阅读说明：本技术 用于加密和更新虚拟盘的方法 (Method for encrypting and updating virtual disk ) 是由 J·J·卡鲁埃纳 于 2020-03-30 设计创作，主要内容包括：一种用于加密虚拟盘的方法包括为虚拟盘的第一版本的每个页生成散列值。每个页使用唯一初始化向量(IV)进行加密。每个唯一IV和每个所生成散列值随后被存储在明文散列数据库中,该明文散列数据库将页的每个唯一IV映射到对应散列值。对于虚拟盘的第二经更新版本,为第二版本的每个页生成散列值。随后确定每个新生成的散列值是否被存储在明文散列数据库中。如果虚拟盘的第二版本的第一页的第一所生成散列值被存储在明文散列数据库中,则使用来自明文散列数据库的与第一所生成散列值相对应的唯一IV来加密这样的第一页。(A method for encrypting a virtual disk includes generating a hash value for each page of a first version of the virtual disk. Each page is encrypted using a unique Initialization Vector (IV). Each unique IV and each generated hash value is then stored in a plaintext hash database that maps each unique IV of a page to a corresponding hash value. For a second updated version of the virtual disk, a hash value is generated for each page of the second version. It is then determined whether each newly generated hash value is stored in the plaintext hash database. If a first generated hash value of a first page of a second version of the virtual disk is stored in the plaintext hash database, such first page is encrypted using a unique IV from the plaintext hash database that corresponds to the first generated hash value.)

1. A method for encrypting a virtual disc, comprising:

for a first version of the virtual disk:

generating a hash value for each page of the first version of the virtual disk;

encrypting each page of the first version of the virtual disk using a unique initialization vector; and

storing each unique initialization vector and each generated hash in a plaintext hash database that maps each unique initialization vector of a page to a corresponding generated hash value; and

for a second updated version of the virtual disk:

generating a hash value for each page of the second version of the virtual disk;

determining whether each generated hash value is stored in the plaintext hash database; and

in response to determining that a first generated hash value of a first page of a second updated version of the virtual disk is stored in the plaintext hash database, encrypting such first page using a unique initialization vector from the plaintext hash database corresponding to the first generated hash value.

2. The method of claim 1, further comprising:

for a second updated version of the virtual disk:

generating a new unique initialization vector in response to determining that a second generated hash value of a second page of a second version of the virtual disk is not stored in the plaintext hash database; and

such second page is encrypted using the new unique initialization vector.

3. The method of claim 2, wherein the new unique initialization vector is randomly generated.

4. The method of claim 2, wherein the new unique initialization vector is based on initialization vectors of pages preceding the second page.

5. The method of claim 4, wherein the new unique initialization vector is based on an increment from an initialization vector of a page preceding the second page.

6. The method of claim 2, wherein the new unique initialization vector is based on an offset of the second page within the second updated version of the virtual disk.

7. The method of claim 2, further comprising:

generating an updated plaintext hash database for a second updated version of the virtual disk, the updated plaintext hash database comprising:

each unique initialization vector reused from the first version of the virtual disk;

each new unique initialization vector; and

a hash value is generated for each page of the second updated version of the virtual disk.

8. A computing device configured for disseminating an updated version of an encrypted virtual disc, comprising:

a logic machine;

a storage machine holding instructions that, when executed by the logic machine, cause the logic machine to:

generating an updated version of the encrypted virtual disk;

retrieving a hash repository for the earlier version of the encrypted virtual disk, the hash repository including the generated hash values and offsets for each single page of the earlier version of the encrypted virtual disk;

for each page of the updated version of the encrypted virtual disk, retrieving a hash value;

determining whether each retrieved hash value of the updated version of the encrypted virtual disk is stored in the hash repository;

in response to determining that a first retrieved hash value of a first page of an updated version of the encrypted virtual disk is not stored in the hash repository, generating an update plan indicating that the first page is to be downloaded in response to a request to update the encrypted virtual disk from the earlier version to the updated version; and

in response to determining that a second retrieved hash value of a second page of an updated version of the encrypted virtual disk is stored in the hash repository, indicating, via a downloadable update plan, that the second page is not to be downloaded in response to a request to update the encrypted virtual disk from the earlier version to the updated version.

9. The computing device of claim 8, wherein the hash repository is a plaintext hash database that includes a plaintext hash value for each page of an earlier version of the encrypted virtual disk.

10. The computing device of claim 8, wherein the hash repository is a hash tree that includes ciphertext hash values for each page of an earlier version of the encrypted virtual disk.

11. The computing device of claim 8, further comprising instructions that, when executed by the logic machine, cause the logic machine to:

indicating, via the downloadable update plan, not to download the range of pages in response to determining that the retrieved hash value for the sequential range of pages within the updated version of the encrypted virtual disk is stored in the hash repository.

12. The computing device of claim 11, further comprising instructions that, when executed by the logic machine, cause the logic machine to:

indicating, via the downloadable update plan, that the page range is to be downloaded in response to determining that the retrieved hash value for the sequential page range within the updated version of the encrypted virtual disk is not stored in the hash repository.

13. The computing device of claim 12, further comprising instructions that, when executed by the logic machine, cause the logic machine to:

indicating that the page span is to be downloaded in response to determining that the page span having the generated hash value stored in the hash repository is less than a threshold.

