Memory device which protects secure data, method of operating the memory device, and method of generating authentication information

US 9,258,111 B2
Filed: 11/15/2012
Issued: 02/09/2016
Est. Priority Date: 12/16/2011
Status: Active Grant

First Claim

Patent Images

1. A nonvolatile memory device including a memory array, comprising:

a first memory area in the memory array storing secure data, the first memory area being unable to be read by an external device in response to a request from the external device for the secure data, and the secure data being programmed by a vendor of the nonvolatile memory device;

a second memory area in the memory array storing encrypted secure data, the second memory area being accessible by the external device; and

secure logic configured to access the secure data from the first memory area in response to the request, generate the encrypted secure data from the accessed secure data, and store the encrypted secure data in the second memory area so that the stored encrypted secure data is accessible by the external device,wherein the secure data includes a unique key of the nonvolatile memory device and the secure logic is located in the nonvolatile memory device,wherein the first memory area is configured to store a plurality of spare keys, the plurality of spare keys for generating authentication information of the nonvolatile memory device, andwherein the second memory area is configured to store a plurality of spare key indexes, the plurality of spare key indexes being linked to the plurality of spare keys.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, the memory device includes a first memory area and a second memory area. The first memory area stores secure data. The first memory area is inaccessible by an external device. The second memory area is configured to store encrypted secure data. The second memory area is accessible by the external device, and the encrypted secure data is an encrypted version of the secure data in the first memory area.

39 Citations

View as Search Results

22 Claims

1. A nonvolatile memory device including a memory array, comprising:
- a first memory area in the memory array storing secure data, the first memory area being unable to be read by an external device in response to a request from the external device for the secure data, and the secure data being programmed by a vendor of the nonvolatile memory device;
  
  a second memory area in the memory array storing encrypted secure data, the second memory area being accessible by the external device; and
  
  secure logic configured to access the secure data from the first memory area in response to the request, generate the encrypted secure data from the accessed secure data, and store the encrypted secure data in the second memory area so that the stored encrypted secure data is accessible by the external device,wherein the secure data includes a unique key of the nonvolatile memory device and the secure logic is located in the nonvolatile memory device,wherein the first memory area is configured to store a plurality of spare keys, the plurality of spare keys for generating authentication information of the nonvolatile memory device, andwherein the second memory area is configured to store a plurality of spare key indexes, the plurality of spare key indexes being linked to the plurality of spare keys.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The nonvolatile memory device of claim 1, wherein the external device is a host device.
  - 3. The nonvolatile memory device of claim 1, wherein the external device is a memory controller.
  - 4. The nonvolatile memory device of claim 1, further comprising:
    - input/output logic configured to interface the nonvolatile memory device with the external device.
  - 5. The nonvolatile memory device of claim 1, wherein the second area is configured to store the encrypted secure data during the manufacture of the nonvolatile memory device.
  - 6. The nonvolatile memory device of claim 1, wherein the unique key is for authenticating the nonvolatile memory device, and the encrypted secure data includes an encrypted unique key.
  - 7. The nonvolatile memory device of claim 1, wherein the spare key corresponds to a vendor of the nonvolatile memory device.
  - 8. The nonvolatile memory device of claim 1, further comprising:
    - a third memory area configured to store at least one encrypted decryption key, the third memory area being accessible by the external device, the encrypted decryption key being an encrypted version of a decryption key, and the decryption key for decrypting the encrypted unique key.
  - 9. The nonvolatile memory device of claim 8, wherein the third memory area is further configured to store a plurality of encrypted decryption keys, at least one of the plurality of encrypted decryption keys corresponding to a vendor of the external device.
  - 10. The nonvolatile memory device of claim 1, wherein the second memory area is only readable by the external device.

