Inventors:
- Draper UT, US
Dudley Melvin Irish - Salt Lake City UT, US
Jeffrey Dale Blair - American Fork UT, US
Adam Julian Mensel - Salt Lake City UT, US
International Classification:
G06F 21/60
G06F 11/14
G06F 17/30
Abstract:
Client-side encryption in a deduplication backup system. In one example embodiment, a method includes a backup phase in which various steps are performed for each allocated plain text block stored in a source storage. One step includes hashing, using a first cryptographic hash function, the plain text block to generate a first hash. Another step includes hashing, using a second cryptographic hash function, the first hash to generate a second hash. Another step includes searching a key-value table of a deduplication storage to determine whether the second hash matches any key in the key-value table. Another step includes, upon determining that the second hash does not match any key in the key-value table, encrypting, using an encrypt/decrypt function, the plain text block using the first hash as an encryption password and inserting a key-value pair into the key-value table with the key being the second hash and the value being the encrypted block.
