Storage device, an encrypting/decrypting device and method of accessing a non-volatile memory
First Claim
1. A storage device, for storing data, comprising:
- a rewritable non-volatile memory (11) storing data; and
controlling means (12) for accessing said non-volatile memory, and said storage device being characterized in that;
a first encrypting key is stored in said non-volatile memory, a second encrypting key is stored in said controlling means and the first encrypting key is encrypted using the second encrypting key; and
said controlling means includes key decrypting means (12) for decrypting the first encrypting key using the second encrypting key, writing means (12) for encrypting data using the first encrypting key decrypted by said key decrypting means, and writing the encrypted data in said non-volatile memory, and reading means (12) for reading out data from said non-volatile memory, and decrypting the read data using the first encrypting key which is decrypted by said key decrypting means.
2 Assignments
0 Petitions
Accused Products
Abstract
A storage device (10) has a flash memory (11), a controller (16) and a second ROM (15). In the flash memory (11), a data key is stored, which is a key unique to each storage device (10). In the second ROM (15), a system key is stored which is an encrypting key common to storage devices (10). The controller (16), when writing data, encrypts the data with the data and system keys and writes the encrypted data in the flash memory (11), and when reading data, decrypts the data with the data and system keys to output the decrypted data. The data key may be encrypted with the system key. In this case, when to write data, the controller (16) may decrypt the data key with the system key, and encrypt data with the decrypted key, and when to read data, the controller may decrypt the data key with the system key, and decrypt the encrypted data with the decrypted data key.
93 Citations
21 Claims
-
1. A storage device, for storing data, comprising:
-
a rewritable non-volatile memory (11) storing data; and
controlling means (12) for accessing said non-volatile memory, and said storage device being characterized in that;
a first encrypting key is stored in said non-volatile memory, a second encrypting key is stored in said controlling means and the first encrypting key is encrypted using the second encrypting key; and
said controlling means includes key decrypting means (12) for decrypting the first encrypting key using the second encrypting key, writing means (12) for encrypting data using the first encrypting key decrypted by said key decrypting means, and writing the encrypted data in said non-volatile memory, and reading means (12) for reading out data from said non-volatile memory, and decrypting the read data using the first encrypting key which is decrypted by said key decrypting means. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
said non-volatile memory includes a flash memory (11); and
said controlling means includes a mask ROM (Read Only Memory) (15) storing the second encrypting key.
-
-
5. The storage device according to claim 1, characterized in that said key decrypting means retrieves a password, and decrypts the encrypted first encrypting key only in a case where a proper password is input.
-
6. The storage device according to claim 1, characterized in that:
-
the first encrypting key is encrypted with the third encrypting key which is generated based on the second encrypting key and a password, and is stored in said non-volatile memory; and
said key decrypting means includes means for inputting the password, means for generating a third encrypting key based on the input password, and means (16) for decrypting the encrypted first encrypting key using the second encrypting key and the generated third encrypting key.
-
-
7. The storage device according to claim 1, characterized in that:
-
said key decrypting means includes a decrypting program and means (16) for executing the decrypting program; and
the decrypting program is stored in said non-volatile memory.
-
-
8. The storage device according to claim 1, characterized in that said key decrypting means, said writing means and said reading means store the decrypted first encrypting key, and include a volatile memory (13) which is protected from any external access.
-
9. The storage device according to claim 1, characterized in that said non-volatile memory includes a flash memory (11).
-
10. The storage device according to claim 1, characterized in that said controlling means includes key generation means (16) for generating the first encrypting key, encrypting the generated first encrypting key using the second encrypting key, and storing the encrypted first encrypting key in said non-volatile memory.
-
11. The storage device according to claim 10, characterized in that said key generation means generates the first encrypting key based on an input password.
-
12. The storage device according to claim 10, characterized in that the second encrypting key is an encrypting key common to the plurality of storage devices.
-
13. A storage device comprising:
-
encrypting key storage means (11) for storing an encrypted encrypting key;
a rewritable non-volatile memory (11) which stores encrypted data using the encrypting key;
controlling means which includes decrypting means (16) for decrypting the encrypting key, a volatile memory (13) which stores the encrypting key decrypted by said decrypting means, writing means (16) for externally-sent encrypting data using the encrypting key stored in said volatile memory and for writing the data in said non-volatile memory, reading means (16) for reading data from said non-volatile memory, decrypting the read data using the encrypting key stored in said volatile memory, and outputting the data; and
prohibition means (16, 22, IDB, 25) for prohibiting any external access to said volatile memory, and said storage device being characterized in that the decrypted encrypting key is protected from any external access. - View Dependent Claims (14, 15, 16)
said device being so formed that the decrypted encrypting key is not output onto said data bus.
-
-
17. A storage device comprising:
-
first encrypting key storage means (11) for storing a first encrypting key;
second encrypting key storage means (15) for storing a second encrypting key;
third encrypting key storage means (15) for storing a third encrypting key;
writing means (16) for encrypting data using the first to third encrypting keys stored in said first to third encrypting key storage means, and writing the encrypted data in a non-volatile memory; and
reading means (16) for reading data from the non-volatile memory, decrypting the read data using the first to third encrypting keys, and outputting the data, and said storage device being characterized in that the first to third encrypting keys are separately arranged.
-
-
18. An accessing method of accessing a non-volatile memory, characterized by comprising:
-
storing in a read-only memory a common encrypting key which is common to a plurality of devices;
encrypting with the common encrypting key individual encrypting keys unique to each of the plurality of devices, and storing the encrypted individual encrypting keys in a rewritable non-volatile memory;
decrypting the individual encrypting keys using the common encrypting key, encrypting data using the decrypted individual encrypting keys, and writing the encrypted data into the non-volatile memory, when writing data into the non-volatile memory; and
decrypting the individual encrypting keys using the common encrypting key, decrypting data read out from the non-volatile memory using the decrypted individual encrypting keys, and outputting the decrypted data, when reading data from the non-volatile memory. - View Dependent Claims (19, 20, 21)
inputting the password;
generating the third encrypting key based on the input password; and
decrypting the individual encrypting keys using the common encrypting key and the generated third encrypting key.
-
-
21. The accessing method of a non-volatile memory, according to claim 18, characterized in that the common encrypting key and the decrypted individual encrypting keys are protected from any external access.
Specification