METHOD FOR THE SECURED RECORDING OF DATA, CORRESPONDING DEVICE AND PROGRAM
First Claim
1. Method for the secured recording of data, implemented in a data-recording device comprising a first non-secured memory and a second secured memory, the method comprising the following steps:
- obtaining a derived key corresponding to the data recorded in the second memory from a root key recorded in the second memory;
encrypting data using the derived key, delivering encrypted data;
recording the encrypted data in the first memory;
determining a hash imprint of said data;
recording said hash imprint in association with the data in a hash file recorded in the first memory;
recording a general hash imprint, representing the content of the hash file comprising said hash imprint, in the second memory; and
eliminating the data in the second memory subsequently to said recording of encrypted data in the first memory.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for the secured recording of data, implemented in a data-recording device having a first non-secured memory and a second secured memory, is disclosed. The method has the steps of: obtaining a derived key corresponding to the data in the second memory from a root key recorded in the second memory; encrypting data using the derived key, delivering encrypted data; recording the encrypted data in the first memory; determining a hash imprint of said data; recording said hash imprint in a hash file recorded in the first memory; recording a general hash imprint, representing the content of the hash file comprising said hash imprint, in the second memory; and eliminating the data in the second memory.
8 Citations
14 Claims
-
1. Method for the secured recording of data, implemented in a data-recording device comprising a first non-secured memory and a second secured memory, the method comprising the following steps:
-
obtaining a derived key corresponding to the data recorded in the second memory from a root key recorded in the second memory; encrypting data using the derived key, delivering encrypted data; recording the encrypted data in the first memory; determining a hash imprint of said data; recording said hash imprint in association with the data in a hash file recorded in the first memory; recording a general hash imprint, representing the content of the hash file comprising said hash imprint, in the second memory; and eliminating the data in the second memory subsequently to said recording of encrypted data in the first memory. - View Dependent Claims (2, 3, 4, 5, 6, 11)
-
-
7. Method for the secured retrieval of data, implemented in a data-recording device comprising a first non-secured memory and a second secured memory, the method comprising:
-
a verification of the integrity of a hash file recorded in the first memory from a general hash imprint recorded in the second memory; and when the hash file is detected as having integrity, the method furthermore comprises, upon reception of a request for access to data, the following steps; obtaining a derived key corresponding to encrypted data recorded in the first memory, from a root key recorded in the second memory; decrypting encrypted data using the obtained derived key so as to retrieve said data; recording said data in the second memory; determining the hash imprint of said data; verifying the integrity of the data recorded in the second memory by comparing the hash imprint determined for the data with a hash imprint recorded in the hash file in association with said data; and authorization of access to the data in the second memory in response to said access request, only if the data has been determined as having integrity. - View Dependent Claims (8, 9, 10, 12)
-
-
13. Data-recording device comprising:
-
a first non-secured memory; a second secured memory; an obtaining module configured to obtain a derived key corresponding to data recorded in the second memory from a root key recorded in the second memory; an encryption module configured for the encryption, using the derived key, of said data so as to deliver encrypted data; a first recording module configured for the recording of the encrypted data in the first memory; a determining module configured to determine a hash imprint of said data; a second recording module configured for the recording of said hash imprint, in association with the data, in a hash file recorded in the first memory; a third recording module configured for the recording, in the second memory, of a general hash imprint representing the content of the hash file comprising said hash imprint; and an elimination module configured to eliminate the data in the second memory after said recording of the encrypted data in the first memory. - View Dependent Claims (14)
-
Specification