System and method for providing security to a portable storage device

US 7,631,195 B1
Filed: 03/15/2006
Issued: 12/08/2009
Est. Priority Date: 03/15/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A system comprising a portable storage device and a host system, said portable storage device being coupleable to said host system using a Universal Serial Bus (USB) interface such that a microprocessor disposed on the portable storage device is accessible by a central processing unit of the host system through the USB interface when the portable storage device is coupled to the host system,wherein said portable storage device includes a random number generator operable to generate a new random number each time the portable storage device is accessed by the host system;

wherein said host system includes an encryption engine operable to encrypt a password, a logical block address and data using the random number generated by the portable storage device,wherein said portable storage device includes a secure area for storing the encrypted password, encrypted logical block address and encrypted data,the host system encryption engine being further operable to encrypt the random number using a key to generate an encrypted random number, the encrypted random number being stored in the secure area of the portable storage device and associated with the encrypted data;

wherein said host system further includes a decryption engine operable to decrypt the encrypted random number using the key and to decrypt the encrypted data associated with the encrypted random number; and

wherein said portable storage further includes a decryption engine operable to decrypt the encrypted password and the encrypted logical block address and to generate an encrypted password and an unencrypted logical block address.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for providing security to a portable storage device coupleable to a host system and associated methods are disclosed. The system includes a portable storage device random number generator operable to generate a random number for storage in the portable storage device and the host system each time the portable storage device is accessed by the host system. A random number generated in this manner may be used by the host system in a write process to encrypt a logical branch address, a user password, and user data which may be written to the portable storage device as encrypted data and stored in a secure area of the portable storage device. The write process may further include encrypting the random number using a key associated with the portable storage device to generate an encrypted random number, which may be written to the portable storage device and associated with the encrypted data. The random number is not stored in the host system. A new random number may be generated each time the portable storage device is queried. In a read process the host system may decrypt the encrypted random number associated with the encrypted data to be read using the key associated with the portable storage device to generate the random number. The read process may further include using the random number to decrypt the associated encrypted data. Access to read/write processes may be password protected.

Citations

20 Claims

1. A system comprising a portable storage device and a host system, said portable storage device being coupleable to said host system using a Universal Serial Bus (USB) interface such that a microprocessor disposed on the portable storage device is accessible by a central processing unit of the host system through the USB interface when the portable storage device is coupled to the host system,wherein said portable storage device includes a random number generator operable to generate a new random number each time the portable storage device is accessed by the host system;
- wherein said host system includes an encryption engine operable to encrypt a password, a logical block address and data using the random number generated by the portable storage device,wherein said portable storage device includes a secure area for storing the encrypted password, encrypted logical block address and encrypted data,the host system encryption engine being further operable to encrypt the random number using a key to generate an encrypted random number, the encrypted random number being stored in the secure area of the portable storage device and associated with the encrypted data;
  
  wherein said host system further includes a decryption engine operable to decrypt the encrypted random number using the key and to decrypt the encrypted data associated with the encrypted random number; and
  
  wherein said portable storage further includes a decryption engine operable to decrypt the encrypted password and the encrypted logical block address and to generate an encrypted password and an unencrypted logical block address.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, wherein the random number generator uses thermal noise as a source of randomness.
  - 3. The system of claim 1, wherein the random number generator comprises a pseudo-random number generator.
  - 4. The system of claim 1, wherein said portable storage device further comprises a first hash engine operable to hash the unencrypted password.
  - 5. The system of claim 1, wherein said portable storage device further comprises a second hash engine operable to hash a portable storage device serial number.
  - 6. The system of claim 5, wherein said portable storage device further comprises a scramble engine operable to generate an index from the unencrypted logical block address and the hashed serial number.
  - 7. The system of claim 6, wherein said portable storage device further comprises a physical block address translator operable to translate the index into the physical block address.
  - 8. The system of claim 1, wherein said portable storage device further comprises a comparator operable to compare hashed passwords.

