Input-output device and storage controller handshake protocol using key exchange for data security
First Claim
1. A data security method comprising the steps of:
- generating one or more secret key and one or more cipher setting by one or more input-output device;
encrypting the one or more secret key and the one or more cipher setting into one or more set_cipher command by the one or more input-output device;
sending the one or more set_cipher command to one or more CPU via one or more IO controller;
recovering the one or more secret key and the one or more cipher setting according to the one or more set_cipher command by the one or more CPU;
setting up one or more data processing core according to the one or more cipher setting; and
accessing one or more memory data according to the one or more secret key via the one or more data processing core.
2 Assignments
0 Petitions
Accused Products
Abstract
A protocol for providing secured IO device and storage controller handshake protocol; IO device controlled cipher settings, and secured data storage and access in memory. An IO device requesting data transfer with encryption and/or decryption, requests session keys from the processor. The processor generates a fresh public-private key pair for the session. The public key is sent to the requesting IO device; the private key is momentarily saved by the processor for the session. The requesting IO device generates a secret key and its desired cipher setting; furthermore, encrypts the secret key and cipher setting using the public key, and sends secret key and cipher setting to the processor. The processor uses the private key to decrypt the secret key and cipher setting. The cipher setting is used for configuring the data processing core. The secret key is used for encryption and/or decryption of the data being transferred. All keys are not permanently saved.
89 Citations
57 Claims
-
1. A data security method comprising the steps of:
-
generating one or more secret key and one or more cipher setting by one or more input-output device; encrypting the one or more secret key and the one or more cipher setting into one or more set_cipher command by the one or more input-output device; sending the one or more set_cipher command to one or more CPU via one or more IO controller; recovering the one or more secret key and the one or more cipher setting according to the one or more set_cipher command by the one or more CPU; setting up one or more data processing core according to the one or more cipher setting; and accessing one or more memory data according to the one or more secret key via the one or more data processing core. - View Dependent Claims (2, 3, 4, 9, 10)
-
-
5. A data security method for secured data communication, processing and storage of one or more input-output device comprising the steps of:
-
requesting one or more public key from one or more storage controller by the one or more input-output device; generating one or more pair of private key and public key by the one or more storage controller; sending the one or more public key from the one or more storage controller to the one or more input-output device; generating one or more secret key and one or more cipher setting according to the one or more public key; sending one or more set_cipher command comprising the one or more secret key and the one or more cipher setting to the one or more storage controller; sending one or more IO command from the one or more input-output device to the one or more storage controller; processing one or more data from the one or more input-output device using the one or more secret key according to the one or more cipher setting; transferring and storing the one or more data according to the one or more IO command; and deleting the one or more pair of private key and public key, the one or more secret key and the one or more cipher setting. - View Dependent Claims (6, 7, 8, 11)
-
-
12. An apparatus for secured data processing and storage comprising:
-
means for requesting one or more public key from one or more storage controller by the one or more input-output device; means for generating one or more pair of private key and public key by the one or more storage controller; means for sending the one or more public key from the one or more storage controller to the one or more input-output device; means for generating one or more secret key from the one or more public key and one or more cipher setting; means for sending one or more set_cipher command comprising the one or more secret key and the one or more cipher setting to the one or more storage controller; means for sending one or more IO command from the one or more input-output device to the one or more storage controller; means for processing one or more data from the one or more input-output device using the one or more secret key according to the one or more cipher setting; means for transferring and storing the one or more data according to the one or more command; and means for deleting the one or more pair of private key and public key, the one or more secret key and the one or more cipher setting. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A data security method comprising:
-
generating a secret key and a cipher setting by an input-output device; encrypting the secret key and the cipher setting into a set_cipher command by the input-output device; sending the set_cipher command to a processor; decrypting the secret key and the cipher setting in the set_cipher command by the processor; setting up a data processing core according to the cipher setting; and providing data security to the data based on the secret key. - View Dependent Claims (31, 32, 33, 34)
-
-
35. An apparatus for secured data processing, comprising:
-
a processor; an input-output device configured to generate a secret key and a cipher setting, configured to encrypt the secret key and the cipher setting into a set_cipher command, and configured to send the set_cipher command to the processor; and the processor configured to decrypt the secret key and the cipher setting in the set_cipher command and configured to set up a data processing core according to the cipher setting; the data processing core configured to provide data security to the data based on the secret key. - View Dependent Claims (36, 37, 38, 39)
-
-
40. An apparatus for secured data processing and storage, comprising:
-
an input-output device configured to request a public key; a storage controller configured to generate a pair of private key and public key and send the public key to the input-output device; the input-output device configured to generate a secret key from the public key and a cipher setting, configured to send a set_cipher command comprising the secret key and the cipher setting to the storage controller, and configured to send an IO command to the storage controller; the storage controller configured to process data from the input-output device using the secret key according to the cipher setting; and a memory configured to store the data according to the command. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57)
-
Specification