CN101008931A - Cryptographic serial ATA apparatus and method - Google Patents
Cryptographic serial ATA apparatus and method Download PDFInfo
- Publication number
- CN101008931A CN101008931A CN 200610162479 CN200610162479A CN101008931A CN 101008931 A CN101008931 A CN 101008931A CN 200610162479 CN200610162479 CN 200610162479 CN 200610162479 A CN200610162479 A CN 200610162479A CN 101008931 A CN101008931 A CN 101008931A
- Authority
- CN
- China
- Prior art keywords
- enciphering
- deciphering
- fis
- advanced technology
- sata
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
A cryptographic Serial ATA (SATA) apparatus comprises a main controller, a SATA device protocol stack, a SATA host protocol stack, and a cryptographic engine. The cryptographic engine is operatively coupled between the main controller and the SATA device and host protocol stacks and configured to provide high-speed cryptographic processing.
Description
Technical field
The relevant a kind of enciphering/deciphering of the present invention is used, and a kind of enciphering/deciphering string type advanced technology associate member (Serial ATA, or SATA) device and method particularly is provided." ATA " (AT associate member, AT Attachment) speech is every agreement physics, electricity, that transmit and instruction of confession under directions storage device internal configurations.Wherein, " AT " speech is the IBM that deduces and introduced from 1984
(it is state-of-the-art PC at that time to PC for Personal Computer, PC) AT (AdvancedTechnology).
Background technology
(Serial ATA, SATA) specification is in order to replace the high speed interface of block form ATA to string type advanced technology associate member.The SATA specification has defined three kinds of different speed, and promptly to operate in transfer rate be 1,500,000,000 of per seconds (1.5Gbps) to the first generation, and second generation transfer rate is in per second 3.0Gbps, and third generation transfer rate is in per second 6.0Gbps.And the SATA specification has defined the point-to-point transmission between main frame breakout box and storage device controller.For instance, the main frame breakout box may be to comprise that having peripheral element connects (Peripheral Component Interconnect, PCI) IC of the serial ATA controller at interface." PCI " is Intel
Regional bus (Local Bus) standard of company's development.Storage device may be a string type ATA hard disk drive (Hard-Disk Drive).This point-to-point transmission is not shared, and meaning promptly can be used the point-to-point passage of monopolizing when each SATA device and controller communication.
For operating system (Operating System, OS), the SATA controller is just as block form ATA (parallel ATA) controller, therefore, the SATA controller is supported instruction identical with block form ATA controller and identical initialization behavior.Particularly, serial ATA provides the work document programmable register (Task File Programming Registers) that host software is same as block form ATA.But in serial ATA, these registers are not physically to be disposed in the disc driver usually.Otherwise it has been moved in the console controller, and it is called as " shadow " register (Shadow Registers) in the SATA specification.Accurately software compatiblity can be guaranteed in the identical register interface of imitation disc driver.
The SATA specification can provide the layering of function.Lowermost layer in the SATA structure is that (wherein Physical layer is responsible for producing actual electronic signal to physics, transmits the electronic signal that produces for Physical, PHY) layer, and deciphers the electronic signal that receives.The Physical layer ability comprises that also special pressure resets the transmission of signal, and the detection whether main frame pegs graft is from the conversion of power management state and speed negotiation.This one side, this SATA specification are used Low Voltage Differential Signal transmission.Particularly, signal be not on a conductor relevant with common ground connection with voltage transmission, and transmit with the potential difference (PD) between two adjacent conductors.When voltage on the conductor is ' height ' time, the voltage of another conductor is ' low ', arbitrary two adjacent conductors are opposite as another conductor.The signal transmission of this type can reach the benefit of exempting noise and cross-talk.Any equivalent influences the electromagnetic interference (EMI) of adjacent signals, and (Electro-Magnetic Interference EMI), comprises noise and cross-talk, all can be subjected to difference at receiving end and eliminate.
Be linking layer on the Physical layer, this layer is responsible for the digital coding of transmission, data decode, basic communication and the agreement with receiving.Use a kind of 8 (8b)/10 (10b) coding method very commonly used.The hyte of a 8-position can be expressed as 256 different values, and it is listed in different American Standard Code for Information Interchange (ASCII), and (AmericanStandard Code for Information Interchange is ASCII) in the code table.One 10 hyte has 1024 different values.When utilizing a 10-bit field position that 256 possible octet value are encoded, can in 1024 probable values, select 256 values and be used in the coding method.This 8b/10b coding method comprises limited run length, data communication (Data Communication, balance DC) and will be as the ability of the special control character coding of primitive types (primitives).
Primitive types is used to be indicated in the transmission of specific condition between output terminal and the receiving end, for example SOF (Startof Frame), EOF (End of Frame), and ALIGN (in order to the position on character border in the identification bit stream)." " (idle) agreement of leaving unused that linking layer comprises (a), in order to set up communication, (b) " transmission " agreement, transmission in order to the deal with data carrying, (c) " reception " agreement, in order to handle the reception of the Data-carrying that has transmitted, reach (d) " power management " (Power Management) agreement, it is in order to handle entering/going out from two power management states.
Linking layer also be responsible for to transmit the Data-carrying package, wherein the Data-carrying package be called frame data structure (FrameInformation Structure, FIS).One frame (Frame) is one or more transmission doubleword of data group (Double Word, set DWORD) between main frame and device.One DWORD can be expressed as 32 (bits) data, or is two adjacent words groups (WORD), or is four adjacent hytes (BYTE).When with bit representation, from right to left, rightmost is a least significant bit (LSB), and it is position 0, and Far Left is a highest significant position, and it is position 31.
In the linking layer agreement, describe the serial of the primitive types of exchange between main frame and device, reach response various primitive types and condition.The linking layer agreement also is responsible for each FIS Data-carrying of having transmitted and calculates its Cyclical Redundancy Check sign indicating number (Cyclic Redundancy Check code, CRC code).The CRC that calculates is attached to the end of the FIS data that transmitted.The CRC among each FIS that receives is verified and removed to linking layer.For making the electromagnetic interference effect minimum on Data-carrying is shifted, linking layer is broken up the carrying data among (Scramble) FIS earlier before FIS transfers to the SATA interface.
In the SATA structure, the linking layer top is a transport layer, and its groundwork is the defeated FIS of construction (encapsulation) tendency to develop and decomposes the FIS that has received.When a higher level requires construction one FIS data, the type of transport layer (a) FIS as requested, gather data content; (b) with the FIS content ordering; (c) the notice linking layer transmits desired frame, and transmits the FIS content to linking layer; (d) management impact damper/first in first out (First In First Out, FIFO) the required flow process control of flow process and notice linking layer; (e) from linking layer received frame response message; And (f) normally whether and error messages to higher level repayment transmission.Transport layer keeps the branch of no context on ATA instruction or previous FIS content.
The general pattern of FIS is to comprise a FIS header and a FIS body.The FIS header comprises value and at least one control field of a FIS type field usually.The FIS body comprises Data-carrying.The value of FIS type field is embedded in first hyte.Wherein, the FIS type comprises (a) register-main frame to device (Register-Host toDevice) kenel, (b) register-install to main frame (Register-Device to Host) kenel, (c) data kenel, (d) direct memory access (DMA) (Direct Memory Access, DMA) start kenel, (e) I/O able to programme (Programmed Input/Output, PIO) set kenel, (f) setting device bit-type attitude, (g) DMA sets kenel, and (h) built-in type self-test (Built-in Self-Test, BIST) startup.Second hyte is to comprise the control information of FIS and have three qualifying bits, and several keep the position.Wherein, these three qualifying bits are not suitable for the FIS of all kenels.These three qualifying bits comprise C (higher) position, and this is an instruction/control bit, the I position, and this is in order to indicate whether should trigger an interrupt instruction, to reach the D position, this position record data transfer direction.All fields after above-mentioned two hytes are FIS carrying data (Payload Data).
For instance, register-main frame to the value of installing its FIS classification field of kenel is 16 hex value 0x27, be 16 hex value 0xAA breaing up this field of (scramble) back, and 10 encoded radios of scale-of-two pattern is 0101011010.The form of data kenel FIS is no matter it transfers to device or transfer to main frame from device all identical from main frame.Data kenel FIS comprises two fields for identification FIS classification and phase related control information, and all the other are the carrying data for being transmitted then.
Do the computing of high speed enciphering/deciphering for making on FIS, two main tasks must be implemented.The first, to check out whether be data kenel FIS immediately, and separate with non-data type FIS; The second, each FIS that detects to the data kenel should be checked rapidly whether it comprises the data of answering enciphering/deciphering to handle.Wherein, enciphering/deciphering is handled and can be comprised the following steps: that (a) detects around footpath flag (Bypass Flag), if be designated true (True) around the footpath, the expression frame is not done any enciphering/deciphering computing, pass through immediately, and (b) if be designated vacation (False) around the footpath, the expression frame must be done the enciphering/deciphering computing individually.The method that prior art is implemented these computings comprises, at first, decomposes the SATA protocol stack that receives, then, analyze after decomposing data, last, again encapsulation of data to the SATA protocol stack in order to transmission.This program waits for that in hardware/software complexity and intrinsic activity duration efficient is not good.
Under the SATA specification, it is necessary that a kind of more effective and uncomplicated enforcement crypto-operation device is provided.But this enciphering/deciphering SATA treating apparatus should be handled the data stream that each is chosen from I/O end (main frame and device) by the high speed enciphering/deciphering.In addition, this device should have the ability whether FIS that quick judgement receives and Data-carrying thereof need encryption and decryption to handle.
Summary of the invention
In view of this, The present invention be directed to above-mentioned puzzlement, propose a kind of enciphering/deciphering serial ATA devices and methods therefor, to improve above-mentioned problem.
Following is the specific implementation of encryption and decryption serial ATA device:
According to a characteristic of the present invention, a kind of enciphering/deciphering serial ATA device is provided, it is to comprise a master controller, at least one protocol stack that is applicable to differential signal transmission, and at least one enciphering/deciphering device.Wherein, the enciphering/deciphering device is to be coupled between master controller and the protocol stack to provide the high speed enciphering/deciphering to handle.
Another characteristic according to the present invention provides a kind of enciphering/deciphering serial ATA device, and it is to comprise a master controller, at least one SATA protocol stack and at least one enciphering/deciphering device.Wherein the enciphering/deciphering device is to be coupled between master controller and the SATA protocol stack in order to provide enciphering/deciphering at a high speed to handle.
The another characteristic according to the present invention provides a kind of enciphering/deciphering serial ATA device, and it comprises a master controller, a SATA device protocol stack, and a SATA host protocol piles up, and at least one enciphering/deciphering device.Wherein, the enciphering/deciphering device be couple master controller, the SATA host protocol piles up and SATA device protocol stack between, handle in order to the high speed enciphering/deciphering to be provided.
Following is the specific implementation of encryption and decryption serial ATA method:
According to a characteristic of the present invention, a kind of enciphering/deciphering serial ATA method is provided, it is to comprise several steps: at first, provide an enciphering/deciphering serial ATA (SATA) to be installed between a main frame and the device; Next, utilize enciphering/deciphering SATA device detecting the FIS of PIO data outputs (Data-Out) the instruction kenel that receives from main frame, and whether the FIS of the PIO data output instruction kenel that receives of decision belong to predetermine class (this predetermine class is the encryption mode of corresponding enciphering/deciphering SATA device); Come again, utilize enciphering/deciphering SATA device, will set the FIS bypass of kenel from all PIO that device receives to main frame; Then, the data kenel FIS carrying that utilizes enciphering/deciphering SATA device to detect to receive (detected data kenel FIS carrying is encrypted) from main frame; At last, utilize enciphering/deciphering SATA device to detect to come from the FIS of the status register kenel that device receives.Wherein, detected unit state register kenel FIS impels enciphering/deciphering SATA device to be reset to around the footpath pattern.
Another characteristic according to the present invention provides a kind of enciphering/deciphering serial ATA method to comprise several steps: at first, provide an enciphering/deciphering serial ATA (SATA) to be installed between a main frame and the device; Next, utilize enciphering/deciphering SATA device to detect and import (Data-In) instruction kenel FIS, and whether the FIS of the DMA data input instruction kenel of decision reception belongs to predetermine class (this predetermine class is the decryption mode of the enciphering/deciphering SATA device of correspondence) from the DMA data of main frame reception; Come again, utilize enciphering/deciphering SATA device to detect from the data kenel FIS of device reception carrying (detected data kenel FIS carrying is deciphered); At last, utilize enciphering/deciphering SATA device to detect the status register kenel FIS that receives from device.Wherein, detected status register kenel FIS impels enciphering/deciphering SATA device to be reset to around the footpath pattern.
Below illustrate in detail by the specific embodiment conjunction with figs., when the effect that is easier to understand purpose of the present invention, technology contents, characteristics and is reached.
Description of drawings
Fig. 1 is the calcspar according to enciphering/deciphering SATA device of the present invention;
Fig. 2 is the position configuration form synoptic diagram according to the data kenel FIS in the SATA transport layer of the present invention;
Fig. 3 is according to data kenel FIS position configuration form synoptic diagram in the SATA linking layer of the present invention;
Fig. 4 is the position configuration form synoptic diagram after Fig. 3 according to the present invention implants the ALIGN primitive types;
Fig. 5 is according to the position configuration form synoptic diagram of register-main frame in the SATA transport layer of the present invention to device;
Fig. 6 is according to the form synoptic diagram of register-main frame in the SATA linking layer of the present invention to the position configuration of device;
Fig. 7 is the part synoptic diagram of an embodiment of the enciphering/deciphering SATA device of Fig. 1 of the present invention;
Fig. 8 is the part synoptic diagram of the another embodiment of the enciphering/deciphering SATA device of Fig. 1 of the present invention;
Fig. 9 is according to enciphering/deciphering s operation control calcspar of the present invention;
Figure 10 is according to one embodiment of the invention, the synoptic diagram of the data stream of the enciphering/deciphering SATA device by Fig. 1;
Figure 11 is according to further embodiment of this invention, the data flow diagram of the enciphering/deciphering SATA device by Fig. 1;
Figure 12 is the real synoptic diagram of doing of enciphering/deciphering SATA-to-IDE according to the present invention.
