Retrieving access information in a dispersed storage network
First Claim
1. A method for execution by a computing device for highly secure access to a dispersed storage network (DSN), the method comprises:
- for an access request to the DSN, retrieving access information by;
retrieving a plurality of sets of encoded share slices and a plurality of sets of encoded random number slices from memory of the DSN;
dispersed storage error decoding the plurality of sets of encoded share slices to produce a set of encrypted shares;
dispersed storage error decoding the plurality of sets of encoded random number slice to produce a plurality of random numbers;
obtaining one or more personalized authenticating values regarding user access to the DSN;
processing the one or more personalized authenticating values and the plurality of random numbers to produce a set of decryption keys;
decrypting the set of encrypted shares using the set of decryption keys to produce a set of shares; and
processing the set of shares to recover the access information; and
utilizing the recovered access information to process the access request to the DSN.
4 Assignments
0 Petitions
Accused Products
Abstract
A method begins by a processing module obtaining a set of recovered random numbers, decoding encrypted share slices to produce a set of encrypted shares, and obtaining a set of personalized authenticating values regarding user access to data. The method continues with the processing module generating a set of hidden passwords based on the set of personalized authenticating values, generating a set of blinded passwords based on the set of hidden passwords and a set of blinded random numbers, and generating a set of passkeys based on the set of blinded passwords and the set of recovered random numbers. The method continues with the processing module generating a set of decryption keys based on the set of blinded random numbers and the set of passkeys, decrypting the set of encrypted shares to produce a set of shares, and decoding the set of shares to reproduce the data.
-
Citations
18 Claims
-
1. A method for execution by a computing device for highly secure access to a dispersed storage network (DSN), the method comprises:
-
for an access request to the DSN, retrieving access information by; retrieving a plurality of sets of encoded share slices and a plurality of sets of encoded random number slices from memory of the DSN; dispersed storage error decoding the plurality of sets of encoded share slices to produce a set of encrypted shares; dispersed storage error decoding the plurality of sets of encoded random number slice to produce a plurality of random numbers; obtaining one or more personalized authenticating values regarding user access to the DSN; processing the one or more personalized authenticating values and the plurality of random numbers to produce a set of decryption keys; decrypting the set of encrypted shares using the set of decryption keys to produce a set of shares; and processing the set of shares to recover the access information; and utilizing the recovered access information to process the access request to the DSN. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computing device comprises:
-
an interface; memory; and a processing module operably coupled to the interface and the memory, wherein the processing module is operable to; for an access request to a dispersed storage network (DSN), retrieve access information by; retrieving, via the interface, a plurality of sets of encoded share slices and a plurality of sets of encoded random number slices from memory of the DSN; dispersed storage error decoding the plurality of sets of encoded share slices to produce a set of encrypted shares; dispersed storage error decoding the plurality of sets of encoded random number slice to produce a plurality of random numbers; obtaining one or more personalized authenticating values regarding user access to the DSN; processing the one or more personalized authenticating values and the plurality of random numbers to produce a set of decryption keys; decrypting the set of encrypted shares using the set of decryption keys to produce a set of shares; and processing the set of shares to recover the access information; and utilize the recovered access information to process the access request to the DSN. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer readable storage device comprises:
-
a first section that stores operational instructions that, when executed by a computing device, causes the computing device to, for an access request to a dispersed storage network (DSN), retrieve access information by; retrieving, via an interface, a plurality of sets of encoded share slices and a plurality of sets of encoded random number slices from memory of the DSN; dispersed storage error decoding the plurality of sets of encoded share slices to produce a set of encrypted shares; dispersed storage error decoding the plurality of sets of encoded random number slice to produce a plurality of random numbers; obtaining one or more personalized authenticating values regarding user access to the DSN; processing the one or more personalized authenticating values and the plurality of random numbers to produce a set of decryption keys; decrypting the set of encrypted shares using the set of decryption keys to produce a set of shares; and processing the set of shares to recover the access information; and a second section that stores operational instructions that, when executed by a computing device, causes the computing device to utilize the recovered access information to process the access request to the DSN. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification