TREA

Secret regeneration from distributed shares

Follow

Information

  • Patent Grant
  • 11838412
  • Patent Number
    11,838,412
  • Date Filed
    Tuesday, September 27, 2022
    2 years ago
  • Date Issued
    Tuesday, December 5, 2023
    a year ago
Information
Abstract
A processor-based method for secret sharing in a computing system is provided. The method includes encrypting shares of a new secret, using a previous secret and distributing unencrypted shares of the new secret and the encrypted shares of the new secret, to members of the computing system. The method includes decrypting at least a subset of the encrypted shares of the new secret, using the previous secret and regenerating the new secret from at least a subset of a combination of the unencrypted shares of the new secret and the decrypted shares of the new secret.
Description
BACKGROUND

Secret sharing splits a secret into shares (which could be termed parts or pieces of the secret), and was invented by Adi Shamir and George Blakley, independently. The secret can be regenerated, using a sufficient subset (i.e., a specific threshold minimum number of shares or up to and including all) of the shares. Depending on the scheme used for secret sharing, a mathematical operation or algorithm is applied to a sufficient number (specific to the scheme) of the shares, parts or pieces of the secret to recover the secret. Secrets can be used in computing, communication and storage systems for encrypting and decrypting data or the secrets can act as passwords, keys for locks, or features for other security functions. For example, a secret (and each of the shares, parts or pieces of the secret) can be a binary number. In a distributed system, sending shares of a secret to different members of the system protects against theft of or from, or unauthorized access to any one member (or even a few members) of the system, which would at most result in theft of a share or a few shares, but not an entire key or enough shares to regenerate a key. Periodic generation of a new key is desirable from the standpoint of providing additional protection. However, it may not be possible to write a new secret to all of the members of a distributed system, because one or more members might be unavailable at the time the shares are written. If this happens, and the system fails, it is possible that a different set of system members will be available upon reboot of the system, in which case the new secret might not be recoverable, as the required quorum of shares for regenerating the secret might not be available. A distributed system facing such a condition might start again and re-split a secret, sending shares to available system members, whereupon the above situation could recur many times or indefinitely.


It is within this context that the embodiments arise.


SUMMARY

In some embodiments, a processor-based method for secret sharing in a computing system is provided. The method includes encrypting shares of a new secret, using a previous secret and distributing unencrypted shares of the new secret and the encrypted shares of the new secret, to members of the computing system. The method includes decrypting at least a subset of the encrypted shares of the new secret, using the previous secret and regenerating the new secret from at least a subset of a combination of the unencrypted shares of the new secret and the decrypted shares of the new secret.


In some embodiments, a tangible, non-transitory, computer-readable media having instructions thereupon which, when executed by a processor, cause the processor to perform a method. The method includes encrypting, with a previous secret, shares of a new secret and distributing encrypted shares and unencrypted shares of the new secret. The method includes decrypting, with the previous secret, available encrypted shares of the new secret and reproducing the new secret from at least a subset of available unencrypted shares of the new secret and the decrypted shares of the new secret.


In some embodiments, a computing system with a shared secret is provided. The computing system includes a secret generator, configured to generate and regenerate secrets, a share splitter, configured to split a secret into a plurality of shares, an encryption/decryption unit, configured to encrypt and decrypt, and one or more processors, configured to perform actions. The actions include encrypting shares of a second secret, using a first secret and the encryption/decryption unit and sending encrypted shares and unencrypted shares of the second secret to members of the computing system. The actions include decrypting at least a subset of the encrypted shares of the second secret, using the encryption/decryption unit and the first secret and regenerating the second secret, using the secret generator and unencrypted shares and decrypted shares of the second secret.


Other aspects and advantages of the embodiments will become apparent from the following detailed description taken in conjunction with the accompanying drawings which illustrate, by way of example, the principles of the described embodiments.





BRIEF DESCRIPTION OF THE DRAWINGS

The described embodiments and the advantages thereof may best be understood by reference to the following description taken in conjunction with the accompanying drawings. These drawings in no way limit any changes in form and detail that may be made to the described embodiments by one skilled in the art without departing from the spirit and scope of the described embodiments.



FIG. 1 is a block diagram of a storage device with facilities for sharing and resharing a split secret in accordance with some embodiments.



FIG. 2 is a system diagram with multiple storage devices, generating a secret “A” and shares of the secret in accordance with some embodiments.



FIG. 3 is a system diagram with the storage devices generating a secret “B” and encrypting some of the shares of “B” with “A” in accordance with some embodiments.



FIG. 4 is a system diagram with the storage devices regenerating the secret “A”, decrypting encrypted shares of “B” and regenerating the secret “B” in accordance with some embodiments.



FIG. 5 is a system diagram with a storage device decrypting a key using one secret, and re-encrypting the key with another secret in accordance with some embodiments.



FIG. 6 is a flow diagram of a method for secret sharing, which can be practiced by one or more processors of a computing, communication or storage system in accordance with some embodiments.



FIG. 7 is an illustration showing an exemplary computing device which may implement the embodiments described herein.





DETAILED DESCRIPTION

A system and related method for resharing of a split secret are herein described. Although shown in embodiments of storage devices in a storage system, the mechanisms and techniques for resharing of a split secret are applicable to computing, communication or storage systems that use a secret for various functions or purposes, and can be used in systems that are distributed, centralized, monolithic, localized, networked, cloud-based, etc. FIGS. 1-5 show storage devices using a secret to encrypt and decrypt, or otherwise lock and unlock, a key that encrypts and decrypts data in the storage system. A new secret is generated and split, and some of the new shares are encrypted, using a previous secret. Unencrypted and encrypted shares are distributed to devices of the system. It should be noted that a share(s) may be referred to as a part(s) of a secret or piece(s) of a secret in some embodiments. To unlock (e.g., decrypt) the locked (or encrypted) key, the system gathers together available unencrypted and encrypted shares, decrypts the encrypted shares using the previous (i.e., old) secret, and uses a sufficient subset of the combination of unencrypted shares and decrypted formerly encrypted shares to regenerate the new secret. Using the new secret, the system unlocks or decrypts the locked or encrypted key, which can then be used for decrypting data in the storage system, or encrypting new data to be stored in the storage system, etc. FIG. 6 presents a method for secret sharing, which is used by the present embodiments and can also be used by other systems for other mechanisms and techniques applying secrets. The mechanism can be applied in an iterative manner, to replace an older secret with a newer secret key, e.g., on a regular or irregular basis, or on demand.



FIG. 1 is a block diagram of a storage device 102 with facilities for sharing and resharing a split secret. In present embodiments, the storage device 102 could be or include a storage node, a storage unit, or a storage drive, and in further embodiments could be a compute only node in a storage cluster or storage system, or other device in another system as the embodiments are not limited to storage systems and may be integrated with any computing device. The various mechanisms shown in FIG. 1 and elsewhere in the application could be implemented in software, hardware, firmware or combinations thereof and included in the storage device 102, with each storage device 102 having each of these mechanisms, or they could be separate from and coupled to the storage device 102, or shared with other storage devices 102, or various combinations thereof. One or more processors 104 could execute software and operate various mechanisms within the storage device 102. The storage device 102 has memory 106, which includes, in some embodiments, a header section 116, a metadata 118 section, and a data storage 120. A secret generator 108 can generate secrets, and regenerate secrets from shares. As noted above, a secret can be split into shares and each share may be referred to as a part of a secret or a piece of a secret in some embodiments. A share splitter 110 splits a secret into shares. Secrets, and shares, could be for example binary, octal, decimal or hexadecimal numbers, alphanumeric strings, or other combinations of bits or symbols. An encryption/decryption unit 112 encrypts and decrypts whatever needs encrypting or decrypting, such as in present embodiments data, a key, or shares of a secret. A communication unit 114 handles communication between storage devices 102 in the storage system, or to other devices in or external to the system, and could include a network port or other wired or wireless communication port. Multiple storage devices 102 are connected, e.g., via a network or bus, to form a storage system, in some embodiments.



FIG. 2 is a system diagram with multiple storage devices 102, generating a secret “A” 210 and shares of the secret. A secret generator 108, which could belong to one of the storage devices 102 or be a shared resource, generates secret “A” 210, for example as a random number from a seed 224 for an initial operation, or in an ongoing operation from a long-ago seed 224 in some embodiments. Each new secret could be independent of previous secrets, or could be based on one or more of them, e.g., as a seed 224, in various embodiments. There are many techniques for generating secrets and shares of secrets, and present embodiments are not dependent on which method or mechanism is used for generating secrets, nor should the following examples be seen as limiting as other known techniques for generating secrets and shares of secrets may be integrated with the embodiments. A key encrypting key container could be used as a secret, as could a key encrypting key plus a version number, or a data encryption key. Shares of a secret could be generated using linear interpolation in some embodiments. In other examples, shares of a secret could be generated using Reed Solomon coding, throwing away original data and keeping only the erasure coding, or shares of a secret can be generated using exclusive or (XOR) operations in some embodiments. The share splitter 110 splits the secret “A” into shares “A0” 212, “A1” 214, “A2” 216, “A3” 218, “A4” 220 and “A5” 222, each of which is sent to a storage device 102. As noted above, each of the shares 212-222 may be referred to as a part of a secret or piece of a secret. The number of shares and naming convention for shares depicted is by way of example only, and should not be considered limiting. Some embodiments of the system distribute more than one share to each storage device 102. When the system is satisfied that the shares of secret “A” 210 are all successfully distributed to storage devices 102, the system can use the secret “A” 210 to encrypt a key 204.


The (unencrypted) key 204 is used to encrypt data 202. For example, a storage device 102 could input the data 202 and the key 204 into an encryption/decryption unit 112, which then outputs data encrypted by the key 206 (i.e., data 202, as encrypted by the key 204). The storage device 102 can then store the encrypted data 206. To lock the key 204, the storage device 102 inputs the key 204 and the secret “A” 210 into the same or another encryption/decryption unit 112, which then outputs the key encrypted by the secret “A” 208 in some embodiments. As a result of these operations, the storage device now stores encrypted data and has a locked or encrypted key, and shares of the secret are distributed to storage devices 102 throughout the system. The other storage devices 102 can perform similar operations with the data those storage devices store. Thus, the system now has encrypted data, one or more locked keys 204 (which could be the same key 204 or differing keys 204 across the system), and a shared secret. Referring back to FIG. 1, each storage device 102 could store an encrypted key (e.g., a key encrypted by secret “A” 208), and one or more shares, in the header section 116 of memory 106, and store encrypted data in the data storage 120 in some embodiments.



FIG. 3 is a system diagram with the storage devices 102 generating a secret “B” 302 and encrypting some of the shares of “B” with “A”. The system is able to decrypt data, and encrypt data, after unlocking or decrypting the key 204 (see FIG. 2). To recover the key 204, a storage device 102 gathers together as many shares of “A” 304 as are available (considering that some other storage devices 102 may be unresponsive, off-line, failed, or otherwise temporarily or permanently unavailable). If all of the shares of “A” 304, or at least a minimum threshold number of the shares of “A” 304 to meet the sufficient subset of shares requirement, are available, the available shares are input into the secret generator 108 which regenerates the secret “A” 210. The storage device 102 inputs the secret “A” 210 and the key encrypted by secret “A” 208 into the same or another encryption/decryption unit 112, which outputs the decrypted key 310 (i.e., the same key 204 that was originally encrypted by the secret “A” 210). The decrypted key 310 is inserted into the same or another encryption/decryption unit 112 along with the data encrypted by key 306 (e.g., the same or other data 202 that was encrypted using the key 204 in FIG. 2), and the encryption/decryption unit 112 outputs decrypted data 308, for use or storage by the storage device 102 or elsewhere within or external to the system. The storage device 102 could also use the decrypted key 310 to encrypt further data, using the process shown in FIG. 2. The system now has a mechanism to unlock or decrypt an encrypted or locked key, and use the now-decrypted or unlocked key to decrypt or encrypt data.


Still referring to FIG. 3, to transition to a new secret, the secret generator 108 generates the secret “B” 302. The share splitter 110 splits the new secret “B” 302 into shares “B0” 312, “B1” 314, “B2” 316, “B3” 318, “B4” 320, and “B5” 322. These new shares are fed into the encryption/decryption unit 112 along with the previous or old secret “A” 210, resulting in encrypted shares “B0” 324 encrypted by “A”, encrypted shares “B1” 326 encrypted by “A”, encrypted shares “B2” 328 encrypted by “A”, encrypted shares “B3” 330 encrypted by “A”, encrypted shares “B4” 332 encrypted by “A”, and encrypted shares “B5” 334 encrypted by “A”. The new shares (from new secret “B” 302) and encrypted new shares are sent to the storage devices 102 in various combinations, which could be specific to system implementations. In some embodiments, each storage device 102 receives at least one unencrypted share based on the new secret “B” 302 and at least one encrypted but different share also based on the new secret “B” 302, e.g., a different share based on secret “B” 302 and encrypted by the old or previous secret “A” 210. In the example shown, one storage device 102 receives the share “B0” 312 and “B1” 314 encrypted by “A” 326, and the other storage devices 102 each receive a corresponding share and differing encrypted share. If any one or two storage devices 102 are unavailable at any given time, sufficient shares and encrypted shares are available to make a sufficient subset of shares for recovery of the secret, as will be shown below with reference to FIG. 4.


It should be appreciated that various combinations of sets and subsets of encrypted and unencrypted shares are possible, and it is not required that the encrypted shares be encrypted from the unencrypted shares. For example, the system could generate a set of shares (e.g., from the share splitter 110), and encrypt some of the shares while leaving others of the shares unencrypted. Alternatively, the system could generate a set of shares, keep a copy of these unencrypted shares, and encrypt the same shares. In some embodiments, a combination of the above could be applied, e.g., with some shares distributed in both encrypted and unencrypted form, and other shares distributed only in encrypted form or only in unencrypted form. The total number of shares and/or the threshold number of shares required for regeneration of a secret could be set as a system dependent or situation dependent number. Two examples are provided below for illustrative purposes.


In a first example, there are seven storage devices 102, a minimum of five shares are needed to reconstruct a secret, and some of the devices are unavailable, as shown in Table 1.
















TABLE 1





storage devices
0
1
2
3
4
5
6







shares of secret “A”
A0
A1
A2
A3
A4
A5
A6


unencrypted shares
B0
B1
B2
B3
B4




of secret “B”









encrypted shares of
A(B4, B5)
A(B5, B6)
A(B0, B6)
A(B0, B1)
A(B1, B2)




secret “B”









storage device
yes
yes
yes
yes
yes
no
no


available for writing









secret shares









storage device
yes
yes
yes
no
no
yes
yes


available for reading,









reconstructing secret










The storage devices are numbered from zero through six (see first or top row of table 1). Each of the storage devices has a share of the secret “A” (see second row of table 1). In this example the system has started distributing shares of the secret “B”, but encountered some storage devices that are unavailable (see fifth or second from the bottom row of table 2). The first five shares of the secret “B” are successfully delivered to the first five storage devices (see third row of table 1). The first five storage devices have also received encrypted shares of the secret “B” (see fourth row of table 1). So, the first storage device 102 (numbered “0”) has two encrypted shares of secret “B”, namely the B4 share encrypted by secret “A” and the B5 share encrypted by secret “A” (shown in the table as A(B4, B5)). The next four storage devices 102 each have two more encrypted shares of secret “B”. Distribution of the shares of secret “B”, in unencrypted and encrypted form, is “successful” because all but two devices have received shares, and may be recovered directly by reading shares from each of the five devices 0-4. Secret “A” can be recovered from the five storage devices that are available, by obtaining the A0, A1, A2, A3 and A4 shares of “A” from the available storage devices 102 and regenerating the secret “A”. In some embodiments, if a different set of storage devices is available, as shown in the bottom row of table 2, because the two storage devices that were off-line during the writing of the secret shares become online and two other storage devices go off-line, the secret “A” could be regenerated from the A0, A1, A2, A5, A6 shares. In this example, only the first three unencrypted shares of secret “B”, namely B0, B1 and B2, are available. Then, using the now recovered secret “A”, the system can decrypt two more shares of the secret “B” from the first storage device 102. That is, the system obtains the B4 share encrypted by secret “A” and the B5 share encrypted by secret “A”, and decrypts each of these using the secret “A”. Now, from the five recovered shares of secret “B”, namely B0, B1, B2, B4 and B5, the system regenerates the secret “B”. It should be appreciated that this example shows how a secret can be written and recovered, even though one or more storage devices are off-line during the writing of the secret, and a different one or more storage devices are off-line during the reading and recovery of the secret.


