Memory management device and memory management method
First Claim
1. A memory management device to which a memory is connected and which performs verification at reading of data stored in the memory and at writing of data to the memory, the device comprising:
- a first hardware storage configured to store therein a root secret value that is a secret value assigned to the memory;
a second hardware storage configured to hold an upper counter value that is in common among a predetermined plurality of data pieces and lower counter values associated with the data pieces, respectively;
an assignment engine configured to update counter values including the upper counter value and the lower counter values at writing of the data pieces to the memory and calculate data verification values; and
a verification engine configured to perform a verification process of the data verification values at reading of the data pieces, whereinat writing of first data piece to the memory;
the assignment engine increments a lower counter value associated with the first data piece each time the first data piece is written to the memory;
when the lower counter value associated with the first data piece overflows, the assignment engine updates counter values associated with the first data piece by incrementing the upper counter value in common among the plurality of data pieces and resetting the lower counter value;
the assignment engine calculates a first secret value for each data piece using the counter values associated with the first data piece and the root secret value, and calculates a first data verification value using the first data piece and the first secret value for each data piece;
when the counter values associated with the first data piece are updated, the assignment engine recalculates the first secret value for each data piece using the updated counter values and the root secret value, and recalculates the first data verification value using the first data piece and the recalculated first secret value for each data piece; and
the assignment engine writes the first data piece and the calculated first data verification value or the recalculated first data verification value to the memory,at reading of the first data piece from the memory;
the verification engine reads the first data piece and the first calculated data verification value from the memory;
when the first data piece and the first data verification value are read, the verification engine calculates a second secret value for each data piece using updated values of the counter values associated with the first data piece and the root secret value, and calculates a second data verification value using the read first data piece and the second secret value for each data piece; and
the verification engine compares the read first data verification value and the second data verification value to perform verification of the read first data piece, andat writing of second data piece to the memory;
when a lower counter value associated with the second data piece overflows, the assignment engine updates counter values associated with the second data piece by incrementing the upper counter value in common among the plurality of data pieces and resetting the lower counter value;
the assignment engine calculates another first secret value for each data piece using the counter values associated with the second data piece and the root secret value, and calculates a second data verification value using the second data piece and the another first secret value for each data piece; and
when the counter values associated with the second data piece are updated, the assignment engine recalculates the first secret value for each data piece using the updated counter values and the root secret value, and recalculates the first data verification value using the second data piece and the first secret value for each data piece, the assignment engine writes the second data piece and the calculated second data verification value or the recalculated first data verification value to the memory.
1 Assignment
0 Petitions
Accused Products
Abstract
According to an embodiment, a memory management device increments a lower value of a first counter, updates the counter by incrementing an upper value and resetting the lower value when the lower value overflows, increments to update the lower counter value when the upper value is incremented as a result of writing a second data piece having the upper value in common to a memory, recalculates a first secret value calculated using the first counter values and a root secret value in response to the first counter update, writes a first data piece and the first secret value to the memory, and at reading of the first data piece and the first secret value, calculates a second secret value using the updated first counter values and the root secret value, and compares the first secret value with the second secret value to verify the first data piece.