Embodiment
Some embodiment of the present invention is existing to be described in detail referring to figs. 1 to Figure 12.Extra embodiment of the present invention, characteristic, feature and/or advantage can or be implemented the present invention and more obvious from explanation.Among the figure, each accompanying drawing and disproportion, identical label is represented same characteristic in full figure and the explanation.
Fig. 1 is a calcspar, and an enciphering/deciphering SATA device 20 of the present invention is described.In the one side, enciphering/deciphering SATA device 20 can be in order to receive input RX from SATA main frame breakout box (not shown) respectively
h, and transmit output TXh to main frame breakout box (not shown).Wherein SATA main frame breakout box (be to be called " main frame " hereinafter) for example can be provided on the master personal computer.In opposite side, enciphering/deciphering SATA device 20 can be in order to receive input RX from the SATA Setup Controller
dAnd transmit and export TX
dTo SATA Setup Controller (not shown).Wherein SATA Setup Controller (be to be called device hereinafter) can be provided on the peripheral device, hard disk drive for example, optical drive etc. (as CD ROM, DVD ROM or the like).Enciphering/deciphering SATA device 20 is via a suitable communicative couplings, and for example a string type ATA cable is communicated by letter with main frame and device, yet, do not limit herein and can only use the serial ATA cable.The data of transmission comprise instruction, control, state and data-signal between main frame and device, are to be packaged into the serial ATA protocol stack earlier to give serialization again, and it can transmit in two differential signals that a cable connects.
In one embodiment of this invention, enciphering/deciphering SATA device 20 comprises an enciphering/deciphering device 22, and it is to be coupled to master controller 24 and device protocol stack 26 and host protocol to pile up between 28.Arbitrary protocol stack (26,28) comprises a Physical layer (Physical Layer, PHY) 30, one linking layers (Link Layer, LNK) 32 and one transport layer (Transport Layer) 34.One application layer (Application Layer) 36 comprises enciphering/deciphering device 22 and master controller 24, as shown in Figure 1.
Enciphering/deciphering device 22 is done the encrypt/decrypt computing in the data kenel FIS carrying of being scheduled to and/or being chosen at exchange between main frame and device.Non-data kenel FIS or do not need the data kenel FIS of encrypt/decrypt, for example FIS instruction (Command), control (Control) or state (Status) information are allowed to directly by (by a side to opposite side), promptly, walk around enciphering/deciphering device 22, illustrate as Fig. 1.Being skillful in this technology personage can understand, existing many existing enciphering/deciphering devices, and wherein any enciphering/deciphering device is all applicable in the enciphering/deciphering SATA device 20 of the present invention.
Fig. 2 is the form synoptic diagram of the position configuration of the data kenel FIS38 in the SATA transmitting layer 34.Data kenel FIS38 is made up of a plurality of double-word group (DWORD).First double-word group of data kenel FIS38 is the header 40 of data kenel FIS38.First hyte 42 of data kenel FIS38 header 40 is the classification field of data kenel FIS38.Its excess-three hyte of first DWORD comprises and keeps the position, keeps the bit field position and keeps the hyte (not shown).The remaining N of a data kenel FIS38 DWORD is Data-carrying (Data Payload).The carrying of some specific data kenel FIS38 is done encrypt/decrypt (as shown in Figure 1) computing by enciphering/deciphering device 22.Non-data kenel FIS then need not be handled by enciphering/deciphering device 22.Again the data output of transmitting after enciphering/deciphering device 22 Cipher Processing is to be packaged into again among the data kenel FIS by the mode that increases by a data header.
Whether the FIS that a kind of rapid decision receives is that the method for data kenel FIS or non-data kenel FIS is that enciphering/deciphering SATA device 20 is configured such that it can check FIS classification field, that is, and and first hyte of received FIS header.Particularly, in transmitting layer 34 or linking layer 32, can provide a FIS classification detecting device, extremely shown in Figure 8 as following Fig. 7.One is skillful in this technology personage can understand, the residue hyte of first DWORD of the data kenel FIS38 of reception, and also available rule of the present invention is analyzed.Value as FIS classification field is 16 hex value 0x46, and the FIS that expression receives then is data kenel FIS.Otherwise, then be non-data kenel FIS.This one side, the FIS classification (46h) in first hyte 42 of Fig. 2 video data kenel FIS header 40.
Fig. 3 is the form synoptic diagram of the position configuration of the data kenel FIS44 in the SATA linking layer 32.Wherein, the position configuration comprises SOF primitive types 46, and it is one 32 a unique code word, in order to the beginning of expression frame.The back of SOF primitive types 46 is the enciphering/deciphering version of transport layer data kenel FIS, and one 32 crc check sign indicating numbers 48, and wherein crc check sign indicating number 48 also is encoded.The back of crc check sign indicating number 48 is EOF primitive types 50, and it is the end of one 32 primitive types in order to the expression frame.
In an embodiment, break up computing and be with the dispersing device serial group (ScramblerSyndrome Sequence) that pre-defines and a plurality of DWORD of FIS and do XOR (Exclusive OR) computing.Wherein, XOR is a cloth woods operator, when its one operand in office is true (TRUE), and the value of passback TRUE.The value of dispersing device serial group generator (Scrambler Syndrome Sequence Generator) is at the SOF primitive types, and is reset after the value followed by the FIS classification field after the SOF primitive types.Dispersing device serial group when the value transmission of FIS classification field equals the seed for the dispersing device use.FIS breaks up the fundamental purpose of processing for reducing electromagnetic interference (EMI).Should be appreciated that any suitable method of breaing up or can translation data kenel FIS all can be used, but its use can not be contrary to purpose of the present invention.
Fig. 4 displayed map 3 is inserted the position configuration schematic diagram of ALIGN primitive types 52,54.ALIGN primitive types 52,54 is implanted by transmitter, and need not break up processing.ALIGN primitive types 52,54 is implanted in the precalculated position that disposes of the data kenel FIS44 of Fig. 3.ALIGN primitive types 52,54 provides signal and adjusts flow process control.In an embodiment, among 256 DWORD of every transmission, the ALIGN primitive types that may have continuous even number produces.And therefore the part that these ALIGN primitive types are not transport layer protocol deletes in interior literary composition after receiving.For General Principle of the present invention is described, suppose that all ALIGN primitive types are all deleted.
Whether as mentioned above, can provide a FIS classification detecting device in linking layer 32 (illustrating as Fig. 8), be a data kenel FIS with decision with the FIS that the linking layer protocol format encapsulates.If the value of 8 FIS classification values after breaing up is OxCB of 16 systems, it is a data kenel FIS.Other method is for checking data dispersing device serial group's value, if its 16 hex value is that Ox8D is a data kenel FIS.One method is still arranged for detecting the 10-position coding character (, then being a data kenel FIS) of SOF primitive types back if its value with binary format is 1101000110.
