CN101739757B - Flash memory storage system, controller and data protection method - Google Patents

Flash memory storage system, controller and data protection method Download PDF

Info

Publication number
CN101739757B
CN101739757B CN2008101782212A CN200810178221A CN101739757B CN 101739757 B CN101739757 B CN 101739757B CN 2008101782212 A CN2008101782212 A CN 2008101782212A CN 200810178221 A CN200810178221 A CN 200810178221A CN 101739757 B CN101739757 B CN 101739757B
Authority
CN
China
Prior art keywords
data
flash memory
controller
message
labels
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2008101782212A
Other languages
Chinese (zh)
Other versions
CN101739757A (en
Inventor
詹清文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Samsung Electronics Co Ltd
Original Assignee
Phison Electronics Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Phison Electronics Corp filed Critical Phison Electronics Corp
Priority to CN2008101782212A priority Critical patent/CN101739757B/en
Publication of CN101739757A publication Critical patent/CN101739757A/en
Application granted granted Critical
Publication of CN101739757B publication Critical patent/CN101739757B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)
  • Read Only Memory (AREA)

Abstract

The invention relates to a flash memory storage system, a controller and a data protection method. The flash memory storage system comprises a controller provided with an overridable type nonvolatile memory and a flash memory chip. When writing safety data in the flash memory chip, the controller can randomly generate a data mark and generate a message abstract based on the written safety data and the data mark by using unidirectional hash functions, wherein the data mark and the message abstract can be respectively stored in the overridable type nonvolatile memory and the flash memory chip. Afterwards, when reading the safety data from the flash memory chip, the controller can judge whether the read safety data is manipulated or not depending on the data mark and the message abstract of the overridable type nonvolatile memory and the flash memory chip. Based on above, the safety data of the flash memory chip can be efficiently protected.

Description

Flash memory storage system, controller and data guard method
Technical field
The present invention relates to a kind of flash memory storage system, and be particularly related to a kind of flash memory storage system with data protection function with and controller and data guard method.
Background technology
Along with the user accepts to use stored value card and prepayment Stored Value gradually, make that the use of smart card is universal day by day.Smart card (Smart Card) is to have the for example IC chip of the assembly of microprocessor, card operation system, security module and storer (IC chip), carries out scheduled operation to allow the holder.Smart card provides calculating, encryption, two-way communication and security function, makes this card except the function of storage data, can also reach the function that its data of storing are protected.(Subscriber Identification Module, SIM) card is one of them exemplary applications of smart card to use employed subscriber identification module in the machine-processed cellular phone of global system for mobile communications (GSM).In general, smart card itself is subject to the standard of its integrated circuit, so memory capacity is limited.
Storage card is a kind of data storage device, is as storage medium with the NAND flash memory as the one of which.The NAND flash memory has the advantage that still can preserve data after can writing, can wiping and cut off the power supply, in addition, along with the improvement of manufacturing technology, the NAND flash memory has that volume is little, access speed fast, with advantages such as power consumption is low.Therefore, the possibility that combines with jumbo storage card of this those skilled in the art's active research smart card in recent years is with the memory capacity of amplification smart card.
Yet; In the example that combines smart card and storage card; Secure data is to be stored in and smart card independently in the storage card, and just secure data is not to be stored in the intrinsic IC chip, therefore how to guarantee that safety of data is the key that can this application successful on the storage card.For example; When the user with the storage card be storage medium smart card (for example; The prepayment stored value card in shop) 1000 yuan of Stored Values and when using this smart card to consume in, because storage card is circuit independently, so the user can be in confirming smart card carries out hard copy (hard copy) with the data in the storage card behind the position of storage card before consuming; After consumption is accomplished, again the data of hard copy are returned afterwards and be stored in the storage card, refresh the Stored Value before (refresh) consumption thus.Therefore, the safety of protection flash memory internal data is the problem that these those skilled in the art quite pay attention to.
Summary of the invention
The present invention provides a kind of flash memory storage system, and it can guarantee the reliability of the data of storing effectively.
The present invention provides a kind of controller, and it can guarantee the reliability of the data of storing in a flash memory chip effectively.
The present invention provides a kind of data guard method, and it can guarantee the reliability of the data of storing in a flash memory chip effectively.
The present invention proposes a kind of flash memory storage system, and it comprises controller and flash memory chip.Controller has the re-writeable nonvolatile memory; And flash memory chip is to electrically connect controller so far; Wherein when controller writes secure data to flash memory chip, then controller can produce a corresponding Data Labels to the secure data that is write, produce corresponding message through an One-Way Hash Function (One-Way Hash Function) according to the secure data that is write and the Data Labels that is produced and make a summary, Data Labels is stored in the re-writeable nonvolatile memory and corresponding message made a summary be stored in the flash memory chip.In addition; When controller is handled secure data from flash memory chip; Then controller can be from the re-writeable nonvolatile memory reading of data sign, produce a comparison message summary, from flash memory chip, read corresponding message summary and judge that corresponding message is made a summary and whether identical the comparison message that produced makes a summary according to the secure data that is read and the Data Labels that is read through One-Way Hash Function; And judge corresponding message summary and the comparison message that is produced when controller and make a summary when inequality that then controller can be exported a caution message.
In one embodiment of this invention, above-mentioned controller also comprises the Data Labels generation unit, and wherein this Data Labels generation unit is in order to produce above-mentioned Data Labels.
In one embodiment of this invention, above-mentioned Data Labels generation unit is to produce Data Labels randomly or in order.
In one embodiment of this invention, above-mentioned Data Labels generation unit is that the particular data that receives according to controller produces this Data Labels.
In one embodiment of this invention, above-mentioned controller also comprises message summary generation unit, and wherein this message summary generation unit uses above-mentioned One-Way Hash Function to produce above-mentioned message summary and above-mentioned comparison message summary.
In one embodiment of this invention, the capacity of the re-writeable nonvolatile memory of above-mentioned controller is 16 or 32.
In one embodiment of this invention, above-mentioned One-Way Hash Function comprises MD5, SHA-256, SHA-386 or SHA-512.
In one embodiment of this invention, above-mentioned flash memory storage system also comprises connector, and it is to be electrically connected to above-mentioned controller and in order to connect a host computer system.
