Apparatus and Method For Securing Data on a Portable Storage Device
First Claim
Patent Images
1. A secure portable storage device connectable to a host device, the secure portable storage device comprising:
- a. a storage medium including;
i. a secure user area for storing therein user data in an encrypted form andii. a register for storing therein an encrypted key; and
b. a microprocessor for;
i. using a user password for encrypting a clear key to produce the encrypted key and, in turn, for decrypting the encrypted key to produce the clear key, andii. using the clear key to decrypt the encrypted form of the user data read from the secure user area, and to encrypt the user data received from the host device thereby producing the encrypted form of the user data;
wherein the user password is generated by a user of the secure portable storage device;
wherein the microprocessor is further used to exclude access from the host device to the secure user area unless the user password is provided to the microprocessor; and
wherein, upon the user password being provided to the microprocessor, the secure portable storage device is remounted to the host device.
3 Assignments
0 Petitions
Accused Products
Abstract
A portable storage device including a microprocessor and a secure user data area, the microprocessor operable to perform on-the-fly encryption/decryption of secure data stored on the storage device under a user password, the microprocessor also operable to exclude access to the secure user data area unless the user password is provided.
-
Citations
25 Claims
-
1. A secure portable storage device connectable to a host device, the secure portable storage device comprising:
-
a. a storage medium including; i. a secure user area for storing therein user data in an encrypted form and ii. a register for storing therein an encrypted key; and b. a microprocessor for; i. using a user password for encrypting a clear key to produce the encrypted key and, in turn, for decrypting the encrypted key to produce the clear key, and ii. using the clear key to decrypt the encrypted form of the user data read from the secure user area, and to encrypt the user data received from the host device thereby producing the encrypted form of the user data; wherein the user password is generated by a user of the secure portable storage device; wherein the microprocessor is further used to exclude access from the host device to the secure user area unless the user password is provided to the microprocessor; and wherein, upon the user password being provided to the microprocessor, the secure portable storage device is remounted to the host device. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A secure portable storage device connectable to a host device, comprising:
-
a. a storage medium including a secure user area and a clear user area, both areas used for storing user data exchanged with the host device; and b. a microprocessor operable to exclude access from the host device to the secure user area unless a user password is provided to the microprocessor, and to allow access from the host device to the clear user area without requiring entry of the user password; wherein the user password is generated by a user of the secure portable storage device; and wherein, upon the user password being provided to the microprocessor, the secure portable storage device is remounted to the host device. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A secure portable storage device connectable to a host device, the secure portable storage device comprising:
-
an interface to a host device; and a storage medium including; a secure user area for storing user data; and registers including; a password register for storing therein a clear or hash version of a user password, which user password being user-generated; and a key register for storing therein an encrypted key which is a clear key encrypted by the user password, wherein decryption of the encrypted key with the user password exposes the clear key, the clear key being exposable for use thereof in encrypting and decrypting user data communicated via the interface; wherein the secure portable storage device is configured to exclude access from the host device to the secure user area unless a user-entered password is provided to the secure portable storage device, via the interface, and matched with the clear or hash version of the user password stored in the password register so that in response to such match the secure portable storage device prompts the host device to remount the secure portable storage device to the host device. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A method for accessing a secure user area of a secure portable storage device, the method comprising:
performing by a secure portable storage device that has an interface to a host device and a storage medium including a secure user area for storing user data, a password register for storing therein a clear or hash version of a user password which is user-generated, and a key register for storing therein an encrypted key, which is a clear key encrypted by the user password; receiving a user-entered password from the host device via the interface; matching the user-entered password with the clear or hash version of the user password stored in the password register; in response to such matching, prompting the host device to remount the secure portable storage device to the host device and providing the host device with access to the secure user area; decrypting the encrypted key with the user password to expose the clear key; and performing at least one of; encrypting user data communicated via the interface and decrypting user data communicated via the interface. - View Dependent Claims (20, 21, 22, 23, 24, 25)
Specification