Be not all data kenels of detecing out FIS in addition encryption and decryption handle.It similarly is the processing (please refer to Fig. 1) that data kenel FIS with ATA instruction relevant with device configuration, setting and status poll does not need to pass through enciphering/deciphering device 22.For instance,, need not do the encrypt/decrypt computing by enciphering/deciphering device 22 with the relevant data kenel FIS of IDENTIFY_DEVICE under PIO instruction, as all with install configuration, instruction or data that setting is relevant with status poll.Various relevant PIO instruction/datas (" Bypass True " classification) are listed as follows:
CFA-TRANSLATE-SECTOR
DEVICE-CONFIGURATION-IDENTIFY
IDENTIFY-DEVICE
IDENTIFY-PACKET-DEVICE
READ-LOG-DATA
SMART-READ-LOG-SECTOR?CFA-WRITE-MULTIPLE-WITHOUT-ERASE
CFA-WRITE-SECTOR-WUTHOUT-ERASE
DEVICE-CONFIGURATION-SET
DOWNLOAD-MICROCODE
SECURITY-DISABLE-PASSWORDS
SECURITY-ERASE-UNIT
SECURITY-SET-PASSWORDS
SECURITY-UNLOCK
SMART-WRITE-LOG-SECTOR
WRITE-LOG-EXT
Being skillful in this technology personage can understand, and new PIO instruction of all kinds can be added in the future version of SATA specification, for the use according to General Principle of the present invention.
[0038] one ATA data transfer instruction carries one or more data kenel FIS usually, stops up to its agreement serial.All ATA instruction can be via checking register-main frame in SATA transmitting layer 34 to the instruction field that installs kenel FIS56 (the 3rd hyte), and detected, shown in the synoptic diagram of Fig. 5.As shown in Figure 5, register-main frame to the value of FIS classification 16 systems that install kenel FIS56 is that 0x27 (reduces, de-scrambled).Therefore, whether decision is not handled via enciphering/deciphering device 22, can instruct and control.That is, when belonging to " Bypass True " classification as detected instruction, as mentioned above, all data kenel FIS in command protocols will not handle via enciphering/deciphering device 22 (as shown in Figure 1).Otherwise when belonging to " Bypass False " classification as detected instruction, all the data kenel FIS under this type of command protocols all should give encryption and decryption by enciphering/deciphering device 22 and handle.Various PIO and high speed direct memory access (DMA) (Ultra DMA, UDMA) giving an example down of " Bypass False " classification instruction:
READ-SECTOR
READ-SECTOR-EXT
READ-MULTIPLE
READ-MULTIPLE-EXT
READ-BUFFER
READ-DMA
READ-DMA-EXT
WRITE-SECTOR
WRITE-SECTOR-EXT
WRITE-MULTIPLE
WRITE-MULTIPLE-EXT
WRITE-BUFFER
WRITE-DMA
WRITE_DMA_EXT
Therefore, as a SATA command protocols be about from/to physical storage medium (as the optical track of CDRW or the section of hard disk drive) read/write data, the carrying of the data kenel FIS under this special order agreement must be handled by enciphering/deciphering.
Being skillful in this technology personage should understand, and new PIO read/write instruction of all kinds and DMA read/write instruction can increase in the future version of SATA specification, uses according to principle of the present invention again.For example, present SATA specification only provides the PIO operation code, but F7, FB, 5C and 5E are not then had the instruction explanation, and it does not utilize extended register, and transmission length is by the control of section counter register (value 0-255 represents 256 sections).They abide by sequential and the control flow signal of ATA PIO, but as instruct SECURITY_ERASE_UNIT (with reference to above-mentioned) may need one to carry out for a long time.All present unaccounted UDMA operation codes comprise 5D-UDMA Read, 5F-UDMA Write.Its order property is not clear at present.
In an embodiment of the present invention, all the data category FIS in the command protocols, wherein detected instruction excludes " Bypass False " classification or " Bypass True " classification person, does not all handle via enciphering/deciphering device 22.For example, enciphering/deciphering SATA device 20 possibly can't be set supports DMA instruction QUEUE (being to carry the data read/write instruction that data need Cipher Processing), and therefore, instruction and data are passed through, and meaning does not promptly need to handle via enciphering/deciphering device 22.
Fig. 6 is the register in the linking layer 32--main frame is to the form synoptic diagram of the position configuration of installing kenel FIS58, and it illustrates the position configuration of one " register-main frame is to device " the kenel FIS in transport layer and linking layer respectively.As shown in Figure 6, the FIS classification has 16 hex value 0xAA of 8 codings.The data dispersing device serial group of instruction field 60 has 16 predetermined hex value 0xD2 among Fig. 6.Therefore, the value of the instruction field in the linking layer 32 " XOR " (XOR) operation result that can be equal to the operation code before 16 hex value 0xD2 and reduction (de-scrambling) computing.
Fig. 7 is the part synoptic diagram (an only side) of an embodiment of enciphering/deciphering SATA device 20 of the present invention (as shown in Figure 1).Being skillful in this technology personage can understand, and the configuration of other selections (can be provided in the opposite side of enciphering/deciphering SATA device 20 as block form ATA interface and/or USB (universal serial bus) (Universal Serial Bus, USB) interface).
Fig. 7 illustrates the FIS classification detecting device 62 that is provided in the transmitting layer 34.FIS classification detecting device 62 can be in order to detect and to check from linking layer 32 and the FIS classification field (first hyte) of the FIS header that comes.As FIS classification field value is one 16 hex value 0x46, and the FIS that then receives is data kenel FIS.Otherwise it is non-data kenel FIS.As the FIS that receives is data kenel FIS, and then FIS classification detecting device 62 is delivered to enciphering/deciphering device 22 with data kenel FIS carrying and done the enciphering/deciphering computing.As in FIS classification field, not finding 16 hex value 0x46, then FIS classification detecting device 62 with the FIS of non-data kenel from transport layer 34 through application layer 36 diversion enciphering/deciphering devices 22, promptly do not need encryption and decryption to handle.
Also comprise an ATA instruction filter 64 in the transmitting layer 34, and be suitable for checking any register-main frame from linking layer 32 to the instruction field that installs kenel FIS (16 hex value of FIS classification are 0x27) (the 3rd hyte of first 32 DWORD seen Fig. 5).ATA instruction filter 64 provides controlling around footpath (Bypass) of enciphering/deciphering device 22.When not belonging to the device configuration, setting of above-mentioned " Bypass True " classes of instructions and status poll, be about to " around the footpath " sign and be set at that " vacation " (False) as detected register-main frame to the 3rd hyte of installing kenel FIS.Otherwise ATA instruction filter 64 is set " around the footpath " and is designated " very " (True).Then all register-main frames are conducted to application layer 36 to installing kenel FIS, that is, can't help enciphering/deciphering device 22 to do any processing.Enciphering/deciphering device 22 remains the state after the previous execution, changes it up to the next one from " around footpath " sign control signal of ATA instruction filter 64.When cushioning as making required proper data, a fifo buffer 66 (illustrating as Fig. 7) can be coupled between FIS classification detecting device 62 and the enciphering/deciphering device 22.
Part (an only side) synoptic diagram of another embodiment of enciphering/deciphering device SATA device of the present invention 20 (illustrating) as shown in Figure 8 as Fig. 1.Being skillful in this technology personage can understand, and (as the block form ATA interface and/or the USB interface) of other configurations can be fully in the opposite side of enciphering/deciphering SATA device 20 when needing.
Illustrate as Fig. 8, also have FIS classification detecting device 68 in the linking layer 32.FIS classification detecting device 68 can utilize one of cubic method, to determine whether to comprise from the bit stream that 30 of Physical layer enters the data kenel FIS of a package.First method is the place value that determines after the reduction of a regulation, the place value after for example first the SOF primitive types after reduces.If first as-reduced value 16 hex value 0x46 after the SOF primitive types, then it belongs to data kenel FIS.Second method comprises the place value after the breaing up of inspection one regulation, the place value after for example first behind the SOF primitive types broken up.After the SOF primitive types, if the 16 hex value 0xCB of the place value after first is broken up, then it belongs to data kenel FIS.The 3rd method is that 16 hex value with the relevant dispersing device serial group of 0x8D decide.One data kenel FIS should have 8 16 hex value 0xCB that broken up.The content of first the 10-position character of the 4th method decision after the SOF base class.It should have binary value (1101000110).
Be detected as a data kenel FIS, FIS classification detecting device 68 is delivered to enciphering/deciphering device 22 in order to do the enciphering/deciphering computing with this data kenel FIS.Otherwise, FIS classification detecting device 68 with this non-data kenel FIS by Physical layer 30 and linking layer 32 away from enciphering/deciphering device 22, that is, do not make Cipher Processing.
Also comprise an ATA instruction filter 70 in the linking layer 32, and be suitable for determining whether the bit stream that enters from Physical layer 30 comprises one register-main frame to installing kenel FIS, and it comprises the ATA instruction that belongs to above-mentioned " Bypass True " classification.Register-main frame can utilize one of four kinds of methods to be detected to installing kenel FIS in linking layer 32.The value of the predetermined reduction of first method decision back hyte, for example value of the hyte after behind the SOF primitive types first has been reduced.If register-main frame is to installing kenel FIS, the octet value after first behind the SOF base class has been reduced should be 16 hex value 0x27.Second method determines a predetermined value of breaing up hyte, the value of the hyte after for example first behind the SOF primitive types broken up.If register-main frame is to installing kenel FIS, the value of the hyte after first behind the SOF primitive types broken up should be 16 hex value 0xAA.The 3rd method with relevant dispersing device serial group 16 hex value 0x8D in order to the decision bit class value.It should have 16 hex value 0xAA of 8 codings if its register-main frame is to installing kenel FIS.The 4th method determines the content of first 10-position character behind the SOF primitive types.It should have the value (0101011010) with binary format.One fifo buffer 72 (as shown in Figure 8) is to be coupled between FIS classification detecting device 68 and the enciphering/deciphering device 22, for suitable data buffering.
One is skillful in think in two embodiment (Fig. 7 and Fig. 8) that this technology personage will be undoubtedly, and nonessential the transport layer in the enciphering/deciphering SATA device of the present invention and/or the set of linking layer agreement is all decomposed, so that the Cipher Processing of implementation data.Therefore, the stand-by period and the complexity of the software/hardware of the embodiment of enforcement Fig. 7 and Fig. 8 explanation can greatly reduce.
Fig. 9 is a calcspar, and encryption and decryption operation control of the invention process is described.Should be appreciated that in arbitrary embodiment (as Fig. 7 and Fig. 8), in addition logical OR (OR) computing of " preset around directly " signal in " around footpath " control signal of ATA instruction filter (64 or 70) and the master controller 24, wherein, the operation of the output of main control 24 control enciphering/deciphering device 22." presetting around the footpath " signal in the master controller 24 can keep constant in whole power cycle of enciphering/deciphering SATA device 20.Be set to logic " 1 " as " preset around footpath " signal, then " around the footpath " sign will be set at " very ", no matter the state of ATA instruction filter why.Be set to logic " 0 " as it, " around the footpath " control signal that the operation of enciphering/deciphering device 22 then only provides on the ATA instruction filter is decided.
FIS classification detecting device and ATA instruction filter are arranged at linking layer 32, as shown in Figure 8, various advantages can be arranged.For example, detect operation as implementing in linking layer 32, the stand-by period that FIS classification DWORD is delivered to transport layer can reduce.To comparatively do not limited to from the time of detecting to reaction.More time-consuming flow process is controlled at embedded CPU (central processing unit), and (Central Processing Unit, when CPU) middle reality is done, will very useful the extra time that is obtained.On the other hand, the advantage of the embodiment of Fig. 7 is simple, and meaning promptly only needs more uncomplicated steering logic design to get final product.
Figure 10 is the synoptic diagram via the data flow of enciphering/deciphering SATA device of the present invention 20 (as shown in Figure 1).Particularly, the data flow based on PIO data output instruction (PIO Data-Out) will be described.Serial ATA enciphering/deciphering device 20 is according to reaction and response receives on main frame and device serial ATA passage and detected data and operation.In this embodiment, suppose that enciphering/deciphering SATA device 20 is initially set " leaving unused " state, at this moment, it listens to any activity of main frame and device end serial ATA passage." around the footpath " under this state is designated " very ".In step 1, enciphering/deciphering SATA device 20 detects a PIO data output instruction kenel FIS who receives to main frame.Secondly, determine whether the PIO data output instruction of receiving belongs to predetermine class.Belong to predetermine class as the PI0 data output instruction, then the master controller 24 of enciphering/deciphering SATA device 20 resets " around footpath " sign (as shown in Figure 9) and is " vacation ", and promptly enciphering/deciphering device 22 is an encryption mode.
In the step 2, enciphering/deciphering SATA device 20 will be set kenel FIS bypass from the PIO that device receives to main frame.In the step 3, enciphering/deciphering SATA device 20 detects the data kenel FIS that has received from main frame, and all the data D WORD among its data kenel FIS will be directed to enciphering/deciphering device 22 in order to encrypting.In the step 4, detecting one (state) register kenel FIS as enciphering/deciphering SATA device 20 receives from device (instruction is finished or ended), so " around footpath " sign (as shown in Figure 9) will be set at " very " again, enciphering/deciphering SATA device 20 returns that " " state leaves unused.Otherwise, not finish as yet as instruction, handling procedure respectively repeats steps 2, step 3 and step 4.
Figure 11 is according to another embodiment of the present invention through the synoptic diagram of the data flow of enciphering/deciphering SATA device 20.Particularly, (DMA Data-In) data flow based on the DMA data input instruction will be described.Suppose that enciphering/deciphering SATA device 20 is initially set " leaving unused " state, it listens to any activity of main frame and device end serial ATA passage." around the footpath " when this state is designated " very ".
When the serial ATA hard disk drive was prepared to transfer data to main frame, hard disk drive sent one and suitably requires signal to main frame.After receiving the response message of main frame, hard disk drive transmits the FIS of a data category.According to behind the data kenel FIS that receives, the DMA engine in the console controller transmits the data that the receive continuous position to the storer of the planning in advance of host side.