The present invention proposes a kind of controller; Be applicable to the flash memory storage system with a flash memory chip, this controller comprises microprocessor unit, re-writeable nonvolatile memory, Data Labels generation unit, message summary generation unit and flash memory interface module.When microprocessor unit write a secure data to flash memory chip, then the Data Labels generation unit can produce corresponding Data Labels to the secure data that is write, message is made a summary, and generation unit can produce corresponding message summary through One-Way Hash Function (One-Way Hash Function) foundation secure data that is write and the Data Labels that is produced, microprocessor unit can be stored in Data Labels in the re-writeable nonvolatile memory and with corresponding message summary and be stored in this flash memory chip.In addition; When microprocessor unit is handled secure data from flash memory chip; Then microprocessor unit can reading of data sign, message summary generation unit can produce a comparison message summary through One-Way Hash Function foundation secure data that is read and the Data Labels that is read from the re-writeable nonvolatile memory, microprocessor unit can read corresponding message summary and judge corresponding message is made a summary whether identical with the comparison message summary that is produced from flash memory chip; And judge corresponding message summary and the comparison message that is produced when microprocessor unit and make a summary when inequality that then microprocessor unit can be exported a caution message.
In one embodiment of this invention, above-mentioned Data Labels generation unit is to produce Data Labels randomly or in order.
In one embodiment of this invention, above-mentioned Data Labels generation unit is that the particular data that receives according to microprocessor unit produces Data Labels.
In one embodiment of this invention, the capacity of the re-writeable nonvolatile memory of above-mentioned controller is 16 or 32.
In one embodiment of this invention, above-mentioned One-Way Hash Function comprises MD5, SHA-256, SHA-386 or SHA-512.
In one embodiment of this invention, above-mentioned controller also comprises host interface module, and it is electrically connected to microprocessor unit and in order to connect a host computer system.
The present invention proposes a kind of data guard method; It is applicable to that protection is stored in the secure data in the flash memory chip of flash memory storage system, and this data guard method is included in configuration re-writeable nonvolatile memory in the controller of flash memory storage system.This data guard method also comprises when writing secure data to flash memory chip, then the secure data that is write produced corresponding Data Labels, uses One-Way Hash Function (One-Way Hash Function) to produce corresponding message according to the secure data that is write and the Data Labels that is produced to make a summary, Data Labels is stored in the re-writeable nonvolatile memory and corresponding message made a summary be stored in the flash memory chip.This data guard method also comprises when from flash memory chip, reading secure data; Then from the re-writeable nonvolatile memory reading of data sign, use One-Way Hash Function to produce a comparison message summary, from flash memory chip, read corresponding message summary and judge that corresponding message is made a summary and whether identical the comparison message that produced makes a summary according to the secure data that is read and the Data Labels that is read; Wherein make a summary when inequality, then export a caution message when corresponding message summary and the comparison message that is produced.
In one embodiment of this invention, the above-mentioned step that the secure data that is write is produced corresponding Data Labels comprises randomly or produces this Data Labels in order.
In one embodiment of this invention, the above-mentioned step that the secure data that is write is produced corresponding Data Labels comprises that the particular data that receives according to controller produces this Data Labels.
In one embodiment of this invention, the configuration capacity of the above-mentioned re-writeable nonvolatile memory that in the control of flash memory storage system, is disposed is 16 or 32.
In one embodiment of this invention, above-mentioned One-Way Hash Function comprises MD5, SHA-256, SHA-386 or SHA-512.
The present invention produces new Data Labels and in controller, uses a re-writeable nonvolatile memory to store the Data Labels that is produced to each renewal secure data because of adopting by controller; Whether the comparison message that therefore can utilize this Data Labels to produce makes a summary the authenticating security data to be altered, and guarantees the reliability of secure data thus.
For letting the above-mentioned feature and advantage of the present invention can be more obviously understandable, hereinafter is special lifts preferred embodiment, and conjunction with figs., elaborates as follows.
Description of drawings
Fig. 1 is the summary calcspar that illustrates flash memory storage system according to one embodiment of the invention.
Fig. 2 (a)~(b) is the process flow diagram that illustrates data guard method according to the embodiment of the invention
Fig. 3 (a)~(c) is the synoptic diagram that illustrates the reliability of judging secure data according to the embodiment of the invention.
[main element symbol description]
100: flash memory storage system
110: controller
110a: microprocessor unit
110b: flash memory interface module
110c: Data Labels generation unit
110d: message summary generation unit
110e: re-writeable nonvolatile memory
120: flash memory chip
120 ': flash memory chip
200: the smart card chip
S201, S203, S205, S207, S211, S213, S215, S217, S219, S221, S223: data protection step
DT1, DT2: Data Labels
SD1, SD2: secure data
M1, M2: message summary
Embodiment
Fig. 1 is the summary calcspar that illustrates flash memory storage system according to one embodiment of the invention.Please with reference to Fig. 1, flash memory storage system 100 comprises controller (also claiming controller system) 110 and flash memory chip (flash memory chip) 120.
Flash memory storage system 100 has the data protection function that designs according to present embodiment, and therefore, flash memory storage system 100 can be used for storing the secure data that needs protection.For example, in the present embodiment, flash memory storage system 100 is in order to combine the storage medium of conduct in order to the secure data of storage smart card with smart card (smart card).According to the data guard method of present embodiment will in after specify.In the present embodiment, flash memory storage system 120 combines with present existing smart card chip 200 with convenient for the storage card chip of small size.But it must be appreciated; Flash memory storage system 100 can also be to coil with oneself or solid state hard disc (Solid State Drive in another embodiment of the present invention; SSD), can protect user's confidential data when providing the user to use carry-on dish or solid state hard disc.
Controller 110 can carry out with hardware pattern or the real a plurality of logic locks done of firmware pattern or mechanical order with the storage of flash memory chip 120 being carried out data, running such as read and wipe.Controller 110 comprises microprocessor unit 110a, flash memory interface module 110b, Data Labels generation unit 110c, message summary generation unit 110d and re-writeable nonvolatile memory 110e.
Microprocessor unit 110a in order to flash memory interface module 110b, Data Labels generation unit 110c, message summary generation unit 110d and re-writeable nonvolatile memory 110e cooperative cooperating to carry out the various runnings of flash memory storage system 100.Particularly; In the present embodiment when smart card chip 200 accesses that combine with flash memory storage system 100 are stored in the secure data in the flash memory chip 120; Microprocessor unit 110a can judge whether the secure data that is read is unlawfully altered; And unlawfully altered smart card chip 200 that Shi Huixiang combines with flash memory storage system 100 when secure data and transmitted and warn messages and inform that the secure data that is read do not have a reliability, with the running of avoiding the incorrect secure data of smart card chip 200 uses to be correlated with.
Flash memory interface module 110b is electrically connected to microprocessor unit 110a and in order to access flash memory chip 120.Just, the data of desiring to write to flash memory chip 120 can convert 120 receptible forms of flash memory chip into via flash memory interface module 110b.
Data Labels generation unit 110c is electrically connected to microprocessor unit 110a.In the present embodiment, Data Labels generation unit 110c is a tandom number generator, in order to when each microprocessor unit 110a desires to write secure data to flash memory chip 120, to produce the Data Labels (Data Token) of the corresponding secure data that writes.Specifically, Data Labels is a random number, and it is in order to combine with writing secure data with make a summary as the generation message (message digest) or message confirmation codes (Message Authentication Code, parameter MAC).Particularly; Microprocessor unit 110a can be stored in Data Labels generation unit Data Labels that 110c produces among the re-writeable nonvolatile memory 110e, and microprocessor unit 110a can read the reliability demonstration that this Data Labels carries out secure data afterwards.
What deserves to be mentioned is; In another embodiment of the present invention; Data Labels generation unit 110c also complies with immutable laws or produces number in regular turn and is used as Data Labels, and for example Data Labels generation unit 110c can be according to serial number 1,2,3... as Data Labels.In addition, Data Labels generation unit 110c also can encode the back as Data Labels generation unit 110c as Data Labels or with this particular data with the particular data (for example, the processing time of these data) that microprocessor unit 110a is received.
Message summary generation unit 110d is electrically connected to microprocessor unit 110a.In embodiments of the present invention, message summary generation unit 110d can produce the message summary with One-Way Hash Function (One-Way Hash Function) with the message of being imported.Particularly, microprocessor unit 110a can be stored in make a summary generation unit message that 110d produces summary of message in the flash memory chip 120, and microprocessor unit 110a can read this message and makes a summary and carry out the reliability demonstration of secure data afterwards.
In the present embodiment, be to use SHA-256 to come the real One-Way Hash Function of doing among the message summary generation unit 110d.Yet, it must be appreciated to the invention is not restricted to this that One-Way Hash Function in another embodiment of the present invention among the message summary generation unit 110d can also MD5, SHA-386, SHA-512 or other functions that is fit to come real the work.
What deserves to be mentioned is that in the present embodiment, Data Labels generation unit 110c and message summary generation unit 110d are that a hardware pattern is embodied in the controller 110.Yet Data Labels generation unit 110c and message summary generation unit 110d can also a firmware pattern be implemented in the controller 110 in another embodiment of the present invention.For example, the service routine language is write associated mechanical instruction and is stored in program storage that (for example, ROM (read-only memory) (Read Only Memory, ROM)) comes real data sign generation unit 110c and the message summary generation unit 110d of doing in controller 110.When flash memory storage system 100 running, make a summary a plurality of machine instructions of generation unit 110d of Data Labels generation unit 110c and message can be loaded on indirectly in the memory buffer (not illustrating) of controller 110 and by microprocessor unit 110a and carry out or directly carried out to accomplish above-mentioned data protection step by microprocessor unit 110a.