11. A nonvolatile memory device including a memory array, comprising:
- a first memory area in the memory array storing a main key and at least one spare key, the first memory area being unable to be read by external devices in response to a request from the external devices for secure data that includes the main key, the main key and the least one spare key being programmed by a vendor of the nonvolatile memory device, the main key being a unique key of the nonvolatile memory device; and
  
  a second memory area in the memory array storing at least one spare key index and encrypted secure data including an encrypted main key, the second memory area being accessible by the external devices so that the stored encrypted secure data is accessible in response to the request, the encrypted secure data being an encrypted version of the secure data in the first memory area, the spare key index being linked to the spare key, and the spare key being associated with a vendor of the nonvolatile memory device.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The nonvolatile memory device of claim 11, wherein the spare key index is linked to the spare key by a spare key number.
  - 13. The nonvolatile memory device of claim 11, whereinthe first memory area stores a plurality of spare keys;
    - andthe second memory area is configured to store a plurality of spare key indexes, the plurality of spare key indexes being linked to the plurality of spare keys.
  - 14. The nonvolatile memory device of claim 13, wherein the plurality of spare key indexes are linked to the plurality of spare keys by spare key numbers.
  - 15. The nonvolatile memory device of claim 11, further comprising:
    - a third memory area storing a plurality of encrypted decryption keys, the third memory area being accessible by the external device, the encrypted decryption keys being encrypted versions of a respective plurality of decryption keys, the plurality of decryption keys being for decrypting the encrypted main key, and the plurality of decryption keys being associated with vendors of the external devices.

16. A nonvolatile memory device including a memory array, comprising:
- a first memory area in the memory array storing secure data, the secure data being programmed by a vendor of the nonvolatile memory device, the secure data including a unique key of the nonvolatile memory device;
  
  a second memory area in the memory array storing encrypted secure data, the encrypted secure data being an encrypted version of the secure data in the first memory area;
  
  secure logic configured to access the secure data from the first memory area in response to a request for the secure data, generate the encrypted secure data from the accessed secure data, and store the encrypted secure data in the second memory area; and
  
  the nonvolatile memory device configured such that output of the secure data cannot occur in response to the request, and output of the encrypted secure data can occur in response to the request,wherein the secure logic is located in the nonvolatile memory device,wherein the first memory area is configured to store a plurality of spare keys, the plurality of spare keys for generating authentication information of the nonvolatile memory device, andwherein the second memory area is configured to store a plurality of spare key indexes, the plurality of spare key indexes being linked to the plurality of spare keys.

17. A method of operating a nonvolatile memory device including a memory array, comprising:
- storing secure data in a first memory area of the memory array, the first memory area being unable to be read by an external device in response to a request from the external device for the secure data, the secure data being programmed by a vendor of the nonvolatile memory device, the secure data including a unique key of the nonvolatile memory device;
  
  accessing the secure data from the first memory area using logic resident on the nonvolatile memory device in response to the request;
  
  generating an encrypted secure data from the accessed secure data using the logic; and
  
  storing the encrypted secure data in a second memory area of the memory array so that the stored encrypted secure data is accessible by the external device from the second memory area, the encrypted secure data being an encrypted version of the secure data in the first memory area;
  
  storing at least one spare key in the first memory area, the spare key for generating authentication information of the nonvolatile memory device; and
  
  storing at least one spare key index in the second memory area, the spare key index being linked to the spare key.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The method of claim 17, wherein the unique key is for authenticating the nonvolatile memory device, and the encrypted secure data includes an encrypted unique key.
  - 19. The method of claim 18, wherein the spare key corresponds to a vendor of the nonvolatile memory device.
  - 20. The method of claim 18, wherein the spare key index is linked to the spare key by a spare key number.
  - 21. The method of claim 18, further comprising:
    - storing at least one encrypted decryption key in a third memory area of the nonvolatile memory device, the third memory area being accessible by the external device, the encrypted decryption key being an encrypted version of a decryption key, and the decryption key for decrypting the encrypted main key.
  - 22. The method of claim 21, wherein the encrypted decryption keys corresponds to vendors of external devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Lee, Jae-Bum, Lee, Seok-Heon, Jang, Hyoung-Suk, Kim, Min-Kwon
Primary Examiner(s)
NGUYEN, THU HA T

Application Number

US13/677,715
Publication Number

US 20130159733A1
Time in Patent Office

1,181 Days
Field of Search

713/168, 713/193, 380/286
US Class Current

1/1
CPC Class Codes

H04L 2209/605   Copy protection

H04L 9/08   Key distribution or managem...

H04L 9/0822   using key encryption key

H04L 9/0877   using additional device, e....

H04L 9/0897   involving additional device...

Memory device which protects secure data, method of operating the memory device, and method of generating authentication information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

39 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Memory device which protects secure data, method of operating the memory device, and method of generating authentication information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links