23 Citations
10 Claims
-
1. A memory management device to which a memory is connected and which performs verification at reading of data stored in the memory and at writing of data to the memory, the device comprising:
-
a first hardware storage configured to store therein a root secret value that is a secret value assigned to the memory; a second hardware storage configured to hold an upper counter value that is in common among a predetermined plurality of data pieces and lower counter values associated with the data pieces, respectively; an assignment engine configured to update counter values including the upper counter value and the lower counter values at writing of the data pieces to the memory and calculate data verification values; and a verification engine configured to perform a verification process of the data verification values at reading of the data pieces, wherein at writing of first data piece to the memory; the assignment engine increments a lower counter value associated with the first data piece each time the first data piece is written to the memory; when the lower counter value associated with the first data piece overflows, the assignment engine updates counter values associated with the first data piece by incrementing the upper counter value in common among the plurality of data pieces and resetting the lower counter value; the assignment engine calculates a first secret value for each data piece using the counter values associated with the first data piece and the root secret value, and calculates a first data verification value using the first data piece and the first secret value for each data piece; when the counter values associated with the first data piece are updated, the assignment engine recalculates the first secret value for each data piece using the updated counter values and the root secret value, and recalculates the first data verification value using the first data piece and the recalculated first secret value for each data piece; and the assignment engine writes the first data piece and the calculated first data verification value or the recalculated first data verification value to the memory, at reading of the first data piece from the memory; the verification engine reads the first data piece and the first calculated data verification value from the memory; when the first data piece and the first data verification value are read, the verification engine calculates a second secret value for each data piece using updated values of the counter values associated with the first data piece and the root secret value, and calculates a second data verification value using the read first data piece and the second secret value for each data piece; and the verification engine compares the read first data verification value and the second data verification value to perform verification of the read first data piece, and at writing of second data piece to the memory; when a lower counter value associated with the second data piece overflows, the assignment engine updates counter values associated with the second data piece by incrementing the upper counter value in common among the plurality of data pieces and resetting the lower counter value; the assignment engine calculates another first secret value for each data piece using the counter values associated with the second data piece and the root secret value, and calculates a second data verification value using the second data piece and the another first secret value for each data piece; and when the counter values associated with the second data piece are updated, the assignment engine recalculates the first secret value for each data piece using the updated counter values and the root secret value, and recalculates the first data verification value using the second data piece and the first secret value for each data piece, the assignment engine writes the second data piece and the calculated second data verification value or the recalculated first data verification value to the memory. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A memory management method implemented in a memory management device to which a memory is connected and which performs verification at reading of data stored in the memory and at writing of data to the memory, wherein
the memory management device includes: - a first storage unit that stores a root secret value that is a secret value assigned to the memory; and
a second storage unit that holds an upper counter value that is in common among a predetermined plurality of data pieces and lower counter values associated with the data pieces, respectively, the method comprising;assigning step of updating counter values including the upper counter value and the lower counter values at writing of the data pieces to the memory and calculating data verification values; and verifying the data verification value at reading of the data piece, wherein at writing of first data piece to the memory; the assigning step includes; incrementing a lower counter value associated with the first data piece each time the first data piece is written to the memory; when the lower counter value associated with the first data piece overflows, updating the counter values associated with the first data piece by incrementing the upper counter value in common among the plurality of data pieces and resetting the lower counter value; calculating a first secret value for each data piece using the counter values associated with the first data piece and the root secret value, and calculating a first data verification value using the first data piece and the first secret value for each data piece; when the counter values associated with the first data piece are updated, recalculating the first secret value for each data piece using the updated counter values and the root secret value, and recalculating the first data verification value using the first data piece and the recalculated first secret value for each data piece; and writing the first data piece and the calculated first data verification value or the recalculated first data verification value to the memory, at reading of the first data piece from the memory; the verifying includes; reading the first data piece and the first calculated or recalculated data verification value from the memory; when the first data piece and the first calculated or recalculated data verification value are read, calculating a second secret value for each data piece using updated values of the counter values associated with the first data piece and the root secret value, and calculating a second data verification value using the read first data piece and the second secret value for each data piece; and comparing the read first data verification value and the second data verification value to perform verification of the read first data piece, and at writing of second data piece to the memory; the assigning step includes; when a lower counter value associated with the second data piece overflows, updating counter values associated with the second data piece by incrementing the upper counter value in common among the plurality of data pieces and resetting the lower counter value; calculating another first secret value for each data piece using the counter values associated with the second data piece and the root secret value, and calculating another second data verification value using the second data piece and the another first secret value for each data piece; when the counter values associated with the second data piece are updated, recalculating the first secret value for each data piece using the updated counter values and the root secret value, and recalculating the first data verification value using the second data piece and the calculated another first secret value for each data piece; and writing the second data piece and the calculated another second data verification value or the recalculated first data verification value to the memory. - View Dependent Claims (7, 8, 9, 10)
- a first storage unit that stores a root secret value that is a secret value assigned to the memory; and
Specification