14. The computing device of claim 8, further comprising instructions that, when executed by the logic machine, cause the logic machine to:

looking up a hash value generated for a page in a hash repository for both an updated version of the encrypted virtual disk and an earlier version of the encrypted virtual disk; and

a single unique initialization vector is assigned to all of the repeated copies of the page.

15. The computing device of claim 14, further comprising instructions that, when executed by the logic machine, cause the logic machine to:

indicating, via the downloadable update plan, that at most one copy of the repeated page is to be downloaded.

Background

Secure content, such as encrypted media, may be stored on virtual disks that may be distributed to multiple client computing devices. The encrypted media may be periodically updated with new content and/or adjusted content, which may then be securely distributed to some or all of the client computing devices.

SUMMARY

This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter. Furthermore, the claimed subject matter is not limited to implementations that solve any or all disadvantages noted in any part of this disclosure.

A method for encrypting a virtual disk includes generating a hash value for each page of a first version of the virtual disk. Each page is encrypted using a unique Initialization Vector (IV). Each unique IV and each generated hash value is then stored in a plaintext hash database that maps each unique IV of a page to a corresponding hash value. For a second updated version of the virtual disk, a hash value is generated for each page of the second version. It is then determined whether each newly generated hash value is stored in the plaintext hash database. If a first generated hash value of a first page of a second version of the virtual disk is stored in the plaintext hash database, such first page is encrypted using a unique IV from the plaintext hash database that corresponds to the first generated hash value.

Brief Description of Drawings

FIG. 1 shows a schematic diagram of an example computing environment including a client computing device and a server computing device.

FIG. 2 illustrates an example method for encrypting a virtual disk.

Fig. 3 schematically shows a database comprising hash values and initialization vectors for virtual disks.

Fig. 4 illustrates an example method for disseminating an updated version of an encrypted virtual disc.

FIG. 5 schematically shows an example update plan for an encrypted virtual disk.

FIG. 6 illustrates an example method for updating an encrypted virtual disk.

FIG. 7 shows a schematic diagram of an example computing device.

Detailed Description

An encrypted, signed, read-only virtual disk may be used to store the content files. By design, manipulation of encrypted data is challenging without possessing associated encryption keying material or significant disk input/output (I/O) bandwidth that is available to decrypt, edit, and re-encrypt the disk. For rich game content, an encrypted virtual disk may contain tens of gigabytes or more of data. While this format is advantageous for maintaining content security, it may be disadvantageous for efficiently downloading content updates over a network.

Current practice for updating content typically requires the downloader to manipulate the content in clear text, thus requiring keying material for the content at the time of download. This could potentially open a vulnerability window during the update. Alternatively, updating the content may occur by operating on the content in ciphertext form. However, this may incur poor download efficiency in proportion to the granularity of the update. Portions of the virtual disk may be edited, downloaded, and updated, rather than the entire virtual disk itself. For example, a virtual disk may be divided into regions (or chunks) or files. If any bytes in the area or file are different in the updated disk, the entire area or file must be re-downloaded.

At the lowest granularity, this update method generates a large download file and then a large disk image. If the old content is not modifiable, the size of these disk images may grow persistently with each update. Thus, there is a need for a means for efficiently updating data on encrypted virtual disks, minimizing the size of download packets and the size of distribution over streaming media, while protecting the confidentiality of the data during the update. Furthermore, it is desirable that updates occur without disk storage bloat due to unavailable or redundant content from the old version of the virtual disk.

This detailed description describes systems and methods for an improved means for updating secure content (e.g., encrypted media) stored on a virtual disk. The updates may be selectively and/or partially applied. In other words, portions of the data within the file may be updated rather than the entire file. In particular, the content in the old disk image is reused to generate a new, updated disk image. The granularity of the update may then be at the page level rather than at the file or region level.

During the disk creation process, inputs (e.g., updated and reused data) may be intentionally selected in order to maximize the ability of the downloader to reuse encrypted data from the old disk image as is, thereby minimizing the size of the download package and the size of the disk footprint.

In general, most encryption/decryption schemes, regardless of the algorithm, involve a key, an Initialization Vector (IV), and plaintext data to be encrypted (or ciphertext to be decrypted). Selecting an IV is important for generating a modifiable virtual disk. Typically, the virtual disk assigns an IV value of 0 at the beginning and increments up page by page as the disk progresses. This ensures that if the same data is encrypted in both parts of the disc, the cryptogram will be different, otherwise the cryptogram will reveal information about the disc content.

This scheme works well if the disc is being modified in place, or when the disc is sent as read-only. However, if data is inserted or removed from the updated disk, the disk index and initialization vector will shift, and thus the new and old disks will not match correctly.

In the examples herein, the IV is reused from the old disk image to generate the new disk image. Once the two encrypted virtual disk images have been created, each page is hashed. For each page in the new disk image, its hash is compared to all the page hashes from the old disk. If a match is found, the page is added to the update plan as an indication that the old page is to be copied. If no match is found, the page is added as a download. Consecutive copy or download operations are merged together within the plan. In this way, only pages containing new or updated data need be downloaded and applied as updates. Pages containing unchanged data are retained at the local disk.

