Drive/host locking system
First Claim
1. A computer implemented method for providing access between a first party and a second party, said method comprising the steps of:
- generating a challenge value using a disk drive controller at said first party;
transmitting said challenge value to said second party;
generating, using a secure hash algorithm, a response value using a combination of a lock value and said challenge value at said second party;
wherein said lock value indicates a desired access mode;
transmitting said response value to said first party, wherein said disk drive controller receives the challenge and lock value; and
validating said response value by said first party, wherein said validating step further comprises;
computing a duplicate response value on said disk drive controller by performing a duplicate secure hash algorithm;
comparing said response value to said duplicate response value; and
granting said second party access to said first party in accordance with the desired access mode indicated by the lock value if the response and duplicate response values match.
12 Assignments
0 Petitions
Accused Products
Abstract
An authentication system for securing information within a disk drive to be read and written to only by a specific host computer such that it is difficult or impossible to access the drive by any system other than a designated host is disclosed. While the invention is similar in intent to a password scheme, it significantly more secure. The invention thus provides a secure environment for important information stored within a disk drive. The information can only be accessed by a host if the host can respond to random challenges asked by the disk drive. The host'"'"'s responses are generated using a cryptography chip processing a specific algorithm. This technique allows the disk drive and the host to communicate using a coded security system where attempts to break the code and choose the correct password take longer to learn than the useful life of the disk drive itself.
39 Citations
20 Claims
-
1. A computer implemented method for providing access between a first party and a second party, said method comprising the steps of:
-
generating a challenge value using a disk drive controller at said first party; transmitting said challenge value to said second party; generating, using a secure hash algorithm, a response value using a combination of a lock value and said challenge value at said second party; wherein said lock value indicates a desired access mode; transmitting said response value to said first party, wherein said disk drive controller receives the challenge and lock value; and validating said response value by said first party, wherein said validating step further comprises; computing a duplicate response value on said disk drive controller by performing a duplicate secure hash algorithm; comparing said response value to said duplicate response value; and granting said second party access to said first party in accordance with the desired access mode indicated by the lock value if the response and duplicate response values match. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An apparatus for providing access between a first party and a second party, said apparatus comprising:
-
means for generating a challenge value using a disk drive controller at said first party; means for transmitting said challenge value to said second party; means for generating, using a secure hash algorithm, a response value using a combination of a lock value and said challenge value at said second party; wherein said lock value indicates a desired access mode; means for transmitting said response value to said first party, wherein said disk drive controller receives the challenge and lock value; and means for validating said response value by said first party, wherein said validating means further comprises; means for computing a duplicate response value on said disk drive controller by said disk drive controller executing a duplicate secure hash algorithm; means for comparing said response value to said duplicate response value; means for granting said second party access to said first party in accordance with the desired access mode indicated by the lock value if the response and duplicate response values match. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification