Storage device tampering detection
First Claim
1. A computer-implemented method of detecting a counterfeit storage device, the method comprising:
- printing a first identifier value associated with a first characteristic of the storage device on an external surface of a housing of the storage device;
electronically storing a second identifier value associated with a second characteristic of the storage device in a memory of the storage device supported by the housing;
storing one or more dummy identifier values on one or more of the external surface of the housing or the memory, each of the dummy identifier values associated with an additional characteristic of the storage device;
combining the first and second identifier values in a predetermined order to form a combined identifier value;
generating a digital signature of the combined identifier value using a private key of a public/private key pair;
storing the digital signature on the storage device by performing at least a selected one of printing the digital signature to the external surface of the housing or electronically storing the digital signature in the memory;
subsequently retrieving from the storage device and storing, in a verification device memory, the first identifier value, the second identifier value, the digital signature and each of the one or more dummy identifier values;
using a verification device processor circuit to combine the first and second identifier values from the verification device memory in the predetermined order to form a retrieved combined identifier value; and
authenticating the storage device using the retrieved combined identifier value, the retrieved digital signature and a public key of the public/private key pair.
1 Assignment
0 Petitions
Accused Products
Abstract
Apparatus and method for detecting unauthorized tampering with a data storage device having a housing and a memory. A first identifier value is stored on an external surface of the housing and a second identifier value is stored within the memory. The first and second identifier values are combined in a predetermined order to form a combined identifier value for which a digital signature is generated using a private key, and the digital signature is stored on the storage device. The digital signature, the first and second identifier values, and one or more dummy identification values are retrieved from the storage device and stored in a memory of a verification device, which combines the retrieved first and second identifier values in the predetermined order to generate a retrieved combined identifier value. The storage device is authenticated using the retrieved combined identifier value, the digital signature and a public key.
50 Citations
20 Claims
-
1. A computer-implemented method of detecting a counterfeit storage device, the method comprising:
-
printing a first identifier value associated with a first characteristic of the storage device on an external surface of a housing of the storage device; electronically storing a second identifier value associated with a second characteristic of the storage device in a memory of the storage device supported by the housing; storing one or more dummy identifier values on one or more of the external surface of the housing or the memory, each of the dummy identifier values associated with an additional characteristic of the storage device; combining the first and second identifier values in a predetermined order to form a combined identifier value; generating a digital signature of the combined identifier value using a private key of a public/private key pair; storing the digital signature on the storage device by performing at least a selected one of printing the digital signature to the external surface of the housing or electronically storing the digital signature in the memory; subsequently retrieving from the storage device and storing, in a verification device memory, the first identifier value, the second identifier value, the digital signature and each of the one or more dummy identifier values; using a verification device processor circuit to combine the first and second identifier values from the verification device memory in the predetermined order to form a retrieved combined identifier value; and authenticating the storage device using the retrieved combined identifier value, the retrieved digital signature and a public key of the public/private key pair. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-implemented method comprising:
-
providing a storage device having a housing and a memory supported within the housing; printing a first identifier value associated with the storage device onto a label affixed to an external surface of the housing; storing a second identifier value associated with the storage device in the memory; providing a third identifier value in a selected one of the label or the memory, each of the first, second and third identifier values associated with a different characteristic of the storage device; combining at least the first identifier value and the second identifier value but not the third identifier value into a first combined identifier value having a predetermined order; generating a cryptographic digital signature using a cryptographic signing algorithm based on the first combined identifier value and a private cryptographic key of a private/public key pair; storing the digital signature; subsequently determining whether the storage device is an authentic device or a counterfeit device by steps comprising; retrieving, from the storage device to a verification device memory, the first identifier value from the label, the second identifier value from the memory of the storage device, and the third identifier value from the label or the memory of the storage device, and displaying each of the first, second and third identifier values on a user display; combining at least the retrieved first and second identifier values into a second combined identifier value; and using a verification algorithm stored in a verification device memory and executed by a verification device processor operable at least upon the digital signature, the second combined identifier value and a public cryptographic key of the private/public key pair to generate a pass/fail indication signal indicative of the authenticity of the storage device. - View Dependent Claims (13, 14, 15)
-
-
16. A computer-based apparatus for detecting a counterfeit data storage device, comprising:
-
a verification module comprising a processor having associated programming in memory to execute a verification algorithm that provides a pass/fail indication responsive to a public key of a private/public key pair, a digital signature generated using a private key of the private/public key pair, a first identifier value stored on an external surface of a housing of the storage device associated with a first characteristic of the storage device, and a second identifier value stored in a memory within said housing associated with a second characteristic of the storage device; and a data collection module which supplies the first identifier value, the second identifier value, at least one or more dummy identifier values associated with additional characteristics of the storage device and the digital signature to the memory of the verification module, the data collection module comprising a human user interface and a storage device interface, the human user interface configured to receive and display input data entered by a human user of the apparatus corresponding to the first identifier value and the at least one or more dummy identifier values from the external surface of the housing, the storage device interface configured to electronically retrieve input data corresponding to the second identifier value stored in the memory. - View Dependent Claims (17, 18, 19, 20)
-
Specification