Portable storage device with internal secure controller that performs self-verification and self-generates encryption key(s) without using host or memory controller and that securely sends encryption key(s) via side channel

US 10,608,819 B1
Filed: 09/24/2019
Issued: 03/31/2020
Est. Priority Date: 09/24/2019
Status: Active Grant

First Claim

Patent Images

1. A portable secure storage device, comprising:

a casing;

a memory disposed within the casing and configured to store encrypted data;

an input device disposed at the casing and configured to receive a security access code inputted to facilitate unlocking of the portable secure storage device;

an output device disposed at the casing and configured to provide an output;

a security controller disposed within the casing and coupled to the input device, wherein the security controller comprises a non-volatile memory and a security interface, and wherein the security controller is configured to cause;

prior to receipt of the security access code by the input device and prior to communicating with a host, generating, without using the host, a transformation key and a concealed encryption key internally within the security controller, wherein the transformation key is for transforming the concealed encryption key to an operating encryption key, wherein the host is separate and distinct from the portable secure storage device, and wherein the concealed encryption key and the transformation key are not generated or provided by the host, a user, a memory controller or a data transfer controller;

storing the concealed encryption key in the non-volatile memory of the security controller;

providing the transformation key via the security interface;

receiving the security access code inputted at the input device of the portable secure storage device;

determining, without using the host, whether the inputted security access code matches with an access code stored within the non-volatile memory of the security controller;

when the inputted security access code is verified against the stored access code, providing an indication that the inputted security access code is verified, fetching the concealed encryption key from the non-volatile memory of the security controller, and providing the concealed encryption key via the security interface; and

when the portable secure storage device is locked, maintaining the concealed encryption key and the access code stored in the non-volatile memory of the security controller;

the memory controller disposed within the casing and coupled to the security controller, wherein the memory controller comprises a transformation engine, a non-volatile memory, a volatile memory, a first standard memory interface, and a side memory interface, and wherein the memory controller is configured to cause;

after the inputted security access code is verified;

receiving the concealed encryption key via the side memory interface or a side data transfer interface;

temporarily storing the concealed encryption key in the volatile memory of the memory controller;

extracting the operating encryption key, based on the concealed encryption key and the transformation key, using the transformation engine;

temporarily storing the extracted operating encryption key in the volatile memory of the memory controller;

communicating with the security controller via the side memory interface or the side data transfer interface;

receiving data from the data transfer controller via the first standard memory interface;

encrypting, the data received from the data transfer controller, using the operating encryption key, and providing the encrypted data to the memory; and

decrypting, data received from the memory, using the operating encryption key, and providing the decrypted data to the data transfer controller via the first standard memory interface; and

when the portable secure storage device is caused to be locked, deleting the concealed encryption key and the operating encryption key temporarily stored in the volatile memory of the memory controller; and

the data transfer controller disposed within the casing and coupled to the security controller and the memory controller, wherein the data transfer controller comprises a standard communication interface, a second standard memory interface, and the side data transfer interface, and wherein the data transfer controller is configured to cause;

after the inputted security access code is verified;

transmitting enumeration information of the portable secure storage device to the host via the standard communication interface of the data transfer controller;

after an enumeration process with the host is completed, notifying a completion of the enumeration process via the side data transfer interface;

receiving data compatible with a standard communication interface protocol from the host via the standard communication interface;

converting the data compatible with the standard communication interface protocol to data compatible with a standard memory interface protocol; and

providing the data compatible with the standard memory interface protocol to the memory controller, via the second standard memory interface, for encryption and storage in the memory,wherein;

when the portable secure storage device is locked, the data transfer controller is disengaged from the host,when the portable secure storage device is plugged into the host, the portable secure storage device is unrecognizable by the host before the inputted security access code is verified,the portable secure storage device is removable from the host,the security controller comprises a tamper detection circuit configured to detect security tampering of the security controller, and a security level of the security controller is higher than a security level of the memory controller and a security level of the data transfer controller,the standard communication interface is of a first interface type, the first standard memory interface is of a second interface type, the second standard memory interface is of the second interface type, and the first interface type is different from the second interface type,the side memory interface is of an interface type that is different from the first interface type and the second interface type, andthe side data transfer interface is of an interface type that is different from the first interface type and the second interface type.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Highly secure portable storage device may include a security controller, a data transfer controller and a memory controller. The security controller self-verifies, without a host, an access code. After the verification, the security controller may retrieve a concealed encryption key and a transformation key that were previously self-generated by the security controller. The encryption keys are not generated by the host, a user, or the memory controller. The transformation key is sent to the memory controller via a side channel during a first time period. The concealed encryption key is sent to the memory controller via the side channel during a different time period. After extracting an operating encryption key, the memory controller may notify the data transfer controller to initiate an enumeration process with the host. Data transfer from and to the host is performed via interfaces different from the side channel. Other methods and implementations are also described.

Citations

20 Claims

1. A portable secure storage device, comprising:
- a casing;
  
  a memory disposed within the casing and configured to store encrypted data;
  
  an input device disposed at the casing and configured to receive a security access code inputted to facilitate unlocking of the portable secure storage device;
  
  an output device disposed at the casing and configured to provide an output;
  
  a security controller disposed within the casing and coupled to the input device, wherein the security controller comprises a non-volatile memory and a security interface, and wherein the security controller is configured to cause;
  
  prior to receipt of the security access code by the input device and prior to communicating with a host, generating, without using the host, a transformation key and a concealed encryption key internally within the security controller, wherein the transformation key is for transforming the concealed encryption key to an operating encryption key, wherein the host is separate and distinct from the portable secure storage device, and wherein the concealed encryption key and the transformation key are not generated or provided by the host, a user, a memory controller or a data transfer controller;
  
  storing the concealed encryption key in the non-volatile memory of the security controller;
  
  providing the transformation key via the security interface;
  
  receiving the security access code inputted at the input device of the portable secure storage device;
  
  determining, without using the host, whether the inputted security access code matches with an access code stored within the non-volatile memory of the security controller;
  
  when the inputted security access code is verified against the stored access code, providing an indication that the inputted security access code is verified, fetching the concealed encryption key from the non-volatile memory of the security controller, and providing the concealed encryption key via the security interface; and
  
  when the portable secure storage device is locked, maintaining the concealed encryption key and the access code stored in the non-volatile memory of the security controller;
  
  the memory controller disposed within the casing and coupled to the security controller, wherein the memory controller comprises a transformation engine, a non-volatile memory, a volatile memory, a first standard memory interface, and a side memory interface, and wherein the memory controller is configured to cause;
  
  after the inputted security access code is verified;
  
  receiving the concealed encryption key via the side memory interface or a side data transfer interface;
  
  temporarily storing the concealed encryption key in the volatile memory of the memory controller;
  
  extracting the operating encryption key, based on the concealed encryption key and the transformation key, using the transformation engine;
  
  temporarily storing the extracted operating encryption key in the volatile memory of the memory controller;
  
  communicating with the security controller via the side memory interface or the side data transfer interface;
  
  receiving data from the data transfer controller via the first standard memory interface;
  
  encrypting, the data received from the data transfer controller, using the operating encryption key, and providing the encrypted data to the memory; and
  
  decrypting, data received from the memory, using the operating encryption key, and providing the decrypted data to the data transfer controller via the first standard memory interface; and
  
  when the portable secure storage device is caused to be locked, deleting the concealed encryption key and the operating encryption key temporarily stored in the volatile memory of the memory controller; and
  
  the data transfer controller disposed within the casing and coupled to the security controller and the memory controller, wherein the data transfer controller comprises a standard communication interface, a second standard memory interface, and the side data transfer interface, and wherein the data transfer controller is configured to cause;
  
  after the inputted security access code is verified;
  
  transmitting enumeration information of the portable secure storage device to the host via the standard communication interface of the data transfer controller;
  
  after an enumeration process with the host is completed, notifying a completion of the enumeration process via the side data transfer interface;
  
  receiving data compatible with a standard communication interface protocol from the host via the standard communication interface;
  
  converting the data compatible with the standard communication interface protocol to data compatible with a standard memory interface protocol; and
  
  providing the data compatible with the standard memory interface protocol to the memory controller, via the second standard memory interface, for encryption and storage in the memory,wherein;
  
