公开(公告)号：US11057209B2

公开(公告)日：2021-07-06

申请号：US15908435

申请日：2018-02-28

Applicant: VMware, Inc.

Inventor： Asaf Kariv ,  Ittai Abraham ,  Yotam Harchol

IPC: H04L29/06 ,  H04L9/08 ,  G06F21/62 ,  H04L29/08

Abstract: The current document is directed to distributed-secure-storage systems, and processes carried out within the distributed-secure-storage systems, that provide for secure storage and retrieval of confidential and critical data, referred to as “secrets,” within distributed computer systems. The secret-storage systems partition an input secret into multiple secret shares and distribute the secret shares among multiple secret-share-storing node subsystems, without persistently storing the secret itself. An agent within a client device subsequently requests a secret share corresponding to a secret, or a share of data derived from the secret share, from each of the multiple secret-share-storing nodes. The multiple secret-share-storing nodes additionally cooperate to periodically alter the stored secret shares corresponding to a secret in a way that allows agents to recover the original secret, or derived data, from all or a portion of the altered secret shares or derived-data shares.

公开(公告)号：US10997144B2

公开(公告)日：2021-05-04

申请号：US16029463

申请日：2018-07-06

Applicant: VMware, Inc.

Inventor： Robert T Johnson ,  Ittai Abraham ,  Abhishek Gupta ,  Richard P Spillane ,  Sandeep Rangaswamy ,  Jorge Guerra Delgado ,  Srinath Premachandran ,  Kapil Chowksey

IPC: G06F16/00 ,  G06F16/22 ,  G06F16/23

Abstract: A buffer tree structure includes, at each internal node, a buffer having a compacted portion and an uncompacted portion. Insertion of data elements to the buffer tree can occur units called packets. A packet is initially stored in the uncompacted portion of a receiving node's buffer. After a time, packets in the uncompacted portion of a buffer are combined into compacted packets in the compacted portion of the buffer. A buffer-emptying (flush) operation pushes the compacted packets to children nodes.

公开(公告)号：US10572352B2

公开(公告)日：2020-02-25

申请号：US15729568

申请日：2017-11-01

Applicant: VMware, Inc.

Inventor： Soumya Basu ,  Alin Tomescu ,  Dahlia Malkhi ,  Michael Reiter ,  Adrian Seredinschi ,  Ittai Abraham ,  Guy Golan Gueta

IPC: G06F11/14 ,  H04L9/08

Abstract: Techniques for implementing Byzantine fault tolerance with verifiable secret sharing at constant overhead are provided. In one set of embodiments, a client can determine a secret value s to be shared with N replicas in a distributed system, s being input data for a service operation provided by the N replicas. The client can further encode s into an f-degree polynomial P(x) where f corresponds to a maximum number of faulty replicas in the distributed system, evaluate P(x) at i for i=1 to N resulting in N evaluations P(i), generate at least one f-degree recovery polynomial R(x) based on a distributed pseudo-random function (DPRF) fα(x), and evaluate R(x) at i for i=1 to N resulting in at least N evaluations R(i). The client can then invoke the service operation, the invoking comprising transmitting a message including P(i) and R(i) to each respective replica i.

公开(公告)号：US20200012735A1

公开(公告)日：2020-01-09

申请号：US16029463

申请日：2018-07-06

Applicant: VMware, Inc.

Inventor： Robert T Johnson ,  Ittai Abraham ,  Abhishek Gupta ,  Richard P Spillane ,  Sandeep Rangaswamy ,  Jorge Guerra Delgado ,  Srinath Premachandran ,  Kapil Chowksey

IPC: G06F17/30

Abstract: A buffer tree structure includes, at each internal node, a buffer having a compacted portion and an uncompacted portion. Insertion of data elements to the buffer tree can occur units called packets. A packet is initially stored in the uncompacted portion of a receiving node's buffer. After a time, packets in the uncompacted portion of a buffer are combined into compacted packets in the compacted portion of the buffer. A buffer-emptying (flush) operation pushes the compacted packets to children nodes.

公开(公告)号：US20190377645A1

公开(公告)日：2019-12-12

申请号：US16234552

申请日：2018-12-27

Applicant: VMware, Inc.

Inventor： Ittai Abraham ,  Dahlia Malkhi ,  Guy Golan Gueta ,  Maofan Yin ,  Michael Reiter

IPC: G06F11/14 ,  G06F11/18 ,  G06F11/07

Abstract: Techniques for implementing linear view-change with optimistic responsiveness in a BFT protocol running on a distributed system comprising n replicas are provided. According to one set of embodiments, the replicas can execute, during a view v of the BFT protocol, a first voting round comprising communicating instances of a first type of COMMIT certificate among the replicas. Further, when 2f+1 instances of the first type of COMMIT certificate associated with view v have been received by the replicas, the replicas can execute a second voting round comprising communicating instances of a second type of COMMIT certificate among the replicas. If 2f+1 instances of the second type of COMMIT certificate associated with view v are not received by the replicas within a predetermined timeout period, a view change can be initiated from view v to a view v+1.

公开(公告)号：US20190268149A1

公开(公告)日：2019-08-29

申请号：US15908349

申请日：2018-02-28

Applicant: VMware, Inc.

Inventor： Asaf Kariv ,  Ittai Abraham ,  Yotam Harchol

IPC: H04L9/08 ,  H04L9/30 ,  H04L29/06

Abstract: The current document is directed to distributed-secure-storage systems, and processes carried out within the distributed-secure-storage systems, that provide for secure storage and retrieval of secrets within distributed computer systems, including private encryption keys used for client authentication during establishment of secure communications channels. The secret-storage systems partition an input secret into multiple secret shares and distribute the secret shares among multiple secret-share-storing node subsystems, without persistently storing the secret itself. An agent within a client device subsequently requests a secret share corresponding to a secret, or a share of data derived from the secret share, from each of the multiple secret-share-storing nodes. Each secret-share-storing node transmits the requested secret share or derived-data share to the agent, which reconstructs the secret from all or a portion of the secret shares or a data value from all or a portion of the derived-data shares transmitted to the agent.

公开(公告)号：US20240094953A1

公开(公告)日：2024-03-21

申请号：US18070503

申请日：2022-11-29

Applicant: VMWARE, INC.

Inventor： YEHONATAN BUCHNIK ,  Ittai Abraham ,  Toly Kournik ,  Nikhil Kumar ,  Nikolay Kolev Georgiev

IPC: G06F3/06

CPC classification number: G06F3/0659 ,  G06F3/0629 ,  G06F3/067 ,  G06F3/0622

Abstract: The present disclosure is directed to a novel reconfiguration framework for a BFT SMR system. With this framework, the configuration of both the system itself and the clients of the system can be modified in a live manner (i.e., without taking the system offline) while preserving correct system operation.

公开(公告)号：US11809453B2

公开(公告)日：2023-11-07

申请号：US17339068

申请日：2021-06-04

Applicant: VMware, Inc.

Inventor： Ittai Abraham ,  Ioan Alin Tomescu Nicolescu ,  Guy Golan Gueta ,  Neil Giridharan ,  Heidi Howard

IPC: G06F16/27 ,  G06F16/2453 ,  H04L9/00 ,  G06F11/00

CPC classification number: G06F16/275 ,  G06F11/00 ,  G06F16/24535 ,  G06F16/27 ,  H04L9/50

Abstract: The present disclosure is directed to a leader-based partially synchronous BFT SMR protocol that improves upon existing protocols by exhibiting two rounds of communication latency, linear authenticator complexity, and optimistic responsiveness. This is achieved through the novel use of an aggregate signature scheme as part of the protocol's view-change procedure.

公开(公告)号：US20230050494A1

公开(公告)日：2023-02-16

申请号：US17966497

申请日：2022-10-14

Applicant: VMware, Inc.

Inventor： Avishay Yanai ,  Ittai Abraham

IPC: H04L9/08 ,  H04L9/32 ,  H04L9/00

Abstract: In one set of embodiments, each server executing a secure multi-party computation (MPC) protocol can receive shares of inputs to the MPC protocol from a plurality of clients, where each input is private to each client and where each share is generated from its corresponding input using a threshold secret sharing scheme. Each server can then verify whether the shares of the plurality of inputs are valid/invalid and, for each invalid share, determine whether a client that submitted the invalid share or a server that holds the invalid share is corrupted. If the client that submitted the invalid share is corrupted, each server can ignore the input of that corrupted client during a computation phase of the MPC protocol. Alternatively, if the server that holds the invalid share is corrupted, each server can prevent that corrupted server from participating in the computation phase.

公开(公告)号：US20220069979A1

公开(公告)日：2022-03-03

申请号：US17010526

申请日：2020-09-02

Applicant: VMware, Inc.

Inventor： Avishay Yanai ,  Ittai Abraham

IPC: H04L9/08 ,  H04L9/00 ,  H04L9/32

Abstract: In one set of embodiments, each server executing a secure multi-party computation (MPC) protocol can receive shares of inputs to the MPC protocol from a plurality of clients, where each input is private to each client and where each share is generated from its corresponding input using a threshold secret sharing scheme. Each server can then verify whether the shares of the plurality of inputs are valid/invalid and, for each invalid share, determine whether a client that submitted the invalid share or a server that holds the invalid share is corrupted. If the client that submitted the invalid share is corrupted, each server can ignore the input of that corrupted client during a computation phase of the MPC protocol. Alternatively, if the server that holds the invalid share is corrupted, each server can prevent that corrupted server from participating in the computation phase.