STORAGE OF SENSITIVE DATA IN A DISPERSED STORAGE NETWORK
First Claim
1. A method comprises:
- applying a share encoding function on data to produce a plurality of encoded shares;
generating a corresponding plurality of random numbers for the plurality of encoded shares;
for each encoded share of the plurality of encoded shares;
generating an encryption key based on a common password and a corresponding one of the corresponding plurality of random numbers; and
encrypting the encoded share utilizing the encryption key to produce an encrypted share; and
facilitating storage of the corresponding plurality of random numbers and each of the encrypted shares.
5 Assignments
0 Petitions
Accused Products
Abstract
A method begins by a processing module applying a share encoding function on data to produce a plurality of encoded shares and generating a corresponding plurality of random numbers for the plurality of encoded shares. The method continues with the processing module generating an encryption key based on a common password and a corresponding one of the corresponding plurality of random numbers and encrypting the encoded share utilizing the encryption key to produce an encrypted share for each encoded share of the plurality of encoded shares. The method continues with the processing module facilitating storage of the corresponding plurality of random numbers and each of the encrypted shares.
53 Citations
28 Claims
-
1. A method comprises:
-
applying a share encoding function on data to produce a plurality of encoded shares; generating a corresponding plurality of random numbers for the plurality of encoded shares; for each encoded share of the plurality of encoded shares; generating an encryption key based on a common password and a corresponding one of the corresponding plurality of random numbers; and encrypting the encoded share utilizing the encryption key to produce an encrypted share; and facilitating storage of the corresponding plurality of random numbers and each of the encrypted shares. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method comprises:
-
retrieving at least a decode threshold number of stored random numbers to produce a set of stored random numbers; retrieving at least a decode threshold number of encrypted shares to produce a set of encrypted shares, wherein the set of encrypted shares corresponds to the set of stored random numbers; generating a set of blinded passwords based on a common password and a set of blinded random numbers; generating a set of passkeys based on the set of blinded passwords and the set of stored random numbers; generating a set of decryption keys based on the set of blinded random numbers and the set of passkeys; decrypting each encrypted share of the set of encrypted shares utilizing a corresponding decryption key of the set of decryption keys to produce a set of shares; and decoding the set of shares to reproduce data. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer comprises:
-
an interface; a memory; and a processing module operable to; apply a share encoding function on data to produce a plurality of encoded shares; generate a corresponding plurality of random numbers for the plurality of encoded shares; for each encoded share of the plurality of encoded shares; generate an encryption key based on a common password and a corresponding one of the corresponding plurality of random numbers; and encrypt the encoded share utilizing the encryption key to produce an encrypted share; and facilitate storage of the corresponding plurality of random numbers and each of the encrypted shares. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A computer comprises:
-
an interface; a memory; and a processing module operable to; retrieve, view the interface, at least a decode threshold number of stored random numbers to produce a set of stored random numbers; retrieve, via the interface, at least a decode threshold number of encrypted shares to produce a set of encrypted shares, wherein the set of encrypted shares corresponds to the set of stored random numbers; generate a set of blinded passwords based on a common password and a set of blinded random numbers; generate a set of passkeys based on the set of blinded passwords and the set of stored random numbers; generate a set of decryption keys based on the set of blinded random numbers and the set of passkeys; decrypt each encrypted share of the set of encrypted shares utilizing a corresponding decryption key of the set of decryption keys to produce a set of shares; and decode the set of shares to reproduce data. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
-
Specification