Key encryption and decryption
First Claim
1. A data storage drive for encrypting data, comprising:
- a host attachment;
a microprocessor; and
circuitry coupled to the microprocessor and to the host attachment, the circuitry comprising an Application Specific Integrated Circuit (ASIC) for encryption and decryption that includes a first multiplexor, a second multiplexor, a third multiplexor, a decryption block, and a demultiplexor;
wherein the first multiplexor selects a session key from inputs of a first session key, a backup data key, a standard data key, and a secret key to be input to the decryption block;
wherein the second multiplexor selects a session encrypted data key from inputs of a first session encrypted data key from the microprocessor and a second session encrypted data key from the host attachment to be input to the decryption block and to be input to the third multiplexor to bypass decryption;
wherein the decryption block decrypts the session encrypted data key using the session key to obtain a data key that is used to encrypt clear text and to decrypt cipher text written to a data storage medium;
wherein the demultiplexor takes as input the data key and selects one of storage of the data key and forwarding of the data key to the third multiplexor; and
wherein the third multiplexor takes as input the data key and the session encrypted data key and selects one of the data key from the demultiplexor and the session encrypted data key from the second multiplexor to forward to the host attachment.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided is a data storage drive for encrypting data, comprising a microprocessor and circuitry coupled to the microprocessor and adapted to receive a session encrypted data key and to decrypt the session encrypted data key using a session key, wherein a result is a data key that is capable of being used to encrypt clear text and to decrypt cipher text written to a storage medium. Also provided is a system, comprising a microprocessor and circuitry coupled to the microprocessor and adapted to receive a session encrypted data key and to decrypt the session encrypted data key using a private key, wherein a result is a secret key that is capable of being used to encrypt clear text and to decrypt cipher text written to a storage medium.
26 Citations
11 Claims
-
1. A data storage drive for encrypting data, comprising:
-
a host attachment; a microprocessor; and circuitry coupled to the microprocessor and to the host attachment, the circuitry comprising an Application Specific Integrated Circuit (ASIC) for encryption and decryption that includes a first multiplexor, a second multiplexor, a third multiplexor, a decryption block, and a demultiplexor; wherein the first multiplexor selects a session key from inputs of a first session key, a backup data key, a standard data key, and a secret key to be input to the decryption block; wherein the second multiplexor selects a session encrypted data key from inputs of a first session encrypted data key from the microprocessor and a second session encrypted data key from the host attachment to be input to the decryption block and to be input to the third multiplexor to bypass decryption; wherein the decryption block decrypts the session encrypted data key using the session key to obtain a data key that is used to encrypt clear text and to decrypt cipher text written to a data storage medium; wherein the demultiplexor takes as input the data key and selects one of storage of the data key and forwarding of the data key to the third multiplexor; and wherein the third multiplexor takes as input the data key and the session encrypted data key and selects one of the data key from the demultiplexor and the session encrypted data key from the second multiplexor to forward to the host attachment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system, comprising:
-
a microprocessor; a host attachment coupled to the microprocessor; and circuitry coupled directly to the microprocessor and directly to the host attachment, the circuitry comprising an Application Specific Integrated Circuit (ASIC) for decryption and encryption that includes a first multiplexor, a second multiplexor, a third multiplexor, a fourth multiplexor, a decryption block, and an encryption block; wherein the first multiplexor selects a key from inputs of a session key, a backup data key, a standard data key, and a secret key to be input to the decryption block and to the encryption block; wherein the second multiplexor selects a session encrypted data key from inputs of a first session encrypted data key from the microprocessor and a second session encrypted data key from the host attachment to be input to the fourth multiplexor; wherein the third multiplexor selects clear text from inputs of clear text from, the microprocessor and clear text from the host attachment to be input to the encryption block; wherein the encryption block takes as input the key and the clear text and encrypts the clear text with the key to be input to the fourth multiplexor; wherein the fourth multiplexor selects from inputs of the session encrypted data key from the second multiplexor and the encrypted clear text from the encryption block to be input to the decryption block; wherein the decryption block decrypts the input from the fourth multiplexor, wherein the decrypting comprises decrypting the session encrypted data key with the key when the input from the fourth multiplexor comprises the session encrypted data key and decrypting the encrypted clear text with the key when the input from the fourth multiplexor comprises the encrypted clear text. - View Dependent Claims (11)
-
Specification