×

Prevention of cable-swap security attack on storage devices

  • US 9,870,462 B2
  • Filed: 09/22/2014
  • Issued: 01/16/2018
  • Est. Priority Date: 09/22/2014
  • Status: Active Grant
First Claim
Patent Images

1. A host system in communication with a storage system, for securing a storage device disposed in said storage system, said host system comprising:

  • provisioning circuitry to generate a challenge-response verification public/private encryption key-pair and further to provide said key-pair to said storage device to enable said challenge-response verification;

    power-up user authentication circuitry to provide an authentication password to said storage device to unlock said storage device;

    link error detection circuitry, disposed in said storage system and in said host system, to detect a link error between said host system and said storage device occurring during a standby-connected mode of said storage device, wherein upon detection of said link error said link error detection circuitry in said storage system is to cause said storage system to generate failures on all read/write operations from said host system; and

    challenge-response protocol circuitry, disposed in said storage system and in said host system, to initiate, in response to said link-error detection, a verification challenge from said storage device and further to provide a response to said verification challenge based on said key-pair, wherein said verification challenge is to secure said storage device against a cable-swap attack and wherein a successful response to said verification challenge causes said link error detection circuitry in said storage system to discontinue generating said read/write failures.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×