk hash value associated with the first data chunk is not stored in an index of the server; and
a data retrieval engine to;
decrypt a second ciphertext value for a second data chunk, requested from the server by a client in the client-server data storage system, the decryption using an encrypted chunk hash value associated with the second data chunk; and
determine that the decrypted second ciphertext value corresponds to the requested second data chunk.
2 Assignments
0 Petitions
Accused Products
Abstract
Storing and retrieving ciphertext in data storage can include determining a first ciphertext value for a first data chunk to be saved to a client-server data storage system using an encrypted chunk hash value associated with the first data chunk as an initial value, and storing the first data chunk on a server in the client-server data storage system in response to determining that the first ciphertext value is a unique ciphertext value. Also, storing and retrieving ciphertext in data storage can include decrypting a ciphertext value for a second data chunk received from a client in the client-server data storage system and based on an encrypted chunk hash value associated with the second data chunk, and sending the second data chunk to the client in response to determining that the decrypted ciphertext value corresponds to an original data chunk saved to the server by the client.
-
Citations
15 Claims
-
1. A system, comprising:
-
a data storage engine to; determine a first ciphertext value for a first data chunk to be saved to a client-server data storage system using, as an initial value for encryption, an encrypted chunk hash value associated with the first data chunk; and provide the first ciphertext value to a server in the client-server data storage system for storage, when the encrypted chunk hash value associated with the first data chunk is not stored in an index of the server; and a data retrieval engine to; decrypt a second ciphertext value for a second data chunk, requested from the server by a client in the client-server data storage system, the decryption using an encrypted chunk hash value associated with the second data chunk; and determine that the decrypted second ciphertext value corresponds to the requested second data chunk. - View Dependent Claims (2, 3, 4, 5, 8, 9)
-
-
6. A non-transitory computer readable medium storing instructions executable by a processing resource to cause a computer to:
-
calculate a first decryption value for a data chunk in a client-server data storage system using an encryption key, an encrypted chunk hash value as an initial value for decryption, and ciphertext associated with the data chunk; calculate a second decryption value using the encryption key and the encrypted chunk hash value; calculate a hash value of the first decryption value; and determine whether to accept or reject the first decryption value as equivalent to the data chunk, based on the calculated hash value and the second decryption value. - View Dependent Claims (7)
-
-
10. A method, comprising:
-
for each of a number of chunks in a data stream in a client-server data storage system, computing a hash value of the chunk and an encrypted chunk hash value from the hash value; creating a manifest of the data stream, wherein the manifest includes an ordered list of the encrypted chunk hash values for the number of chunks; and for a particular encrypted chunk hash value in the manifest that is not included in an index maintained by the server, computing, with a data storage engine of a client, a first ciphertext value for a particular data chunk, of the number of data chunks, for which the particular encrypted chunk hash value was computed, wherein computing the first ciphertext value comprises using the particular encrypted chunk hash value as an initial value for encryption. - View Dependent Claims (11, 12, 13, 14, 15)
-
Specification