In a second example, there are again seven storage devices, a minimum of five shares are needed to reconstruct a secret, and some of the devices are unavailable during writing or reading, as shown in Table 2.
















TABLE 2





storage devices
0
1
2
3
4
5
6







shares of
A0
A1
A2
A3
A4
A5
A6


secret “A”









unencrypted
B0
B1
B2


B5
B6


shares of









secret “B”









encrypted shares
A(B7)
A(B8)
A(B9)


A(B12)
A(B13)


of secret “B”









storage device
yes
yes
yes
no
no
yes
yes


available for









writing secret









shares









storage device
yes
yes
yes
yes
yes
no
no


available for









reading,









reconstructing









secret










As in the previous example, the storage devices are numbered from zero through six (see first or top row of table 2). Each of the storage devices has a share of the secret “A” (see second row of table 2). The system has begun distributing shares of the secret “B”, but some of the storage devices are unresponsive (see fifth row of table 2). The first three shares of the secret “B” are successfully delivered to the first three storage devices, and the last two shares of the secret “B” are successfully delivered to the last two storage devices (see third row of table 2). The first three and last two storage devices have also each received one encrypted share of the secret “B” (see fourth row of table 2). So, the first storage device (numbered “0”) has one encrypted share of secret “B”, namely the B7 share encrypted by secret “A” (shown in table 2 as A(B7)). The next two storage devices each have one more encrypted share of secret “B”. Distribution of the shares of secret “B”, in unencrypted and encrypted form, is incomplete, since two devices have not received their shares, but the secret “B” is still recoverable even if there were a system crash or other failure, or different storage devices were unavailable for reading. Secret “A” can be recovered if the same five storage devices are available for reading as were available for writing the secret shares, by obtaining the A0, A1, A2, A5 and A6 shares of “A” from the available storage devices (in the sixth or last row of table 2) and regenerating the secret “A”. In some embodiments the system attempts to recover the secret “B”, but storage devices number five and six are unavailable (see sixth or last row of table 2). In this embodiment, the system could still recover the secret “A” as described above regarding table 1. It should be appreciated that the embodiments enable multiple possibilities to recover secret “B”. The system could gather five unencrypted shares of the secret “B”, namely B0, B1, B2, B5 and B6, and regenerate the secret “B” from them, if the same storage devices are available for reading as were available for writing the secret shares. The system could use the recently recovered secret “A” to decrypt one or more of the available encrypted shares of secret “B”, then combine with some of the unencrypted shares of the secret “B” until a sufficient number of shares of secret “B” is obtained to regenerate the secret “B”. This could be accomplished with unencrypted shares B0, B2, B6 and decrypted shares B8 and B9, or unencrypted shares B1 and B5 and decrypted shares B7, B8 and B9, or other combination of sufficient number of shares of secret “B” gathered from available unencrypted and decrypted shares. If storage devices numbered five and six were off-line at the time of reconstructing the secret, as shown in the sixth or bottom row of table 2, the secret “B” could be reconstructed from the unencrypted shares B0, B1, B2 and decrypted shares B7 and B8 or B9, or some other combination of five shares. By using a combination of encrypted and unencrypted shares of a secret, distributed to storage devices in various combinations, the system can recover a secret even in cases where one or more storage devices are unavailable while the encrypted and unencrypted shares are being written to storage devices, and a different one or more storage devices are unavailable while the system reconstructs the secret. Various further scenarios of storage devices being unavailable when secret shares are being written, and the same or differing storage devices being unavailable when secret shares are being read and a secret reconstructed, are readily devised in keeping with the teachings disclosed herein.



FIG. 4 is a system diagram with the storage devices 102 regenerating the secret “A” 210, decrypting encrypted shares of “B” and regenerating the secret “B” 302. Keeping in mind that one or more of the storage devices 102 may be unavailable or unresponsive at any given time, the system gathers together shares of the secret “A” 210, for example by having storage devices 102 communicate with each other. The system also gathers together encrypted and unencrypted shares of the secret “B” 302. If the system is able to gather together a sufficient subset of shares of “A” 402, i.e., anywhere from at least the threshold number of shares of secret “A” 210 needed to regenerate the secret “A” 210 up to and including all of the shares of “A”, these shares are inserted into the secret generator 108, which regenerates the secret “A” 210. If not enough shares are available, the system can wait for a period of time and retry gathering a sufficient number of shares in some embodiments. Once the secret “A” 210 is regenerated, the secret “A” 210 and the available “A” encrypted shares of “B” 404 (i.e., shares of the secret “B” 302 as encrypted by the secret “A” 210 in FIG. 3) are input into the same or a differing encryption/decryption unit 112, which produces decrypted shares of “B” 408. If the combination of the gathered unencrypted shares of “B” 406 and the now decrypted shares of “B” 408 forms a sufficient subset of shares of “B” 410 (i.e., anywhere from at least the threshold number of shares of secret “B” 302 needed to regenerate the secret “B” 302 up to and including all of the shares of “B”), a sufficient number of these shares are input into the same or a differing secret generator 108, which outputs the regenerated secret “B” 302. If not enough shares are available, the system can wait for a period of time and retry gathering a sufficient number of shares in some embodiments.



FIG. 5 is a system diagram with a storage device 102 decrypting a key using one secret, and re-encrypting the key with another secret. In some embodiments, the system determines that all storage devices 102 have received their respective (unencrypted and/or encrypted) shares of the new secret, before proceeding with re-encrypting a key 204 with a new secret. This can be accomplished using polling, acknowledgment or other communication among storage devices 102 or other members of a system. To re-encrypt the key 204, e.g., the key 204 which was used to encrypt data 202 and which was encrypted with the secret “A” in FIG. 2, the storage device 102 obtains the key encrypted by secret “A” 208. The secret “A” 210 and the key encrypted by secret “A” 208 are input into the same or a differing encryption/decryption unit 112, which outputs the decrypted key 310 (i.e., the same number, or combination of bits or symbols as the original key 204). The decrypted key 310 and the secret “B” 302 are input into the same or another encryption/decryption unit 112, which outputs the key encrypted by “B” 502. This procedure can be used iteratively, to reeencrypt a key with new secrets on an ongoing basis. Once new shares are stored and verified stored, previous versions (of shares and/or encrypted keys) can be destroyed, making share rotation possible and adding security.


With reference back to FIGS. 1-5, it is readily appreciated that present embodiments of storage devices 102 in a storage system, or other computing, communication or storage systems, could apply the above mechanisms and techniques iteratively. For example, after distributing shares of secret “B” 302 in both encrypted and unencrypted form, verifying that storage devices 102 have received respective shares, and re-encrypting the key 204 with the secret “B” 302, the system can repeat these processes for a new secret “C”, using the secret “B” as the previous or old secret. This process then repeats for the next new secret “D”, using the secret “C” as the previous or old secret, and so on. Systems that use a secret for other mechanisms or purposes may omit or modify the data encrypting and/or key encrypting processes according to designs or circumstances in some embodiments. In some versions, off-site storage is used for some of the encrypted and/or unencrypted shares. In some embodiments, the system can use new shares to regenerate further new shares for members of the system that are missing shares (whether encrypted or unencrypted), and update those members. It should be appreciated that the mechanism discussed above is faster and more reliable than updating all of the members of the system, and prevents an attack under which an attacker always keeps multiple members out of a system to prevent resharing. In a further embodiment, a master key can unlock a system with fewer members than might otherwise be required. Some of the shares can be encrypted with a key, but the key is then stored in or external to the system. By itself, the stored key cannot unlock a system member, however, the key can unlock the shares encrypted with that key. The mechanisms and techniques described herein improve reliability, security and responsiveness of a secure system, and provide a way to reliably advance to a new secret in the face of varying availability of various devices in the system while maintaining security against theft or unauthorized access of portions of the system.



