Method for the secured recording of data, corresponding device and program
First Claim
1. A method for the secured recording of data, implemented in a data-recording device comprising a first non-secured memory and a second secured memory, the method comprising:
- obtaining a derived key corresponding to the data recorded in the second secured memory from a root key recorded in the second secured memory;
encrypting the data using the derived key, thereby delivering encrypted data;
recording the encrypted data in the first non-secured memory;
determining a hash imprint of said data by applying a hash function to the data recorded in the second memory;
recording said hash imprint in association with the data in a hash file recorded in the first non-secured memory, the hash imprint for verifying the integrity of the data;
determining a general hash imprint, representing the content of the hash file comprising the hash imprint, by applying another hash function to the hash file;
recording the general hash imprint in the second secured memory, the general hash imprint for verifying the integrity of the hash file; and
subsequently to said recording of the encrypted data in the first non-secured memory, eliminating the data from the second secured memory, the data having been previously encrypted.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for the secured recording of data, implemented in a data-recording device having a first non-secured memory and a second secured memory, is disclosed. The method has the steps of: obtaining a derived key corresponding to the data in the second memory from a root key recorded in the second memory; encrypting data using the derived key, delivering encrypted data; recording the encrypted data in the first memory; determining a hash imprint of said data; recording said hash imprint in a hash file recorded in the first memory; recording a general hash imprint, representing the content of the hash file comprising said hash imprint, in the second memory; and eliminating the data in the second memory.
8 Citations
12 Claims
-
1. A method for the secured recording of data, implemented in a data-recording device comprising a first non-secured memory and a second secured memory, the method comprising:
-
obtaining a derived key corresponding to the data recorded in the second secured memory from a root key recorded in the second secured memory; encrypting the data using the derived key, thereby delivering encrypted data; recording the encrypted data in the first non-secured memory; determining a hash imprint of said data by applying a hash function to the data recorded in the second memory; recording said hash imprint in association with the data in a hash file recorded in the first non-secured memory, the hash imprint for verifying the integrity of the data; determining a general hash imprint, representing the content of the hash file comprising the hash imprint, by applying another hash function to the hash file; recording the general hash imprint in the second secured memory, the general hash imprint for verifying the integrity of the hash file; and subsequently to said recording of the encrypted data in the first non-secured memory, eliminating the data from the second secured memory, the data having been previously encrypted. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for the secured retrieval of data, implemented in a data-recording device comprising a first non-secured memory and a second secured memory, the method comprising:
-
determining a general hash imprint of a hash file recorded in the first non-secured memory by applying a hash function to the hash file; verifying the integrity of the hash file recorded in the first non-secured memory by comparing the general hash imprint determined for the hash file with a recorded general hash imprint recorded in the second secured memory; and when the hash file is detected as having integrity, upon reception of a request for access to data; obtaining a derived key corresponding to encrypted data recorded in the first non-secured memory, from a root key recorded in the second secured memory; decrypting the encrypted data using the obtained derived key so as to retrieve said data; recording said data in the second secured memory; determining a hash imprint of said data by applying another hash function to said data recorded in the second memory; verifying the integrity of the data recorded in the second secured memory by comparing the hash imprint determined for the data with a recorded hash imprint recorded in the hash file in association with said data; and authorizing access to the data in the second secured memory in response to said access request, only if the data has been determined as having integrity. - View Dependent Claims (8, 9, 10)
-
-
11. A data-recording device comprising:
-
a first non-secured memory; a second secured memory; and a processor configured to; obtain a derived key corresponding to data recorded in the second secured memory from a root key recorded in the second secured memory; encrypt, using the derived key, said data so as to deliver encrypted data; record the encrypted data in the first non-secured memory; determine a hash imprint of said data by applying a hash function to the data recorded in the second secured memory; record said hash imprint, in association with the data, in a hash file recorded in the first non-secured memory, the hash imprint for verification of the integrity of the data; determine a general hash imprint, representing the content of the hash file comprising the hash imprint, by applying another hash function to the hash file; record, in the second secured memory, the general hash imprint, the general hash imprint for verification of the integrity of the hash file; and after said recording of the encrypted data in the first non-secured memory, eliminate the data from the second secured memory, the data having been previously encrypted. - View Dependent Claims (12)
-
Specification