Multi-key secure de-duplication using locked fingerprints

A computer-implemented method includes calculating a fingerprint of a data block, encrypting the fingerprint using a fingerprint key, and encrypting the data block using a base key and the encrypted fingerprint. The method further includes encrypting the encrypted fingerprint using the user key to g...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: HETZLER STEVEN ROBERT, HEINMANN, WILFRIED, BEST, JOHN, S
Format: Patent
Sprache:chi ; eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A computer-implemented method includes calculating a fingerprint of a data block, encrypting the fingerprint using a fingerprint key, and encrypting the data block using a base key and the encrypted fingerprint. The method further includes encrypting the encrypted fingerprint using the user key to generate a dual encrypted fingerprint, and sending the encrypted data block and the dual encrypted fingerprint to a storage system. The storage system cannot access the base key, the fingerprint key, and the user key. A computer-implemented method includes computing a fingerprint of a data block and encrypting the data block using a base key and the fingerprint. The method further includes encrypting the fingerprint using the user key and sending the encrypted data block and the encrypted fingerprint to a storage system. The storage system cannot access the base key and the user key. 一种计算机实现的方法包括计算数据块的指纹,使用指纹密钥对指纹进行加密,以及使用基密钥和经加密的指纹来加密所述数据块。该方法还包括使用用户密钥来加密经加密的指纹以生成双重加密指纹,并将加密的数据块和该双重加密指纹发送到存储系统。存储系统不能访问基密钥、指纹密钥和用户密钥