Method and apparatus for overwriting an encryption key of a media drive

US 8,645,716 B1
Filed: 10/04/2011
Issued: 02/04/2014
Est. Priority Date: 10/08/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

detecting a power event of a media drive, the media drive securely storing encrypted data, the encrypted data decryptable using one or more plain-text keys stored in a one-time-programmable (OTP) memory of the media drive;

activating, responsive to the detection of the power event of the media drive, a periodic counter, the periodic counter configured to cause, responsive to reaching a predetermined value that corresponds with a particular amount of time, the one or more plain-text keys stored in the OTP memory to be overwritten effective to zeroize the one or more plain-text keys; and

deactivating, responsive to an indication that the media drive is secure and before the predetermined value is reached, the periodic counter to prevent the one or more plain-text keys stored in the OTP memory from being zeroized effective to enable access to the one or more plain-text keys for decrypting the encrypted data after the particular amount of time has elapsed.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure describes apparatuses and techniques for fail-safe key zeroization. In some aspects a periodic counter is activated that is configured to indicate an amount of time that content of a one-time-programmable (OTP) memory is accessible and overwriting of the content of the OTP is caused when the periodic counter reaches a predetermined value effective to zeroize the content. In other aspects a periodic counter is started in response to a power event and one or more encryption keys stored in OTP memory are zeroized if an indication of media drive security is not received within a predetermined amount of time.

Citations

18 Claims

1. A method comprising:
- detecting a power event of a media drive, the media drive securely storing encrypted data, the encrypted data decryptable using one or more plain-text keys stored in a one-time-programmable (OTP) memory of the media drive;
  
  activating, responsive to the detection of the power event of the media drive, a periodic counter, the periodic counter configured to cause, responsive to reaching a predetermined value that corresponds with a particular amount of time, the one or more plain-text keys stored in the OTP memory to be overwritten effective to zeroize the one or more plain-text keys; and
  
  deactivating, responsive to an indication that the media drive is secure and before the predetermined value is reached, the periodic counter to prevent the one or more plain-text keys stored in the OTP memory from being zeroized effective to enable access to the one or more plain-text keys for decrypting the encrypted data after the particular amount of time has elapsed.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising, responsive to not receiving the indication that the media drive is secure and when the predetermined value is reached, overwriting the one or more plain-text keys stored in the OTP memory effective to zeroize the one or more plain-text keys preventing decryption of the encrypted data.
  - 3. The method of claim 2, further comprising setting a first bit, the first bit indicating that overwriting of the one or more plain-text keys stored in the OTP memory has been initiated.
  - 4. The method of claim 3, further comprising:
    - receiving an indication that the one or more plain-text keys stored in the OTP have been overwritten;
      
      setting a second bit, the second bit indicating that the one or more plain-text keys stored in the OTP memory have been overwritten; and
      
      providing a signal reflecting a status of the second bit that is accessible to other entities effective to notify the other entities that the one or more plain-text keys stored in the OTP have been overwritten.
  - 5. The method of claim 4, further comprising:
    - checking the status of each of the first bit and the second bit when a subsequent power-on event of the media drive occurs; and
      
      overwriting any remaining content of the OTP memory if the respective bits indicate that the overwriting of the one or more plain-text keys was initiated but not completed.
  - 6. The method of claim 4, wherein the signal is provided when a diagnostics or debugging port is disabled.

7. A media drive comprising:
- storage media comprising a computer-readable storage device;
  
  a media drive controller configured to access encrypted data in storage media, the media drive controller comprising;
  
  an encryption engine configured to encrypt data written to, and decrypt data read from, the storage media using one or more plain-text keys, the one or more plain-text keys used each time the encrypted data in the storage media is accessed,a one-time-programmable (OTP) memory to store the one or more plain-text keys for the encryption engine, anda key zeroizer configured to;
  