The systems and methods disclosed herein may thus represent an improvement in the field of applying updates to encrypted virtual disks, as the granularity of operations may be reduced to the order of individual indexable data segments (e.g., pages) rather than an entire file or region. Further, rather than relying on a consistent convention (e.g., filename hash) to implicitly match data, the methods disclosed herein explicitly use data about the old disk image to generate the new disk image. Additionally, these methods allow for the creation of pre-computed plans that clients can use to efficiently perform updates without requiring large amounts of data from new disk images.

In this manner, the efficiency of downloading updates of large pieces of content is improved while the security of the content is maintained. This allows for a minimized download size and a minimized on-disk size. The data remains encrypted throughout the update process. Furthermore, developers have more freedom to insert new data without worrying about files and virtual disks becoming inflated after updating.

Fig. 1 illustrates an example computing environment 100 that includes a server computing device 102 configured to communicate with a plurality of client computing devices 104, 106, and 108 over one or more networks 110. The network 110 may include any one or combination of a number of different types of networks, such as a cellular network, a wireless network, a local area network, and the internet.

The server computing device 102 may include one or more discrete server computing devices that cooperate, for example, in a data center or cloud computing environment. In one example, the server computing device 102 may include a plurality of server computing devices operating in a cloud computing configuration that cooperate to implement the functions and processes of the server computing device 102 described herein. The server computing device 102 may include at least a logic machine 112 and a storage machine 114. Similarly, client computing device 104 includes at least logic machine 116 and storage machine 118, client computing device 106 includes at least logic machine 120 and storage machine 122, and client computing device 108 includes at least logic machine 124 and storage machine 126.

Each client computing device 104, 106, and 108 may include any combination of hardware and/or software resources configured to process data. Client computing devices 104, 106, and 108 may be implemented as any number of devices including, for example, personal computers, laptop computers, cellular telephones, tablet devices, Personal Digital Assistants (PDAs), and the like. Additional features and attributes of the example computing device are provided herein with respect to fig. 7.

The client computing devices 104, 106, and 108 may communicate with the server computing device 102 over the network 110 to provide and receive data and/or metadata. For example, the client computing devices 104, 106, and 108 may communicate with the server computing device 102 to request and/or receive content, such as media data, applications, and/or metadata. Such content may be provided in the form of one or more virtual disks. The virtual disk platform may be considered a publicly available image format specification that specifies a virtual hard disk encapsulated in a single file that is capable of hosting a native file system while supporting standard disk and file operations.

The virtual disk may be generated at the server computing device 102 or another device and provided to the server computing device 102 for distribution to one or more client computing devices, such as client computing devices 104, 106, and 108. A virtual disk may include one or a combination of media, data, application(s), software, etc. For example, a virtual disk may include one or more video files, audio files, text files, and/or multimedia files to be provided over network 110 and presented on a client computing device. Alternatively or additionally, the content provided over the network 110 may be virtual disk updates to be distributed to the client computing devices 104, 106, and 108.

As shown, each of the client computing devices 104, 106, and 108 has a different build version of the virtual disk. Client computing device 104 includes virtual disk 1.1 stored on storage machine 118 (130), client computing device 106 includes virtual disk 1.2 stored on storage machine 122 (132), and client computing device 108 includes virtual disk 1.3 stored on storage machine 118 (134). The server computing device 102 includes an updated virtual disk 1.4 stored on the storage machine 114 (136). The server computing device 102 may provide an indication to one or more of the client computing devices 104, 106, and 108 that an updated version of the virtual disk is available, and may transmit all or part of the virtual disk 1.4(136) over the network 110 in response to receiving a request from one or more of the client computing devices 104, 106, and 108.

Further, each virtual disk may be an encrypted virtual disk, and may thus include encryption information that may indicate a type of encryption (e.g., an encryption method) performed at the server computing device 102 or elsewhere to encrypt a plurality of data blocks that include the virtual disk, and may include information for decryption (such as a decryption key). Each client computing device may include one or more applications that execute on a logical machine that performs operations for handling virtual disks, such as dividing, encrypting, compressing, and/or creating authentication information for virtual disks.

Fig. 2 illustrates an example method 200 for encrypting a virtual disk. The method 200 may be performed by one or more computing devices, such as the server computing device 102. At 205, method 200 includes generating a first version of a virtual disk. At 210, method 200 includes generating a hash value for each page of the first version of the virtual disk. As described herein, a "page" may refer to any indexable data segment within a virtual disk. As one non-limiting example, a page may be a 4K indexable data segment. Hash values may be generated for plain text pages and/or encrypted pages. The hash value may be generated via any suitable hash function, such as HMAC-SHA1, HMAC-SHA256, HMAC-SHA3, and so forth. In some examples, the output of the hash function may be truncated to generate a hash value.

At 215, method 200 includes encrypting each page of the first version of the virtual disk using a unique Initialization Vector (IV). The initialization vector may comprise any number that may be used with a secret key for data encryption. The initialization vector may further include a content ID and an area ID of the virtual disc.

For example, the first page of the virtual disk may be given an IV equal to 0. For each subsequent page, the IV may be incremented by 1, thus creating a linear sequence in which the IV for a page is based on the offset of the page from the beginning of the virtual disk.

At 220, the method 200 includes storing each unique initialization vector and each generated hash in a plaintext hash database that maps each unique initialization vector of a page to a corresponding generated hash. The plaintext hash database may be thought of as a metadata chunk that maps an unencrypted plaintext page to an IV selected for the page via a hash value generated for the page. The hashes generated for the encrypted pages may be stored in a hash tree, where each leaf of the hash tree comprises a hash generated for a single page of the first version of the virtual disk.