In addition, in another embodiment of the present invention, the mechanical order of Data Labels generation unit 110c and message summary generation unit 110d can also the firmware pattern be stored in the specific region (for example, system region) of flash memory chip 120.Same; When flash memory storage system 100 running, make a summary a plurality of machine instructions of generation unit 110d of Data Labels generation unit 110c and message can be loaded in the memory buffer (not illustrating) of controller 110 and by microprocessor unit 110a and carry out.
Re-writeable nonvolatile memory 110e is electrically connected to microprocessor unit 110a.In the present embodiment, re-writeable nonvolatile memory 110e is in order to store above-mentioned Data Labels.As stated, Data Labels is to be used for combining to produce the parameter that message is made a summary to be used as message summary generation unit 110d with the secure data that is write, so the data length of Data Labels does not need very big.Base this, re-writeable nonvolatile memory 110e does so that the override nonvolatile memory of 16 of tools (or 36) storage space is real in the present embodiment.
Though be not illustrated in present embodiment, controller 110 can comprise also that memory buffer (for example, static RAM), error correction module and power management module etc. are used to control the functional module of flash memory chip.
In addition, in another embodiment of the present invention, when flash memory storage system carry-on dish of 100 real conducts or solid state hard disc, flash memory system 100 also comprises connector (not illustrating), to connect a host computer system (for example, personal computer).Simultaneously, controller 110 also comprises the host interface module (not illustrating) that is electrically connected to microprocessor unit 110a, to receive and the identification instruction that host computer system was transmitted.That is to say; In flash memory storage system 100 real examples as carry-on dish or solid state hard disc, the instruction that host computer system transmitted and the data that connect flash memory storage system 100 can be sent to microprocessor unit 110a through connector and host interface module.For example, connector and host interface module can be respectively USB connector and USB interface, PCI Express connector and PCI Express interface, IEEE 1394 connectors and IEEE 1394 interfaces, SD connector and SD interface, MS connector and MS interface, MMC connector and MMC interface, SATA connector and SATA interface, PATA connector and PATA interface, CF connector and CF interface, IDE connector and ide interface or other connector and data transmission interfaces that is fit to accordingly.
Based on above-mentioned; According to the flash memory storage system 100 of the embodiment of the invention carry out secure data write running the time; Data Labels, message summary generation unit 110d that Data Labels generation unit 110c can produce the corresponding secure data that is write randomly can produce that message is made a summary and microprocessor unit 110a can make a summary secure data and message and be stored in the flash memory chip 120 according to secure data that is write and corresponding Data Labels, and the Data Labels that is produced is stored among the re-writeable nonvolatile memory 110e of controller 110.Afterwards; When flash memory storage system 100 carry out secure data read running the time; Microprocessor unit 110a can read secure data and the message summary that is stored in the flash memory chip 120 and read the Data Labels that is stored among the re-writeable nonvolatile memory 110e; And message summary generation unit 110d can produce comparison message summary according to secure data and the Data Labels that microprocessor unit 110a is read, and microprocessor unit 110a then can make a summary with the message that is read according to the comparison message summary that is calculated and confirm whether secure data is reliable thus.Below conjunction with figs. is specified the data guard method according to the embodiment of the invention.
Fig. 2 is the process flow diagram that illustrates data guard method according to the embodiment of the invention, and Fig. 3 is the synoptic diagram that illustrates the reliability of judging secure data according to the embodiment of the invention.
Please with reference to (a) of Fig. 2 and (a) of Fig. 3; When the microprocessor unit 110a of smart card chip 200 request controllers 110 (for example writes secure data in flash memory chip 120; Secure data SD1 shown in Figure 3) time; Can produce a random number randomly at the Data Labels generation unit 110c of step S201 middle controller 110 and can the Data Labels that produced be stored among the re-writeable nonvolatile memory 110e (for example, shown in Figure 3 Data Labels DT1) as the Data Labels of the secure data that correspondence write and microprocessor unit 110a.Specifically, Data Labels generation unit 110c can produce a different set of Data Labels at every turn randomly when writing (or renewal) secure data.
Then, microprocessor unit 110a can combine the secure data that is write and is sent to message summary generation unit 110d with the Data Labels that is produced in step S203.Afterwards, message summary generation unit 110d can use One-Way Hash Function to produce corresponding message summary according to secure data that is write and the Data Labels that is produced in step S205.
At last, microprocessor unit 110a can be stored to the message that produced summary in the flash memory chip 120 (for example, shown in Figure 3 message summary M1) in step S207.
Afterwards; When the smart card chip 200 that combines with flash memory system 100 (for example desires to read secure data; Secure data SD1 shown in Figure 3) time, please, can from flash memory chip 120, (for example read secure data at the microprocessor unit 110a of step S211 middle controller 110 with reference to Fig. 2 (b); Secure data SD1 shown in Figure 3) with message summary (for example, shown in Figure 3 message summary M1).
Then, the microprocessor unit 110a of step S213 middle controller 110 can be from re-writeable nonvolatile memory 110e reading of data sign (for example, shown in Figure 3 Data Labels DT1).
Afterwards; Microprocessor unit 110a can combine the secure data that is read and is sent to message summary generation unit 110d with the Data Labels that is read in step S215, and message summary generation unit 110d can use One-Way Hash Function produce comparison message summary and will compare message and make a summary and send microprocessor unit 110a to according to secure data that is received and Data Labels in step S217.
Can judge at the microprocessor unit 110a of step S219 middle controller 110 whether the message summary that is read is identical with the comparison message summary that message summary generation unit 110d is produced.
If in step S219; Microprocessor unit 110a judges that the comparison message of making a summary the message summary read and message generation unit 110d being produced makes a summary when identical, then normally sends secure data to smart card chip 200 at step S221 middle controller 110.
If in step S219; Microprocessor unit 110a judges that comparison message that the message summary read and message summary generation unit 110d are produced makes a summary when inequality; Then can transmit the caution message and give smart card chip 200, unlawfully altered to inform secure data at step S223 middle controller 110.For example; In reading (a) of Fig. 3 during secure data SD1; Because the comparison message summary that microprocessor unit 110a meeting secure data SD1 that basis for estimation read and Data Labels DT1 are calculated is to be same as the message summary M1 that is read, so controller 110 can normally send secure data to smart card chip 200.
Please with reference to (b) of Fig. 3; When the user used smart card to conclude the business, the controller of flash memory storage system 100 110 can be as the step of Fig. 2 (a) shown in be updated to the secure data SD1 in the flash memory chip 120 secure data SD2, produces Data Labels DT2 again and can override the Data Labels DT1 in the nonvolatile memory and produce new message summary M2 to replace message in the flash memory chip 120 M1 that makes a summary to replace.
Please with reference to (c) of Fig. 3; If carrying out hard copy (hard copy) with the secure data SD1 that is stored in the flash memory chip 120 shown in Fig. 3 (a) and message summary M1 before carrying out the transaction shown in (b) of Fig. 3, the user is stored in the flash memory chip 120 '; And after the transaction shown in (b) of Fig. 3, return when being stored in flash memory chip 120, then will to be altered be secure data SD1 and message before the concluding the business M1 that makes a summary to the secure data SD2 in the flash memory chip 120 and message summary M2.
Under the state of Fig. 3 (c), if the smart card chip reads when desiring to read secure data, the controller 110 of flash memory storage system 100 can as the step of Fig. 2 (b) calculate according to secure data SD1 and Data Labels DT2 and compare message and make a summary.At this moment; Because the summary of the message in the flash memory chip 120 M1 produces according to secure data SD1 and Data Labels DT1; Therefore the message summary M1 during the comparison message summary that is calculated according to secure data SD1 and Data Labels DT2 must be different from; Therefore controller 110 can transmit the caution messages and give smart card chip 200, is unlawfully altered (like the step S223 of Fig. 2 (b)) to inform secure data.
In another embodiment of the present invention, for avoiding former and later two Data Labelses the chance of collision (that is, identical) is arranged, in the step S201 of Fig. 2 (a), also be included in the Data Labels that is produced and produce Data Labels when identical again with former Data Labels.
In addition, the order of the said step of present embodiment Fig. 2 and non-limiting the present invention, those skilled in the art can come the real the present invention that does with the described order of non-present embodiment easily according to spirit of the present invention.
In sum; The present invention's real work one in the controller of flash memory storage system can override nonvolatile memory and store a Data Labels that belongs to random number, and produces the message summary that is used to verify according to this Data Labels and the secure data that is write.Therefore, when the data alteration person used the hard copy mode to refresh the secure data in the flash memory chip, controller can be made a summary according to the comparison message that Data Labels calculated and judged whether secure data is altered.Base this, can guarantee the reliability of storage security data in flash memory storage system effectively, can in the application that combines flash memory and smart card, effectively protect secure data thus.
Though the present invention with preferred embodiment openly as above; Right its is not that those skilled in the art are not breaking away from the spirit and scope of the present invention in order to qualification the present invention; When can doing a little change and retouching, so protection scope of the present invention is as the criterion when looking the appended claims person of defining.

