Methodology for vaulting data encryption keys with encrypted storage

US 8,190,921 B1
Filed: 12/27/2007
Issued: 05/29/2012
Est. Priority Date: 12/27/2007
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

in response to a failure event;

copying an encrypted portion of data from system memory to a vault location of persistent storage, the encrypted portion of data including a set of cryptographic keys, each cryptographic key being encrypted with a key encryption key, each cryptographic key for encrypting a specific portion of persistent storage;

encrypting an unencrypted portion of data from system memory to create an encrypted version of the unencrypted portion of data, wherein encrypting the unencrypted portion of data includes encrypting the unencrypted portion of data with a plurality of cryptographic keys of the set of cryptographic keys, each of the plurality of cryptographic keys corresponding to a different portion of the vault location of persistent storage;

writing the encrypted version of the unencrypted portion of data to the vault location of persistent storage; and

performing a system restart;

wherein the unencrypted portion of data includes cached data and instructions for writing the cached data to persistent storage; and

in response to the system restart;

copying the encrypted portion of data from persistent storage to system memory; and

in response to copying the encrypted portion of data from persistent storage to system memory, decrypting the encrypted version of the unencrypted portion of data to recreate the unencrypted portion of data, and writing the recreated unencrypted portion of data to system memory, wherein decrypting the encrypted version of the unencrypted portion of data includes;

decrypting the plurality of cryptographic keys with the key encryption key; and

for each portion of the vault location, decrypting the encrypted version of the unencrypted portion of data with the cryptographic key of the plurality of cryptographic keys corresponding to the portion of the vault location.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is provided to allow for encryption keys to be safely vaulted and for restarts after system failures, even when an external key server is not accessible. In one embodiment, the encryption keys are stored in memory in an encrypted format, the encryption keys being encrypted with a key encryption key (KEK). The data stored in a write cache may be encrypted and written to a vault, protecting it from unauthorized access, but the key table may be written directly to the data vault without need for any further encryption. Because the encryption keys are themselves encrypted, the encryption keys are protected from unauthorized access, ensuring the security of all the encrypted data stored on disk. This embodiment allows the data storage system to be restarted without accessing an external key server. In another embodiment, the KEK is stored in persistent storage within the data storage system, allowing for unattended restart. To enhance security, the KEK may be stored in ROM in a hardened location. Embodiments are also provided for apparatus for practicing the method.

44 Citations

View as Search Results

9 Claims

1. A method comprising:
- in response to a failure event;
  
  copying an encrypted portion of data from system memory to a vault location of persistent storage, the encrypted portion of data including a set of cryptographic keys, each cryptographic key being encrypted with a key encryption key, each cryptographic key for encrypting a specific portion of persistent storage;
  
  encrypting an unencrypted portion of data from system memory to create an encrypted version of the unencrypted portion of data, wherein encrypting the unencrypted portion of data includes encrypting the unencrypted portion of data with a plurality of cryptographic keys of the set of cryptographic keys, each of the plurality of cryptographic keys corresponding to a different portion of the vault location of persistent storage;
  
  writing the encrypted version of the unencrypted portion of data to the vault location of persistent storage; and
  
  performing a system restart;
  
  wherein the unencrypted portion of data includes cached data and instructions for writing the cached data to persistent storage; and
  
  in response to the system restart;
  
  copying the encrypted portion of data from persistent storage to system memory; and
  
  in response to copying the encrypted portion of data from persistent storage to system memory, decrypting the encrypted version of the unencrypted portion of data to recreate the unencrypted portion of data, and writing the recreated unencrypted portion of data to system memory, wherein decrypting the encrypted version of the unencrypted portion of data includes;
  
  decrypting the plurality of cryptographic keys with the key encryption key; and
  
  for each portion of the vault location, decrypting the encrypted version of the unencrypted portion of data with the cryptographic key of the plurality of cryptographic keys corresponding to the portion of the vault location.
- View Dependent Claims (2, 3, 4, 5)
- - 2. A method as in claim 1 wherein:
    - the method is performed by a data storage system; and
      
      the failure event is a power failure, the data storage system being configured to temporarily operate on backup battery power after a power failure.
  - 3. A method as in claim 1 wherein:
    - the method is performed by a data storage system; and
      
      the failure event is an indication from a heat sensor that the data storage system has reached a first threshold temperature, the data storage system being configured to shut down upon reaching a second threshold temperature greater than the first threshold temperature.
  - 4. A method as in claim 1 wherein:
    - the method is performed by a data storage system having a storage processor;
      
      the data storage system includes a hardened memory location, the hardened memory location including persistent memory for storing the key encryption key, wherein the hardened memory location is protected from external probing, wherein the hardened memory location includes a hardware circuit surrounded by plastic lamination, wherein piercing the plastic lamination would result in destruction of the hardened memory location;
      
      the system restart is an unattended system restart; and
      
      decrypting the encrypted version of the unencrypted portion of data further includes reading the key encryption key from the hardened memory location.
  - 5. A method as in claim 1 wherein:
    - the method is performed by a data storage system having a storage processor;
      
      the storage processor serves as a write-back caching device; and
      
      system memory stores the cached data and instructions for write-back caching prior to writing the cached data to persistent storage.

6. A storage processor device comprising:
- system memory, the system memory storing an unencrypted portion of data and an encrypted portion of data;
  
  a storage device interface arranged to communicate with a set of persistent storage devices; and
  
  a controller coupled to system memory and to the storage device interface, the controller being configured to;
  
  in response to a failure event;
  
  copy the encrypted portion of data to a vault location of persistent storage, the encrypted portion of data including a set of cryptographic keys, each cryptographic key being encrypted with a key encryption key, each cryptographic key for encrypting a specific portion of persistent storage;
  
  encrypt the unencrypted portion of data to create an encrypted version of the unencrypted portion of data, wherein encrypting the unencrypted portion of data includes encrypting the unencrypted portion of data with a plurality of cryptographic keys of the set of cryptographic keys, each of the plurality of cryptographic keys corresponding to a different portion of the vault location of persistent storage; and
  
  write the encrypted version of the unencrypted portion of data to the vault location of persistent storage;
  
  wherein the unencrypted portion of data includes cached data and instructions for writing the cached data to persistent storage; and
  
  in response to a system restart;
  
  copy the encrypted portion of data from persistent storage to system memory; and
  
  in response to copying the encrypted portion of data from persistent storage to system memory;
  
  decrypt the encrypted version of the unencrypted portion of data to recreate the unencrypted portion of data; and
  
  write the recreated unencrypted portion of data to system memory;
  
  wherein the controller, when decrypting the encrypted version of the unencrypted portion of data, is configured to;
  
  decrypt the plurality of cryptographic keys with the key encryption key; and
  
  for each portion of the vault location, decrypt the encrypted version of the unencrypted portion of data with the cryptographic key of the plurality of cryptographic keys corresponding to the portion of the vault location.
- View Dependent Claims (7)
- - 7. A storage processor device as in claim 6 wherein:
    - the storage processor device further comprises a hardened memory location, the hardened memory location including persistent memory for storing the key encryption key, wherein the hardened memory location is protected from external probing;
      
      the hardened memory location includes a hardware circuit surrounded by plastic lamination, wherein piercing the plastic lamination would result in destruction of the hardened memory location; and
      
      the controller, when decrypting the encrypted version of the unencrypted portion of data, is further configured to read the key encryption key from the hardened memory location.

8. A storage processor device comprising:
- system memory, the system memory storing an unencrypted portion of data and an encrypted portion of data;
  
  a plurality of storage device interface modules arranged to communicate with a set of persistent storage devices; and
  
  a controller coupled to system memory and to the storage device interface modules, the controller being configured to;
  
  in response to a failure event;
  
  copy, across one or more of the storage device interface modules, the encrypted portion of data to a vault location of persistent storage, the encrypted portion of data containing a set of cryptographic keys, each cryptographic key being encrypted with one key encryption key of a set of key encryption keys, each cryptographic key for encrypting a specific portion of persistent storage, each key encryption key corresponding to a different storage device interface module;
  
  direct one or more of the storage device interface modules to encrypt the unencrypted portion of data to create an encrypted version of the unencrypted portion of data, wherein encrypting the unencrypted portion of data includes encrypting the unencrypted portion of data with a plurality of cryptographic keys of the set of cryptographic keys, each of the plurality of cryptographic keys corresponding to a different portion of the vault location of persistent storage; and
  
  write, across one or more of the storage device interface modules, the encrypted version of the unencrypted portion of data to the vault location of persistent storage;
  
  wherein the unencrypted portion of data includes cached data and instructions for writing the cached data to persistent storage; and
  
  in response to a system restart;
  
  copy, across one or more of the storage device interface modules, the encrypted portion of data from persistent storage to system memory; and
  
  in response to copying the encrypted portion of data from persistent storage to system memory;
  
  direct one or more of the storage device interface modules to decrypt the encrypted version of the unencrypted portion of data to recreate the unencrypted portion of data; and
  
  write the recreated unencrypted portion of data to system memory;
  
  wherein a storage device interface module of the plurality of storage device interface modules, when decrypting the encrypted version of the unencrypted portion of data, is configured to;
  
  decrypt the plurality of cryptographic keys with the key encryption key corresponding to that storage device interface module; and
  
  for each portion of the vault location, decrypt the encrypted version of the unencrypted portion of data with the cryptographic key of the plurality of cryptographic keys corresponding to the portion of the vault location.
- View Dependent Claims (9)
- - 9. A storage processor device as in claim 8, wherein:
    - each storage device interface module includes a hardened memory location, the hardened memory location including persistent memory for storing the key encryption key of that storage device interface module, wherein the hardened memory location is protected from external probing;
      
      the hardened memory location of each storage device interface module includes a hardware circuit surrounded by plastic lamination, wherein piercing the plastic lamination would result in destruction of the hardened memory location; and
      
      each storage device interface module, when decrypting the encrypted version of the unencrypted portion of data, is further configured to read the key encryption key from the hardened memory location.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Harwood, Jack, Linnell, Thomas E., Fitzgerald, John T.
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
NASH, LASHANYA RENEE

Application Number

US11/965,250
Time in Patent Office

1,615 Days
Field of Search

713/165, 713/189, 713/193, 713/194, 709/215, 709/214
US Class Current

713/193
CPC Class Codes

G06F 21/6209 to a single file or object,...

Methodology for vaulting data encryption keys with encrypted storage

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

44 Citations

9 Claims

Specification

Use Cases

Quick Links

Others

Methodology for vaulting data encryption keys with encrypted storage

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

9 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others