Method and apparatus for preserving error correction capabilities during data encryption/decryption

US 6,047,069 A
Filed: 07/17/1997
Issued: 04/04/2000
Est. Priority Date: 07/17/1997
Status: Expired due to Fees

First Claim

Patent Images

1. A process for applying cryptography to data while preserving error correction capabilities, comprising the steps of:

applying an error correction code generation scheme to data to which said cryptography is to be applied;

providing a random sequence generator;

generating a random data sequence;

creating a redundancy sequence for error correction by applying the same error correction code generation scheme to the random data sequence as that which had been applied to said data to which cryptography is to be applied; and

combining said random data sequence with said redundancy sequence, wherein said redundancy sequence is equal to or greater than the size of data to be encrypted.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data encryption/decryption system encrypts data and its associated redundancy bytes while retaining the error correction capabilities of the original data. The error correction function can then be removed, for example, from a storage drive and performed by, e.g. a host processor or a other entity. The storage drive reads the raw data, including error correction codes, from the media and encrypts the data by exclusive OR-ing each error correction code (ECC) block with a new ECC block which was generated using random data and the same ECC scheme. Error correction of the new data block can be performed in the host processor or other entity without exposing the original data. The error correction is valid for any errors that occurred in the original raw data because the ECC redundancy bytes of the random data block were created using the same ECC generator as was used with the original data. A trusted entity decrypts the error corrected data block by creating a random data block that is the equivalent of the random data block created in the storage drive. The error corrected data block is exclusive OR-ed with the random data block and is returned its original decrypted and error corrected state.

Citations

18 Claims

1. A process for applying cryptography to data while preserving error correction capabilities, comprising the steps of:
- applying an error correction code generation scheme to data to which said cryptography is to be applied;
  
  providing a random sequence generator;
  
  generating a random data sequence;
  
  creating a redundancy sequence for error correction by applying the same error correction code generation scheme to the random data sequence as that which had been applied to said data to which cryptography is to be applied; and
  
  combining said random data sequence with said redundancy sequence, wherein said redundancy sequence is equal to or greater than the size of data to be encrypted.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The process of claim 1, further comprising the step of:
    - generating a random number seed used to initialize a random number generator to produce said random data sequence;
      
      wherein the length of said random number seed is long enough to ensure the required cryptographic strength.
  - 3. The process of claim 2, further comprising the step of:
    - transferring said random number seed to a trusted entity in a secure manner.
  - 4. The process of claim 1, further comprising the step of:
    - creating an encrypted data sequence by exclusive OR-ing said data to be encrypted and said random data sequence.
  - 5. The process of claim 4, further comprising the step of:
    - performing error correction of said encrypted sequence on a host processor.
  - 6. The process of claim 4, further comprising the step of:
    - performing error correction of said encrypted sequence on a trusted entity.
  - 7. The process of claim 4, further comprising the step of:
    - generating a second data sequence using said predefined pseudo random number generator located on said trusted entity;
      
      wherein said second data sequence is substantially equal in length to said data sequence.
  - 8. The process of claim 7, further comprising the step of:
    - creating a decrypted data sequence by exclusive OR-ing said encrypted sequence and said second data sequence.
  - 9. The process of claim 1, wherein said random data sequence is reused on subsequent data.
  - 10. The process of claim 1, wherein said random data sequence is regenerated for subsequent data.

11. An apparatus for applying cryptography to data while preserving error correction capabilities, comprising:
- means for applying an error correction code generation scheme to data to which said cryptography is to be applied,a pseudo random number generator for generating a random data sequence;
  
  said pseudo random number generator creating a redundancy sequence for error correction by applying the same error correction code generation scheme to the random data sequence as that which had been applied to said data to which cryptography is to be applied; and
  
  means for combining said random data sequence with said redundancy sequence, wherein said redundancy sequence is equal to or greater than the size of data to be encrypted.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The apparatus of claim 11, said pseudo random number generator further comprising:
    - a module for generating a random number seed for initializing said random number generator to produce said random data sequence;
      
      wherein the length of said random number seed is long enough to ensure the required cryptographic strength.
  - 13. The apparatus of claim 12, said pseudo random number generator further comprising:
    - a module for transferring said random number seed to a trusted entity.
  - 14. The apparatus of claim 11, said pseudo random number generator further comprising:
    - a module for creating an encrypted data sequence by exclusive OR-ing said data to be encrypted and said random data sequence.
  - 15. The apparatus of claim 14, further comprising:
    - an error correction module located on a host processor;
      
      wherein said error correction module performs error correction of said encrypted sequence on a host processor or other entity.
  - 16. The apparatus of claim 14, further comprising:
    - an error correction module located on a trusted entity; and
      
      wherein said error correction module performs error correction of said encrypted sequence on a host processor.
  - 17. The apparatus of claim 14, further comprising:
    - a module located on said trusted entity for generating a second data sequence using said predefined pseudo random number generator;
      
      wherein said second data sequence is equal in length to said data sequence.
  - 18. The apparatus of claim 17, said module for generating a second data sequence further comprising:
    - a module for creating a decrypted data sequence, by exclusive OR-ing said encrypted sequence and said second data sequence.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Company (HP Inc.)
Original Assignee
Hewlett-Packard Company (HP Inc.)
Inventors
Hogan, Josh
Primary Examiner(s)
Hayes, Gail O.
Assistant Examiner(s)
LATHAM, BRYAN S

Application Number

US08/896,002
Time in Patent Office

992 Days
Field of Search

380/28, 380/268, 380/201, 714/752, 714/758, 714/800, 713/189
US Class Current

380/268
CPC Class Codes

H03M 13/1515   Reed-Solomon codes

H03M 13/2909   Product codes

H04L 1/0057   Block codes H04L1/0061, H04...

H04L 2209/08   Randomization, e.g. dummy o...

H04L 2209/30   Compression, e.g. Merkle-Da...

H04L 9/304   based on error correction c...

Method and apparatus for preserving error correction capabilities during data encryption/decryption

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for preserving error correction capabilities during data encryption/decryption

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links