  activate, in response to a power event of the media drive, a periodic counter configured to zeroize the one or more plain-text keys after an amount of time elapses, and deactivate, in response to receiving an indication of media drive security prior to the counter reaching a predetermined value, the periodic counter to prevent the one or more plain-text keys stored in the OTP memory from being zeroized effective to enable continued access of the encrypted data of the media drive after the amount of time elapses.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The media drive of claim 7, wherein the key zeroizer is further configured to, in response to not receiving the indication of media drive security prior to the counter reaching the predetermined value, zeroize the one or more plain-text keys stored in the OTP memory effective to render the encrypted data of the media drive inaccessible after the amount of time elapses.
  - 9. The media drive of claim 7, wherein the key zeroizer is further configured to verify that the one or more plain-text keys stored in the OTP memory have been zeroized.
  - 10. The media drive of claim 9, wherein the key zeroizer is further configured to determine, in response to the power event, whether a previous act of zeroizing the one or more plain-text keys has been initiated, and if so, complete the act of zeroizing the one or more plain-text keys regardless of a status the periodic counter.
  - 11. The media drive of claim 7, wherein the key zeroizer is further configured to zeroize the one or more plain-text keys stored in the OTP memory in response to a power system of the media drive being compromised or failure of a communication component.
  - 12. The media drive of claim 7, wherein the one or more computer-readable storage devices include solid-state memory or magnetic media disks configured to store the encrypted data.

13. A system-on-chip (SoC) comprising:
- a first communication interface for transmitting data to, and receiving data from, a host device;
  
  a second communication interface for writing encrypted data to, and reading encrypted data from, encrypted storage media;
  
  an encryption engine to encrypt the data written to the encrypted storage media and decrypt the data read from the encrypted storage media;
  
  a one-time-programmable (OTP) memory storing encryption keys used by the encryption engine for encrypting or decrypting the respective data, the encryption keys stored by the OTP memory and used when the encrypted storage media is accessed; and
  
  a key zeroizer configured to;
  
  activate a periodic counter in response to a power event within an operational environment of the SoC, the periodic counter configured to cause, responsive to reaching a predetermined value, the encryption keys stored in the OTP memory to be overwritten effective to zeroize the encryption keys; and
  
  deactivate, in response to receiving an indication that the operational environment of SoC is secure prior to the periodic counter reaching the predetermined value, the periodic counter to prevent the encryption keys stored in the OTP memory from being overwritten effective to enable continued access to the encrypted storage media.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The system-on-chip of claim 13, wherein the key zeroizer is further configured to, in response to not receiving the indication that the operational environment of SoC is secure prior to the counter reaching the predetermined value, overwrite the one or more encryption keys stored in the OTP memory effective to zeroize the one or more encryption keys and prevent subsequent access of the encrypted storage media.
  - 15. The system-on-chip of claim 14, wherein the key zeroizer is further configured to verify that the encryption keys stored in the OTP memory have been overwritten and cause a signal-output of the SoC to indicate the verification.
  - 16. The system-on-chip of claim 15, wherein the act of verifying that the encryption keys stored in the OTP memory have been overwritten includes the use of combinatorial OR logic or an XOR-based state machine.
  - 17. The system-on-chip of claim 13, wherein causing the encryption keys stored in the OTP memory to be overwritten includes causing the bits of encryption keys to be overwritten as either all ones or all zeros.
  - 18. The system-on-chip of claim 13, wherein the key zeroizer is not accessible via a diagnostic or debugging data port.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Marvell Asia Pte Limited (Marvell Technology Group Limited)
Original Assignee
Marvell International Limited (Marvell Technology Group Limited)
Inventors
Dujari, Vineet, Poo, Tze Lei
Primary Examiner(s)
Moorthy, Aravind

Application Number

US13/252,416
Time in Patent Office

854 Days
Field of Search

713/193, 713/165, 713/194, 726/34, 380/277, 711/100, 711/164, 711/167
US Class Current

713/193
CPC Class Codes

G06F 12/1433   for a module or a part of a...

G06F 21/71   to assure secure computing ...

H04L 69/40   for recovering from a failu...

H04L 9/0894   Escrow, recovery or storing...

Method and apparatus for overwriting an encryption key of a media drive

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for overwriting an encryption key of a media drive

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links