For example, FIG. 3 schematically illustrates an example virtual disk 300 that includes a plurality of data pages. Five representative contiguous pages are shown, page A301, page B302, page C303, page D304, and page E305. Each page may be hashed to generate a hash value. For example, page A301 has hash value 311, page B302 has hash value 312, page C303 has hash value 313, page D304 has hash value 314, and page E305 has hash value 315. Each page is also encrypted based on the initialization vector. For example, page a 301 has an IV 321, page B302 has an IV322, page C303 has an IV 323, page D304 has an IV 324, and page E305 has an IV 325.

The hash value and IV of virtual disk 300 may be stored in hash tree 330. As shown, hash values 311 & 315 & IV 321 & 325 are stored as leaves in a first node 332 of a first branch 334 of hash tree 330. Each node of the first branch 334 may be hashed and stored as a leaf in the first node 335 of the second branch 336. The hashing may continue with each node of the second branch 336 hashed and stored as a leaf in a third branch 337, and so on until there is one hash left-e.g., the root node 338. Root node 338 may be effectively used to represent the identity of virtual disk 300. The unencrypted hash value and IV may be stored in the unencrypted plaintext hash database 340.

Returning to FIG. 2, at 225, method 200 includes instructions for encrypting the second updated version of the virtual disk. During the package creation and encryption process for the updated version of the virtual disk, the unaltered input data may remain unaltered in the output. In other words, pages of the first version of the virtual disk that are not changed in the second disk may be maintained. However, the changed pages, inserted pages, and deleted pages may change the offset of the pages within the updated version of the virtual disk. As such, if previously assigned initialization vectors are assigned linearly in the first version of the virtual disk, they may become misaligned in the updated disk.

At 230, method 200 includes generating a hash for each page of the second version of the virtual disk. For example, fig. 3 schematically shows a virtual disc 350, which may be considered as a second updated version of the virtual disc 300. The virtual disk 350 includes five representative coherent pages: page a 301, page B302, page S353, page T354, and page U355. Page a 301 and page B302 are identical to pages a 301 and B302 within the virtual disk 300, and page S353, page T354, and page U355 may be newly inserted pages or updated pages. Accordingly, page A301 retains hash value 311 and page B302 retains hash value 312. Page S353 is assigned hash value 363, page T354 has hash value 364, and page E355 has hash value 365.

At 235, the method 200 includes determining whether each generated hash value is stored in a plaintext hash database. For example, hash values 311 and 312 are stored in plaintext hash database 340. At 240, the method 200 includes, in response to determining that a first generated hash of a first page of a second updated version of the virtual disk is stored in the plaintext hash database, encrypting such first page using a unique initialization vector from the plaintext hash database corresponding to the first generated hash. Accordingly, an IV 321 associated with hash value 311 is assigned to page A301, and an IV322 associated with hash value 312 is assigned to page B302. In this manner, the plaintext hash database is used to determine the assigned IV for a given page, and thus the plaintext is used to determine the ciphertext for the given page.

At 245, the method 200 includes generating a new unique initialization vector in response to determining that the second generated hash of the second page of the second version of the virtual disk is not stored in the plaintext hash database; and encrypting such second page using the new unique initialization vector. For example, hash values 363 and 364 are not stored in plaintext hash database 340. As such, a new IV is assigned to the relevant page. IV 373 is assigned to page S353, IV 374 is assigned to page T354, and IV 375 is assigned to page U355.

In some examples, the newly assigned unique IV may be based on an initialization vector of a page preceding the second page. As an example, IV 373 may be based on IV 322. In some examples, the new unique initialization vector may be based on an increment from the initialization vector of a page preceding the second page. For example, IV 373 may be equal to IV322 plus one. This preserves the linearity of the original page. While some discontinuities will be created throughout the sequence, the original data is preserved and as much of the original sequence as possible is preserved, thus minimizing the size of the subsequently generated look-up table.

In some examples, the new unique initialization vector may be based on an offset of the second page within the second updated version of the virtual disk. For example, the IV may be based on a hash of the file name and an offset of the page within the file. This preserves the ordering of the newly generated IV and supports a compact offset + IV lookup table.

Additionally or alternatively, the new unique initialization vector may be generated randomly, pseudo-randomly, or by any other suitable means. For example, if no IV is found in the plaintext hash database, a new IV may be randomly generated and added to the plaintext hash database. This approach generates high randomness, making it difficult for the IV to trace back into the plaintext, but the IVs of consecutive pages may be non-sequential.

In other examples, the new unique IV may be derived directly from the plaintext, e.g., using a function such as trunate (HMACSHA (PrivacyKey,4 KPlaintext)). A PrivacyKey (private key) is created and maintained for each content. HMAC helps minimize the plaintext data that leaks from the process. Such leakage may be quite slight; the hash tree will contain a portion of HMACSHA in clear text. Without knowing the PrivacyKey, it is not feasible for an attacker to recover any plaintext itself. However, the attacker may determine that both pages of the file contain the same data. By using the PrivacyKey for each content, an attacker cannot make any associations across different contents. This represents an improvement over using a global PrivacyKey, by which a malicious developer can attempt to guess and check using the encryption process as a oracle to see if other games contain particular content.

