Cascaded Data Encryption Dependent on Attributes of Physical Memory
First Claim
1. A method comprising:
- encrypting input data in relation to a first auxiliary data value to provide first level ciphertext;
subsequently encrypting the first level ciphertext in relation to a second auxiliary data value associated with a selected physical location in a memory to provide second level ciphertext; and
storing the second level ciphertext to said selected physical location in the memory.
1 Assignment
0 Petitions
Accused Products
Abstract
Apparatus and method for providing data security through cascaded encryption. In accordance with various embodiments, input data are encrypted in relation to a first auxiliary data value to provide first level ciphertext. The first level ciphertext are encrypted using a second auxiliary data value associated with a selected physical location in a memory to produce second level ciphertext, which are thereafter stored to the selected physical location. In some embodiments, migration of the stored data to a new target location comprises partial decryption and re-encryption of the data using a third auxiliary data value associated with a new target physical location to produce third level ciphertext, and the storage of the third level ciphertext to the new target physical location.
-
Citations
20 Claims
-
1. A method comprising:
-
encrypting input data in relation to a first auxiliary data value to provide first level ciphertext; subsequently encrypting the first level ciphertext in relation to a second auxiliary data value associated with a selected physical location in a memory to provide second level ciphertext; and storing the second level ciphertext to said selected physical location in the memory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method comprising sequential steps of:
-
applying multi-level encryption to input data in relation to a first auxiliary data value associated with a first physical address in a memory to generate a first set of ciphertext; storing the first set of ciphertext to said first physical address; decrypting the first set of ciphertext using the first auxiliary value to provide partially decrypted ciphertext; re-encrypting the decrypted ciphertext in relation to a different, second auxiliary data value associated with a different, second physical address in the memory to generate a second set of ciphertext; and writing the second set of ciphertext to the second physical address responsive to the first set of ciphertext remaining stored in the first physical address. - View Dependent Claims (13, 14, 15, 16)
-
- 17. An apparatus comprising a non-volatile memory and a controller adapted to, responsive to receipt of input user data from a host device, apply multi-level encryption to said input user data in relation to a first auxiliary data value associated with a first physical location in the memory to generate a first set of ciphertext, and to direct storage of the first set of ciphertext to said first physical location.
Specification