CN110069934B - Memory storage system, host system verification method and memory storage device - Google Patents

Memory storage system, host system verification method and memory storage device Download PDF

Info

Publication number
CN110069934B
CN110069934B CN201810062088.8A CN201810062088A CN110069934B CN 110069934 B CN110069934 B CN 110069934B CN 201810062088 A CN201810062088 A CN 201810062088A CN 110069934 B CN110069934 B CN 110069934B
Authority
CN
China
Prior art keywords
host system
information
memory storage
storage device
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810062088.8A
Other languages
Chinese (zh)
Other versions
CN110069934A (en
Inventor
陈亮维
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Phison Electronics Corp
Original Assignee
Phison Electronics Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Phison Electronics Corp filed Critical Phison Electronics Corp
Priority to CN201810062088.8A priority Critical patent/CN110069934B/en
Publication of CN110069934A publication Critical patent/CN110069934A/en
Application granted granted Critical
Publication of CN110069934B publication Critical patent/CN110069934B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

An exemplary embodiment of the present invention provides a memory storage system, a host system authentication method and a memory storage device. In a first handshake operation, the memory storage device transmits first encryption information corresponding to the first authentication information to the host system, and the host system transmits second encryption information corresponding to the first authentication information to the memory storage device. In the second handshake operation, the memory storage device transmits third encryption information corresponding to the second authentication information to the host system, and the host system transmits fourth encryption information corresponding to the third authentication information to the memory storage device based on the third encryption information. The third authentication information is used to encrypt data transmitted between the host system and the memory storage device in a developer instruction transmission phase.

Description

Memory storage system, host system verification method and memory storage device
Technical Field
The present invention relates to an encryption communication technology, and in particular, to a memory storage system, a host system verification method, and a memory storage device.
Background
Digital cameras, mobile phones, and MP3 players have grown rapidly over the years, resulting in a rapid increase in consumer demand for storage media. Since a rewritable non-volatile memory module (e.g., a flash memory) has the characteristics of non-volatility, power saving, small volume, and no mechanical structure, it is very suitable for being built in various portable multimedia devices.
Before the memory storage device leaves the factory or when the memory storage device is sent back to the original factory for maintenance, a developer can use a developer tool provided by the original factory to issue a developer instruction to the memory storage device, so that the developer instruction can execute system updating operations such as parameter updating or firmware updating on the memory storage device. However, most memory storage devices only authenticate the developer tool of the host system with a simple password. Thus, once an attacker obtains this password, the attacker can easily impersonate a developer to tamper with the system parameters of the memory storage device or steal data.
Disclosure of Invention
The invention provides a memory storage system, a host system verification method and a memory storage device, which can enhance the verification capability of the memory storage device on the host system.
An exemplary embodiment of the present invention provides a memory storage system, which includes a host system and a memory storage device. The memory storage device is electrically connected to the host system. In a first handshake operation, the memory storage device is configured to transmit first encryption information corresponding to first authentication information to the host system, the host system is configured to transmit second encryption information corresponding to the first authentication information to the memory storage device, and the memory storage device verifies whether a second handshake operation can be performed by the host system using the second encryption information. In the second handshake operation, the memory storage device is configured to transmit third encryption information corresponding to second authentication information to the host system, the host system is configured to transmit fourth encryption information corresponding to third authentication information to the memory storage device based on the third encryption information, and the memory storage device verifies whether the host system can perform a developer instruction transmission phase using the fourth encryption information. The third authentication information is used to encrypt data transmitted between the host system and the memory storage device in the developer instruction transmission phase.
In an example embodiment of the present invention, before entering the first handshake operation, the host system is further configured to dynamically generate first key information and second key information corresponding to the first key information, and the host system is further configured to provide the first key information to the memory storage device.
In an example embodiment of the present invention, in the first handshake operation, the memory storage device is further configured to generate the first encryption information based on the first key information and the first authentication information, and the host system is further configured to generate the second encryption information based on the second key information and the first encryption information.
In an example embodiment of the present invention, in the first handshake operation, the memory storage device is further configured to generate first comparison information based on the first key information and the second encryption information, and the memory storage device is further configured to authenticate the host system according to the first authentication information and the first comparison information.
In an example embodiment of the present invention, in the second handshake operation, the memory storage device is further configured to generate the third encryption information based on the first key information and the second authentication information, and the host system is further configured to obtain the second authentication information based on the second key information and the third encryption information.
In an example embodiment of the present invention, in the second handshake operation, the host system is further configured to generate the third authentication information based on the second authentication information, and the host system is further configured to generate the fourth encryption information based on the second authentication information and the third authentication information.
In an example embodiment of the present invention, in the second handshake operation, the memory storage device is further configured to generate the third authentication information based on the second authentication information, and the memory storage device is further configured to generate second comparison information based on the third authentication information and the fourth encryption information. The memory storage device is further configured to authenticate the host system according to the second authentication information and the second comparison information.
In an exemplary embodiment of the present invention, the second handshake operation is performed after the host system passes the authentication of the first handshake operation.
In an exemplary embodiment of the invention, the developer command transmission phase is entered after the host system passes the verification of the first handshake operation and the second handshake operation.
In an example embodiment of the present invention, the host system includes a developer utility to perform the first and second handshake operations and to generate developer instructions in the developer instruction transmission phase, wherein the developer instructions are to instruct the memory storage device to perform system operations.
In an example embodiment of the present invention, the developer utility is launched via a developer utility loader, the developer utility is stored in a hidden storage area of the host system, and the developer utility loader is stored in an open storage area of the host system.
In an exemplary embodiment of the invention, the hidden storage area and the open storage area are both located in an external storage device, and the external storage device is electrically connected to the host system in a pluggable manner.
Another exemplary embodiment of the present invention provides a host system authentication method for a memory storage device, the host system authentication method including: transmitting first encryption information corresponding to first authentication information to a host system in a first handshake operation with the host system, receiving second encryption information corresponding to the first authentication information from the host system, and verifying whether a second handshake operation can be performed by the host system using the second encryption information; transmitting third encryption information corresponding to second authentication information to the host system, receiving fourth encryption information corresponding to third authentication information from the host system, and verifying whether the host system can perform a developer instruction transmission stage using the fourth encryption information in the second handshake operation with the host system; and in the developer instruction transmission phase, resolving the developer instruction received from the host computer system according to the third verification information.
In an exemplary embodiment of the invention, the host system authentication method further includes: storing first key information before entering the first handshake operation, wherein second key information corresponding to the first key information is stored at the host system.
In an exemplary embodiment of the invention, the host system authentication method further includes: in the first handshake operation, the first encryption information is generated based on the first key information and the first authentication information.
In an exemplary embodiment of the invention, the host system authentication method further includes: generating first comparison information based on the first key information and the second encryption information in the first handshake operation; and authenticating the host system according to the first authentication information and the first comparison information.
In an exemplary embodiment of the invention, the host system authentication method further includes: in the second handshake operation, the third encryption information is generated based on the first key information and the second authentication information.
In an exemplary embodiment of the invention, the host system authentication method further includes: generating the third authentication information based on the second authentication information in the second handshake operation; generating second comparison information based on the third verification information and the fourth encryption information; and verifying the host system according to the second verification information and the second comparison information.
In an exemplary embodiment of the invention, the first key information and the second key information belong to an asymmetric key pair.
Another exemplary embodiment of the present invention provides a memory storage device, which includes a connection interface unit, a rewritable nonvolatile memory module and a memory control circuit unit. The connection interface unit is used for electrically connecting to a host system. The rewritable nonvolatile memory module comprises a plurality of entity units. The memory control circuit unit is electrically connected to the connection interface unit and the rewritable nonvolatile memory module. The memory control circuit unit is configured to transmit first encryption information corresponding to first authentication information to the host system in a first handshake operation with the host system, receive second encryption information corresponding to the first authentication information from the host system, and verify whether a second handshake operation can be performed by the host system using the second encryption information. The memory control circuit unit is further configured to transmit third encryption information corresponding to second authentication information to the host system, receive fourth encryption information corresponding to the third authentication information from the host system, and verify whether the host system can perform a developer instruction transmission stage using the fourth encryption information in the second handshake operation with the host system. In the developer instruction transmission phase, the memory control circuit unit is further configured to parse a developer instruction received from the host system according to the third verification information.
In an exemplary embodiment of the invention, before entering the first handshake operation, the memory control circuit unit is further configured to store first key information, and second key information corresponding to the first key information is stored in the host system.
In an example embodiment of the present invention, in the first handshake operation, the memory control circuit unit is further configured to generate the first encryption information based on the first key information and the first authentication information.
In an example embodiment of the present invention, in the first handshake operation, the memory control circuit unit is further configured to generate first comparison information based on the first key information and the second encryption information and authenticate the host system according to the first authentication information and the first comparison information.
In an example embodiment of the present invention, in the second handshake operation, the memory control circuit unit is further configured to generate the third encryption information based on the first key information and the second authentication information.
In an exemplary embodiment of the invention, in the second handshake operation, the memory control circuit unit is further configured to generate the third verification information based on the second verification information. The memory control circuit unit is further configured to generate second comparison information based on the third verification information and the fourth encryption information and verify the host system according to the second verification information and the second comparison information.
In an exemplary embodiment of the invention, the first key information and the second key information belong to an asymmetric key pair.
In an example embodiment of the present invention, the set of instructions used by the host system to communicate with the memory storage device in the developer instruction transmission phase is different from the set of instructions used by the host system to communicate with the memory storage device in the general instruction transmission phase.
In an exemplary embodiment of the present invention, the third encryption information uses an encryption algorithm having a higher protection strength for data than the encryption algorithm used with the fourth encryption information.
Another exemplary embodiment of the present invention provides a memory storage device, which includes a connection interface unit, a rewritable nonvolatile memory module, and a memory control circuit unit. The connection interface unit is used for electrically connecting to a host system. The rewritable nonvolatile memory module comprises a plurality of entity units. The memory control circuit unit is electrically connected to the connection interface unit and the rewritable nonvolatile memory module. The memory control circuit unit is used for verifying the host system according to first verification information in a first handshake operation with the host system. The memory control circuit unit is further configured to authenticate the host system according to second authentication information in a second handshake operation with the host system. In the developer instruction transmission phase, the memory control circuit unit is used for analyzing the developer instruction received from the host computer system according to the third verification information. The first verification information, the second verification information and the third verification information are different from each other.
Based on the above, the memory storage device can authenticate the host system in at least two handshake operations through different authentication information, and the information transmitted in the handshake operations is encrypted. Furthermore, the memory storage device and the host system can exchange authentication information used for encrypting and/or parsing developer instructions in a developer instruction transmission stage through the handshake operation, thereby enhancing the authentication capability of the memory storage device to the host system.
In order to make the aforementioned and other features and advantages of the invention more comprehensible, embodiments accompanied with figures are described in detail below.
Drawings
FIG. 1 is a diagram illustrating a host system, a memory storage device, and an input/output (I/O) device according to an example embodiment of the invention.
FIG. 2 is a diagram illustrating a host system, a memory storage device and an I/O device according to another example embodiment of the invention.
FIG. 3 is a diagram illustrating a host system and a memory storage device according to another exemplary embodiment of the invention.
FIG. 4 is a schematic block diagram of a memory storage device according to an exemplary embodiment of the present invention.
FIG. 5 is a schematic block diagram of a memory control circuit unit according to an exemplary embodiment of the present invention.
FIG. 6 is a diagram illustrating a management of a rewritable nonvolatile memory module according to an exemplary embodiment of the present invention.
FIG. 7 is a diagram illustrating a storage medium of a host system according to an exemplary embodiment of the invention.
FIG. 8 is a timing diagram illustrating the operation of the preparation phase of the host system authentication method according to an exemplary embodiment of the present invention.
Fig. 9 is a timing diagram illustrating a first handshake operation of a host system authentication method according to an exemplary embodiment of the invention.
Fig. 10 is a timing diagram illustrating an operation of a second handshake operation of the host system authentication method according to an exemplary embodiment of the invention.
FIG. 11 is a timing diagram illustrating operation of a developer command transmission phase of a host system verification method according to an exemplary embodiment of the invention.
FIG. 12 is a schematic diagram of a memory storage system according to an exemplary embodiment of the invention.
FIG. 13 is a schematic diagram of a memory storage system according to another example embodiment of the invention.
Description of the reference numerals
10. 30, 1210, 1310 (1) to 1310 (N): a memory storage device;
11. 31, 1211, 1301, 1311 (1) to 1311 (N): a host system;
110: a system bus;
111: a processor;
112: a random access memory;
113: a read-only memory;
114: a data transmission interface;
12: an input/output (I/O) device;
20: a main board;
201: a USB flash disk;
202: a memory card;
203: a solid state disk;
204: a wireless memory storage device;
205: a global positioning system module;
206: a network interface card;
207: a wireless transmission device;
208: a keyboard;
209: a screen;
210: a horn;
32: an SD card;
33: a CF card;
34: an embedded storage device;
341: an embedded multimedia card;
342: an embedded multi-chip package storage device;
402: a connection interface unit;
404: a memory control circuit unit;
406: a rewritable non-volatile memory module;
502: a memory management circuit;
504: a host interface;
506: a memory interface;
508: an error checking and correcting circuit;
510: a buffer memory;
512: a power management circuit;
513. 514: a verification circuit;
601: a storage area;
602: a replacement area;
610 (0) to 610 (B): an entity unit;
612 (0) to 612 (C): a logic unit;
710: a storage medium;
711: hiding the storage area;
712: an open storage area;
721: a hardware encryption module;
722: an identity verification module;
723: a developer tool program;
731: a developer tool loader;
s801: step (PbKey and PvKey are dynamically generated);
s802: step (provide PbKey);
s803: step (storing PbKey);
s901: step (start developer tool program);
s902: a step (informing the execution of a first handshake operation);
s903: step (generate Cert dynamically);
s904: a step (generating CI1 based on PbKey and Cert);
s905: a step (transmitting CI 1);
s906: a step (generating CI2 based on the PvKey and the CI 1);
s907: a step (transmitting CI 2);
s908: step (generating Cert' based on PbKey and CI 2);
s909: step (comparing Cert with Cert');
s1001: a step (informing the execution of the second handshake operation);
s1002: step (dynamic generation of RNs);
s1003, carrying out: a step (generating CI3 based on PbKey and RN);
s1004: a step (transmitting CI 3);
s1005: step (obtaining RN based on Pvkey and CI 3);
s1006: step (SKey generation based on RN);
s1007: step (SKey generation based on RN);
s1008: a step (generating CI4 based on RN and SKey);
s1009: a step (transmitting CI 4);
s1010: step (RN' is generated based on SKey and CI 4);
s1011: step (comparing RN and RN');
s1101: step (encryption of developer instructions according to SKey);
s1102: step (transmitting encrypted developer instructions);
s1103: step (parsing encrypted developer instructions according to SKey);
1200. 1300, and (2): an external storage device.
Detailed Description
Generally, a memory storage device (also referred to as a memory storage system) includes a rewritable non-volatile memory module (rewritable non-volatile memory module) and a controller (also referred to as a control circuit). Typically, memory storage devices are used with a host system so that the host system can write data to or read data from the memory storage devices.
FIG. 1 is a diagram illustrating a host system, a memory storage device, and an input/output (I/O) device according to an example embodiment of the invention. FIG. 2 is a diagram illustrating a host system, a memory storage device, and an I/O device according to another example embodiment of the present invention.
Referring to fig. 1 and 2, the host system 11 generally includes a processor 111, a Random Access Memory (RAM) 112, a Read Only Memory (ROM) 113, and a data transmission interface 114. The processor 111, the random access memory 112, the read only memory 113, and the data transmission interface 114 are all electrically connected to a system bus (system bus) 110.
In the present exemplary embodiment, the host system 11 is electrically connected to the memory storage device 10 through the data transmission interface 114. For example, host system 11 may store data to memory storage device 10 or read data from memory storage device 10 via data transfer interface 114. In addition, the host system 11 is electrically connected to the I/O device 12 via the system bus 110. For example, the host system 11 may transmit output signals to the I/O device 12 or receive input signals from the I/O device 12 via the system bus 110.
In the present exemplary embodiment, the processor 111, the random access memory 112, the read only memory 113 and the data transmission interface 114 can be disposed on the motherboard 20 of the host system 11. The number of data transmission interfaces 114 may be one or more. The motherboard 20 can be electrically connected to the memory storage device 10 through the data transmission interface 114 in a wired or wireless manner. The memory storage device 10 may be, for example, a usb disk 201, a memory card 202, a Solid State Drive (SSD) 203, or a wireless memory storage device 204. The wireless memory storage device 204 can be a memory storage device based on various wireless Communication technologies, such as Near Field Communication (NFC) memory storage device, wireless facsimile (WiFi) memory storage device, bluetooth (Bluetooth) memory storage device, or Bluetooth low energy memory storage device (e.g., iBeacon). In addition, the motherboard 20 may also be electrically connected to various I/O devices such as a Global Positioning System (GPS) module 205, a network interface card 206, a wireless transmission device 207, a keyboard 208, a screen 209, a speaker 210, and the like through the System bus 110. For example, in an exemplary embodiment, the motherboard 20 may access the wireless memory storage device 204 via the wireless transmission device 207.
In an exemplary embodiment, the host system referred to is substantially any system that can cooperate with a memory storage device to store data. Although the host system is described as a computer system in the above exemplary embodiment, fig. 3 is a schematic diagram of a host system and a memory storage device according to another exemplary embodiment of the invention. Referring to fig. 3, in another exemplary embodiment, the host system 31 may also be a Digital camera, a video camera, a communication device, an audio player, a video player, or a tablet computer, and the memory storage device 30 may be various non-volatile memory storage devices such as a Secure Digital (SD) card 32, a Compact Flash (CF) card 33, or an embedded storage device 34. The embedded memory device 34 includes embedded Multi-Media Card (eMMC) 341 and/or embedded Multi-Chip Package (eMCP) memory device 342, which electrically connects the memory module directly to the embedded memory device on the substrate of the host system.
FIG. 4 is a schematic block diagram of a memory storage device according to an exemplary embodiment of the present invention.
Referring to fig. 4, the memory storage device 10 includes a connection interface unit 402, a memory control circuit unit 404 and a rewritable nonvolatile memory module 406.
The connection interface unit 402 is used to electrically connect the memory storage device 10 to the host system 11. In the exemplary embodiment, connection interface unit 402 is compatible with the Serial Advanced Technology Attachment (SATA) standard. However, it should be understood that the present invention is not limited thereto, and the connection interface unit 402 may also be compliant with Parallel Advanced Technology Attachment (PATA) standard, institute of Electrical and Electronics Engineers (IEEE) 1394 standard, high-Speed Peripheral Component connection interface (PCI Express) standard, universal Serial Bus (USB) standard, SD interface standard, ultra High Speed-I (UHS-I) interface standard, ultra High Speed-II (UHS-II) interface standard, memory Stick (Memory Stick, MS) interface standard, MCP interface standard, MMC interface standard, eMMC interface standard, universal Flash Storage interface (media Storage, cp interface), CF interface, device interface (Flash interface, integrated Electronics standard, or other integration standard. The connection interface unit 402 may be packaged with the memory control circuit unit 404 in a chip, or the connection interface unit 402 may be disposed outside a chip including the memory control circuit unit 404.
The memory control circuit unit 404 is used for executing a plurality of logic gates or control commands implemented in a hardware type or a firmware type and performing operations such as writing, reading and erasing data in the rewritable nonvolatile memory module 406 according to commands of the host system 11.
The rewritable nonvolatile memory module 406 is electrically connected to the memory control circuit unit 404 and is used for storing data written by the host system 11. The rewritable non-volatile memory module 406 may be a Single Level Cell (SLC) NAND flash memory module (i.e., a flash memory module capable of storing 1 bit in one memory Cell), a Multi-Level Cell (MLC) NAND flash memory module (i.e., a flash memory module capable of storing 2 bits in one memory Cell), a multiple Level Cell (TLC) NAND flash memory module (i.e., a flash memory module capable of storing 3 bits in one memory Cell), other flash memory modules, or other memory modules with the same characteristics.
Each memory cell in the rewritable nonvolatile memory module 406 stores one or more bits with a change in voltage (hereinafter also referred to as a threshold voltage). Specifically, there is a charge trapping layer between the control gate (control gate) and the channel of each memory cell. By applying a write voltage to the control gate, the amount of electrons in the charge trapping layer can be varied, thereby varying the threshold voltage of the memory cell. This operation of changing the threshold voltage of the memory cell is also referred to as "writing data to the memory cell" or "programming" the memory cell. As the threshold voltage changes, each memory cell in the rewritable non-volatile memory module 406 has a plurality of memory states. The read voltage is applied to determine which memory state a memory cell belongs to, thereby obtaining one or more bits stored by the memory cell.
In the exemplary embodiment, the memory cells of the rewritable nonvolatile memory module 406 form a plurality of physical programming cells, and the physical programming cells form a plurality of physical erasing cells. Specifically, the memory cells on the same word line constitute one or more physically programmed cells. If each memory cell can store more than 2 bits, the physical program cells on the same word line can be classified into at least a lower physical program cell and an upper physical program cell. For example, the Least Significant Bit (LSB) of a cell belongs to the lower physical program cell, and the Most Significant Bit (MSB) of a cell belongs to the upper physical program cell. Generally, in the MLC NAND flash memory, the writing speed of the lower physical program cell is faster than that of the upper physical program cell, and/or the reliability of the lower physical program cell is higher than that of the upper physical program cell.
In the present exemplary embodiment, the physical program cell is a programmed minimum cell. That is, the physical programming unit is the smallest unit for writing data. For example, the physical programming unit is a physical page (page) or a physical fan (sector). If the physical programming units are physical pages, the physical programming units usually include a data bit region and a redundancy (redundancy) bit region. The data bit region includes a plurality of physical sectors for storing user data, and the redundant bit region stores system data (e.g., management data such as error correction codes). In the present exemplary embodiment, the data bit region includes 32 physical fans, and the size of one physical fan is 512-bit group (B). However, in other example embodiments, the data bit region may also include 8, 16, or a greater or lesser number of physical fans, and the size of each physical fan may also be greater or lesser. On the other hand, a physically erased cell is the smallest unit of erase. That is, each physically erased cell contains one of the minimum number of memory cells that are erased. For example, the physical erase unit is a physical block (block).
FIG. 5 is a schematic block diagram of a memory control circuit unit according to an exemplary embodiment of the present invention.
Referring to fig. 5, the memory control circuit unit 404 includes a memory management circuit 502, a host interface 504, and a memory interface 506.
The memory management circuit 502 is used to control the overall operation of the memory control circuit unit 404. Specifically, the memory management circuit 502 has a plurality of control commands, and the control commands are executed to write, read, and erase data during operation of the memory storage device 10. When the operation of the memory management circuit 502 is explained below, it is equivalent to the operation of the memory control circuit unit 404.
In the exemplary embodiment, the control instructions of the memory management circuit 502 are implemented in firmware. For example, the memory management circuit 502 has a microprocessor unit (not shown) and a read only memory (not shown), and the control instructions are burned into the read only memory. When the memory storage device 10 is in operation, the control commands are executed by the microprocessor unit to perform operations such as writing, reading, and erasing data.
In another exemplary embodiment, the control instructions of the memory management circuit 502 may also be stored in the form of program code in a specific area of the rewritable non-volatile memory module 406 (e.g., a system area dedicated to storing system data in the memory module). Further, the memory management circuit 502 has a microprocessor unit (not shown), a read only memory (not shown), and a random access memory (not shown). In particular, the read-only memory has a boot code (BOOT code), and when the memory control circuit unit 404 is enabled, the microprocessor unit executes the boot code to load the control instructions stored in the rewritable nonvolatile memory module 406 into the RAM of the memory management circuit 502. Then, the microprocessor unit operates the control commands to perform data writing, reading, erasing, and the like.
In addition, in another exemplary embodiment, the control instruction of the memory management circuit 502 can also be implemented in a hardware type. For example, the memory management circuit 502 includes a microcontroller, a memory cell management circuit, a memory write circuit, a memory read circuit, a memory erase circuit, and a data processing circuit. The memory unit management circuit, the memory writing circuit, the memory reading circuit, the memory erasing circuit and the data processing circuit are electrically connected to the microcontroller. The memory cell management circuit is used for managing memory cells or groups thereof of the rewritable nonvolatile memory module 406. The memory write circuit is configured to issue a write command sequence to the rewritable nonvolatile memory module 406 to write data into the rewritable nonvolatile memory module 406. The memory reading circuit is used for issuing a reading instruction sequence to the rewritable nonvolatile memory module 406 to read data from the rewritable nonvolatile memory module 406. The memory erasing circuit is used for issuing an erasing command sequence to the rewritable nonvolatile memory module 406 so as to erase data from the rewritable nonvolatile memory module 406. The data processing circuit is used for processing data to be written into the rewritable nonvolatile memory module 406 and data read from the rewritable nonvolatile memory module 406. The write command sequence, the read command sequence, and the erase command sequence may respectively include one or more program codes or command codes and instruct the rewritable nonvolatile memory module 406 to perform corresponding operations of writing, reading, and erasing. In an example embodiment, the memory management circuit 502 may issue other types of command sequences to the rewritable nonvolatile memory module 406 to instruct the corresponding operations to be performed.
The host interface 504 is electrically connected to the memory management circuit 502 and is used for receiving and recognizing commands and data transmitted by the host system 11. That is, commands and data sent from the host system 11 are sent to the memory management circuit 502 through the host interface 504. In the exemplary embodiment, host interface 504 is compatible with the SATA standard. However, it should be understood that the present invention is not limited thereto, and the host interface 504 may be compatible with the PATA standard, the IEEE 1394 standard, the PCI Express standard, the USB standard, the SD standard, the UHS-I standard, the UHS-II standard, the MS standard, the MMC standard, the eMMC standard, the UFS standard, the CF standard, the IDE standard, or other suitable data transfer standard.
The memory interface 506 is electrically connected to the memory management circuit 502 and is used for accessing the rewritable nonvolatile memory module 406. That is, data to be written to the rewritable nonvolatile memory module 406 is converted into a format accepted by the rewritable nonvolatile memory module 406 through the memory interface 506. Specifically, if the memory management circuit 502 wants to access the rewritable nonvolatile memory module 406, the memory interface 506 transmits a corresponding instruction sequence. For example, the command sequences may include a write command sequence for indicating data to be written, a read command sequence for indicating data to be read, an erase command sequence for indicating data to be erased, and corresponding command sequences for indicating various memory operations (e.g., changing read voltage levels or performing garbage collection operations, etc.). The instruction sequences are generated by the memory management circuit 502 and transmitted to the rewritable nonvolatile memory module 406 through the memory interface 506, for example. The sequence of instructions may include one or more signals, or data, on a bus. These signals or data may include instruction code or program code. For example, the read command sequence includes read identification codes, memory addresses, and other information.
In an exemplary embodiment, the memory control circuitry 404 further includes error checking and correction circuitry 508, buffer memory 510, and power management circuitry 512.
The error checking and correcting circuit 508 is electrically connected to the memory management circuit 502 and is used for performing error checking and correcting operations to ensure the correctness of data. Specifically, when the memory management circuit 502 receives a write command from the host system 11, the error checking and correcting circuit 508 generates an Error Correcting Code (ECC) and/or an Error Detecting Code (EDC) for data corresponding to the write command, and the memory management circuit 502 writes the data corresponding to the write command and the corresponding ECC and/or EDC into the rewritable nonvolatile memory module 406. Thereafter, when the memory management circuit 502 reads data from the rewritable nonvolatile memory module 406, the error correction code and/or the error check code corresponding to the data are simultaneously read, and the error checking and correcting circuit 508 performs error checking and correcting operations on the read data according to the error correction code and/or the error check code.
The buffer memory 510 is electrically connected to the memory management circuit 502 and is used for temporarily storing data and instructions from the host system 11 or data from the rewritable nonvolatile memory module 406. The power management circuit 512 is electrically connected to the memory management circuit 502 and is used for controlling the power of the memory storage device 10.
In an exemplary embodiment, the memory control circuit unit 404 further includes verification circuits 513 and 514. The verification circuits 513 and 514 are electrically connected to the memory management circuit 502 and support encryption and decryption of data. In the exemplary embodiment, the verification circuit 513 uses an asymmetric (asymmetric) Encryption algorithm such as RSA, and the verification circuit 514 uses a symmetric Encryption algorithm such as Advanced Encryption Standard (AES). However, in another exemplary embodiment, both verification circuits 513 and 514 may support other types of encryption algorithms, as long as verification circuits 513 and 514 employ different encryption algorithms. In addition, in another exemplary embodiment, the verification circuits 513 and 514 may also be disposed inside the memory management circuit 502 or implemented in a software/firmware manner.
FIG. 6 is a diagram illustrating a management of a rewritable nonvolatile memory module according to an example embodiment of the present invention.
Referring to fig. 6, the memory management circuit 502 logically groups the physical units 610 (0) -610 (B) of the rewritable nonvolatile memory module 406 into the storage area 601 and the replacement area 602. The physical units 610 (0) -610 (a) in the storage area 601 are used for storing data, and the physical units 610 (a + 1) -610 (B) in the replacement area 602 are used for replacing damaged physical units in the storage area 601. For example, if the data read from a physical unit contains too many errors to be corrected, the physical unit is considered as a damaged physical unit. It should be noted that if there are no available physical erase units in the replacement area 602, the memory management circuit 502 may declare the entire memory storage device 10 to be in a write protected (write protect) state, and no more data can be written.
In the present exemplary embodiment, each physical unit refers to a physical erase unit. However, in another exemplary embodiment, a physical unit may also refer to a physical address, a physical programming unit, or be composed of a plurality of continuous or discontinuous physical addresses. The memory management circuit 502 configures the logic units 612 (0) -612 (C) to map the physical units 610 (0) -610 (a) in the memory area 601. In the present exemplary embodiment, each logical unit refers to a logical address. However, in another exemplary embodiment, a logic cell may also refer to a logic program cell, a logic erase cell or be composed of a plurality of continuous or discontinuous logic addresses. Further, each of the logical units 612 (0) -612 (C) may be mapped to one or more physical units.
In the present exemplary embodiment, the memory management circuit 502 records the mapping relationship between the logical units and the physical units (also referred to as logical-physical address mapping relationship) in at least one logical-physical address mapping table. When the host system 11 is going to read data from the memory storage device 10 or write data to the memory storage device 10, the memory management circuit 502 can perform data access operations with respect to the memory storage device 10 according to the logical-to-physical address mapping table.
In the present exemplary embodiment, the host system 11 is installed with a developer tool, and the host system 11 can issue a developer command to the memory storage device 10 through the developer tool to instruct the memory storage device 10 to perform a specific system operation. It should be noted that before the memory storage device 10 receives the developer command, the memory storage device 10 verifies the host system 11 through at least two handshake operations to determine whether the host system 11 is a legitimate owner of the developer tool and/or whether the host system 11 uses a legitimate developer tool.
In the exemplary embodiment, the handshake operations used to authenticate the host system 11 include a first handshake operation and a second handshake operation. The second handshake operation is performed after the host system 11 passes the authentication of the first handshake operation. After the host system 11 passes the verification of the first handshake operation and the second handshake operation, in the developer command transmission phase, the host system 11 may transmit a developer command to the memory storage device 10, and the memory storage device 10 may transmit data corresponding to the developer command to the host system 11. However, in another exemplary embodiment, the handshake operations to authenticate the host system 11 may also include more handshake operations as long as the memory storage device 10 can authenticate the host system 11 through such handshake operations. In addition, in an exemplary embodiment, the developer tool and at least a portion of the data used for the handshake operation are stored in the storage medium of the host system 11 in a hidden manner to avoid direct access (e.g., copying to other devices) by an attacker.
FIG. 7 is a diagram illustrating a storage medium of a host system according to an exemplary embodiment of the invention. Referring to fig. 7, in the exemplary embodiment, host system 11 includes a storage medium 710. The storage medium 710 may be an external storage device (e.g., a usb flash drive or an external hard drive) that is electrically connected to the host system 11 in a pluggable manner, or a storage circuit belonging to the host system 11. The storage medium 710 has a hidden storage area 711 and a public storage area 712. The hidden storage area 711 stores a hardware encryption module 721, an authentication module 722, and a developer utility 723. The public storage area 712 stores a developer tool loader 731.