As another example, a randomly selected IV may persist in the database. The database lookup input may be a function such as HMACSHA (PrivacyKey,4KPlaintext) and the output will be an IV. When the lookup fails, a random IV will be generated and added to the database. One advantage of this approach is that existing virtual disks can be imported. The existing virtual disk will be decrypted and each page of the virtual disk will have its existing IV added to the database. Similarly, if a database is lost or corrupted, it can be recovered using this import process. HMACSHA can be used to minimize information about leaked plaintext when the database is stored outside the computer performing the encryption. Additionally or alternatively, an encryption function such as Advanced Encryption Standard (AES) may be used to encrypt the database.

When an IV has been assigned to each page of the updated disk, an updated hash tree 380 may be generated and an updated plaintext hash database 385 may also be generated for the second updated version of the virtual disk, including each unique initialization vector reused from the first version of the virtual disk, each new unique initialization vector, each generated hash for each page of the second updated version of the virtual disk, and each offset.

Once the updated version of the encrypted virtual disk has been hashed and an IV is assigned to each page, an update plan may be generated that indicates how to disseminate the updated version of the encrypted virtual disk from the server computing device to the client computing device. Each client computing device may have a different version of a virtual disk, as shown in fig. 1. Some virtual disks are updated frequently, and thus client computing devices storing older versions may be required to upgrade to an intermediate version of the virtual disk before downloading the latest version. As such, each update plan may be specific to each client computing device. This may be based on data indicating which build of the virtual disk is stored at each client computing device. Such an indication may be stored at the server or provided to the server by the client computing device. Such update plans may be generated when an updated version of the encrypted virtual disk is generated, rather than on-demand. By issuing the update plan on the server side, the client computing device can quickly download the update plan and initiate downloading an updated version of the encrypted virtual disk, rather than downloading a complete hash database and then generating the plan locally.

Fig. 4 illustrates a method 400 for disseminating an updated version of an encrypted virtual disc. The method 400 may be performed at a server computing device, such as the server computing device 102. At 405, the method 400 includes generating an updated version of the encrypted virtual disk, such as the updated virtual disk 350. At 410, method 400 includes retrieving a hash repository of the earlier version of the encrypted virtual disk, the hash repository including the generated hash value and the offset for the single page of the earlier version of the encrypted virtual disk. As used herein, a hash repository may include a plaintext hash database and/or a hash tree or any other suitable list of page hashes, IVs, and offsets for earlier versions of an encrypted virtual disk. For example, the plaintext hash database 340 may be retrieved for a client computing device upgraded from the virtual disk 300.

At 415, the method 400 includes, for each page of the updated version of the encrypted virtual disk, retrieving the hash value. For example, hash values may be retrieved from a plaintext hash database and/or a hash tree. In some examples, the hash value may be regenerated. In this way, leaf hash nodes for updated and earlier versions of the virtual disk may be collected. In some examples, method 400 may include, for earlier versions of the encrypted virtual disk, generating a lookup table for each page of the encrypted virtual disk that maps the generated hash value and the initialization vector to a page offset, and retrieving the page offset for each generated hash value.

For example, the primary hash tree allows for finding an offset to obtain a hash. The tree may be inverted allowing the hash to be looked up to obtain the offset, where the offset is the position within the virtual disk relative to the beginning of the disk image. For example, the hash tree 334 may be inverted to generate the hash- > offset lookup table 390.

At 420, method 400 includes determining whether each retrieved hash value of the updated version of the encrypted virtual disk is stored in a hash repository. For example, for each page of an updated version of the encrypted virtual disk, the corresponding hash may be retrieved and looked up in the hash- > offset lookup table for the earlier version of the encrypted virtual disk. If the hash is found in the lookup table, this indicates that the page in the updated version matches the page in the earlier version and allows the offset (e.g., location) of the page within the earlier version of the encrypted virtual disk to be retrieved.

At 425, the method 400 includes, in response to determining that the first retrieved hash value of the first page of the updated version of the encrypted virtual disk is not stored in the hash repository, generating an update plan indicating that the first page is to be downloaded in response to a request to update the encrypted virtual disk from an earlier version to the updated version. In other words, the update plan will indicate that each page of the updated version of the encrypted virtual disc that is not found in the earlier version of the encrypted virtual disc is to be downloaded.

At 430, the method 400 includes, in response to determining that the second retrieved hash value of the second page of the updated version of the encrypted virtual disk is stored in the hash repository, indicating, via the downloadable update plan, that the second page is not to be downloaded in response to the request to update the encrypted virtual disk from the earlier version to the updated version. In other words, the update plan will indicate that each page of an earlier version of the encrypted virtual disk found in the updated version of the encrypted virtual disk is to be saved. The client computing device, when building a local copy of the updated version of the encrypted virtual disk, will be instructed to download or obtain the saved page from an earlier version of the encrypted virtual disk, rather than from the server computing device.

The size of the download plan may be reduced by bundling a range of coherent pages to be downloaded from a server computing device or saved from an earlier version of a virtual disk stored locally. Then, instead of listing each page individually in the update plan, a list of starting offsets and lengths may be listed in the update plan. This facilitates generating a compact list of instructions for the client computing device to follow to generate an updated version.

For example, in response to determining that the hash value generated for a sequential page range within an updated version of the encrypted virtual disk is stored in a hash repository, the process may be optimized once a page is found in an earlier version. For example, when a corresponding page is found, the earlier version and the updated version may be linearly scanned until a mismatch is found (e.g., no hashes from the updated version are found in the earlier version). Similarly, when no corresponding page is found, the earlier version and the updated version may be scanned linearly until a match is found between the two versions.

In this way, the downloadable update plan may include a range of replacement pages to be downloaded from a server and to be downloaded from an earlier version of the encrypted virtual disk. However, each download request incurs some overhead to the client and server. As such, it may not be efficient to reserve a single page in the middle of two ranges of pages to be downloaded. As such, unless the page span of a matching page is greater than a threshold, the update plan may indicate that the page span is to be downloaded, even if it is found in an earlier version.

In some examples, the hash value generated for the page may be looked up in a hash repository for both the updated version of the encrypted virtual disk and the earlier version of the encrypted virtual disk. The downloadable update plan may then indicate that at most one copy of the repeated page is to be downloaded.

As an example, fig. 5 schematically shows an example update plan for an encrypted virtual disk. Virtual disk v2.2(500) represents an example updated encrypted virtual disk that includes ten pages of data. Virtual disk v2.0(505) represents a first example updated encrypted virtual disk that also includes ten pages of data. Virtual disk v.2.1(510) represents a second example updated encrypted virtual disk. Virtual disk v.2.1(510) may have previously undergone an update from v 2.0.

To update the virtual disk v2.0(505) to the virtual disk v2.2(500), an update plan 515 is generated as described with respect to FIG. 4. The pages of the virtual disk v2.2(500) are compared with the pages of the virtual disk v2.0(500) via a plaintext hash database and an offset table. The update plan 515 indicates that the extents of pages A and B may be kept local. The page range S-Y may be downloaded from a server. Although page D is available locally, the page is downloaded to save the range S-Y. Page a may be saved and repeated.

Pages of virtual disk v2.1(510) are compared to pages of virtual disk v2.0(500) via a hash repository and offset table as described. The update plan 520 indicates the extent of pages A-U, and page D may be kept local. The page range W-Y may be downloaded from a server. Page a may be saved and repeated.

FIG. 6 illustrates an example method 600 for updating an encrypted virtual disk. The method 600 may be performed at a client computing device, such as client computing devices 104, 106, and 108. At 610, method 600 includes receiving an indication from a server that an updated version of a locally stored encrypted virtual disk is available for download. For example, the server computing device may issue an indication to all client computing devices that store earlier versions of the encrypted virtual disk.

At 620, the method 600 includes downloading an update schedule from the server, the update schedule based on a comparison of the hash value retrieved for each page of the updated version of the locally stored encrypted virtual disk and the hash value retrieved for each page of the locally stored encrypted virtual disk. For example, the update plans 515 and 520 may be downloaded, and the update plans may be generated at the server according to the method 400. In some examples, the update plan may be accompanied by a staging area that provides a framework for local assembly of updated versions of locally stored encrypted virtual disks.

At 630, the method 600 includes downloading, based on the update plan, only those pages of the updated version of the locally stored encrypted virtual disk that are not included in the locally stored encrypted virtual disk. The downloaded page may be positioned in the staging area based on the offset indicated by the update schedule.

At 640, the method 600 includes merging the downloaded pages with pages derived from the locally stored encrypted virtual disk as indicated by the update plan to generate a local copy of the updated version of the locally stored encrypted virtual disk. For example, pages derived from a locally stored encrypted virtual disk may be migrated to scratch based on offsets indicated by the update plan.

In some examples, if a page is repeated in an updated version of the locally stored encrypted virtual disk, a single version will be placed at each offset, whether a newly downloaded page or a previously locally stored page. After the assembly of the updated version, unused data may be moved or deleted from the earlier version.

A technical effect of implementing the described methods and systems is that updates to the encrypted virtual disk can be applied at page granularity. If any of the bytes in the data page are different, the page will be re-downloaded. If the page is not changed, it will be saved from the local copy. There are numerous benefits of page granularity. This eliminates, for example, the efficiency difference between updating many small files and a few large compressed files (such as packaged files and/or ZIP files). Since game developers and built engines prefer larger packaged files, this significantly reduces the update download size compared to downloading the entire file with minor changes.

Furthermore, the encrypted virtual disk no longer needs to keep unused and outdated data in its layout to avoid changing large packaged files. This will reduce the size of the disc and help prevent file expansion.

Additionally, developers no longer need to be specifically engineered for content updates, as any page can be changed. Additionally, when a game developer poorly engineer content updates, the end user is no longer harmed.

Changes within a file (including deletions, insertions, and modifications) may be selectively applied rather than simply analyzing whether a file has changed.

In some embodiments, the methods and processes described herein may be bound to a computing system of one or more computing devices. In particular, such methods and processes may be implemented as computer applications or services, Application Programming Interfaces (APIs), libraries, and/or other computer program products.

FIG. 7 schematically illustrates a non-limiting embodiment of a computing system 700 that may perform one or more of the methods and processes described above. Computing system 700 is shown in simplified form. Computing system 700 may take the form of one or more of the following: personal computers, server computers, tablet computers, home entertainment computers, network computing devices, gaming devices, mobile computing devices, mobile communication devices (e.g., smart phones), and/or other computing devices.

Computing system 700 includes a logic machine 702 and a storage machine 704. Computing system 700 may optionally include a display subsystem 706, an input subsystem 708, a communication subsystem 710, and/or other components not shown in fig. 7.

The logic machine 702 includes one or more physical devices configured to execute instructions. For example, the logic machine may be configured to execute instructions that are part of one or more of the following: an application, service, program, routine, library, object, component, data structure, or other logical construct. Such instructions may be implemented to perform a task, implement a data type, transform the state of one or more components, implement a technical effect, or otherwise arrive at a desired result.

The logic machine may include one or more processors configured to execute software instructions. Additionally or alternatively, the logic machine may include one or more hardware or firmware logic machines configured to execute hardware or firmware instructions. The processors of the logic machine may be single-core or multi-core, and the instructions executed thereon may be configured for serial, parallel, and/or distributed processing. The individual components of the logic machine may optionally be distributed among two or more separate devices, which may be remotely located and/or configured for coordinated processing. Aspects of the logic machine may be virtualized and executed by remotely accessible networked computing devices configured in a cloud computing configuration.

The storage machine 704 comprises one or more physical devices configured to hold instructions executable by a logic machine to implement the methods and processes described herein. When implementing these methods and processes, the state of storage machine 704 may be transformed — e.g., to hold different data.

The storage machine 704 may include removable and/or built-in devices. Storage machine 704 may include optical memory (e.g., CD, DVD, HD-DVD, blu-ray disc, etc.), semiconductor memory (e.g., RAM, EPROM, EEPROM, etc.), and/or magnetic memory (e.g., hard-disk drive, floppy-disk drive, tape drive, MRAM, etc.), among others. Storage machine 704 may include volatile, nonvolatile, dynamic, static, read/write, read-only, random-access, sequential-access, location-addressable, file-addressable, and/or content-addressable devices.

It will be appreciated that storage machine 704 comprises one or more physical devices. However, aspects of the instructions described herein may alternatively be propagated over a communication medium (e.g., an electromagnetic signal, an optical signal, etc.) that is not held by a physical device for a limited duration.

Aspects of the logic machine 702 and the storage machine 704 may be integrated together into one or more hardware logic components. Such hardware logic components may include, for example, Field Programmable Gate Arrays (FPGAs), program and application specific integrated circuits (PASIC/ASIC), program and application specific standard products (PSSP/ASSP), systems on a chip (SOC), and Complex Programmable Logic Devices (CPLDs).

The terms "module," "program," and "engine" may be used to describe aspects of computing system 700 that are implemented to perform particular functions. In some cases, a module, program, or engine may be instantiated via logic machine 702 executing instructions held by storage machine 704. It should be appreciated that different modules, programs, and/or engines may be instantiated from the same application, service, code block, object, library, routine, API, function, etc. Likewise, the same module, program, and/or engine may be instantiated via different applications, services, code blocks, objects, routines, APIs, functions, etc. The terms "module," "program," and "engine" may encompass a single or a group of executable files, data files, libraries, drivers, scripts, database records, and the like.

It should be appreciated that a "service," as used herein, is an application that can be executed across multiple user sessions. The services may be available to one or more system components, programs, and/or other services. In some implementations, the service may run on one or more server computing devices.

When included, the display subsystem 706 may be used to present a visual representation of data held by the storage machine 504. The visual representation may take the form of a Graphical User Interface (GUI). Since the herein described methods and processes change the data held by the storage machine, and thus transform the state of the storage machine, the state of display subsystem 706 may likewise be transformed to visually represent changes in the underlying data. The display subsystem 706 may include one or more display devices utilizing virtually any type of technology. Such display devices may be combined with logic machine 702 and/or storage machine 704 in a shared enclosure, or such display devices may be peripheral display devices.

When included, the input subsystem 708 may include or interface with one or more user input devices, such as a keyboard, mouse, touch screen, or game controller. In some embodiments, the input subsystem may include or interface with selected Natural User Input (NUI) components. Such components may be integrated or peripheral, and the transduction and/or processing of input actions may be handled on-board or off-board. Example NUI components may include a microphone for speech and/or voice recognition; infrared, color, stereo, and/or depth cameras for machine vision and/or gesture recognition; a head tracker, eye tracker, accelerometer, and/or gyroscope for motion detection and/or intent recognition; and an electric field sensing component for assessing brain activity.

When included, the communication subsystem 710 may be configured to communicatively couple the computing system 700 with one or more other computing devices. Communication subsystem 710 may include wired and/or wireless communication devices compatible with one or more different communication protocols. As non-limiting examples, the communication subsystem may be configured for communication via a wireless telephone network, or a wired or wireless local or wide area network. In some embodiments, the communication subsystem may allow computing system 700 to send and/or receive messages to and/or from other devices via a network such as the internet.

