On-disk file format for a serverless distributed file system

US 7,043,637 B2
Filed: 03/21/2001
Issued: 05/09/2006
Est. Priority Date: 03/21/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

segmenting a file into multiple blocks;

computing hashes of each of the blocks to produce corresponding block hash values;

encrypting the blocks using their corresponding block hash values as encryption keys to produce encrypted blocks;

storing the encrypted blocks as a primary data stream;

creating an indexing structure to index individual encrypted blocks, the indexing structure containing a leaf node for each corresponding encrypted block, the leaf node containing an access value formed by encrypting the block hash value for the corresponding encrypted block using an access key and a verification value formed by hashing the corresponding encrypted block;

storing the indexing structure in a separate metadata stream; and

encrypting the access key using a public key of a user who is granted access to the file.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A file format for a serverless distributed file system is composed of two parts: a primary data stream and a metadata stream. The data stream contains a file that is divided into multiple blocks. Each block is encrypted using a hash of the block as the encryption key. The metadata stream contains a header, a structure for indexing the encrypted blocks in the primary data stream, and some user information. The indexing structure defines leaf nodes for each of the blocks. Each leaf node consists of an access value used for decryption of the associated block and a verification value used to verify the encrypted block independently of other blocks. In one implementation, the access value is formed by hashing the file block and encrypting the resultant hash value using a randomly generated key. The key is then encrypted using the user'"'"'s key as the encryption key. The verification value is formed by hashing the associated encrypted block using a one-way hash function. The file format supports verification of individual file blocks without knowledge of the randomly generated key or any user keys. To verify a block of the file, the file system traverses the tree to the appropriate leaf node associated with a target block to be verified. The file system hashes the target block and if the hash matches the access value contained in the leaf node, the block is authentic.

285 Citations

41 Claims

1. A method comprising:
- segmenting a file into multiple blocks;
  
  computing hashes of each of the blocks to produce corresponding block hash values;
  
  encrypting the blocks using their corresponding block hash values as encryption keys to produce encrypted blocks;
  
  storing the encrypted blocks as a primary data stream;
  
  creating an indexing structure to index individual encrypted blocks, the indexing structure containing a leaf node for each corresponding encrypted block, the leaf node containing an access value formed by encrypting the block hash value for the corresponding encrypted block using an access key and a verification value formed by hashing the corresponding encrypted block;
  
  storing the indexing structure in a separate metadata stream; and
  
  encrypting the access key using a public key of a user who is granted access to the file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A method as recited in claim 1, wherein the segmenting comprises dividing the file into equal size blocks.
  - 3. A method as recited in claim 1, wherein the encrypting of the blocks comprises encrypting each block using a symmetric cryptographic cipher and the corresponding block hash value as the symmetric encryption key.
  - 4. A method as recited in claim 1, further comprising verifying an authenticity of a target encrypted block independently of other encrypted blocks by traversing the indexing structure to a leaf node associated with the target encrypted block and using the verification value in the leaf node associated with the target encrypted block.
  - 5. A method as recited in claim 1, further comprising:
    - traversing the indexing structure to a leaf node associated with a target block;
      
      decrypting the target block using the access value of the leaf node associated with the target block; and
      
      reading the target block following said decrypting.
  - 6. A method as recited in claim 5, further comprising:
    - modifying the target block of the file to produce a modified target block;
      
      computing a hash value of the modified target block;
      
      encrypting the modified target block using the hash value as an encryption key to produce a modified encrypted block; and
      
      recreating a new leaf node for the modified encrypted block.
  - 7. A method as recited in claim 1, wherein the creating further comprises:
    - grouping leaf nodes into multiple groups;
      
      hashing each group of leaf nodes to form intermediate nodes of the indexing structure; and
      
      hashing an array of the intermediate nodes to produce a root.
  - 8. A method as recited in claim 7, wherein the constructing further comprises digitally signing at least the root.
  - 9. A method as recited in claim 1, further comprising digitally signing at least a portion of the metadata stream.
  - 10. A method as recited in claim 1, further comprising generating a delegation certificate that grants other entities permission to collectively authenticate the file in absence of the signature of a last writer to the file.
  - 11. A method as recited in claim 1, wherein the file comprises a sparse file in which at least one of the blocks contains no data, the method further comprising:
    - differentiating non-data blocks of the sparse file that contain no substantive content from the data blocks of the sparse file that contain substantive data; and
      
      deallocating portions of the metadata stream that pertain to the non-data blocks in the data stream.
  - 12. A data structure, embodied on a computer-readable medium, produced by the method of claim 1.
  - 13. One or more computer readable media comprising computer-executable instructions that, when executed, perform the method as recited in claim 1.

14. One or more computer readable media comprising computer-executable instructions that, when executed, direct a computing device to:
- segment a file into multiple blocks;
  
  hash each of the blocks to produce block hash values;
  
  encrypt the blocks using their corresponding block hash values as encryption keys to produce encrypted blocks;
  
  create an indexing structure to index individual encrypted blocks, the indexing structure containing a leaf node for each corresponding encrypted block, the leaf node containing an access value formed by encrypting the block hash value for the corresponding encrypted block using an access key and a verification value formed by hashing the corresponding encrypted block;
  
  encrypt the access key using a public key of a user who is granted access to the file.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. One or more computer readable media as recited in claim 14, further comprising computer-executable instructions that, when executed, direct a computing device to:
    - store the encrypted blocks as a primary data stream; and
      
      store the indexing structure in a separate metadata stream.
  - 16. One or more computer readable media as recited in claim 14, further comprising computer-executable instructions that, when executed, direct a computing device to segment the file into equal size blocks.
  - 17. One or more computer readable media as recited in claim 14, wherein the blocks are encrypted using a symmetric cryptographic cipher and the access key is encrypted using an asymmetric cryptographic cipher.
  - 18. One or more computer readable media as recited in claim 14, further comprising computer-executable instructions that, when executed, direct a computing device to verify an authenticity of a target encrypted block independently of other encrypted blocks by traversing the indexing structure to a leaf node associated with the target encrypted block and using the verification value in the leaf node associated with the target encrypted block.
  - 19. One or more computer readable media as recited in claim 18, wherein the indexing structure contains a root and zero or more intervening nodes between the root and the leaf nodes, further comprising computer-executable instructions that, when executed, direct a computing device to verify an authenticity of the root and any intervening nodes on a path from the root to the leaf node associated with the target encrypted block.
  - 20. One or more computer readable media as recited in claim 14, further comprising computer-executable instructions that, when executed, direct a computing device to:
    - decrypt a target block using an access value of a leaf node associated with the target block; and
      
      read the target block after it is decrypted.
  - 21. One or more computer readable media as recited in claim 20, further comprising computer-executable instructions that, when executed, direct a computing device to:
    - modify the target block to produce, a modified target block;
      
      hash the modified target block to produce a hash value;
      
      encrypt the modified target block using the hash value as an encryption key to produce a modified encrypted block; and
      
      recreate a new leaf node for the modified encrypted block.
  - 22. One or more computer readable media as recited in claim 14, further comprising computer-executable instructions that, when executed, direct a computing device to:
    - group leaf nodes into multiple groups;
      
      hash each group of leaf nodes to form intermediate nodes of the indexing structure; and
      
      hash an array of the intermediate nodes to produce a root.
  - 23. One or more computer readable media as recited in claim 22, further comprising computer-executable instructions that, when executed, direct a computing device to digitally sign at least the root.
  - 24. At One or more computer readable media as recited in claim 14, further comprising computer-executable instructions that, when executed, direct a computing device to digitally sign at least a portion of the metadata stream.
  - 25. One or more computer readable media as recited in claim 14, further comprising computer-executable instructions that, when executed, direct a computing device to generate a delegation certificate that grants other entities permission to collectively authenticate the file in absence of the signature of a last writer to the file.
  - 26. One or more computer readable media as recited in claim 14, wherein the file comprises a sparse file in which at least one of the blocks contains no substantive data, the media further comprising computer-executable instructions that, when executed, direct a computing device to:
    - differentiate non-data blocks of the sparse file that contain no substantive content from the data blacks of the sparse file that contain substantive data; and
      
      deallocate portions of the metadata stream that pertain to the non-data blocks in the data stream.

27. A component in a distributed file system in which file are stored across multiple distributed computers, the component comprising:
- a segmenting module to divide a file into multiple blocks;
  
  a hash module to hash each of the blocks to produce block hash values;
  
  a cryptographic engine to encrypt the blocks using their corresponding block hash values as encryption keys to produce encrypted blocks; and
  
  an index builder to create an indexing structure for indexing individual encrypted blocks, the indexing structure containing a leaf node for each corresponding encrypted block, the leaf node containing an access value formed by encrypting the block hash value for the corresponding encrypted block using an access key and a verification value formed by hashing the corresponding encrypted block.
- View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 28. A component as recited in claim 27, wherein the cryptographic engine is further configured to encrypt the access key using a key of a user who is granted access to the file.
  - 29. A component as recited in claim 27, wherein the segmenting module divides the file into equal size blocks.
  - 30. A component as recited in claim 27, wherein cryptographic engine employs a symmetric cryptographic cipher to encrypt the blocks.
  - 31. A component as recited in claim 27, further comprising a verification module to verify an authenticity of a target encrypted block independently of other encrypted blocks by traversing the indexing structure to a leaf node associated with the target encrypted black and using the verification value in the leaf node associated with the target encrypted block.
  - 32. A component as recited in claim 31, wherein the indexing structure contains a root and zero or more intervening nodes between the root and the leaf nodes, the verification module being configured to verify an authenticity of the root and any intervening nodes on a path from the root to the leaf node associated with the target encrypted block.
  - 33. A component as recited in claim 27, further comprising a control module to index into the indexing structure to a leaf node associated with a target block, decrypt the target block using the access value of the leaf node associated with the target block, and read the target block.
  - 34. A component as recited in claim 33, where upon modification of the target block:
    - the hash module hashes the modified target block to produce a new hash value;
      
      the cryptographic engine encrypts the modified target block using the new hash value as an encryption key to produce a modified encrypted block; and
      
      the index builder creates a new leaf node for the modified encrypted block.
  - 35. A component as recited in claim 27, wherein the index builder is configured to create intermediate nodes that index the leaf nodes.
  - 36. A component as recited in claim 27, further comprising a signing module to digitally sign at least a portion of the indexing structure.

37. A data structure stored on a computer-readable medium, comprising:
- multiple encrypted file blocks, each encrypted file block being encrypted by a symmetric cipher that uses a hash of the block as an encryption key; and
  
  an indexing structure to index individual encrypted file blocks independently of other encrypted file blocks.
- View Dependent Claims (38, 39, 40, 41)
- - 38. A data structure as recited in claim 37, wherein the indexing structure comprises a leaf node for each corresponding encrypted block, the leaf node containing an access value formed by encrypting the hash of the block using a randomly generated key and a verification value formed by hashing the corresponding encrypted block.
  - 39. A data structure as recited in claim 38, further comprising a user key list containing one or more identities of user who have access to the encrypted file blocks, each identity including an entry with an encrypted version of the randomly generated key that is encrypted using the user'"'"'s public key.
  - 40. A data structure as recited in claim 37, wherein the indexing structure comprises:
    - a leaf node for each corresponding encrypted block, the leaf node containing an access value formed by encrypting the hash of the block using a randomly generated key and a verification value formed by hashing the corresponding encrypted block; and
      
      a root node formed by hashing an array of the leaf nodes.
  - 41. A data structure as recited in claim 40, wherein the indexing structure further comprises a digital signature produced by digitally signing at least the root node.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Bolosky, William J., Douceur, John R., Adya, Atul, Cermak, Gerald
Primary Examiner(s)
Wright, Norman M.

Application Number

US09/814,259
Publication Number

US 20020194209A1
Time in Patent Office

1,875 Days
Field of Search

713/202, 713/201, 713/171, 713/189, 380/259, 380/37
US Class Current

713/171
CPC Class Codes

G06F 16/137   Hash-based content-based in...

H04L 2209/20   Manipulating the length of ...

H04L 2209/60   Digital content management,...

H04L 9/0656   Pseudorandom key sequence c...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/3249   using RSA or related signat...

H04L 9/50   using hash chains, e.g. blo...

On-disk file format for a serverless distributed file system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

285 Citations

41 Claims

Specification

Solutions

Use Cases

Quick Links

On-disk file format for a serverless distributed file system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

285 Citations

41 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links