Claims (19)

1. flash memory storage system comprises:
One controller has a re-writeable nonvolatile memory; And
One flash memory chip is electrically connected to this controller;
Wherein when this controller writes a secure data to this flash memory chip; Then this controller can with time of handling this secure data as to a Data Labels that should secure data, produce a corresponding message through an One-Way Hash Function according to this secure data that is write and this Data Labels that is produced and make a summary, this Data Labels is stored in this re-writeable nonvolatile memory and this corresponding message made a summary be stored in this flash memory chip, and
Wherein when this controller is handled this secure data from this flash memory chip; Then this controller can read this Data Labels from this re-writeable nonvolatile memory; Produce a comparison message summary through this One-Way Hash Function according to this secure data that is read and this Data Labels that is read; From this flash memory chip, read this corresponding message summary and judge whether this corresponding message summary is identical with this comparison message summary; And judge this corresponding message summary and this comparison message when this controller and make a summary when inequality that then this controller can be exported one and warn message.
2. flash memory storage system as claimed in claim 1, wherein this controller also comprises a Data Labels generation unit, this Data Labels generation unit is in order to produce this Data Labels.
3. flash memory storage system as claimed in claim 2, wherein this Data Labels generation unit produces this Data Labels randomly or in order.
4. flash memory storage system as claimed in claim 2, wherein this Data Labels generation unit produces this Data Labels according to the particular data that this controller received.
5. flash memory storage system as claimed in claim 1, wherein this controller also comprises message summary generation unit, this message summary generation unit uses this One-Way Hash Function to produce this message summary and this comparison message summary.
6. flash memory storage system as claimed in claim 1, wherein the capacity of this re-writeable nonvolatile memory of this controller is 16 or 32.
7. flash memory storage system as claimed in claim 1, wherein this One-Way Hash Function comprises MD5, SHA-256, SHA-386 or SHA-512.
8. flash memory storage system as claimed in claim 1 also comprises a connector, is electrically connected to this controller and in order to connect a host computer system.
9. a controller is applicable to the flash memory storage system with a flash memory chip, and this controller comprises:
One microprocessor unit;
One re-writeable nonvolatile memory is electrically connected to this microprocessor unit;
One Data Labels generation unit is electrically connected to this microprocessor unit;
One message summary generation unit is electrically connected to this microprocessor unit; And
One flash memory interface module is electrically connected to this microprocessor unit,
Wherein when this microprocessor unit writes a secure data to this flash memory chip; Then this Data Labels generation unit can with time of handling this secure data as to a Data Labels that should secure data, this message summary generation unit can through an One-Way Hash Function according to this secure data that is write and this Data Labels that is produced produce that a corresponding message is made a summary, this microprocessor unit can be stored in this Data Labels in this re-writeable nonvolatile memory and this corresponding message made a summary and be stored in this flash memory chip, and
Wherein when this microprocessor unit is handled this secure data from this flash memory chip; Then this microprocessor unit can read this Data Labels from this re-writeable nonvolatile memory, this message is made a summary, and generation unit can produce a comparison message summary through this One-Way Hash Function foundation this secure data that is read and this Data Labels that is read, this microprocessor unit can from this flash memory chip, read this corresponding message summary and whether this corresponding message of judgement makes a summary identical with this comparison message summary; And judge this corresponding message summary and this comparison message when this microprocessor unit and make a summary when inequality that then this microprocessor unit can be exported one and warn message.
10. controller as claimed in claim 9, wherein this Data Labels generation unit produces this Data Labels randomly or in order.
11. controller as claimed in claim 9, wherein this Data Labels generation unit produces this Data Labels according to the particular data that this microprocessor unit received.
12. controller as claimed in claim 9, wherein the capacity of this re-writeable nonvolatile memory of this controller is 16 or 32.
13. controller as claimed in claim 9, wherein this One-Way Hash Function comprises MD5, SHA-256, SHA-386 or SHA-512.
14. controller as claimed in claim 9 also comprises a host interface module, is electrically connected to this microprocessor unit and in order to connect a host computer system.
15. a data guard method, it is applicable to a secure data of protecting in the flash memory chip that is stored in a flash memory storage system, and this data guard method comprises:
Configuration one re-writeable nonvolatile memory in a controller of this flash memory storage system;
When writing this secure data to this flash memory chip, then with time of handling this secure data as to a Data Labels that should secure data, use an One-Way Hash Function to produce a corresponding message to make a summary, this Data Labels is stored in this re-writeable nonvolatile memory and this corresponding message made a summary be stored in this flash memory chip according to this secure data that is write and this Data Labels that is produced; And
When from this flash memory chip, reading this secure data; Then from this re-writeable nonvolatile memory, read this Data Labels, use this One-Way Hash Function to produce a comparison message summary, from this flash memory chip, read this corresponding message summary and judge whether this corresponding message summary is identical with this comparison message summary according to this secure data that is read and this Data Labels that is read
Wherein make a summary when inequality, then export one and warn message when this corresponding message summary and this comparison message.
16. data guard method as claimed in claim 15, the step that wherein this secure data is produced this corresponding Data Labels comprise randomly or produce this Data Labels in order.
17. data guard method as claimed in claim 15, wherein the step to this corresponding Data Labels of this secure data generation comprises that a particular data that receives according to this controller produces this Data Labels.
18. data guard method as claimed in claim 15, the configuration capacity of this re-writeable nonvolatile memory that wherein in this control of this flash memory storage system, is disposed is 16 or 32.
19. data guard method as claimed in claim 15, wherein this One-Way Hash Function comprises MD5, SHA-256, SHA-386 or SHA-512.
CN2008101782212A 2008-11-17 2008-11-17 Flash memory storage system, controller and data protection method Active CN101739757B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2008101782212A CN101739757B (en) 2008-11-17 2008-11-17 Flash memory storage system, controller and data protection method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2008101782212A CN101739757B (en) 2008-11-17 2008-11-17 Flash memory storage system, controller and data protection method

