STORAGE DEVICE ASSISTED INLINE ENCRYPTION AND DECRYPTION
First Claim
1. A method operational at a host storage controller to encrypt data during a write operation to a storage device external to the host storage controller, comprising:
- obtaining a write command from a requesting host software component to write data to the storage device;
sending the write command to the storage device;
obtaining a parameter associated with the data from the storage device;
generating an encryption key based on the parameter; and
encrypting the data using the encryption key.
1 Assignment
0 Petitions
Accused Products
Abstract
Various features pertain to inline encryption and decryption. In one aspect, inline read/write operations are performed by configuring an off-chip storage device to provide parameters to facilitate inline encryption/decryption of data by a host storage controller of a system-on-a-chip (SoC.) The parameters provided by the storage device to the host storage controller include an identifier that is the same for read and write operations for a particular block of data but differs from one block of data to another. The host storage controller employs the parameters as initial vectors to generate encryption keys for use in encrypting/decrypting data. Exemplary read and write operations of the host storage controller and the off-chip storage device are described herein. Examples are also described wherein the parameters are obtained from host memory rather than from the storage device.
-
Citations
30 Claims
-
1. A method operational at a host storage controller to encrypt data during a write operation to a storage device external to the host storage controller, comprising:
-
obtaining a write command from a requesting host software component to write data to the storage device; sending the write command to the storage device; obtaining a parameter associated with the data from the storage device; generating an encryption key based on the parameter; and encrypting the data using the encryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method operational at a host storage controller to decrypt data during a read operation from a storage device external to the host storage controller, comprising:
-
obtaining a read command from a requesting host software component to read data from the storage device; sending the read command to the storage device; obtaining encrypted data and a parameter associated with the encrypted data from the storage device; generating a decryption key based on the parameter; and decrypting the encrypted data using the decryption key. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A device comprising:
-
a storage device to store data; a processing circuit coupled to the storage device, the processing circuit having a host storage controller configured to obtain a write command from a requesting host software component to write data to the storage device; send the write command to the storage device; obtain a parameter associated with the data from the storage device; generate an encryption key based on the parameter; and encrypt the data using the encryption key. - View Dependent Claims (22, 23, 24, 25)
-
-
26. A device comprising:
-
a storage device to store data; a processing circuit coupled to the storage device, the processing circuit having a host storage controller configured to obtain a read command from a requesting host software component to read data from the storage device; send the read command to the storage device; obtain encrypted data and a parameter associated with the encrypted data from the storage device; generate a decryption key based on the parameter; and decrypt the encrypted data using the decryption key. - View Dependent Claims (27, 28, 29, 30)
-
Specification