US 12,445,268 B2
Cluster-wide root secret key for distributed node clusters
Prashant Dewan, Portland, OR (US); Andreea Mihaela Pintilie, Cambridge (GB); Mark Andrew Cawston, King's Lynn (GB); and Kaloyan Aleksandro Aleksiev, London (GB)
Assigned to Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed by Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed on Jun. 29, 2023, as Appl. No. 18/344,394.
Prior Publication US 2025/0007735 A1, Jan. 2, 2025
Int. Cl. H04L 9/08 (2006.01); H04L 9/14 (2006.01); H04L 9/32 (2006.01)
CPC H04L 9/0816 (2013.01) [H04L 9/085 (2013.01); H04L 9/0861 (2013.01); H04L 9/14 (2013.01); H04L 9/3268 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system, comprising:
a hardware processor; and
a multi-node cluster comprising a leader node and a plurality of non-leader nodes, the leader node comprising:
a leader node security system configured to perform operations comprising:
receiving, from a first node among the plurality of non-leader nodes, a first bootstrap key and a first public key;
producing a first encrypted secret key by encrypting a cluster-wide root secret (“CWRS”) key using the first public key;
producing a signed first encrypted secret key by signing the first encrypted secret key with a leader node private key associated with the leader node security system;
producing a first encrypted CWRS key by encrypting the signed first encrypted secret key using the first bootstrap key; and
sending the first encrypted CWRS key to the first node.