FIG. 6 is a flow diagram of a method for secret sharing, which can be practiced by one or more processors of a computing, communication or storage system. The method can be practiced on or by embodiments of the storage device as described above or any other computing device. In an action 602, shares are generated from a new secret. A subset of the shares is encrypted, using a previous secret, in an action 604. Unencrypted and encrypted shares are distributed, in an action 606. The shares that are encrypted could be the same as, or different from, some or all of the unencrypted shares, in various embodiments of the method.


To later recover the new secret, the previous secret is regenerated in an action 608. The previous secret is regenerated from a sufficient subset of shares of the previous secret. This would be a threshold number of shares of the previous secret, or all of the shares of the previous secret, or any number of shares in between these two numbers of shares. The encrypted shares of the new secret are decrypted, using the previous secret, in an action 610. In an action 612, the new secret is regenerated, from a sufficient subset of shares. This would be a threshold number of shares of the new secret, or all of the shares of the new secret, or any number of shares in between these two numbers of shares, from the combination of the gathered available unencrypted shares and the decrypted shares from the gathered available encrypted shares.


It should be appreciated that the methods described herein may be performed with a digital processing system, such as a conventional, general-purpose computer system. Special purpose computers, which are designed or programmed to perform only one function may be used in the alternative. FIG. 7 is an illustration showing an exemplary computing device which may implement the embodiments described herein. The computing device of FIG. 7 may be used to perform embodiments of the functionality for resharing of a split secret in accordance with some embodiments. The computing device includes a central processing unit (CPU) 701, which is coupled through a bus 705 to a memory 703, and mass storage device 707. Mass storage device 707 represents a persistent data storage device such as a floppy disc drive or a fixed disc drive, which may be local or remote in some embodiments. The mass storage device 707 could implement a backup storage, in some embodiments. Memory 703 may include read only memory, random access memory, etc. Applications resident on the computing device may be stored on or accessed via a computer readable medium such as memory 703 or mass storage device 707 in some embodiments. Applications may also be in the form of modulated electronic signals modulated accessed via a network modem or other network interface of the computing device. It should be appreciated that CPU 701 may be embodied in a general-purpose processor, a special purpose processor, or a specially programmed logic device in some embodiments.


Display 711 is in communication with CPU 701, memory 703, and mass storage device 707, through bus 705. Display 711 is configured to display any visualization tools or reports associated with the system described herein. Input/output device 709 is coupled to bus 705 in order to communicate information in command selections to CPU 701. It should be appreciated that data to and from external devices may be communicated through the input/output device 709. CPU 701 can be defined to execute the functionality described herein to enable the functionality described with reference to FIGS. 1-6. The code embodying this functionality may be stored within memory 703 or mass storage device 707 for execution by a processor such as CPU 701 in some embodiments. The operating system on the computing device may be MS DOS™, MS-WINDOWS™, OS/2™, UNIX™, LINUX™, or other known operating systems. It should be appreciated that the embodiments described herein may also be integrated with a virtualized computing system implemented with physical computing resources.


Detailed illustrative embodiments are disclosed herein. However, specific functional details disclosed herein are merely representative for purposes of describing embodiments. Embodiments may, however, be embodied in many alternate forms and should not be construed as limited to only the embodiments set forth herein.


It should be understood that although the terms first, second, etc. may be used herein to describe various steps or calculations, these steps or calculations should not be limited by these terms. These terms are only used to distinguish one step or calculation from another. For example, a first calculation could be termed a second calculation, and, similarly, a second step could be termed a first step, without departing from the scope of this disclosure. As used herein, the term “and/or” and the “/” symbol includes any and all combinations of one or more of the associated listed items.


As used herein, the singular forms “a”, “an” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms “comprises”, “comprising”, “includes”, and/or “including”, when used herein, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. Therefore, the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting.


It should also be noted that in some alternative implementations, the functions/acts noted may occur out of the order noted in the figures. For example, two figures shown in succession may in fact be executed substantially concurrently or may sometimes be executed in the reverse order, depending upon the functionality/acts involved.


With the above embodiments in mind, it should be understood that the embodiments might employ various computer-implemented operations involving data stored in computer systems. These operations are those requiring physical manipulation of physical quantities. Usually, though not necessarily, these quantities take the form of electrical or magnetic signals capable of being stored, transferred, combined, compared, and otherwise manipulated. Further, the manipulations performed are often referred to in terms, such as producing, identifying, determining, or comparing. Any of the operations described herein that form part of the embodiments are useful machine operations. The embodiments also relate to a device or an apparatus for performing these operations. The apparatus can be specially constructed for the required purpose, or the apparatus can be a general-purpose computer selectively activated or configured by a computer program stored in the computer. In particular, various general-purpose machines can be used with computer programs written in accordance with the teachings herein, or it may be more convenient to construct a more specialized apparatus to perform the required operations.


A module, an application, a layer, an agent or other method-operable entity could be implemented as hardware, firmware, or a processor executing software, or combinations thereof. It should be appreciated that, where a software-based embodiment is disclosed herein, the software can be embodied in a physical machine such as a controller. For example, a controller could include a first module and a second module. A controller could be configured to perform various actions, e.g., of a method, an application, a layer or an agent.


The embodiments can also be embodied as computer readable code on a tangible non-transitory computer readable medium. The computer readable medium is any data storage device that can store data, which can be thereafter read by a computer system. Examples of the computer readable medium include hard drives, network attached storage (NAS), read-only memory, random-access memory, CD-ROMs, CD-Rs, CD-RWs, magnetic tapes, and other optical and non-optical data storage devices. The computer readable medium can also be distributed over a network coupled computer system so that the computer readable code is stored and executed in a distributed fashion. Embodiments described herein may be practiced with various computer system configurations including hand-held devices, tablets, microprocessor systems, microprocessor-based or programmable consumer electronics, minicomputers, mainframe computers and the like. The embodiments can also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a wire-based or wireless network.


Although the method operations were described in a specific order, it should be understood that other operations may be performed in between described operations, described operations may be adjusted so that they occur at slightly different times or the described operations may be distributed in a system which allows the occurrence of the processing operations at various intervals associated with the processing.


In various embodiments, one or more portions of the methods and mechanisms described herein may form part of a cloud-computing environment. In such embodiments, resources may be provided over the Internet as services according to one or more various models. Such models may include Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). In IaaS, computer infrastructure is delivered as a service. In such a case, the computing equipment is generally owned and operated by the service provider. In the PaaS model, software tools and underlying equipment used by developers to develop software solutions may be provided as a service and hosted by the service provider. SaaS typically includes a service provider licensing software as a service on demand. The service provider may host the software, or may deploy the software to a customer for a given period of time. Numerous combinations of the above models are possible and are contemplated.


Various units, circuits, or other components may be described or claimed as “configured to” perform a task or tasks. In such contexts, the phrase “configured to” is used to connote structure by indicating that the units/circuits/components include structure (e.g., circuitry) that performs the task or tasks during operation. As such, the unit/circuit/component can be said to be configured to perform the task even when the specified unit/circuit/component is not currently operational (e.g., is not on). The units/circuits/components used with the “configured to” language include hardware—for example, circuits, memory storing program instructions executable to implement the operation, etc. Reciting that a unit/circuit/component is “configured to” perform one or more tasks is expressly intended not to invoke 35 U.S.C. 112, sixth paragraph, for that unit/circuit/component. Additionally, “configured to” can include generic structure (e.g., generic circuitry) that is manipulated by software and/or firmware (e.g., an FPGA or a general-purpose processor executing software) to operate in manner that is capable of performing the task(s) at issue. “Configured to” may also include adapting a manufacturing process (e.g., a semiconductor fabrication facility) to fabricate devices (e.g., integrated circuits) that are adapted to implement or perform one or more tasks.


The foregoing description, for the purpose of explanation, has been described with reference to specific embodiments. However, the illustrative discussions above are not intended to be exhaustive or to limit the invention to the precise forms disclosed. Many modifications and variations are possible in view of the above teachings. The embodiments were chosen and described in order to best explain the principles of the embodiments and its practical applications, to thereby enable others skilled in the art to best utilize the embodiments and various modifications as may be suited to the particular use contemplated. Accordingly, the present embodiments are to be considered as illustrative and not restrictive, and the invention is not to be limited to the details given herein, but may be modified within the scope and equivalents of the appended claims.

