Patent Number: 9,432,341

Title: Securing data in a dispersed storage network

Abstract: A method begins by a source processing module securing data based on a key stream to produce secured data, where the key stream is derived from a unilateral encryption key accessible only to the source processing module, and sending the secure data to an intermediator processing module, where desecuring the secured data is divided into two partial desecuring stages. The method continues with the intermediator processing module partially desecuring the secure data in accordance with a first partial desecuring stage to produce partially desecured data and sending the partially desecured data to a destination processing module. The method continues with the destination processing module further partially desecuring the partially desecured data in accordance with a second desecuring stage to recover the data, where the destination processing module does not have access to the encryption key or to the key stream.

Inventors: Resch; Jason K. (Chicago, IL), Dhuse; Greg (Chicago, IL)

Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION

International Classification: H04L 29/06 (20060101); G06F 21/80 (20130101); G06F 21/60 (20130101); G06F 11/10 (20060101); H04L 29/08 (20060101); H04L 1/00 (20060101); G06F 11/20 (20060101)

Expiration Date: 2020-08-30 0:00:00