In the present exemplary embodiment, the hidden storage area 711 and the public storage area 712 are preset to be hidden. In the hidden state, the user cannot access the hidden storage area 711 and the public storage area 712 through the file system of the host system 11. The authentication module 722 stores authentication information. For example, the authentication information includes a preset account and a preset password. In the present exemplary embodiment, the authentication module 722 may receive the identity information input by the user through the signal input device of the host system 11 and authenticate the input identity information based on the authentication information. For example, the authentication module 722 may compare the account number input by the user with a predetermined account number and compare the password input by the user with a predetermined password. If the account number input by the user is the same as the preset account number and the password input by the user is the same as the preset password, the authentication module 722 may un-hide the public storage area 712. Otherwise, if the account number input by the user is different from the preset account number and/or the password input by the user is different from the preset password, the authentication module 722 maintains the public storage area 712 in a hidden state.
After the public storage area 712 is un-hidden, the user can access the public storage area 712 via the logical address corresponding to the public storage area 712 in the file system of the host system 11. Further, after un-hiding the public storage area 712, the developer tool loader 731 may be launched. It should be noted that the hidden storage area 711 is always kept hidden and cannot be accessed by the user regardless of whether the user inputs the correct identification information. However, in another exemplary embodiment, the storage medium 710 may not employ a hiding mechanism, does not preset the public storage area 712 to be hidden, or employs another verification mechanism to un-hide the public storage area 712, and the invention is not limited thereto. The host system authentication method of the present invention will be described below with reference to fig. 5 and 7 in conjunction with fig. 8 to 11.
FIG. 8 is a timing diagram illustrating the operation of the preparation phase of the host system authentication method according to an exemplary embodiment of the present invention. Referring to fig. 7 and 8, the preparation stage of the host system authentication method includes steps S801 to S803. In step S801, the hardware cryptographic module 721 can dynamically generate the key information PbKey (also referred to as the first key information) and PvKey (also referred to as the second key information) according to a basic information. In an example embodiment, the basic information may be authentication information stored by the authentication module 722. However, in another exemplary embodiment, the basic information may be a dynamically generated random number or other data, and the invention is not limited thereto.
In this exemplary embodiment, the hardware encryption module 721 generates the key information PbKey and PvKey by using a public-key encryption (public-key encryption) algorithm based on the basic information, so that the key information PbKey and PvKey belong to an asymmetric key pair. For example, the key information PbKey is a public key of an asymmetric key pair, and the key information PvKey is a private key of the asymmetric key pair. However, in another exemplary embodiment, the hardware encryption module 721 may also use other types of encryption algorithms to generate the key information PbKey and PvKey or use a symmetric key encryption algorithm to generate a key information for verification, and the invention is not limited thereto.
In step S802, the host system 11 provides the generated key information PbKey to the memory storage device 10. The key information PvKey is stored in the hidden memory area 711. In step S803, the memory storage device 10 stores the key information PbKey. For example, the key information PbKey may be stored in the rewritable nonvolatile memory module 406 of fig. 4. Thus, the preparation phase of the host system authentication method is completed. Thereafter, once the developer tool loader 731 is booted, a first handshake operation of a host system authentication method may be entered.
Fig. 9 is a timing diagram illustrating a first handshake operation of a host system authentication method according to an example embodiment of the invention. Referring to fig. 5, 7 and 9, the first handshake operation of the host system authentication method may include steps S901 to S909. In step S901, the developer utility loader 731 of the host system 11 starts the developer utility program 723 in the hidden storage area 711. In step S902, the host system 11 (e.g., the activated developer tool 723) may send notification information to the memory storage device 10 to notify the memory storage device 10 to start performing the first handshake operation.
In step S903, the memory storage device 10 dynamically generates authentication information Cert (also referred to as first authentication information). For example, the authentication information Cert may be one-time authentication information generated by the memory management circuit 502. In step S904, the memory storage device 10 generates encryption information CI1 (also referred to as first encryption information) based on the key information PbKey and the authentication information Cert. For example, the verification circuit 513 may encrypt the verification information Cert using an RSA encryption algorithm based on the key information PbKey to generate the encrypted information CI1. In step S905, the memory storage device 10 transmits the encryption information CI1 to the host system 11.
In step S906, the host system 11 receives the encrypted information CI1 and generates encrypted information CI2 (also referred to as second encrypted information) based on the key information PvKey and the encrypted information CI1. For example, the developer tool 723 may decrypt the encrypted information CI1 using an RSA encryption algorithm based on the key information PvKey to obtain the authentication information Cert. Then, the developer tool 723 can encrypt the obtained authentication information Cert using an RSA encryption algorithm based on the key information PvKey to generate encrypted information CI2. In step S907, the host system 11 transfers the encryption information CI2 to the memory storage device 10.
In step S908, the memory storage device 10 generates comparison information Cert' (also referred to as first comparison information) based on the key information PbKey and the encryption information CI2. For example, the verification circuit 513 may decrypt the encrypted information CI2 using an RSA encryption algorithm based on the key information PbKey to generate comparison information Cert'. Then, the memory storage device 10 authenticates the host system 11 according to the authentication information Cert and the comparison information Cert'. For example, in step S909, the memory management circuit 502 compares the verification information Cert with the comparison information Cert'. If the verification information Cert is the same as the comparison information Cert', it indicates that the key information PvKey used by the host system 11 and the key information PbKey used by the memory storage device 10 are matched, so that the memory management circuit 502 can determine that the host system 11 passes the verification of the first handshake operation. On the contrary, if the verification information Cert is different from the comparison information Cert', it indicates that the key information PvKey used by the host system 11 and the key information PbKey used by the memory storage device 10 are not matched, so that the memory management circuit 502 may determine that the host system 11 fails the verification of the first handshake operation. If the host system 11 passes the authentication of the first handshake operation, the memory management circuit 502 allows entry into a second handshake operation of the host system authentication method. Conversely, if the host system 11 fails the authentication of the first handshake operation, the memory management circuit 502 does not allow entry into the second handshake operation of the host system authentication method. In other words, in the first handshake operation, the memory management circuit 502 uses the encryption information CI2 to verify whether the host system 11 can perform the second handshake operation.
