Semiconductor device and encryption key writing method
US-2016140057-A1 · May 19, 2016 · US
Encryption key storage and modification in a data storage device
US9659191B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9659191-B2 |
| Application number | US-201414248678-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 9, 2014 |
| Priority date | Apr 9, 2014 |
| Publication date | May 23, 2017 |
| Grant date | May 23, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods, systems, and devices are described for encryption key storage and modification in a data storage device. A portion of an encryption key may be stored in a first storage medium, and one or more bits of the encryption key may be stored in a one-time writable storage location. Data received at the data storage device may be encrypted using the encryption key, and may be stored in a storage medium. In the event that it is no longer desired to allow users to access the encrypted data stored in the storage medium, the one or more bits of the encryption key stored in a one-time writable storage location may be modified. Such modification thereby prevents decryption of the encrypted data and effectively precludes access to the encrypted data.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, comprising: determining an encryption key for use in encrypting data stored to a data storage medium, the encryption key including a hidden root key combined with a zeroizable key; storing a first portion of the hidden root key to a re-writable storage location; storing at least one bit of the hidden root key in a one-time writable storage location, the one-time writable storage location including one or more electronic fuses; storing the zeroizable key in the one or more electronic fuses; blowing at least one of the one or more electronic fuses to render the encryption key unusable; encrypting the data using the encryption key; storing the encrypted data in the data storage medium; determining that the stored data is to be deleted; and modifying the at least one bit of the encryption key stored in the one-time writable storage location. 2. The method of claim 1 , wherein the modifying prevents decryption of data that is encrypted using the encryption key. 3. The method of claim 1 , wherein the first portion of the encryption key is stored in an electronically erasable programmable read only memory (EEPROM). 4. The method of claim 3 , wherein the first portion of the encryption is stored in two or more locations in the EEPROM due to wear leveling functions performed on the EEPROM. 5. A data storage device, comprising: a first storage medium; a one-time writable storage medium; and a processor configured to: determine an encryption key for use in encrypting data stored to the first storage medium, the encryption key including a hidden root key combined with a zeroizable key; store a first portion of the hidden root key to a rewritable storage location on the first storage medium; store at least one bit of the hidden root key in the one-time writable storage medium, the one-time writable storage location including one or more electronic fuses; store the zeroizable key in the one or more electronic fuses; blow at least one of the one or more electronic fuses to render the encryption key unusable; encrypt the data using the encryption key; store the encrypted data in the first storage medium; determine that the stored data is to be deleted; and modify the at least one bit of the encryption key stored in the one-time writable storage location. 6. The data storage device of claim 5 , wherein the first storage medium comprises an electronically erasable programmable read only memory (EEPROM). 7. The data storage device of claim 6 , wherein the first portion of the encryption is stored in two or more locations in the EEPROM due to wear leveling functions performed on the EEPROM. 8. A data storage device, comprising: a first storage medium comprising a first portion of a hidden root key of an encryption key, the encryption key including the hidden root key combined with a zeroizable key; a one-time writable storage medium comprising at least one bit of the hidden root key, the one-time writable storage location including one or more electronic fuses, the zeroizable key being stored in the one or more electronic fuses; and a processor configured to: encrypt data using the encryption key; store the encrypted data to the first storage medium; prevent decryption of the stored encrypted data by blowing at least one of the one or more electronic fuses to render the encryption key unusable; determine that the stored encrypted data is to be deleted; and modify the at least one bit of the encryption key stored in the one-time writable storage location. 9. The data storage device of claim 8 , wherein the first storage medium comprises an electronically erasable programmable read only memory (EEPROM). 10. The data storage device of claim 9 , wherein the first portion of the encryption is stored in two or more locations in the EEPROM due to wear leveling functions performed on the EEPROM. 11. The data storage device of claim 9 , wherein the encryption key comprises a 512 bit encryption key, and wherein the first portion of the encryption key comprises not more than 256 bits of the encryption key.
Assignees
Inventors
Classifications
Clearing memory, e.g. to prevent the data from being stolen · CPC title
- G06F21/79Primary
in semiconductor storage media, e.g. directly-addressable memories · CPC title
in relation to life time, e.g. increasing Mean Time Between Failures [MTBF] · CPC title
Providing cryptographic facilities or services · CPC title
Monitoring storage devices or systems · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9659191B2 cover?
- Methods, systems, and devices are described for encryption key storage and modification in a data storage device. A portion of an encryption key may be stored in a first storage medium, and one or more bits of the encryption key may be stored in a one-time writable storage location. Data received at the data storage device may be encrypted using the encryption key, and may be stored in a storag…
- Who is the assignee on this patent?
- Seagate Techology LLC, Seagate Technology Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/79. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue May 23 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).