In the step 1, detect as enciphering/deciphering SATA device 20 and to receive a DMA data input instruction kenel FIS from main frame, belong to predetermine class as this instruction, the master controller 24 of enciphering/deciphering SATA device 20 will be set " around the footpath " sign (as shown in Figure 9) and be " vacation ", and enciphering/deciphering SATA device 20 is a decryption mode at this moment.In the step 2, receive a data kenel FIS when serial ATA enciphering/deciphering device 20 detects from device, all DWORD among the data kenel FIS will be directed to enciphering/deciphering device 22 for decrypt operation.In the step 3, detect from device as serial ATA enciphering/deciphering device 20 and to receive one (state) register kenel FIS (instruction is finished or ended), " around directly " sign can be set at " very " again by master controller 24, and enciphering/deciphering SATA device 20 becomes " leaving unused ".Otherwise, do not finish as the decision instruction, repeating step 2 and step 3.
Figure 12 diagrammatic illustration enciphering/deciphering SATA-of the present invention is to-IDE (Integrated DriveElectronics, IDE) the real work.Particularly, a side of enciphering/deciphering SATA device 20 is to be coupled to an IDE signal interface 76 via a SATA-to-IDE protocol translation device.IDE signal interface 76 provides an IDE passage to device (not shown).The opposite side of enciphering/deciphering SATA device 20 provides a SATA passage to the main frame (not shown), as shown in figure 12.Enciphering/deciphering SATA device 20 transmits dirty controlling signal and data to IDE signal interface 76 via SATA-to-IDE protocol translation device 74.Enciphering/deciphering SATA device 20 receives upper reaches controlling signal and data from IDE signal interface 76 through SATA-to--IDE protocol translation device 74.
In the embodiment of Figure 12, enciphering/deciphering SATA device 20 is implemented according to the configuration of Fig. 7 explanation.One ATA instruction filter 64 is provided on transmitting layer 34.In another example in Figure 12, enciphering/deciphering SATA device 20 is implemented according to the configuration of Fig. 8 explanation.ATA instruction filter 70 is fully on linking layer 32.
The above embodiments can be implemented by hardware and/or software pattern.Utilize enciphering/deciphering SATA device of the present invention that different advantages can be provided.For example, FIS can shorten analysis time.In addition, hardware and software complexity also reduce.In addition, do not need to decompose all data and whether need enciphering/deciphering with decision.
The enciphering/deciphering SATA device and method that discloses is distinguishes data classification frame (Data FIS) and non-data kenel frame (None Data FIS) rapidly, thereby makes the more efficient and reduction complexity of whole enciphering/deciphering operation.In addition, the disclosed enciphering/deciphering SATA of the present invention device can be with the selective data stream enciphering/deciphering that receives from two (serial ATA) interface.The enciphering/deciphering SATA device of Figure 12 can flow the selective data that receives from serial ATA and IDE interface in addition enciphering/deciphering computing in addition.Real work comprises a string type ATA-to-USB, and (USB (universal serial bus), Universal Serial Bus USB) are coupled by (connector), and it can be with the selection data stream enciphering/deciphering from serial ATA and the reception of USB associate member.
As previously discussed, various embodiment can be implemented in many commercial device.These devices comprise, and are not limited to internal hard disk drive, CDROM, DVDROM, CDRW, DVDRW, and the flash memory of serial ATA is housed; Outside Portable hard disk drive, CDROM, DVDROM, CDRW, DVDRW are equipped with the flash memory at serial ATA interface; Serial ATA-to--IDE/IDE-to--serial ATA module, serial ATA-to--USB/USB-to-serial ATA module, PC (PC), notebook computer, PC on knee, and graphic tablet (Tablet) PC etc.
Being skillful in this technology personage can understand, and other assemblies and/or configuration not departing from purpose of the present invention and scope thereof the time, can be used in the above embodiments.In addition, all nouns all should be to explain with the context matching way widely.Particularly, " comprising " reaches " comprising " should be with the element of non-wipe-out mode explanation reference, and assembly, or step are pointed out its appearance, is used, or share with other assemblies, or do not show the assembly of reference, and element or step are share.
The present invention describes in detail with preferred embodiment, but should be appreciated that different modifications and change under not departing from spirit of the present invention and scope, all can implement.This very importantly implements the invention is not restricted to above-described application on the one hand.Many other application and/or variation are contrary in nothing and all can be used under order of the present invention.
The above is by embodiment characteristics of the present invention to be described, its purpose is had the knack of this operator and can loud and clearly be separated content of the present invention and implement according to this making, and non-limiting claim of the present invention.So all equivalences that other are not finished departing from disclosed spirit are modified or are revised, and must be included in the claim of the following stated.
Claims (52)
1. enciphering/deciphering device comprises:
One master controller;
At least one protocol stack that is suitable for differential signal transmission; And
At least one enciphering/deciphering device, it is coupled between this master controller and this protocol stack, handles in order to high speed password to be provided.
An enciphering/deciphering string type advanced technology associate member (Serial ATA, SATA) device comprises:
One master controller;
At least one SATA protocol stack; And
At least one enciphering/deciphering device engine is to be coupled to this master controller and this SATA protocol stack in the running, handles in order to high speed password to be provided.
3. an enciphering/deciphering string type advanced technology associate member (SATA) installs, and comprises:
One master controller;
One SATA device protocol stack;
One SATA host protocol piles up; And
At least one enciphering/deciphering device is to be coupled to this master controller, this SATA device protocol stack and this SATA host protocol to pile up in the utilization, handles in order to high speed password to be provided.
4. enciphering/deciphering string type advanced technology associate member device as claimed in claim 3 is characterized in that this SATA device protocol stack is to receive the input data from a SATA main frame breakout box, and transmits output data to this SATA main frame breakout box.
5. enciphering/deciphering string type advanced technology associate member device as claimed in claim 4 is characterized in that it is to receive the input data from a SATA Setup Controller that this SATA host protocol piles up, and transmits output data to this SATA Setup Controller.
6. enciphering/deciphering string type advanced technology associate member device as claimed in claim 5 is characterized in that arbitrary this SATA device protocol stack and arbitrary this SATA host protocol pile up and comprises a Physical layer, a linking layer and a transport layer.
7. enciphering/deciphering string type advanced technology associate member device as claimed in claim 6 is characterized in that also comprising an application layer.
8. enciphering/deciphering string type advanced technology associate member device as claimed in claim 7 is characterized in that this application layer comprises this enciphering/deciphering device and this master controller.
9. enciphering/deciphering string type advanced technology associate member device as claimed in claim 8 is characterized in that utilizing this enciphering/deciphering device to do the encrypt/decrypt computing in the predetermined data kenel FIS carrying that exchanges between this SATA main frame breakout box and this SATA Setup Controller.
10. enciphering/deciphering string type advanced technology associate member device as claimed in claim 8 is characterized in that utilizing this enciphering/deciphering device to do the encrypt/decrypt computing in the data FIS of the selection that exchanges between this SATA main frame breakout box and this SATA Setup Controller carrying.
11. enciphering/deciphering string type advanced technology associate member device as claimed in claim 10 is characterized in that this master controller is the signal path of data, instruction, control and the status signal of standard transmission.
12. enciphering/deciphering string type advanced technology associate member device as claimed in claim 11 is characterized in that this master controller is to receive a plurality of signals from this Physical layer, this linking layer and this transport layer.
