Efficient storage of encrypted data in a dispersed storage network
First Claim
1. A method for execution by a processing module in a distributed storage (DS) unit, the method comprising:
- receiving, via a communication interface of the DS unit, a request to retrieve data from a requesting device;
identifying first unique retrieval matrix that is assigned to the requesting device and that is associated with one or more sets within first plurality of sets of error coded (EC) data slices, wherein first substantially similar data to the data is stored within dispersed storage network (DSN) memory as the first plurality of sets of EC data slices;
determining whether a decode threshold number of EC data slices within at least one set of the one or more sets of the first plurality of sets of EC data slices is available for retrieval based on the first unique retrieval matrix;
when availability of the decode threshold number of EC data slices for retrieval is determined, transmitting, via the communication interface of the DS unit, the first unique retrieval matrix to the requesting device;
when less than the decode threshold number of EC data slices for retrieval is determined to be available;
generating second plurality of sets of EC data slices to store second substantially similar data to the data;
storing the second plurality of sets of EC data slices within the DSN memory;
assigning second unique retrieval matrix of the second plurality of sets of EC data slices to the requesting device, wherein the requesting device can recover a decode threshold number of EC data slices within at least one set of the second plurality of sets of EC data slices based on the second unique retrieval matrix; and
transmitting, via the communication interface of the DS unit, the second unique retrieval matrix to the requesting device.
4 Assignments
0 Petitions
Accused Products
Abstract
A method begins with a processing module obtaining data to store and determining whether substantially similar data to the data is stored. When the substantially similar data is not stored, the method continues with the processing module generating a first encryption key based on the data, encoding the first encryption key into encoded data slices in accordance with an error coding dispersal storage function, and storing the encoded data slices in a dispersed storage network (DSN) memory. The method continues with the processing module encrypting the data using an encryption key of the substantially similar data in accordance with an encryption function to produce encrypted data, compressing the encrypted data in accordance with a compression function to produce compressed data, storing the compressed data when the substantially similar data is stored.
87 Citations
20 Claims
-
1. A method for execution by a processing module in a distributed storage (DS) unit, the method comprising:
-
receiving, via a communication interface of the DS unit, a request to retrieve data from a requesting device; identifying first unique retrieval matrix that is assigned to the requesting device and that is associated with one or more sets within first plurality of sets of error coded (EC) data slices, wherein first substantially similar data to the data is stored within dispersed storage network (DSN) memory as the first plurality of sets of EC data slices; determining whether a decode threshold number of EC data slices within at least one set of the one or more sets of the first plurality of sets of EC data slices is available for retrieval based on the first unique retrieval matrix; when availability of the decode threshold number of EC data slices for retrieval is determined, transmitting, via the communication interface of the DS unit, the first unique retrieval matrix to the requesting device; when less than the decode threshold number of EC data slices for retrieval is determined to be available; generating second plurality of sets of EC data slices to store second substantially similar data to the data; storing the second plurality of sets of EC data slices within the DSN memory; assigning second unique retrieval matrix of the second plurality of sets of EC data slices to the requesting device, wherein the requesting device can recover a decode threshold number of EC data slices within at least one set of the second plurality of sets of EC data slices based on the second unique retrieval matrix; and transmitting, via the communication interface of the DS unit, the second unique retrieval matrix to the requesting device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A distributed storage (DS) processing unit comprises:
-
a communication interface; and a processing module configured to; receive, via the communication interface, a request to retrieve data from a requesting device; identify first unique retrieval matrix that is assigned to the requesting device and that is associated with one or more sets within first plurality of sets of error coded (EC) data slices, wherein first substantially similar data to the data is stored within dispersed storage network (DSN) memory as the first plurality of sets of EC data slices; determine whether a decode threshold number of EC data slices within at least one set of the one or more sets of the first plurality of sets of EC data slices is available for retrieval based on the first unique retrieval matrix; when availability of the decode threshold number of EC data slices for retrieval is determined, transmit, via the communication interface of the DS unit, the first unique retrieval matrix to the requesting device; when less than the decode threshold number of EC data slices for retrieval is determined to be available; generate second plurality of sets of EC data slices to store second substantially similar data to the data; store the second plurality of sets of EC data slices within the DSN memory; assign second unique retrieval matrix of the second plurality of sets of EC data slices to the requesting device, wherein the requesting device can recover a decode threshold number of EC data slices within at least one set of the second plurality of sets of EC data slices based on the second unique retrieval matrix; and transmit, via the communication interface of the DS unit, the second unique retrieval matrix to the requesting device. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer readable medium having instructions causing a processing module in a distributed storage (DS) unit to execute a method comprising:
-
receiving, via a communication interface of the DS unit, a request to retrieve data from a requesting device; identifying first unique retrieval matrix that is assigned to the requesting device and that is associated with one or more sets within first plurality of sets of error coded (EC) data slices, wherein first substantially similar data to the data is stored within dispersed storage network (DSN) memory as the first plurality of sets of EC data slices; determining whether a decode threshold number of EC data slices within at least one set of the one or more sets of the first plurality of sets of EC data slices is available for retrieval based on the first unique retrieval matrix; when availability of the decode threshold number of EC data slices for retrieval is determined, transmitting, via the communication interface of the DS unit, the first unique retrieval matrix to the requesting device; when less than the decode threshold number of EC data slices for retrieval is determined to be available; generating second plurality of sets of EC data slices to store second substantially similar data to the data; storing the second plurality of sets of EC data slices within the DSN memory; assigning second unique retrieval matrix of the second plurality of sets of EC data slices to the requesting device, wherein the requesting device can recover a decode threshold number of EC data slices within at least one set of the second plurality of sets of EC data slices based on the second unique retrieval matrix; and transmitting, via the communication interface of the DS unit, the second unique retrieval matrix to the requesting device. - View Dependent Claims (17, 18, 19, 20)
-
Specification