Publications (2)

Publication Number Publication Date
CN101739757A CN101739757A (en) 2010-06-16
CN101739757B true CN101739757B (en) 2012-11-21

Family

ID=42463196

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2008101782212A Active CN101739757B (en) 2008-11-17 2008-11-17 Flash memory storage system, controller and data protection method

Country Status (1)

Country Link
CN (1) CN101739757B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104238961B (en) * 2014-09-11 2018-03-02 北京元心科技有限公司 The method and apparatus that safety deleting is realized on flash media
CN112130921B (en) * 2020-09-30 2023-10-03 合肥沛睿微电子股份有限公司 Method for quickly recovering working state and electronic device
CN112506712B (en) * 2020-12-19 2024-06-21 苏州思立特尔半导体科技有限公司 Data protection method of MCU simulation EEPROM based on hard copy

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1395180A (en) * 2001-07-09 2003-02-05 大买家科技股份有限公司 File protection system using storage card and its method
CN1771484A (en) * 2004-11-19 2006-05-10 押切崇 Memory information protecting system, semiconductor memory, and method for protecting memory information
CN101051292A (en) * 2007-01-08 2007-10-10 中国信息安全产品测评认证中心 Reliable U disc, method for realizing reliable U disc safety and its data communication with computer
CN101059778A (en) * 2007-03-16 2007-10-24 北京天天宽广网络科技有限公司 General series bus interface mobile memory method and its device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1395180A (en) * 2001-07-09 2003-02-05 大买家科技股份有限公司 File protection system using storage card and its method
CN1771484A (en) * 2004-11-19 2006-05-10 押切崇 Memory information protecting system, semiconductor memory, and method for protecting memory information
CN101051292A (en) * 2007-01-08 2007-10-10 中国信息安全产品测评认证中心 Reliable U disc, method for realizing reliable U disc safety and its data communication with computer
CN101059778A (en) * 2007-03-16 2007-10-24 北京天天宽广网络科技有限公司 General series bus interface mobile memory method and its device

Also Published As

Publication number Publication date
CN101739757A (en) 2010-06-16

Similar Documents

Publication Publication Date Title
TWI405211B (en) Flash memory storage system, controller and data protecting method thereof
TWI393143B (en) Flash memory storage system, and controller and method for anti-falsifying data thereof
CN102037499B (en) NFC mobile communication device and NFC reader
EP1573466B1 (en) Enhancing data integrity and security in a processor-based system
CN110851886B (en) storage device
US20120331218A1 (en) Flash memory storage system, and controller and anti-falsifying method thereof
TWI454912B (en) Data processing method, memory controller and memory storage device
CN101739757B (en) Flash memory storage system, controller and data protection method
JP5119525B2 (en) Information processing device
CN103257938A (en) Data protection method, memory controller and memory storage device
CN101320355A (en) Memory device, storing card access apparatus and its read-write method
CN101673248A (en) Storage system, controller and data protection method
CN101751986B (en) Flash memory storing system and controller thereof, and data alteration resistant method
CN102651079A (en) IC (integrated circuit) card management method occupying memory space for a short time and IC card management system
US20080070629A1 (en) Method and mobile communication device for resuming a functioning of a subscriber identity module
JP5309252B2 (en) Information processing device
US20080232176A1 (en) Portable Information Terminal
US20140289874A1 (en) Integrated circuit (ic) chip and method of verifying data thereof
CN101470873A (en) Method for implementing interaction with intelligent memory card in multi-file read-write mode
CN102148054A (en) Flash memory storage system, controller of flash memory storage system and data falsification preventing method
US9208487B2 (en) Card transaction device and method thereof
JP2009129402A (en) Semiconductor device for ic card, ic card and terminal for ic card
CN102375698A (en) Method for assigning and transmitting data strings, memory controller and memory storage device
CN105809067A (en) Data access method and system as well as memory storage apparatus
JP2007206765A (en) Method of issuing ic card, ic card issuing system, and ic card

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20210323

Address after: Han Guojingjidao

Patentee after: Samsung Electronics Co.,Ltd.

Address before: Miaoli County, Taiwan, China

Patentee before: PHISON ELECTRONICS Corp.