  when the portable secure storage device is locked, the data transfer controller is disengaged from the host,when the portable secure storage device is plugged into the host, the portable secure storage device is unrecognizable by the host before the inputted security access code is verified,the portable secure storage device is removable from the host,the security controller comprises a tamper detection circuit configured to detect security tampering of the security controller, and a security level of the security controller is higher than a security level of the memory controller and a security level of the data transfer controller,the standard communication interface is of a first interface type, the first standard memory interface is of a second interface type, the second standard memory interface is of the second interface type, and the first interface type is different from the second interface type,the side memory interface is of an interface type that is different from the first interface type and the second interface type, andthe side data transfer interface is of an interface type that is different from the first interface type and the second interface type.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The portable secure storage device of claim 1,wherein before the security controller receives the security access code, the security controller is configured to generate a new operating encryption key and a new transformation key internally, without using the host, the memory controller or the data transfer controller and without receiving a command from the host to generate the new operating encryption key or the new transformation key,wherein the security controller is further configured to generate a new concealed encryption key internally based on the new operating encryption key and the new transformation key using a transformation engine within the security controller, without using the host, the memory controller or the data transfer controller and without receiving a command from the host to generate the new concealed encryption key,wherein none of the new operating encryption key, the new transformation key, and the new concealed encryption key is usable to decrypt any data stored in the memory prior to generation of the new operating encryption key, the new transformation key, and the new concealed encryption key, andwherein the new operating encryption key represents the operating encryption key, the new transformation key represents the transformation key, and the new concealed encryption key represents the concealed encryption key.
  - 3. The portable secure storage device of claim 1,wherein before the security access code is verified, the security controller is configured to cause storing the transformation key in the non-volatile memory of the security controller and providing the transformation key to the memory controller via the security interface, and the memory controller is configured to cause storing the transformation key into the non-volatile memory of the memory controller, andwherein when the portable secure storage device is locked, the memory controller is configured to cause retaining the transformation key in the non-volatile memory of the memory controller.
  - 4. The portable secure storage device of claim 1,wherein before the inputted security access code is verified, the memory controller is configured to receive the transformation key from the security controller via the side memory interface,wherein after the inputted security access code is verified, the memory controller is configured to receive, from the security controller via the side memory interface, the indication that the inputted security access code is verified, andwherein after the inputted security access code is verified, the memory controller is configured to receive, from the security controller via the side memory interface, the concealed encryption key.
  - 5. The portable secure storage device of claim 1,wherein before the inputted security access code is verified, the memory controller is configured to receive the transformation key from the security controller via the side data transfer interface and the data transfer controller,wherein after the inputted security access code is verified, the memory controller is configured to receive, from the security controller via the side data transfer interface and the data transfer controller, the indication that the inputted security access code is verified, andwherein after the inputted security access code is verified, the memory controller is configured to receive the concealed encryption key from the security controller via the side data transfer interface and the data transfer controller.
  - 6. The portable secure storage device of claim 5, wherein when the portable secure storage device is caused to be locked, the data transfer controller is configured to delete the transformation key and the concealed encryption key in the data transfer controller.
  - 7. The portable secure storage device of claim 1, wherein after extracting the operating encryption key, the memory controller is configured to cause notifying the data transfer controller, via the first standard memory interface, that the portable secure storage device is to be unlocked.
  - 8. The portable secure storage device of claim 7,wherein after receiving a notification, from the memory controller via the second standard memory interface, that the portable secure storage device is to be unlocked, the data transfer controller is configured to initiate transmitting the enumeration information of the portable secure storage device to the host,wherein before the portable secure storage device is unlocked, the portable secure storage device is unrecognizable by the host even when the portable secure storage device is plugged into the host, andwherein after the enumeration process with the host is completed, the data transfer controller is configured to notify the completion of the enumeration process to the security controller via the side data transfer interface.
  - 9. The portable secure storage device of claim 1, wherein the portable secure storage device is configured to lock when one or more of the following occur:
    - the input device receives a request to lock the portable secure storage device;
      
      a count of unsuccessful security access codes entered into the input device exceeds a threshold number;
      
      power from the host to the portable secure storage device is interrupted;
      
      the portable secure storage device is unplugged from the host;
      
      the portable secure storage device is electrically disengaged from the host in response to a request;
      
      the portable secure storage device idles for a period of time;
      
