-
公开(公告)号:US20220103339A1
公开(公告)日:2022-03-31
申请号:US17037427
申请日:2020-09-29
Applicant: Amazon Technologies, Inc.
Inventor: Marc Brooker , Osman Surkatty , Derek Manwaring , Mikhail Danilov , Peter Martin McDonnell , Stefan Schneider
Abstract: Systems and methods are described for providing storage of encrypted data sets, deduplication of such data sets, and control of the redundancy of those data sets. A form of modified convergent encryption can be employed, whereby an encryption key for a data set is selected based on a combination of the plaintext of the data set and a salt value, with the salt value being selected from a number of permutations corresponding to a desired redundancy of the data set in a storage system. Accordingly, a given data set can result in a number of ciphertexts equal to the desired redundancy, and deduplication can occur by removing duplicative instances of individual ciphertexts. Salt values can be selected according to a variety of criteria, including user-based, time-based, and location-based criteria.
-
公开(公告)号:US11582025B2
公开(公告)日:2023-02-14
申请号:US17037369
申请日:2020-09-29
Applicant: Amazon Technologies, Inc.
Inventor: Marc Brooker , Derek Manwaring , Osman Surkatty , Mikhail Danilov , Peter Martin McDonnell , Stefan Schneider
Abstract: Systems and methods are described for providing secure storage of data sets while enabling efficient deduplication of data. Each data set can be divided into fixed-length blocks. The plaintext of each block can be convergently encrypted, such as by using a hash of the plaintext as an encryption key, to result in block-level ciphertext that can be stored. If two data sets share blocks, the resulting block-level ciphertext can be expected to overlap, and thus duplicative block-level ciphertexts need not be stored. A manifest can be created to facilitate re-creation of the data set, which manifest identifies the block-level ciphertexts of the data set and a key by which each block-level ciphertext was encrypted. By use of block-level encryption, nearly identical data sets can be largely deduplicated, even if they are not perfectly identical.
-
公开(公告)号:US11329803B2
公开(公告)日:2022-05-10
申请号:US17037427
申请日:2020-09-29
Applicant: Amazon Technologies, Inc.
Inventor: Marc Brooker , Osman Surkatty , Derek Manwaring , Mikhail Danilov , Peter Martin McDonnell , Stefan Schneider
Abstract: Systems and methods are described for providing storage of encrypted data sets, deduplication of such data sets, and control of the redundancy of those data sets. A form of modified convergent encryption can be employed, whereby an encryption key for a data set is selected based on a combination of the plaintext of the data set and a salt value, with the salt value being selected from a number of permutations corresponding to a desired redundancy of the data set in a storage system. Accordingly, a given data set can result in a number of ciphertexts equal to the desired redundancy, and deduplication can occur by removing duplicative instances of individual ciphertexts. Salt values can be selected according to a variety of criteria, including user-based, time-based, and location-based criteria.
-
公开(公告)号:US20220103338A1
公开(公告)日:2022-03-31
申请号:US17037369
申请日:2020-09-29
Applicant: Amazon Technologies, Inc.
Inventor: Marc Brooker , Derek Manwaring , Osman Surkatty , Mikhail Danilov , Peter Martin McDonnell , Stefan Schneider
Abstract: Systems and methods are described for providing secure storage of data sets while enabling efficient deduplication of data. Each data set can be divided into fixed-length blocks. The plaintext of each block can be convergently encrypted, such as by using a hash of the plaintext as an encryption key, to result in block-level ciphertext that can be stored. If two data sets share blocks, the resulting block-level ciphertext can be expected to overlap, and thus duplicative block-level ciphertexts need not be stored. A manifest can be created to facilitate re-creation of the data set, which manifest identifies the block-level ciphertexts of the data set and a key by which each block-level ciphertext was encrypted. By use of block-level encryption, nearly identical data sets can be largely deduplicated, even if they are not perfectly identical.
-
-
-
Search Results
4
records
(took 0.013 seconds)