13. enciphering/deciphering string type advanced technology associate member device as claimed in claim 12 is characterized in that those signals that receive comprise by the detected FIS classification of below layer and a plurality of instruction.
14. enciphering/deciphering string type advanced technology associate member device as claimed in claim 12 is characterized in that these signals that receive comprise data transfer direction.
15. enciphering/deciphering string type advanced technology associate member device as claimed in claim 12 is characterized in that these signals that receive comprise a primitive types and the one section outer indicator that detects from the below layer.
16. enciphering/deciphering string type advanced technology associate member device as claimed in claim 12 is characterized in that a plurality of non-data kenel FIS and a plurality of data kenel FIS of enciphering/deciphering that do not need or not to handle via this enciphering/deciphering device.
17. enciphering/deciphering string type advanced technology associate member device as claimed in claim 16 is characterized in that these do not need the data kenel FIS of enciphering/deciphering is instruction information.
18. enciphering/deciphering string type advanced technology associate member device as claimed in claim 16 is characterized in that these do not need the data kenel FIS of enciphering/deciphering is control information.
19. enciphering/deciphering string type advanced technology associate member device as claimed in claim 16 is characterized in that these do not need the data kenel FIS of enciphering/deciphering is status information.
20. enciphering/deciphering string type advanced technology associate member device as claimed in claim 12 is characterized in that this transport layer provides a FIS classification detecting device.
21. enciphering/deciphering string type advanced technology associate member device as claimed in claim 20 is characterized in that this FIS classification detecting device is FIS is imported in detection and verification from one of this linking layer a FIS classification field.
22. enciphering/deciphering string type advanced technology associate member device as claimed in claim 21 is characterized in that this FIS classification field is first hyte from the FIS header of this input FIS of this linking layer input.
23. enciphering/deciphering string type advanced technology associate member device as claimed in claim 22 is characterized in that from this FIS classification field of this input FIS of this linking layer input then being data kenel FIS when having 16 hex value 0x46.
24. enciphering/deciphering string type advanced technology associate member device as claimed in claim 23 is characterized in that this FIS classification detecting device is sent to this enciphering/deciphering device in order to handling with this data kenel FIS.
25. enciphering/deciphering string type advanced technology associate member device as claimed in claim 23 is characterized in that this FIS classification field from this input FIS of this linking layer input as if not having 16 hex value 0x46, then is a non-data kenel FIS.
26. enciphering/deciphering string type advanced technology associate member device as claimed in claim 25 is characterized in that this FIS classification detecting device should leave this enciphering/deciphering device through this application layer by non-data kenel FIS.
27. enciphering/deciphering string type advanced technology associate member device as claimed in claim 26 is characterized in that this transport layer also comprises an advanced technology associate member instruction filter.
28. enciphering/deciphering string type advanced technology associate member device as claimed in claim 27 is characterized in that this advanced technology associate member instruction filter provides this enciphering/deciphering device one around footpath control.
29. enciphering/deciphering string type advanced technology associate member device as claimed in claim 28 is characterized in that this linking layer provides a FIS classification detecting device.
30. enciphering/deciphering string type advanced technology associate member device as claimed in claim 29 is characterized in that this FIS classification detecting device is to utilize one of a plurality of methods decisions entering bit stream and whether comprise a data kenel FIS from this Physical layer.
31. enciphering/deciphering string type advanced technology associate member device as claimed in claim 30, one first method that it is characterized in that these methods be one behind the decision SOF primitive types first reduced the value of back hyte.
32. enciphering/deciphering string type advanced technology associate member device as claimed in claim 31, it is characterized in that this first reduced the back hyte and had 16 hex value 0x46 that are used for data kenel FIS.
33. enciphering/deciphering string type advanced technology associate member device as claimed in claim 30, one second method that it is characterized in that these methods are to check one behind the SOF primitive types first breaks up the value of hyte.
34. enciphering/deciphering string type advanced technology associate member device as claimed in claim 33, it is characterized in that this first break up hyte and have 16 hex value 0xCB that are used for data kenel FIS.
35. enciphering/deciphering string type advanced technology associate member device as claimed in claim 30, the third party's method that it is characterized in that these methods are the values with the relevant dispersing device serial group's of 0x8D 16 hex value decision hyte.
36. enciphering/deciphering string type advanced technology associate member device as claimed in claim 35 is characterized in that the octet value after respectively the breaing up of data kenel FIS is 16 hex value 0xCB.
37. enciphering/deciphering string type advanced technology associate member device as claimed in claim 30, a cubic method that it is characterized in that these methods are the contents in order to one the 1 character behind the decision SOF primitive types.
38. enciphering/deciphering string type advanced technology associate member device as claimed in claim 37 is characterized in that the one 10 character behind the SOF primitive types has a binary value 1101000110.
39. enciphering/deciphering string type advanced technology associate member device as claimed in claim 29 is characterized in that this linking layer also comprises an advanced technology associate member instruction filter.
40. enciphering/deciphering string type advanced technology associate member device as claimed in claim 39, it is characterized in that this advanced technology associate member instruction filter is to utilize one of a plurality of methods, whether the bit stream that decision enters from this Physical layer comprises register-main frame to installing kenel FIS.
41. enciphering/deciphering string type advanced technology associate member device as claimed in claim 40, one first method that it is characterized in that these methods be the decision behind the SOF primitive types one first reduced the back hyte value.
42. enciphering/deciphering string type advanced technology associate member device as claimed in claim 41 is characterized in that this first value of having reduced the back hyte has one and is used for register-main frame to the 16 hex value 0x27 that install kenel FIS.
43. enciphering/deciphering string type advanced technology associate member device as claimed in claim 40, one second method that it is characterized in that these methods are in order to check one first value of breaing up hyte behind the SOF primitive types.
44. enciphering/deciphering string type advanced technology associate member device as claimed in claim 43 is characterized in that this first value of breaing up hyte has one and is used for register-main frame to the 16 hex value 0xAA that install kenel FIS.
45. enciphering/deciphering string type advanced technology associate member device as claimed in claim 40, the third party's method that it is characterized in that these methods are the values with the relevant dispersing device serial group's of 0x8D 16 hex value decision hyte.
46. enciphering/deciphering string type advanced technology associate member device as claimed in claim 45, it is characterized in that being used for register-main frame to the 16 system place values of respectively breaing up of installing kenel FIS is 0xAA.
47. enciphering/deciphering string type advanced technology associate member device as claimed in claim 40, a cubic method that it is characterized in that these methods are in order to determine the content of one the 1 character behind the SOF primitive types.
48. enciphering/deciphering string type advanced technology associate member device as claimed in claim 47 is characterized in that the one 10 character behind the SOF primitive types has a binary value 0101011010.
49. enciphering/deciphering string type advanced technology associate member device as claimed in claim 28, it is characterized in that by what this advanced technology associate member instruction filter provided it should being and presetting in this master controller to cause this enciphering/deciphering device to be controlled around the signal of footpath control by each output from this master controller around the in addition logic OR computing of footpath signal.