      orthe portable secure storage device is not plugged into the host within a period of time after the inputted security access code is verified.
  - 10. The portable secure storage device of claim 1, wherein when the portable secure storage device is locked, the concealed encryption key is retained only in the non-volatile memory of the security controller, and the concealed encryption key is not retained in the data transfer controller, the memory controller or the host.
  - 11. The portable secure storage device of claim 10, wherein when the portable secure storage device is locked, the transformation key is retained only in one or both of the non-volatile memory of the security controller and the non-volatile memory of the memory controller.
  - 12. The portable secure storage device of claim 11, wherein when the portable secure storage device is caused to be locked, the operating encryption key is deleted from the portable secure storage device and is not retained in the portable secure storage device.
  - 13. The portable secure storage device of claim 1,wherein when the portable secure storage device is locked, none of the concealed encryption key, the transformation key or the operating encryption key is generated by, provided from or provided to the host,wherein after the inputted security access code is verified and when the portable secure storage device is unlocked, none of the concealed encryption key, the transformation key or the operating encryption key is generated by, provided from or provided to the host,wherein when the portable secure storage device is locked, none of the concealed encryption key, the transformation key or the operating encryption key is generated by, provided from or provided to a user, andwherein after the inputted security access code is verified and when the portable secure storage device is unlocked, none of the concealed encryption key, the transformation key or the operating encryption key is generated by, provided from or provided to the user.
  - 14. The portable secure storage device of claim 1,wherein the security controller is configured to generate the concealed encryption key and the transformation key in a primary mode,wherein in the primary mode, the portable secure storage device does not contain a valid access code to be used to compare against the security access code inputted to facilitate unlocking the portable secure storage device after the portable secure storage device is locked,wherein data stored in the memory prior to generating the concealed encryption key is not capable of being decrypted using the concealed encryption key, the transformation key or the operating encryption key,wherein when the portable secure storage device is in the primary mode, the security controller permits a representation of the access code to be entered, and when the access code is accepted and stored as a new valid access code, the portable secure storage device is no longer in the primary mode, and the portable secure storage device is in an operational mode,wherein the primary mode is different from the operational mode, andwherein in the operational mode, the security controller is configured to cause receiving the security access code inputted at the input device, determining whether the inputted security access code matches with the access code, and the security controller is configured to, when the inputted security access code is verified, providing the indication and the concealed encryption key directly or indirectly to the memory controller.
  - 15. The portable secure storage device of claim 1, wherein before the memory controller completes extracting the operating encryption key, one of the security controller or the memory controller is configured to cause the data transfer controller to initiate transmitting the enumeration information to the host.
  - 16. The portable secure storage device of claim 1,wherein the memory controller is configured to provide encrypted information to the security controller via the side memory interface or the side data transfer interface, andwherein the security controller is configured to extract the operating encryption key based on the concealed encryption key and the transformation key and to decrypt the encrypted information using the operating encryption key.

17. A portable storage device, comprising:
- a housing;
  
  a memory disposed within the housing and configured to store encrypted data;
  
  an input device disposed at the housing and configured to receive a security access code to facilitate unlocking of the portable storage device;
  
  a first controller disposed within the housing and coupled to the input device, the first controller configured to cause;
  
  verifying, without using a host, the security access code received at the input device of the portable storage device, against an access code stored in the first controller;
  
  when the security access code is verified,retrieving an encryption key, which has been generated internally within the first controller and stored in the first controller prior to receipt of the security access code by the input device, wherein the encryption key is not generated or provided by the host, a user, a second controller or a third controller; and
  
  providing the encryption key; and
  
  when the portable storage device is locked, retaining the encryption key only in the first controller;
  
  the second controller disposed within the housing and coupled to the first controller and the memory, the second controller configured to cause;
  
  after the security access code is verified;
  
  receiving the encryption key from the first controller, via a side interface coupled to the first controller;
  
  encrypting, data from the host, based on the encryption key, and providing the encrypted data to the memory; and
  
  decrypting, data from the memory, based on the encryption key, andproviding the decrypted data to the third controller; and
  
  when the portable storage device is caused to be locked, deleting the encryption key from the second controller; and
  
  the third controller disposed within the housing and coupled to the first controller and the second controller, the third controller configured to cause;
  
  after the security access code is verified;
  
  transmitting enumeration information of the portable storage device to the host via a first interface of the third controller; and
  
  transferring the data from the host to the second controller, via a second interface of the third controller, for encryption and storage,wherein;
  
  the first interface is of a first type,the second interface is of a second type,the side interface is of a third type,the first type is different from the second type,the third type is different from the first type and the second type,when the portable storage device is plugged into the host, the portable storage device is unrecognizable by the host before the security access code is verified,the portable storage device is separate and distinct from the host,the first controller is separate and distinct from the second controller, andwhen the portable storage device is locked, the third controller is disengaged from the host.
- View Dependent Claims (18)
- - 18. The portable storage device of claim 17,wherein the second controller comprises the side interface, andwherein the second controller is configured to cause:
    - extracting an operating encryption key based on the encryption key; and
      
      after the operating encryption key is extracted, notifying the third controller to initiate transmitting the enumeration information to the host,wherein encrypting the data from the host comprises encrypting, the data from the host, using the operating encryption key,wherein decrypting the data from the memory comprises decrypting, the data from the memory, using the operating encryption key, andwherein when the portable storage device is caused to be locked, the second controller is configured to cause deleting the operating encryption key from the second controller.

19. An apparatus, comprising:
- a casing;
  
  a memory disposed within the casing and configured to store encrypted data;
  
  an input device disposed at or on the casing and configured to receive a security access code to facilitate unlocking of the apparatus;
  
  a first controller disposed within the casing and coupled to the input device, the first controller configured to cause;
  
  verifying the security access code received at the input device of the apparatus, against an access code stored in the first controller;
  
  when the security access code is verified,retrieving an encryption key, which has been generated internally within the first controller and stored in the first controller prior to receipt of the security access code by the input device, wherein the encryption key is not generated or provided by a host, a user or a second controller; and
  
  providing the encryption key; and
  
  when the apparatus is locked, retaining the encryption key only in the first controller;
  
  the second controller disposed within the casing and coupled to the first controller and the memory, the second controller configured to cause;
  
  after the security access code is verified;
  
  receiving the encryption key from the first controller, via a side interface coupled to the first controller;
  
  encrypting, data from the host, based on an operating encryption key associated with the encryption key, and providing the encrypted data to the memory; and
  
  decrypting, data from the memory, based on the operating encryption key, and providing the decrypted data toward the host; and
  
  when the apparatus is caused to be locked, deleting the encryption key and the operating encryption key from the second controller; and
  
  a third controller disposed within the casing and coupled to the first controller and the second controller, the third controller configured to cause;
  
  after the security access code is verified;
  
  transmitting enumeration information of the apparatus to the host via a first interface of the third controller; and
  
  transferring the data from the host to the second controller, via a second interface of the third controller,wherein;
  
  the first interface is of a first type,the side interface is of a second type,the first type is different from the second type,the apparatus is separate and distinct from the host,the apparatus is removable from the host, andthe first controller is separate and distinct from the second controller.
- View Dependent Claims (20)
- - 20. The apparatus of claim 19,wherein the second controller comprises the side interface, andwherein the second controller is configured to cause:
    - extracting the operating encryption key based on the encryption key; and
      
      after the operating encryption key is extracted, notifying the third controller to initiate transmitting the enumeration information to the host to allow the apparatus to be recognized by the host.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apricorn Incorporated
Original Assignee
Apricorn Incorporated
Inventors
Brown, Paul Cameron, Younggren, Roy Walter
Primary Examiner(s)
Waliullah, Mohammed

Application Number

US16/581,693
Time in Patent Office

189 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/74   operating in dual or compar...

G06F 21/78   to assure secure storage of...

H04L 9/0662   with particular pseudorando...

H04L 9/0861   Generation of secret inform...

H04L 9/0891   Revocation or update of sec...

H04L 9/0897   involving additional device...

H04L 9/3215   using a plurality of channe...

H04L 9/3226   using a predetermined code,...

H04L 9/3234   involving additional secure...

Portable storage device with internal secure controller that performs self-verification and self-generates encryption key(s) without using host or memory controller and that securely sends encryption key(s) via side channel

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Portable storage device with internal secure controller that performs self-verification and self-generates encryption key(s) without using host or memory controller and that securely sends encryption key(s) via side channel

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links