US 11,734,196 B1
Decrypting secure packages in a storage network
Gary W. Grube, Barrington Hills, IL (US); and Timothy W. Markison, Mesa, AZ (US)
Assigned to PURE STORAGE, INC., Santa Clara, CA (US)
Filed by Pure Storage, Inc., Mountain View, CA (US)
Filed on Mar. 10, 2021, as Appl. No. 17/197,807.
Application 17/197,807 is a continuation of application No. 16/040,786, filed on Jul. 20, 2018, granted, now 10,977,194.
Application 16/040,786 is a continuation in part of application No. 15/799,943, filed on Oct. 31, 2017, granted, now 10,055,283, issued on Aug. 21, 2018.
Application 15/799,943 is a continuation in part of application No. 15/345,262, filed on Nov. 7, 2016, granted, now 9,842,063, issued on Dec. 12, 2017.
Application 15/345,262 is a continuation of application No. 14/499,570, filed on Sep. 29, 2014, granted, now 9,495,240, issued on Nov. 15, 2016.
Application 14/499,570 is a continuation of application No. 13/686,827, filed on Nov. 27, 2012, granted, now 8,848,906, issued on Sep. 30, 2014.
Claims priority of provisional application 61/564,200, filed on Nov. 28, 2011.
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/30 (2006.01); H04L 29/06 (2006.01); G06F 12/14 (2006.01); H04L 9/40 (2022.01); H04L 67/306 (2022.01); H04L 67/1097 (2022.01); H04L 9/32 (2006.01); G06F 11/10 (2006.01); H04L 9/14 (2006.01); H04L 9/08 (2006.01); H04L 67/06 (2022.01); H04L 1/00 (2006.01)
CPC G06F 12/1408 (2013.01) [G06F 11/1004 (2013.01); G06F 11/1076 (2013.01); H04L 9/085 (2013.01); H04L 9/0894 (2013.01); H04L 9/14 (2013.01); H04L 9/3239 (2013.01); H04L 9/3263 (2013.01); H04L 63/061 (2013.01); H04L 67/06 (2013.01); H04L 67/1097 (2013.01); H04L 67/306 (2013.01); G06F 2212/1052 (2013.01); H04L 1/0041 (2013.01); H04L 1/0045 (2013.01); H04L 63/0428 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for execution by a computing device of a storage network comprises:
dispersed storage error decoding, by the computing device, a plurality of sets of encoded data slices to recover a plurality of secure packages, wherein the plurality of secure packages include a plurality of encrypted data segments and a plurality of sets of encoded key slices, wherein at least a decode threshold number of encoded key slices of a set of encoded key slices of the plurality of sets of encoded key slices are appended to at least some of the encrypted data segments in accordance with an appending approach to produce a secure package of the plurality of secure packages, and wherein the encrypted data segments were not dispersed storage error encoded prior to the appending the at least a decode threshold number of encoded key slices to the at least some of the encrypted data segments;
splitting, by the computing device, the plurality of secure packages into the plurality of encrypted data segments and the plurality of sets of encoded key slices;
dispersed storage error decoding, by the computing device, the plurality of sets of encoded key slices to recover a plurality of encryption keys; and
decrypting, by the computing device, the plurality of encrypted data segments using the plurality of encryption keys to recover data segments.