Claims
  • 1. A method, comprising: distributing unencrypted shares of a first secret and encrypted shares of the first secret to storage devices of a storage system;regenerating the first secret from at least a subset of a combination of distributed unencrypted shares of the first secret and distributed encrypted shares of the first secret, wherein the encrypted shares are decrypted utilizing a second secret for regeneration of the first secret; andregenerating the second secret from a subset of shares of the second secret.
  • 2. The method of claim 1, wherein regenerating the first secret and regenerating the second secret are responsive to a power loss.
  • 3. The method of claim 1, further comprising: encrypting a key, using the first secret, in response to determining that all members of the computing system have received the distributed shares of the first secret.
  • 4. The method of claim 1, further comprising: decrypting an encrypted data encryption key, using the first secret.
  • 5. The method of claim 1, further comprising: distributing at least one regenerated share of the first secret to at least one storage device that does not have a share of the first secret.
  • 6. The method of claim 1, further comprising: deleting the first secret, responsive to determining whether all storage devices have received shares of the first secret.
  • 7. The method of claim 1, further comprising: iterating the distributing and regenerating for a plurality of further secrets, wherein each storage device of the storage system receives an unencrypted share of the first secret and an encrypted, differing share of the first secret.
  • 8. A tangible, non-transitory, computer-readable media having instructions thereupon which, when executed by a processor, cause the processor to perform a method comprising: distributing unencrypted shares of a first secret and encrypted shares of the first secret to storage devices of a storage system;regenerating the first secret from at least a subset of a combination of distributed unencrypted shares of the first secret and distributed encrypted shares of the first secret, wherein the encrypted shares are decrypted utilizing a second secret for regeneration of the first secret; andregenerating the second secret from a subset of shares of the second secret.
  • 9. The computer-readable media of claim 8, wherein each storage device of the storage system receives an unencrypted share of the first secret and an encrypted, differing share of the first secret.
  • 10. The computer-readable media of claim 8, wherein the method further comprises: encrypting a key, using the first secret, in response to determining that all storage devices have received the distributed shares of the first secret.
  • 11. The computer-readable media of claim 8, wherein the method further comprises: decrypting an encrypted data encryption key, using the first secret.
  • 12. The computer-readable media of claim 8, wherein the method further comprises: distributing at least one regenerated share of the first secret to at least one storage device that does not have a share of the first secret.
  • 13. The computer-readable media of claim 8, wherein the method further comprises: deleting the second secret, responsive to determining all storage devices have received shares of the first secret.
  • 14. The computer-readable media of claim 8, wherein the distributing includes sending at least one share of the first secret to off-site storage.
  • 15. The computer-readable media of claim 8, wherein the method further comprises: iterating the distributing and regenerating for a plurality of further secrets.
  • 16. A computing system with a shared secret, comprising: a secret generator, configured to generate and regenerate secrets;an encryption/decryption unit, configured to encrypt and decrypt; andone or more processors, configured to perform actions comprising: distributing unencrypted shares of a first secret and encrypted shares of the first secret to storage devices of a storage system;regenerating the first secret from at least a subset of a combination of distributed unencrypted shares of the first secret and distributed encrypted shares of the first secret, wherein the encrypted shares are decrypted utilizing a second secret for regeneration of the first secret; andregenerating the second secret from a subset of shares of the second secret.
  • 17. The computing system of claim 16, further comprising: a memory having a header section configured to store keys and shares of secrets, and a data storage configured for storage of encrypted data, distinct from the header section.
  • 18. The computing system of claim 16, wherein each storage device receives an unencrypted share of the first secret and an encrypted, differing share of the first secret.
  • 19. The computing system of claim 16, wherein the actions further comprise: encrypting a key, using the first secret, in response to determining that all storage devices have received the distributed shares of the first secret.
  • 20. The computing system of claim 16, wherein the actions further comprise: deleting the second secret, responsive to determining all storage devices have received shares of the first secret.
US Referenced Citations (482)
Number Name Date Kind
5241597 Bright Aug 1993 A
5390327 Lubbers et al. Feb 1995 A
5450581 Bergen et al. Sep 1995 A
5479653 Jones Dec 1995 A
5488731 Mendelsohn Jan 1996 A
5504858 Ellis et al. Apr 1996 A
5564113 Bergen et al. Oct 1996 A
5574882 Menon et al. Nov 1996 A
5649093 Hanko et al. Jul 1997 A
5870473 Boesch Feb 1999 A
5883909 Dekoning et al. Mar 1999 A
6000010 Legg Dec 1999 A
6260156 Garvin et al. Jul 2001 B1
6269453 Krantz Jul 2001 B1
6275898 DeKoning Aug 2001 B1
6453428 Stephenson Sep 2002 B1
6523087 Busser Feb 2003 B2
6535417 Tsuda Mar 2003 B2
6643748 Wieland Nov 2003 B1
6725392 Frey et al. Apr 2004 B1
6763455 Hall Jul 2004 B2
6836816 Kendall Dec 2004 B2
6985995 Holland et al. Jan 2006 B2
7032125 Holt et al. Apr 2006 B2
7047358 Lee et al. May 2006 B2
7051155 Talagala et al. May 2006 B2
7055058 Lee et al. May 2006 B2
7065617 Wang Jun 2006 B2
7069383 Yamamoto et al. Jun 2006 B2
7076606 Orsley Jul 2006 B2
7107480 Moshayedi et al. Sep 2006 B1
7159150 Kenchammana-Hosekote et al. Jan 2007 B2
7162575 Dalal et al. Jan 2007 B2
7164608 Lee Jan 2007 B2
7188270 Nanda et al. Mar 2007 B1
7334156 Land et al. Feb 2008 B2
7370220 Nguyen et al. May 2008 B1
7386666 Beauchamp et al. Jun 2008 B1
7398285 Kisley Jul 2008 B2
7424498 Patterson Sep 2008 B1
7424592 Karr Sep 2008 B1
7444532 Masuyama et al. Oct 2008 B2
7480658 Heinla et al. Jan 2009 B2
7484056 Madnani et al. Jan 2009 B2
7484057 Madnani et al. Jan 2009 B1
7484059 Ofer et al. Jan 2009 B1
7536506 Ashmore et al. May 2009 B2
7558859 Kasiolas Jul 2009 B2
7565446 Talagala et al. Jul 2009 B2
7613947 Coatney Nov 2009 B1
7634617 Misra Dec 2009 B2
7634618 Misra Dec 2009 B2
7681104 Sim-Tang et al. Mar 2010 B1
7681105 Sim-Tang et al. Mar 2010 B1
7681109 Yang et al. Mar 2010 B2
7730257 Franklin Jun 2010 B2
7730258 Smith Jun 2010 B1
7730274 Usgaonkar Jun 2010 B1
7743276 Jacobsen et al. Jun 2010 B2
7752489 Deenadhayalan et al. Jul 2010 B2
7757038 Kitahara Jul 2010 B2
7757059 Ofer et al. Jul 2010 B1
7778960 Chatterjee et al. Aug 2010 B1
7783955 Haratsch et al. Aug 2010 B2
7814272 Barrall et al. Oct 2010 B2
7814273 Barrall Oct 2010 B2
7818531 Barrall Oct 2010 B2
7827351 Suetsugu et al. Nov 2010 B2
7827439 Matthew et al. Nov 2010 B2
7831768 Ananthamurthy et al. Nov 2010 B2
7856583 Smith Dec 2010 B1
7870105 Arakawa et al. Jan 2011 B2
7873878 Belluomini et al. Jan 2011 B2
7885938 Greene et al. Feb 2011 B1
7886111 Klemm et al. Feb 2011 B2
7908448 Chatterjee et al. Mar 2011 B1
7916538 Jeon et al. Mar 2011 B2
7921268 Jakob Apr 2011 B2
7930499 Duchesne Apr 2011 B2
7941697 Mathew et al. May 2011 B2
7958303 Shuster Jun 2011 B2
7971129 Watson Jun 2011 B2
7975115 Wayda Jul 2011 B2
7984016 Kisley Jul 2011 B2
7991822 Bish et al. Aug 2011 B2
8006126 Deenadhayalan et al. Aug 2011 B2
8010485 Chatterjee et al. Aug 2011 B1
8010829 Chatterjee et al. Aug 2011 B1
8020047 Courtney Sep 2011 B2
8046548 Chatterjee et al. Oct 2011 B1
8051361 Sim-Tang et al. Nov 2011 B2
8051362 Li et al. Nov 2011 B2
8074038 Lionetti et al. Dec 2011 B2
8082393 Galloway et al. Dec 2011 B2
8086603 Nasre et al. Dec 2011 B2
8086634 Mimatsu Dec 2011 B2
8086911 Taylor Dec 2011 B1
8090837 Shin et al. Jan 2012 B2
8108502 Tabbara et al. Jan 2012 B2
8117388 Jernigan, IV Feb 2012 B2
8117521 Yang et al. Feb 2012 B2
8140821 Raizen et al. Mar 2012 B1
8145838 Miller et al. Mar 2012 B1
8145840 Koul et al. Mar 2012 B2
8175012 Haratsch et al. May 2012 B2
8176360 Frost et al. May 2012 B2
8176405 Hafner et al. May 2012 B2
8180855 Aiello et al. May 2012 B2
8200922 McKean et al. Jun 2012 B2
8209469 Carpenter et al. Jun 2012 B2
8225006 Karamcheti Jul 2012 B1
8239618 Kotzur et al. Aug 2012 B2
8244999 Chatterjee et al. Aug 2012 B1
8261016 Goel Sep 2012 B1
8271455 Kesselman Sep 2012 B2
8285686 Kesselman Oct 2012 B2
8305811 Jeon Nov 2012 B2
8315999 Chatley et al. Nov 2012 B2
8327080 Der Dec 2012 B1
8335769 Kesselman Dec 2012 B2
8341118 Drobychev et al. Dec 2012 B2
8351290 Huang et al. Jan 2013 B1
8364920 Parkison et al. Jan 2013 B1
8364967 Sudia Jan 2013 B2
8365041 Chu et al. Jan 2013 B2
8375146 Sinclair Feb 2013 B2
8397016 Talagala et al. Mar 2013 B2
8402152 Duran Mar 2013 B2
8412880 Leibowitz et al. Apr 2013 B2
8423739 Ash et al. Apr 2013 B2
8429436 Filingim et al. Apr 2013 B2
8452928 Ofer et al. May 2013 B1
8473698 Lionetti et al. Jun 2013 B2
8473778 Simitci Jun 2013 B2
8473815 Yu et al. Jun 2013 B2
8479037 Chatterjee et al. Jul 2013 B1
8484414 Sugimoto et al. Jul 2013 B2
8495472 Magerramov Jul 2013 B1
8498967 Chatterjee et al. Jul 2013 B1
8504797 Mimatsu Aug 2013 B2
8522073 Cohen Aug 2013 B2
8533408 Madnani et al. Sep 2013 B1
8533527 Daikokuya et al. Sep 2013 B2
8539177 Ofer et al. Sep 2013 B1
8544029 Bakke et al. Sep 2013 B2
8549224 Zeryck et al. Oct 2013 B1
8583861 Ofer et al. Nov 2013 B1
8589625 Colgrove et al. Nov 2013 B2
8595455 Chatterjee et al. Nov 2013 B2
8615599 Takefman et al. Dec 2013 B1
8627136 Shankar et al. Jan 2014 B2
8627138 Clark Jan 2014 B1
8639669 Douglis et al. Jan 2014 B1
8639863 Kanapathippillai et al. Jan 2014 B1
8640000 Cypher Jan 2014 B1
8650343 Kanapathippillai et al. Feb 2014 B1
8660131 Vermunt et al. Feb 2014 B2
8661218 Piszczek et al. Feb 2014 B1
8671072 Shah et al. Mar 2014 B1
8689042 Kanapathippillai et al. Apr 2014 B1
8700875 Barron et al. Apr 2014 B1
8706694 Chatterjee et al. Apr 2014 B2
8706914 Duchesneau Apr 2014 B2
8706932 Kanapathippillai et al. Apr 2014 B1
8712963 Douglis et al. Apr 2014 B1
8713405 Healey et al. Apr 2014 B2
8719621 Karmarkar May 2014 B1
8725730 Keeton et al. May 2014 B2
8751859 Becker-szendy et al. Jun 2014 B2
8756387 Frost et al. Jun 2014 B2
8762793 Grube et al. Jun 2014 B2
8838541 Camble et al. Jun 2014 B2
8769232 Suryabudi et al. Jul 2014 B2
8775858 Gower et al. Jul 2014 B2
8775868 Colgrove et al. Jul 2014 B2
8788913 Xin et al. Jul 2014 B1
8793447 Usgaonkar et al. Jul 2014 B2
8799746 Baker et al. Aug 2014 B2
8819311 Liao Aug 2014 B2
8819383 Jobanputra et al. Aug 2014 B1
8822155 Sukumar Sep 2014 B2
8824261 Miller et al. Sep 2014 B1
8832528 Thatcher et al. Sep 2014 B2
8838892 Li Sep 2014 B2
8843700 Salessi et al. Sep 2014 B1
8850108 Hayes et al. Sep 2014 B1
8850288 Lazier et al. Sep 2014 B1
8856593 Eckhardt et al. Oct 2014 B2
8856619 Cypher Oct 2014 B1
8862617 Kesselman Oct 2014 B2
8862847 Feng et al. Oct 2014 B2
8862928 Xavier et al. Oct 2014 B2
8868825 Hayes Oct 2014 B1
8874836 Hayes Oct 2014 B1
8880793 Nagineni Nov 2014 B2
8880825 Lionetti et al. Nov 2014 B2
8886778 Nedved et al. Nov 2014 B2
8898383 Yamamoto et al. Nov 2014 B2
8898388 Kimmel Nov 2014 B1
8904231 Coatney et al. Dec 2014 B2
8918478 Ozzie et al. Dec 2014 B2
8930307 Colgrove et al. Jan 2015 B2
8930633 Amit et al. Jan 2015 B2
8943357 Atzmony Jan 2015 B2
8949502 McKnight et al. Feb 2015 B2
8959110 Smith et al. Feb 2015 B2
8959388 Kuang et al. Feb 2015 B1
8972478 Storer et al. Mar 2015 B1
8972779 Lee et al. Mar 2015 B2
8977597 Ganesh et al. Mar 2015 B2
8996828 Kalos et al. Mar 2015 B2
9003144 Hayes et al. Apr 2015 B1
9009724 Gold et al. Apr 2015 B2
9021053 Bernbo et al. Apr 2015 B2
9021215 Meir et al. Apr 2015 B2
9025393 Wu May 2015 B2
9043372 Makkar et al. May 2015 B2
9047214 Sharon et al. Jun 2015 B1
9053808 Sprouse Jun 2015 B2
9058155 Cepulis et al. Jun 2015 B2
9063895 Madnani et al. Jun 2015 B1
9063896 Madnani et al. Jun 2015 B1
9098211 Madnani et al. Aug 2015 B1
9110898 Chamness et al. Aug 2015 B1
9110964 Shilane et al. Aug 2015 B1
9116819 Cope et al. Aug 2015 B2
9117536 Yoon Aug 2015 B2
9122401 Zaltsman et al. Sep 2015 B2
9123422 Sharon et al. Sep 2015 B2
