Method and system to provide security implementation for storage devices

US 7,876,894 B2
Filed: 11/14/2006
Issued: 01/25/2011
Est. Priority Date: 11/14/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

for each addressable block of a storage device into which encrypted data is stored, generating a multi-byte random number unique to that block from a random number generator, the random number generator comprising a hardware register whose value is unpredictable on power up;

generating an initialization vector from the random number, the initialization vector being completely independent of the data;

encrypting data to be stored in a block employing the initialization vector as at least a portion of an encryption key;

storing the random number in the block; and

storing the encrypted data into the block;

wherein the initialization vector depends on a random number stored with the data and is not dependent upon the data.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, method that can be performed on a system, is provided to security implementations for storage devices. In one embodiment, the method comprises providing a separate encryption seed for each of a plurality of separate addressable blocks of a non-volatile storage device, wherein a common encryption method is to encrypt data to be stored on the plurality of separate addressable blocks. In one embodiment, the storage device is a portable storage device. In one embodiment, encryption seed is an Initialization Vector (IV). In one embodiment, the encryption seeds comprise at least one of a media serial number and a logical block address corresponding to the respective block of the non-volatile storage device. In an alternative embodiment, the method further comprises storing at least a part of the separate encryption seed of the separate blocks of the non-volatile storage device within the respective blocks of the storage device.

89 Citations

View as Search Results

13 Claims

1. A method comprising:
- for each addressable block of a storage device into which encrypted data is stored, generating a multi-byte random number unique to that block from a random number generator, the random number generator comprising a hardware register whose value is unpredictable on power up;
  
  generating an initialization vector from the random number, the initialization vector being completely independent of the data;
  
  encrypting data to be stored in a block employing the initialization vector as at least a portion of an encryption key;
  
  storing the random number in the block; and
  
  storing the encrypted data into the block;
  
  wherein the initialization vector depends on a random number stored with the data and is not dependent upon the data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising generating the initialization vector by combining the random number with the address of the block.
  - 3. The method of claim 2, wherein generating the initialization vector further comprises combining with the random number and the address of the block a serial number of the storage device.
  - 4. The method of claim 2, wherein the address of the block comprises a logical block address.
  - 5. Article of manufacture, comprising storage device media encrypted according to the method of claim 1.
  - 6. A method of decrypting data encrypted according to the method of claim 1, comprising:
    - reading the random number stored in a block; and
      
      generating an initialization vector for decoding the data in the block from the random number read from the block.
  - 7. The method according to claim 6, wherein the generating step comprising concatenating the address of the block with the read random number.
  - 8. The method according to claim 6, wherein the generating step comprising concatenating with the read random number the address of the block and a media serial number of the storage device.
  - 9. The method of claim 1, wherein the storing of the random number in a block further comprises storing the random number within at least a first addressable bytes of the respective blocks of the storage device.
  - 10. The method of claim 1, wherein at least one or more of the blocks are one of 528 bytes or a multiple of 528 bytes.
  - 11. A machine readable-medium having stored thereon a set of instructions, which when executed perform a method according to claim 1.

12. A method comprising:
- for each set of consecutively addressable blocks of a storage device into which encrypted data is stored, a set comprising two or more consecutively addressable blocks, generating a multi-byte random number unique to that set from a random number generator, the random number generator comprising a hardware register whose value is unpredictable on power up;
  
  generating an initialization vector from the random number, the initialization vector being independent of the data;
  
  encrypting data to be stored in a set employing the initialization vector as at least a portion of an encryption key;
  
  storing the random number in the set; and
  
  storing the encrypted data into the set.
- View Dependent Claims (13)
- - 13. Article of manufacture, comprising storage device media encrypted according to the method of claim 12.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Technology Properties Limited LLC
Original Assignee
MCM Portfolio LLC
Inventors
Iyer, Sree Mambakkam, Kumar, Santosh, Jones, Larry Lawson, Venkidu, Arockiyaswamy
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Kaplan; Benjamin A

Application Number

US11/559,749
Publication Number

US 20080114994A1
Time in Patent Office

1,533 Days
Field of Search

380/37, 380/43, 380/201, 380/262, 713/193
US Class Current

380/37
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/79   in semiconductor storage me...

G06F 2221/2107   File encryption

G11B 20/00086   Circuits for prevention of ...

G11B 20/00115   wherein the record carrier ...

G11B 20/00152   involving a password

G11B 20/0021   involving encryption or dec...

G11B 2220/60   Solid state media details o...

Method and system to provide security implementation for storage devices

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

89 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system to provide security implementation for storage devices

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

89 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links