×

Incremental encryption of stored information

  • US 8,275,996 B1
  • Filed: 04/12/2010
  • Issued: 09/25/2012
  • Est. Priority Date: 04/12/2010
  • Status: Active Grant
First Claim
Patent Images

1. An apparatus comprising:

  • a host interface coupled to a host device accepting read commands;

    a storage device interface coupled to a storage device configured to store information;

    an encryption apparatus configured to encrypt information;

    a decryption apparatus configured to decrypt information received by said storage device interface before being delivered to said host interface;

    a key storage circuit storing one or more keys;

    a memory device storing a block status table containing a plurality of entries based on the location of data on said storage device, wherein at least one entry in said block status table is in one of a first state, a second state and a third state;

    wherein said first state is indicative of an Encrypted (E) state, said second state is indicative of an Unencrypted—

    Don'"'"'t Encrypt (DE) state or an Unencrypted—

    Encrypt on Write (EOW) state, and said third state is indicative of an Unencrypted—

    Encrypt on Read or Write (EORW) state;

    a circuit configured to conditionally decrypt data based on information stored in said block status table, wherein data is decrypted if said entry is in said first state, and data is not decrypted if said entry is in said second state or in said third state; and

    a circuit configured to conditionally encrypt data based on information stored in said block status table, wherein data received from said storage device interface is first encrypted and then returned to said storage device interface if said entry is in said third state;

    wherein if said entry in said block status table is in said third state, said entry is automatically updated from said third state to said first state when a read command is received to reflect a dynamic change in data stored on said storage device from an unencrypted state to an encrypted state, and wherein if said entry in said block status table is in said first state or said second state, said entry is not updated.

View all claims
  • 0 Assignments
Timeline View
Assignment View
    ×
    ×