50. a method for encryption/decryption comprises following steps:
Provide an enciphering/deciphering string type advanced technology associate member (SATA) to be installed between a main frame and a device;
Utilize this enciphering/deciphering SATA device to detect I/O able to programme (PIO) data output instruction kenel FIS from this main frame, and determine whether this PIO data output instruction kenel FIS belongs to a predetermine class, and wherein this predetermine class is corresponding to this enciphering/deciphering SATA device that is set at encryption mode;
Utilize this enciphering/deciphering SATA device to walk around all PIO that receive from this device and set the FIS of kenel to this main frame;
Utilize this enciphering/deciphering SATA device to detect carrying, and this data kenel FIS that encryption detection goes out carry from a data kenel FIS of this main frame reception; And
Utilize this enciphering/deciphering SATA device to detect a status register kenel FIS who receives from this device, wherein this status register kenel FIS causes this enciphering/deciphering SATA device to be reset to around the footpath pattern.
51. a method for encryption/decryption comprises following steps:
Provide an enciphering/deciphering string type advanced technology associate member (SATA) to be installed between a main frame and the device;
Utilize an enciphering/deciphering SATA device to detect direct storage access (DMA) data input instruction kenel FIS who receives from this main frame and determine whether this DMA data input instruction kenel FIS belongs to a predetermine class, wherein this predetermine class is this enciphering/deciphering SATA device that is set at decryption mode corresponding to this;
Utilize this enciphering/deciphering SATA device to carry, and decipher detected this data kenel FIS carrying to detect a data kenel FIS who receives from this device; And
Utilize this enciphering/deciphering SATA device to detect a status register kenel FIS who receives from this device, wherein this status register kenel FIS causes this enciphering/deciphering SATA device to be reset to around the footpath pattern.
52. password string line advanced technology associate member device as claimed in claim 3 is characterized in that this SATA host protocol piles up to be coupled to the integrated-type electronic formula via the SATA-to-IDE protocol converter and to drive the interface.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US11/282,175 | 2005-11-18 | ||
| US11/282,175 US7900057B2 (en) | 2000-11-03 | 2005-11-18 | Cryptographic serial ATA apparatus and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101008931A true CN101008931A (en) | 2007-08-01 |
| CN101008931B CN101008931B (en) | 2010-05-26 |
Family
ID=38051464
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2006101624794A Active CN101008931B (en) | 2005-11-18 | 2006-11-17 | Cryptographic serial ATA apparatus and method |
Country Status (4)
| Country | Link |
|---|---|
| JP (1) | JP4762861B2 (en) |
| CN (1) | CN101008931B (en) |
| CA (1) | CA2567219C (en) |
| TW (1) | TWI330320B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105468983A (en) * | 2015-11-17 | 2016-04-06 | 北京华虹集成电路设计有限责任公司 | Data transmission method and device based on SATA (Serial Advanced Technology Attachment) interface |
| CN112416830A (en) * | 2020-12-09 | 2021-02-26 | 鸿秦(北京)科技有限公司 | NVME and SATA protocol conversion realization circuit |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1373461A (en) * | 2001-02-28 | 2002-10-09 | 伊诺瓦科技股份有限公司 | Encrypting-decrypting device for data storage |
| JP2003271487A (en) * | 2002-03-12 | 2003-09-26 | Nec Corp | Communication system, gateway device and gateway program |
| WO2003094513A1 (en) * | 2002-04-30 | 2003-11-13 | General Dynamics Advanced Information Systems, Inc. | Method and apparatus for in-line serial data encryption |
| US7248696B2 (en) * | 2002-09-12 | 2007-07-24 | International Business Machines Corporation | Dynamic system bus encryption using improved differential transitional encoding |
-
2006
- 2006-03-15 TW TW95108844A patent/TWI330320B/en active
- 2006-11-06 CA CA2567219A patent/CA2567219C/en active Active
- 2006-11-13 JP JP2006306383A patent/JP4762861B2/en active Active
- 2006-11-17 CN CN2006101624794A patent/CN101008931B/en active Active
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105468983A (en) * | 2015-11-17 | 2016-04-06 | 北京华虹集成电路设计有限责任公司 | Data transmission method and device based on SATA (Serial Advanced Technology Attachment) interface |
| CN105468983B (en) * | 2015-11-17 | 2020-01-03 | 北京华大智宝电子系统有限公司 | Data transmission method and device based on SATA interface |
| CN112416830A (en) * | 2020-12-09 | 2021-02-26 | 鸿秦(北京)科技有限公司 | NVME and SATA protocol conversion realization circuit |
| CN112416830B (en) * | 2020-12-09 | 2024-03-26 | 鸿秦(北京)科技有限公司 | NVME and SATA protocol conversion realization circuit |
Also Published As
| Publication number | Publication date |
|---|---|
| CA2567219C (en) | 2013-01-22 |
| JP4762861B2 (en) | 2011-08-31 |
| CA2567219A1 (en) | 2007-05-18 |
| TW200720936A (en) | 2007-06-01 |
| JP2007143149A (en) | 2007-06-07 |
| TWI330320B (en) | 2010-09-11 |
| CN101008931B (en) | 2010-05-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7900057B2 (en) | Cryptographic serial ATA apparatus and method | |
| AU2002326226B2 (en) | Method and device for encryption/decryption of data on mass storage device | |
| US6687835B1 (en) | Command authorization method | |
| CN104156677B (en) | FPGA-based hard disk encryption and decryption system | |
| JP2004280818A (en) | System and method for simulating universal serial bus smart card device connected to usb host | |
| CN101136699B (en) | Automatic recognition method and encryption method of pluggable optical module | |
| AU2002326226A1 (en) | Method and device for encryption/decryption of data on mass storage device | |
| CN101627376A (en) | Needing to be used for the mutual apparatus and method of improved SATA equipment of SAS extender | |
| CN101561751A (en) | USB encryption and decryption bridging chip | |
| KR20060119989A (en) | Device for secure access to digital media contents, virtual multi-interface driver and system for secure access to digital media contents | |
| CN106845219A (en) | A kind of intrusion detection smart machine for multiple types of data | |
| CN104205904B (en) | Use the secure communication of physical access | |
| CN101008931B (en) | Cryptographic serial ATA apparatus and method | |
| CN1304915C (en) | Computer hard disk data encrypting method and device | |
| CN103324587A (en) | Nandflash equipment encryption and decryption implementation method and system | |
| US20040034768A1 (en) | Data encryption device based on protocol analyse | |
| KR101043255B1 (en) | Usb hub device for providing datasecurity and method for providing datasecurity using the same | |
| CN105468983A (en) | Data transmission method and device based on SATA (Serial Advanced Technology Attachment) interface | |
| CN101944164A (en) | Intelligent mobile storage equipment | |
| US7272194B1 (en) | Method to transmit bits of data over a bus | |
| CN2650231Y (en) | Storage unit with optimized compression management mechanism | |
| CN104580181A (en) | Device and method for data encryption and encryption accelerator engine | |
| CN101727408A (en) | Data encryption method based on hard disk interface controller | |
| CN113448891B (en) | Memory controller and method for monitoring access to memory modules | |
| CN116956321A (en) | Method, device and system for encrypting chip data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |