Please download the dossier by clicking on the dossier button x
×

Securing a flash memory block in a secure device system and method

  • US 8,200,961 B2
  • Filed: 02/26/2007
  • Issued: 06/12/2012
  • Est. Priority Date: 11/19/2006
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • encrypting data of a versionable file having an associated file version number, the encrypting based on a key stored in a security kernel;

    storing the encrypted data as stored data in one or more flash memory data blocks of a flash memory device that includes a flash header and flash memory data blocks;

    updating a flash header global version number and a security kernel global version number;

    generating a cryptographic message authentication code (MAC) covering the data and informational variables, wherein the informational variables are generated by or accessible to the operating system software, wherein at least some of the variables are not stored on the flash device;

    storing the MAC in the flash header and the one or more flash memory data blocks;

    storing the updated flash header global version number in the flash header;

    requesting in the clear a key handle to the key in the security kernel and storing the updated security kernel global version number in a key/signature store in the security kernel;

    generating a new MAC for the one or more flash memory data blocks using the file version number as a parameter;

    storing the new MAC in the one or more flash memory data blocks;

    retrieving the encrypted data and the MAC from the one or more flash memory data blocks;

    performing a validation check on the retrieved data using the MAC;

    rejecting the retrieved data if the retrieved data fails the validation check;

    if the retrieved data passes the validation check;

    accepting the retrieved data;

    decrypting the retrieved data.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×