Authenticator, authenticatee and authentication method
First Claim
Patent Images
1. A memory device controlled by a controller, the memory device comprising:
- a first area which stores first key data and first data unique to the memory device, the first area being unreadable from outside of the memory device; and
a second area which stores encrypted first data generated by encrypting the first data, the second area being readable,wherein the memory device is configured to;
perform an AES (Advanced Encryption Standard) encryption process using the first key data and second data to generate second key data, the second data being externally received,perform an AES encryption process using the second key data and third data to generate third key data, the third data being externally received, andperform a one-way conversion process using the third key data and the first data to generate fourth data used for authentication with an external device, andwherein the second data and the third data is provided from a host device which performs an authentication process with the memory device using the fourth data, and the third data is a random number generated by the host device,the memory device is configured to transmit index information to the host device, andthe host device is configured to generate information based on the index information for the authentication process.
4 Assignments
0 Petitions
Accused Products
Abstract
According to one embodiment, an authenticator which authenticates an authenticatee, which stores first key information (NKey) that is hidden, includes a memory configured to store second key information (HKey) which is hidden, a random number generation module configured to generate random number information, and a data generation module configured to generate a session key (SKey) by using the second key information (HKey) and the random number information. The authenticator is configured such that the second key information (HKey) is generated from the first key information (NKey) but the first key information (NKey) is not generated from the second key information (HKey).
-
Citations
4 Claims
-
1. A memory device controlled by a controller, the memory device comprising:
-
a first area which stores first key data and first data unique to the memory device, the first area being unreadable from outside of the memory device; and a second area which stores encrypted first data generated by encrypting the first data, the second area being readable, wherein the memory device is configured to; perform an AES (Advanced Encryption Standard) encryption process using the first key data and second data to generate second key data, the second data being externally received, perform an AES encryption process using the second key data and third data to generate third key data, the third data being externally received, and perform a one-way conversion process using the third key data and the first data to generate fourth data used for authentication with an external device, and wherein the second data and the third data is provided from a host device which performs an authentication process with the memory device using the fourth data, and the third data is a random number generated by the host device, the memory device is configured to transmit index information to the host device, and the host device is configured to generate information based on the index information for the authentication process.
-
-
2. A device comprising:
-
a controller; and a memory device controlled by the controller, wherein the memory device includes; a first area which stores first key data and first data unique to the memory device, and is prohibited from being read from outside of the memory device; and a second area which stores encrypted first data generated by encrypting the first data, and is readable, and wherein the memory device is configured to; perform an AES (Advanced Encryption Standard) encryption process using the first key data and second data to generate second key data, perform an AES encryption process using the second key data and third data to generate third key data, the third data being externally received, and perform a one-way conversion process using the third key data and the first data to generate fourth data used for authentication with an external device, and wherein the second data and the third data is provided from a host device which performs an authentication process with the memory device using the fourth data, the third data is a random number generated by the host device, the memory device is configured to transmit index information to the host device, and the host device is configured to generate information based on the index information for the authentication process.
-
-
3. A host device capable of performing an authentication process with a memory device, the memory device including an unreadable area and readable area,
wherein the host device includes: -
a memory which stores first key data and second key data, the first key data being stored as a set, a decryptor which reads encrypted first data stored in the readable area, and decrypts the encrypted first data by using data obtained from a process with the second key data, a selector which reads key index data stored in the readable area, and select first key data, associated with the key index data, from the set, a processor which performs an AES (Advanced Encryption Standard) encryption process using the selected first key data to generate third key data, and a processor which performs a one-way conversion process using the third key data and first data as input values to generate verification data, the first data being generated by decrypting the encrypted first data, and wherein the second key data is stored as a set, and the memory stores index information, second key data associated with the index information is selected, and the encrypted first data is decrypted using the selected second key data.
-
-
4. A system comprising:
-
a device having; a controller; and a memory device controlled by the controller, wherein the memory device includes; a first area which stores first key data and first data unique to the memory device, and is prohibited from being read from outside of the memory device; and a second area which stores encrypted first data generated by encrypting the first data, and is readable, and wherein the memory device is configured to; perform an AES (Advanced Encryption Standard) encryption process using the first key data and second data to generate second key data, perform an AES encryption process using the second key data and third data to generate third key data, the third data being externally received, and perform a one-way conversion process using the third key data and the first data to generate fourth data used for authentication with an external device, and wherein the second data and the third data is provided from a host device which performs an authentication process with the memory device using the fourth data, the third data is a random number generated by the host device, the memory device is configured to transmit index information to the host device, and the host device is configured to generate information based on the index information for the authentication process, and a host device capable of performing an authentication process with the memory device, including; a memory which stores first key data and second key data, the first key data being stored as a set, a decryptor which reads encrypted first data stored in the readable area, and decrypts the encrypted first data by using data obtained from a process with the second key data, a selector which reads key index data stored in the readable area, and select first key data, associated with the key index data, from the set, a processor which performs an AES (Advanced Encryption Standard) encryption process using the selected first key data to generate third key data, and a processor which performs a one-way conversion process using the third key data and first data as input values to generate verification data, the first data being generated by decrypting the encrypted first data, and wherein the second key data is stored as a set, and the memory stores index information, second key data associated with the index information is selected, and the encrypted first data is decrypted using the selected second key data.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeKioxia Corporation
-
Original AssigneeKabushiki Kaisha Toshiba (Toshiba Corporation)
-
InventorsKato, Taku, Matsushita, Tatsuyuki, Nagai, Yuji, Zhao, Fangming
-
Primary Examiner(s)Zecher, Dede
-
Assistant Examiner(s)CHIANG, JASON
-
Application NumberUS14/090,740Publication NumberTime in Patent Office763 DaysField of SearchUS Class Current1/1CPC Class CodesG06F 21/31 User authenticationG06F 21/34 involving the use of extern...G06F 21/6218 to a system of files or obj...H04L 2209/16 Obfuscation or hiding, e.g....H04L 2209/24 Key scheduling, i.e. genera...H04L 9/0816 Key establishment, i.e. cry...H04L 9/0869 involving random numbers or...H04L 9/14 using a plurality of keys o...H04L 9/3271 using challenge-response