9124300 Olbrich et al. Sep 2015 B2
9134908 Horn et al. Sep 2015 B2
9153337 Sutardja Oct 2015 B2
9158472 Kesselman et al. Oct 2015 B2
9159422 Lee et al. Oct 2015 B1
9164891 Karamcheti et al. Oct 2015 B2
9183136 Kawamura et al. Nov 2015 B2
9189650 Jaye et al. Nov 2015 B2
9201733 Verma Dec 2015 B2
9207876 Shu et al. Dec 2015 B2
9229656 Contreras et al. Jan 2016 B1
9229810 He et al. Jan 2016 B2
9235475 Shilane et al. Jan 2016 B1
9244626 Shah et al. Jan 2016 B2
9250687 Aswadhati Feb 2016 B1
9250999 Barroso Feb 2016 B1
9251066 Colgrove et al. Feb 2016 B2
9268648 Barash et al. Feb 2016 B1
9268806 Kesselman et al. Feb 2016 B1
9275063 Natanzon Mar 2016 B1
9280678 Redberg Mar 2016 B2
9286002 Karamcheti et al. Mar 2016 B1
9292214 Kalos et al. Mar 2016 B2
9298760 Li et al. Mar 2016 B1
9304908 Karamcheti et al. Apr 2016 B1
9311969 Murin Apr 2016 B2
9311970 Sharon et al. Apr 2016 B2
9323663 Karamcheti et al. Apr 2016 B2
9323667 Bennett Apr 2016 B2
9323681 Apostolides et al. Apr 2016 B2
9335942 Kumar et al. May 2016 B2
9348538 Mallaiah et al. May 2016 B2
9355022 Ravimohan et al. May 2016 B2
9384082 Lee et al. Jul 2016 B1
9384252 Akirav et al. Jul 2016 B2
9389958 Sundaram et al. Jul 2016 B2
9390019 Patterson et al. Jul 2016 B2
9395922 Nishikido Jul 2016 B2
9396202 Drobychev et al. Jul 2016 B1
9400828 Kesselman et al. Jul 2016 B2
9405478 Koseki et al. Aug 2016 B2
9411685 Lee Aug 2016 B2
9417960 Klein Aug 2016 B2
9417963 He et al. Aug 2016 B2
9430250 Hamid et al. Aug 2016 B2
9430542 Akirav et al. Aug 2016 B2
9432541 Ishida Aug 2016 B2
9454434 Sundaram et al. Sep 2016 B2
9471579 Natanzon Oct 2016 B1
9477554 Chamness et al. Oct 2016 B2
9477632 Du Oct 2016 B2
9501398 George et al. Nov 2016 B2
9525737 Friedman Dec 2016 B2
9529542 Friedman et al. Dec 2016 B2
9535631 Fu et al. Jan 2017 B2
9552248 Miller et al. Jan 2017 B2
9552291 Munetoh et al. Jan 2017 B2
9552299 Stalzer Jan 2017 B2
9563517 Natanzon et al. Feb 2017 B1
9588698 Karamcheti et al. Mar 2017 B1
9588712 Kalos et al. Mar 2017 B2
9594652 Sathiamoorthy et al. Mar 2017 B1
9600193 Ahrens et al. Mar 2017 B2
9619321 Sharon et al. Apr 2017 B1
9619430 Kannan et al. Apr 2017 B2
9645754 Li et al. May 2017 B2
9667720 Bent et al. May 2017 B1
9673975 Machani Jun 2017 B1
9710535 Aizman et al. Jul 2017 B2
9733840 Karamcheti et al. Aug 2017 B2
9734225 Akirav et al. Aug 2017 B2
9740403 Storer et al. Aug 2017 B2
9740700 Chopra et al. Aug 2017 B1
9740762 Horowitz et al. Aug 2017 B2
9747319 Bestler et al. Aug 2017 B2
9747320 Kesselman Aug 2017 B2
9767130 Bestler et al. Sep 2017 B2
9781227 Friedman et al. Oct 2017 B2
9785498 Misra et al. Oct 2017 B2
9798486 Singh Oct 2017 B1
9804925 Carmi et al. Oct 2017 B1
9811285 Karamcheti et al. Nov 2017 B1
9811546 Bent et al. Nov 2017 B1
9818478 Chung Nov 2017 B2
9829066 Thomas et al. Nov 2017 B2
9836245 Hayes et al. Dec 2017 B2
9864874 Shanbhag Jan 2018 B1
9891854 Munetoh et al. Feb 2018 B2
9891860 Delgado et al. Feb 2018 B1
9892005 Kedem et al. Feb 2018 B2
9892186 Akirav et al. Feb 2018 B2
9904589 Donlan et al. Feb 2018 B1
9904717 Anglin et al. Feb 2018 B2
9952809 Shah Feb 2018 B2
9910748 Pan Mar 2018 B2
9910904 Anglin et al. Mar 2018 B2
9934237 Shilane et al. Apr 2018 B1
9940065 Kalos et al. Apr 2018 B2
9946604 Glass Apr 2018 B1
9959167 Donlan et al. May 2018 B1
9965539 D'halluin et al. May 2018 B2
9998539 Brock et al. Jun 2018 B1
10007457 Hayes et al. Jun 2018 B2
10013177 Liu et al. Jul 2018 B2
10013311 Sundaram et al. Jul 2018 B2
10019314 Litsyn et al. Jul 2018 B2
10019317 Usvyatsky et al. Jul 2018 B2
10025673 Maccanti Jul 2018 B1
10031703 Natanzon et al. Jul 2018 B1
10061512 Chu et al. Aug 2018 B2
10070310 Powell Sep 2018 B2
10073626 Karamcheti et al. Sep 2018 B2
10082985 Hayes et al. Sep 2018 B2
10089012 Chen et al. Oct 2018 B1
10089174 Lin Oct 2018 B2
10089176 Donlan et al. Oct 2018 B1
10102356 Sahin Oct 2018 B1
10108819 Donlan et al. Oct 2018 B1
10146787 Bashyam et al. Dec 2018 B2
10152268 Chakraborty et al. Dec 2018 B1
10157098 Chung et al. Dec 2018 B2
10162704 Kirschner et al. Dec 2018 B1
10180875 Northcott Jan 2019 B2
10185495 Katsuki Jan 2019 B2
10185730 Bestler et al. Jan 2019 B2
10235065 Miller et al. Mar 2019 B1
10324639 Seo Jun 2019 B2
10567406 Astigarraga Feb 2020 B2
10810088 Gu Oct 2020 B1
10846137 Vallala Nov 2020 B2
10877683 Wu Dec 2020 B2
11106810 Natanzon Aug 2021 B2
20020144059 Kendall Oct 2002 A1
20030105984 Masuyama et al. Jun 2003 A1
20030110205 Johnson Jun 2003 A1
20040161086 Buntin et al. Aug 2004 A1
20050001652 Malik et al. Jan 2005 A1
20050076228 Davis et al. Apr 2005 A1
20050235132 Karr et al. Oct 2005 A1
20050278460 Shin et al. Dec 2005 A1
20050283649 Turner et al. Dec 2005 A1
20060015683 Ashmore et al. Jan 2006 A1
20060114930 Lucas et al. Jun 2006 A1
20060174157 Barrall et al. Aug 2006 A1
20060248294 Nedved et al. Nov 2006 A1
20070079068 Draggon Apr 2007 A1
20070214194 Reuter Sep 2007 A1
20070214314 Reuter Sep 2007 A1
20070234016 Davis et al. Oct 2007 A1
20070268905 Baker et al. Nov 2007 A1
20080080709 Michtchenko et al. Apr 2008 A1
20080107274 Worthy May 2008 A1
20080155191 Anderson et al. Jun 2008 A1
20080295118 Liao Nov 2008 A1
20090077208 Nguyen et al. Mar 2009 A1
20090138654 Sutardja May 2009 A1
20090216910 Duchesneau Aug 2009 A1
20090216920 Lauterbach et al. Aug 2009 A1
20100017444 Chatterjee et al. Jan 2010 A1
20100042636 Lu Feb 2010 A1
20100094806 Apostolides et al. Apr 2010 A1
20100115070 Missimilly May 2010 A1
20100125695 Wu et al. May 2010 A1
20100162076 Sim-Tang et al. Jun 2010 A1
20100169707 Mathew et al. Jul 2010 A1
20100174576 Naylor Jul 2010 A1
20100268908 Ouyang et al. Oct 2010 A1
20110035540 Fitzgerald Feb 2011 A1
20110040925 Frost et al. Feb 2011 A1
20110060927 Fillingim et al. Mar 2011 A1
20110119462 Leach et al. May 2011 A1
20110219170 Frost et al. Sep 2011 A1
20110238625 Hamaguchi et al. Sep 2011 A1
20110264843 Haines et al. Oct 2011 A1
20110302369 Goto et al. Dec 2011 A1
20120011398 Eckhardt Jan 2012 A1
20120079318 Colgrove et al. Mar 2012 A1
20120089567 Takahashi et al. Apr 2012 A1
20120110249 Jeong et al. May 2012 A1
20120131253 McKnight May 2012 A1
20120158923 Mohamed et al. Jun 2012 A1
20120191900 Kunimatsu et al. Jul 2012 A1
20120198152 Terry et al. Aug 2012 A1
20120198261 Brown et al. Aug 2012 A1
20120209943 Jung Aug 2012 A1
20120226934 Rao Sep 2012 A1
20120246435 Meir et al. Sep 2012 A1
20120260055 Murase Oct 2012 A1
20120311557 Resch Dec 2012 A1