9. A method for providing security to a portable storage device coupleable to a host system using a Universal Serial Bus (USB) interface such that a microprocessor disposed on the portable storage device is accessible by a central processing unit of the host system through the USB interface when the portable storage device is coupled to the host system, the method comprising the steps of:
- receiving in the host system a random number generated by the portable storage device each time the portable storage device is accessed by the host system, wherein the portable storage device includes a random number generator that generates a new said random number each time the portable storage device is accessed by the host system;
  
  encrypting a user password using the random number in the host system;
  
  sending the encrypted password to the portable storage device;
  
  decrypting the encrypted password using the random number, wherein said decrypting is performed by a decryption engine disposed on the portable storage device;
  
  hashing the decrypted password in the portable storage device, wherein said hashing is performed by a hash engine disposed on the portable storage device;
  
  comparing the hashed password to a hashed password stored in the portable storage device, wherein said comparing is performed by a comparator disposed on the portable storage device; and
  
  allowing access to a secure area of the portable storage device in the case where the hashed password is the same as the stored hashed password.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The method of claim 9, further comprising encrypting a logical branch address and data using the random number in the host system and sending the encrypted logical branch address and the encrypted data to the portable storage device.
  - 11. The method of claim 10, further comprising decrypting the encrypted logical branch address and scrambling the decrypted logical branch address to generate a physical branch address to which the encrypted data and encrypted random number are written, wherein said decrypting and scrambling are performed by associated engines disposed on the portable storage device.
  - 12. The method of claim 10, further comprising decrypting the encrypted logical branch address and scrambling the decrypted logical branch address to generate a physical branch address from which the encrypted data and the encrypted random number are read, wherein said decrypting and scrambling are performed by associated engines disposed on the portable storage device.
  - 13. The method of claim 9, further comprising erasing the random number from the host system following the host system user password encryption step.

14. A method for providing security to a portable storage device coupleable to a host system using a Universal Serial Bus (USB) interface such that a microprocessor disposed on the portable storage device is accessible by a central processing unit of the host system through the USB interface when the portable storage device is coupled to the host system, the method comprising the steps of:
- generating a random number in the portable storage device each time the portable storage device is accessed by the host system, wherein the portable storage device includes a random number generator that generates a new said random number each time the portable storage device is accessed by the host system;
  
  providing the generated random number to the host system;
  
  encrypting a password, a logical block address and data using the random number in the host system;
  
  providing the encrypted password, encrypted logical block address and encrypted data to the portable storage device;
  
  storing the encrypted password, encrypted logical block address and encrypted data in a secure area of the portable storage device;
  
  encrypting the random number using a key to generate an encrypted random number in the host system;
  
  providing the encrypted random number to the portable storage device;
  
  storing the encrypted random number in the secure area of the portable storage device; and
  
  associating the encrypted random number with the stored encrypted data.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The method of claim 14, further comprising decrypting the encrypted random number using the key and decrypting the encrypted data associated with the encrypted random number using the decrypted random number in the host system.
  - 16. The method of claim 14, further comprising decrypting the encrypted logical branch address and scrambling the logical branch address to generate a physical branch address in the portable storage device.
  - 17. The method of claim 16, further comprising writing the encrypted data to the physical branch address.
  - 18. The method of claim 16, further comprising reading the encrypted data from the physical branch address.
  - 19. The method of claim 14, further comprising erasing the random number from the host system following the host system encryption steps.
  - 20. The method of claim 14, wherein the random number is generated using thermal noise as a source of randomness.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Super Talent Technology, Corporation
Original Assignee
Super Talent Electronics, Inc.
Inventors
Lee, Charles C., Yu, I-Kang
Primary Examiner(s)
Revak; Christopher A

Application Number

US11/377,235
Time in Patent Office

1,364 Days
Field of Search

None
US Class Current

713/189
CPC Class Codes

G06F 21/72   in cryptographic circuits

G06F 21/80   in storage media based on m...

H04L 9/0662   with particular pseudorando...

H04L 9/0897   involving additional device...

H04L 9/3226   using a predetermined code,...

System and method for providing security to a portable storage device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for providing security to a portable storage device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links