Key information consistency checking in encrypting data storage system

Assignee

• EMC Corporation · US

Inventors

• Thomas E. Linnell · Northborough, US
• Jack Harwood · Paxton, US
• John T. Fitzgerald · Mansfield, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/3236
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A data storage system employs data encryption to increase data security, and techniques for ensuring consistency of key information maintained and used throughout the system to reduce the likelihood that data will become non-recoverable due to the use of an incorrect encryption key. In one aspect, a verification process is performed between a key table at a central storage processor and key tables containing decrypted copies of the same information that are stored and utilized at separate input/output (I/O) modules. The verification process includes computing respective hash values at the I/O modules and at the storage processor and comparing the hash values to determine whether they match, a match indicating that the tables are consistent and a non-match indicating that the tables are not consistent. In another aspect, an I/O module performs a check prior to performing an encryption/decryption operation as part of processing an I/O command to ensure that the correct key will be utilized. This check involves comparing address information from the I/O command to address information stored in association with the data encryption key. If the address information is consistent, it indic…