20130022201 Glew et al. Jan 2013 A1
20130036314 Glew et al. Feb 2013 A1
20130042056 Shats Feb 2013 A1
20130060884 Bernbo et al. Mar 2013 A1
20130067188 Mehra et al. Mar 2013 A1
20130073894 Xavier et al. Mar 2013 A1
20130124776 Hallak et al. May 2013 A1
20130132800 Healy et al. May 2013 A1
20130151653 Sawiki Jun 2013 A1
20130151771 Tsukahara et al. Jun 2013 A1
20130173853 Ungureanu et al. Jul 2013 A1
20130238554 Yucel et al. Sep 2013 A1
20130339314 Carpenter et al. Dec 2013 A1
20130339635 Amit et al. Dec 2013 A1
20130339818 Baker et al. Dec 2013 A1
20140040535 Lee Feb 2014 A1
20140040702 He et al. Feb 2014 A1
20140047263 Coatney et al. Feb 2014 A1
20140047269 Kim Feb 2014 A1
20140063721 Herman et al. Mar 2014 A1
20140064048 Cohen et al. Mar 2014 A1
20140068224 Fan et al. Mar 2014 A1
20140075252 Luo et al. Mar 2014 A1
20140122510 Namkoong et al. May 2014 A1
20140136880 Shankar et al. May 2014 A1
20140181402 White Jun 2014 A1
20140237164 Le et al. Aug 2014 A1
20140279936 Bernbo et al. Sep 2014 A1
20140280025 Eidson et al. Sep 2014 A1
20140289588 Nagadomi et al. Sep 2014 A1
20140330785 Isherwood et al. Nov 2014 A1
20140372838 Lou et al. Dec 2014 A1
20140380125 Calder et al. Dec 2014 A1
20140380126 Yekhanin et al. Dec 2014 A1
20150032720 James Jan 2015 A1
20150039645 Lewis Feb 2015 A1
20150039849 Lewis Feb 2015 A1
20150089283 Kermarrec et al. Mar 2015 A1
20150100746 Rychlik Apr 2015 A1
20150134824 Mickens May 2015 A1
20150153800 Lucas et al. Jun 2015 A1
20150180714 Chunn Jun 2015 A1
20150270955 Arnold Sep 2015 A1
20150280959 Vincent Oct 2015 A1
20160246537 Kim Feb 2016 A1
20160171227 Margolin Jun 2016 A1
20160191508 Bestler et al. Jun 2016 A1
20160283937 Reese Sep 2016 A1
20160378612 Hipsh et al. Dec 2016 A1
20170091236 Hayes et al. Mar 2017 A1
20170103092 Hu et al. Apr 2017 A1
20170103094 Hu et al. Apr 2017 A1
20170103098 Hu et al. Apr 2017 A1
20170103116 Hu et al. Apr 2017 A1
20170177236 Cai et al. Jun 2017 A1
20180039442 Shadrin et al. Feb 2018 A1
20180081958 Akirav et al. Mar 2018 A1
20180101441 Hyun et al. Apr 2018 A1
20180101587 Anglin et al. Apr 2018 A1
20180101588 Anglin et al. Apr 2018 A1
20180217756 Liu et al. Aug 2018 A1
20180307560 Vishnumolakala et al. Oct 2018 A1
20180321874 Li et al. Nov 2018 A1
20190036703 Bestler Jan 2019 A1
Foreign Referenced Citations (6)
Number Date Country
2164006 Mar 2010 EP
2256621 Dec 2010 EP
WO 02-13033 Feb 2002 WO
WO 2008103569 Aug 2008 WO
WO 2008157081 Dec 2008 WO
WO 2013032825 Jul 2013 WO
Non-Patent Literature Citations (26)
Entry
Boloorchi et al., “An Online Threshold Key Distribution Scheme for Symmetric Key Management” [Online], Feb. 2012 [Retrieved on: Feb. 22, 2023], 3rd Conf. on Theoretical and Applied Computer Science 2012, Retrieved from: < http://www.cs.okstate.edu/tacs12/tacs2012_submission_8.pdf > (Year: 2012).
Hwang, Kai, et al. “RAID-x: A New Distributed Disk Array for I/O-Centric Cluster Computing,” HPDC '00 Proceedings of the 9th IEEE International Symposium on High Performance Distributed Computing, IEEE, 2000, pp. 279-286.
Schmid, Patrick: “RAID Scaling Charts, Part 3:4-128 kB Stripes Compared”, Tom's Hardware, Nov. 27, 2007 (http://www.tomshardware.com/reviews/RAID-SCALING-CHARTS.1735-4.html), See pp. 1-2.
Storer, Mark W. et al., “Pergamum: Replacing Tape with Energy Efficient, Reliable, Disk-Based Archival Storage,” Fast '08: 6th USENIX Conference on File and Storage Technologies, San Jose, CA, Feb. 26-29, 2008 pp. 1-16.
Ju-Kyeong Kim et al., “Data Access Frequency based Data Replication Method using Erasure Codes in Cloud Storage System”, Journal of the Institute of Electronics and Information Engineers, Feb. 2014, vol. 51, No. 2, pp. 85-91.
International Search Report and the Written Opinion of the International Searching Authority, PCT/US2015/018169, dated May 15, 2015.
International Search Report and the Written Opinion of the International Searching Authority, PCT/US2015/034302, dated Sep. 11, 2015.
International Search Report and the Written Opinion of the International Searching Authority, PCT/US2015/039135, dated Sep. 18, 2015.
International Search Report and the Written Opinion of the International Searching Authority, PCT/US2015/039136, dated Sep. 23, 2015.
International Search Report, PCT/US2015/039142, dated Sep. 24, 2015.
International Search Report, PCT/US2015/034291, dated Sep. 30, 2015.
International Search Report and the Written Opinion of the International Searching Authority, PCT/US2015/039137, dated Oct. 1, 2015.
International Search Report, PCT/US2015/044370, dated Dec. 15, 2015.
International Search Report amd the Written Opinion of the International Searching Authority, PCT/US2016/031039, dated May 5, 2016.
International Search Report, PCT/US2016/014604, dated May 19, 2016.
International Search Report, PCT/US2016/014361, dated May 30, 2016.
International Search Report, PCT/US2016/014356, dated Jun. 28, 2016.
International Search Report, PCT/US2016/014357, dated Jun. 29, 2016.
International Seach Report and the Written Opinion of the International Searching Authority, PCT/US2016/016504, dated Jul. 6, 2016.
International Seach Report and the Written Opinion of the International Searching Authority, PCT/US2016/024391, dated Jul. 12, 2016.
International Seach Report and the Written Opinion of the International Searching Authority, PCT/US2016/026529, dated Jul. 19, 2016.
International Seach Report and the Written Opinion of the International Searching Authority, PCT/US2016/023485, dated Jul. 21, 2016.
International Seach Report and the Written Opinion of the International Searching Authority, PCT/US2016/033306, dated Aug. 19, 2016.
International Seach Report and the Written Opinion of the International Searching Authority, PCT/US2016/047808, dated Nov. 25, 2016.
Stalzer, Mark A., “FlashBlades: System Architecture and Applications,” Proceedings of the 2nd Workshop on Architectures and Systems for Big Data, Association for Computing Machinery, New York, NY, 2012, pp. 10-14.
International Seach Report and the Written Opinion of the International Searching Authority, PCT/US2016/042147, dated Nov. 30, 2016.
Related Publications (1)
Number Date Country
20230021403 A1 Jan 2023 US
Continuations (4)
Number Date Country
Parent 17120967 Dec 2020 US
Child 17954246 US
Parent 16278551 Feb 2019 US
Child 17120967 US
Parent 15668529 Aug 2017 US
Child 16278551 US
Parent 14871662 Sep 2015 US
Child 15668529 US