Distributed storage network and method for storing and retrieving encryption keys
First Claim
1. A method for processing an encryption key within a portion of a distributed storage network (DSN), the method comprises:
- receiving an encryption key to store;
determining an encryption method;
encrypting the encryption key with the determined encryption method to produce an encrypted key;
error encoding the encrypted key;
slicing the error encoded encrypted key to produce a set of error encoded data slices; and
distributing the set of error encoded data slices across DSN memory.
5 Assignments
0 Petitions
Accused Products
Abstract
A method begins by a distributed storage (DS) managing unit receiving an encryption key to store. The method continues by determining an encryption method and encrypting the encryption key with the determined encryption method to produce an encrypted key. The method continues by encoding and slicing the encrypted key to produce a set of data slices; and storing the set of data slices in DSN memory. A method to retrieve the stored encryption key begins with receiving a retrieve encryption key request from a requester and continues with retrieving an encrypted key and then determining a decryption method. The method continues by decrypting the encrypted key with the determined decryption method to produce the encryption key and sending the encryption key to the requestor to decrypt one or more portions of the encrypted data.
-
Citations
18 Claims
-
1. A method for processing an encryption key within a portion of a distributed storage network (DSN), the method comprises:
-
receiving an encryption key to store; determining an encryption method; encrypting the encryption key with the determined encryption method to produce an encrypted key; error encoding the encrypted key; slicing the error encoded encrypted key to produce a set of error encoded data slices; and distributing the set of error encoded data slices across DSN memory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for processing encrypted data within a distributed storage network (DSN), the method comprises:
-
receiving a retrieve encryption key request from a requester; retrieving an encrypted key by; receiving a plurality of error encoded data slices stored in DSN memory, the error encoded data slices retaining the encrypted key; de-slicing the error encoded data slices; decoding the de-sliced error encoded data slices; determining a decryption method; and decrypting the decoded data slices with the determined decryption method to produce the encryption key; and sending the encryption key to the requester to decrypt the encrypted data. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A distributed storage (DS) managing unit comprises:
a processing module operable to; store an encryption key by; receiving an encryption key to store; determining an encryption method; encrypting the encryption key with the determined encryption method to produce an encrypted key; error encoding the encrypted key; slicing the error encoded encrypted key to produce a set of data slices; and storing the set of data slices in DSN memory; and retrieve an encryption key by; receiving a retrieve encryption key request from a requester; retrieving a plurality of data slices; de-slicing the plurality of data slices; and decoding the de-sliced plurality of data slices; determining a decryption method; decrypting the decoded data slices with the determined decryption method to produce the encryption key; and sending the encryption key to the requester to decrypt the encrypted data. - View Dependent Claims (18)
Specification