Method and apparatus for encrypting data to be secured and inputting/outputting the same
First Claim
1. A storage device comprising:
- a storage medium for retaining data; and
a cryptographic processing unit which receives a plurality of commands from a host device to execute the commands upon performing a plurality of series of cryptographic input/output processing for encrypting data to be secured and inputting/outputting the data between the storage medium and a host device, the commands being issued by dividing the plurality of series of cryptographic input/output processing each into a plurality of procedures, wherein the cryptographic processing unit refers to identifying information attached to the command to identify to which cryptographic input/output processing the command belongs to, then simultaneously performing two or more of the plurality of cryptographic input/output processing procedures.
4 Assignments
0 Petitions
Accused Products
Abstract
A technology is provided to improve tamper resistance in encrypting data to be secured and inputting/outputting the data between a recording device and a host device. When the recording device issues an input/output command to a storage device to input/output data to be secured, the recording device attaches an ID to the command to identify to which cryptographic input/output processing the command belongs. Upon reception of a sequence command, the storage device receives the command if its ID has been allocated and the command is verified to have been issued in the correct sequence. The sequence ID is used to identify a process system while appropriately managing the steps of executing commands.
70 Citations
18 Claims
-
1. A storage device comprising:
-
a storage medium for retaining data; and
a cryptographic processing unit which receives a plurality of commands from a host device to execute the commands upon performing a plurality of series of cryptographic input/output processing for encrypting data to be secured and inputting/outputting the data between the storage medium and a host device, the commands being issued by dividing the plurality of series of cryptographic input/output processing each into a plurality of procedures, wherein the cryptographic processing unit refers to identifying information attached to the command to identify to which cryptographic input/output processing the command belongs to, then simultaneously performing two or more of the plurality of cryptographic input/output processing procedures. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A storage device comprising:
-
a storage medium for retaining data; and
a cryptographic processing unit for receiving a plurality of commands from a host device to execute the commands upon performing a series of cryptographic input/output processing for encrypting data to be secured and inputting/outputting the data between the storage medium and the host device, the commands being issued by dividing the series of cryptographic input/output processing into a plurality of procedures, wherein the cryptographic processing unit can manage two or more cryptographic input/output processings, and refer to identifying information attached to the command to identify to which cryptographic input/output processing the received command belongs to, and rejects the execution of the command when having detected that the command is an incorrectly sequenced command in the cryptographic input/output processing to which the command belongs. - View Dependent Claims (8, 9)
-
-
10. A host device which exchanges data with a storage device that is capable of simultaneously performing a plurality of series of cryptographic input/output processing for encrypting data to be secured and inputting/outputting the data, the host device comprising:
-
a controller which divides the cryptographic input/output processing into a plurality of procedures and issuing commands sequentially to the storage device thereby allowing the storage device in order to make the storage device execute a procedure to be executed on the storage-device side; and
a cryptographic processing unit which carries out encryption or decryption that is required of the cryptographic input/output processing, wherein when the controller issues a command, the controller attaches identifying information to the command to identify to which one of the plurality of cryptographic input/output processings the command belongs. - View Dependent Claims (11)
-
-
12. A data input/output method, when performing cryptographic input/output processing between a host device and a storage device that is capable of simultaneously performing a plurality of series of cryptographic input/output processing for encrypting data to be secured and inputting/outputting the data, and storing data to be exchanged through the cryptographic input/output processing, comprising:
-
dividing the cryptographic input/output processing divided into a plurality of procedures and allowing the host device to execute a procedure to be executed on the host-device side out of the procedures;
allowing the host device to issue a command to the storage device in order to make the storage device execute a procedure to be executed on the storage-device side;
allowing the storage device to receive the command; and
allowing the storage device to execute the command, wherein identifying information is attached to the command to identify to which one of the plurality of cryptographic input/output processings, being performed simultaneously by the storage device, the command belongs. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
Specification