In one example, a method for encrypting a virtual disk includes, for a first version of the virtual disk: generating a hash value for each page of the first version of the virtual disk; encrypting each page of the first version of the virtual disk using the unique initialization vector; and storing each unique initialization vector and each generated hash in a plaintext hash database that maps each unique initialization vector of a page to a corresponding generated hash value; and for a second updated version of the virtual disk: generating a hash value for each page of the second version of the virtual disk; determining whether each generated hash value is stored in a plaintext hash database; and in response to determining that a first generated hash value of a first page of a second updated version of the virtual disk is stored in the plaintext hash database, encrypting such first page using a unique initialization vector from the plaintext hash database corresponding to the first generated hash value. In such an example or any other example, the method additionally or alternatively comprises, for the second updated version of the virtual disk: generating a new unique initialization vector in response to determining that a second generated hash value of a second page of a second version of the virtual disk is not stored in the plaintext hash database; and encrypting such second page using the new unique initialization vector. In any of the foregoing examples or any other example, the new unique initialization vector is additionally or alternatively randomly generated. In any of the preceding examples or any other example, the new unique initialization vector is additionally or alternatively based on an initialization vector of a page prior to the second page. In any of the preceding examples or any other example, the new unique initialization vector is additionally or alternatively based on an increment from an initialization vector of a page preceding the second page. In any of the preceding examples or any other example, the new unique initialization vector is additionally or alternatively based on an offset of the second page within the second updated version of the virtual disk. In any of the preceding examples or any other example, the method additionally or alternatively comprises generating an updated plaintext hash database for a second updated version of the virtual disk, the updated plaintext hash database comprising: each unique initialization vector reused from the first version of the virtual disk; each new unique initialization vector; and generating a hash value for each of the pages of the second updated version of the virtual disk.

In another example, a method for disseminating an updated version of an encrypted virtual disc includes: generating an updated version of the encrypted virtual disc; retrieving a hash repository of the earlier version of the encrypted virtual disk, the hash repository including a generated hash value and an offset for each single page of the earlier version of the encrypted virtual disk; retrieving a hash value for each page of the updated version of the encrypted virtual disk; determining whether each retrieved hash value of the updated version of the encrypted virtual disk is stored in a hash repository; in response to determining that the first retrieved hash value of the first page of the updated version of the encrypted virtual disk is not stored in the hash repository, generating an update plan indicating that the first page is to be downloaded in response to a request to update the encrypted virtual disk from an earlier version to an updated version; and in response to determining that the second retrieved hash value of the second page of the updated version of the encrypted virtual disk is stored in the hash repository, indicating, via the downloadable update plan, that the second page is not to be downloaded in response to the request to update the encrypted virtual disk from the earlier version to the updated version. In such an example or any other example, the hash repository is additionally or alternatively a plaintext hash database that includes a plaintext hash value for each page of an earlier version of the encrypted virtual disk. In any of the preceding examples or any other example, the hash repository is additionally or alternatively a hash tree that includes ciphertext hash values for each page of an earlier version of the encrypted virtual disk. In any of the preceding examples or any other example, the method additionally or alternatively comprises, in response to determining that the retrieved hash values for the sequential page ranges within the updated version of the encrypted virtual disk are stored in the hash repository, indicating, via the downloadable update plan, that the page ranges are not to be downloaded. In any of the preceding examples or any other example, the method additionally or alternatively comprises, in response to determining that the retrieved hash values for the sequential page ranges within the updated version of the encrypted virtual disk are not stored in the hash repository, indicating, via the downloadable update plan, that the page range is to be downloaded. In any of the preceding examples or any other example, the method additionally or alternatively comprises indicating that the page span is to be downloaded in response to determining that the page span having the generated hash value stored in the hash repository is less than a threshold. In any of the preceding examples or any other example, the method additionally or alternatively comprises looking up a hash value generated for the page in a hash repository for both the updated version of the encrypted virtual disk and an earlier version of the encrypted virtual disk; and assigning a single unique initialization vector for all of the repeated copies of the page. In any of the preceding examples or any other example, the method additionally or alternatively includes indicating, via the downloadable update schedule, that at most one copy of the repeated page is to be downloaded.

In yet another example, a method for updating an encrypted virtual disk includes: receiving, from a server, an indication that an updated version of a locally stored encrypted virtual disk is available for download; downloading an update plan from the server, the update plan based on a comparison of the hash value retrieved for each page of the updated version of the locally stored encrypted virtual disk and the hash value retrieved for each page of the locally stored encrypted virtual disk; downloading, based on the update plan, only those pages of the updated version of the locally stored encrypted virtual disk that are not included in the locally stored encrypted virtual disk; and merging the downloaded pages with pages derived from the locally stored encrypted virtual disk as indicated by the update plan to generate a local copy of the updated version of the locally stored encrypted virtual disk. In such an example or any other example, the update schedule additionally or alternatively indicates a range of pages to download. In any of the preceding examples or any other example, the update schedule additionally or alternatively indicates that the page span is to be downloaded in response to the page span included in the locally stored encrypted virtual disk being less than a threshold. In any of the preceding examples or any other example, the pages that are repeated in the updated version of the locally stored encrypted virtual disk are additionally or alternatively placed once in the updated version and then copied based on the offset indicated by the update plan. In any of the preceding examples or any other example, the unused data from the locally stored encrypted virtual disk is additionally or alternatively deleted after assembly of the updated version of the locally stored encrypted virtual disk.

It is to be understood that the configurations and/or approaches described herein are exemplary in nature, and that these specific embodiments or examples are not to be considered in a limiting sense, because numerous variations are possible. The specific routines or methods described herein may represent one or more of any number of processing strategies. As such, various acts illustrated and/or described may be performed in the sequence illustrated and/or described, in other sequences, in parallel, or omitted. Also, the order of the processes described above may be changed.

The subject matter of the present disclosure includes all novel and nonobvious combinations and subcombinations of the various processes, systems and configurations, and other features, functions, acts, and/or properties disclosed herein, as well as any and all equivalents thereof.