Fig. 10 is a timing diagram illustrating a second handshake operation of the host system authentication method according to an example embodiment of the present invention. Referring to fig. 5, 7 and 10, the second handshake operation of the host system authentication method may include steps S1001 to S1011. In step S1001, the host system 11 notifies the memory storage device 10 to perform the second handshake operation. For example, the developer tool 723 may transmit an authentication request to the memory storage device 10.
Upon receiving this authentication request, the memory storage device 10 dynamically generates authentication information RN (also referred to as second authentication information) in step S1002. For example, the verification information RN may be one-time verification information generated by the memory management circuit 502. In step S1003, the memory storage device 10 generates encryption information CI3 (also referred to as third encryption information) based on the key information PbKey and the authentication information RN. For example, the authentication circuit 513 may encrypt the authentication information RN using an RSA encryption algorithm based on the key information PbKey to generate the encrypted information CI3. In step S1004, the memory storage device 10 transmits the encryption information CI3 to the host system 11.
In step S1005, the host system 11 receives the encrypted information CI3 and obtains the authentication information RN based on the key information PvKey and the encrypted information CI3. For example, the developer tool 723 can decrypt the encrypted information CI3 using an RSA encryption algorithm based on the key information PvKey to obtain the authentication information RN. In step S1006, the host system 11 generates authentication information SKey (also referred to as third authentication information) based on the authentication information RN. For example, the developer tool 723 may dynamically generate a one-time authentication information SKey based on the authentication information RN and a key parameter.
In another exemplary embodiment, after generating the verification information RN, in step S1007, the memory storage device 10 generates the verification information SKey based on the verification information RN. For example, the memory management circuit 502 may dynamically generate the one-time authentication information SKey based on the authentication information RN and a key parameter. It should be noted that, in the present exemplary embodiment, the host system 11 and the memory storage device 10 use the same authentication information RN and the same key parameter to generate the authentication information SKey, so the generated authentication information SKey is also the same. This authentication information SKey can be used to encrypt data transmitted between the host system 11 and the memory storage device 10 in a subsequent developer instruction transmission phase.
In step S1008, the host system 11 generates cryptographic information CI4 (also referred to as fourth cryptographic information) based on the authentication information RN and the authentication information SKey. For example, the developer utility 723 may encrypt the authentication information RN using the AES encryption algorithm based on the authentication information SKey to generate the encryption information CI4. In step S1009, the host system 11 transfers the encryption information CI4 to the memory storage device 10.
Upon receiving the cryptographic information CI4, the memory storage device 10 generates comparison information RN' (also referred to as second comparison information) based on the authentication information SKey and the cryptographic information CI4 in step S1010. For example, the verification circuit 514 may decrypt the encrypted information CI4 using the AES encryption algorithm based on the verification information SKey to generate the comparison information RN'. Then, the memory storage device 10 authenticates the host system 11 according to the authentication information RN and the comparison information RN'. For example, in step S1011, the memory management circuit 502 compares the verification information RN with the comparison information RN'. If the verification information RN is the same as the comparison information RN', it indicates that the key information PvKey used by the host system 11 and the key information PbKey used by the memory storage device 10 are matched, and the host system 11 and the memory storage device 10 use the same verification information SKey, so that the memory management circuit 502 can determine that the host system 11 passes the verification of the second handshake operation. On the contrary, if the verification information RN is different from the comparison information RN', it indicates that the key information PvKey used by the host system 11 and the key information PbKey used by the memory storage device 10 are not matched with each other, and/or the host system 11 and the memory storage device 10 do not use the same verification information SKey, so the memory management circuit 502 may determine that the host system 11 fails to verify the second handshake operation. If the host system 11 passes the verification of the second handshake operation, the memory management circuit 502 allows entry into the developer's command transmission phase of the host system verification method. On the contrary, if the host system 11 fails the verification of the second handshake operation, the memory management circuit 502 does not allow the developer's instruction transmission phase of the host system verification method to be entered. In other words, in the second handshake operation, the memory management circuit 502 uses the encryption information CI4 to verify whether the host system 11 can execute (or enter) the developer instruction transmission phase.
FIG. 11 is a timing diagram illustrating operation of a developer command transmission phase of the host system verification method according to an exemplary embodiment of the invention. Referring to fig. 5, 7 and 11, the developer command transmission stage of the host system verification method may include steps S1101 to S1103. In step S1101, the host system 11 encrypts the developer instruction according to the authentication information SKey. For example, the developer utility 723 may dynamically generate one or more developer instructions, and the generated developer instructions may be used to instruct the memory storage device 10 to perform particular system operations. The developer tool 723 may encrypt the developer instruction using an AES encryption algorithm based on the authentication information SKey. In step S1102, the host system 11 transmits the encrypted developer instruction to the memory storage device 10.
In step S1103, the memory storage device 10 receives the encrypted developer instruction and parses the encrypted developer instruction from the authentication information SKey. For example, the validation circuit 514 may decrypt the encrypted developer instructions using an AES encryption algorithm based on the validation information SKey. According to the decrypted developer command, the memory management circuit 502 may perform system operations such as system parameter update, firmware update, or returning specific information to the host system 11. In addition, in another exemplary embodiment of fig. 11, the verification circuit 514 of the memory storage device 10 may also use the verification information SKey to encrypt the data to be transmitted to the host system 11, and the developer tool 723 of the host system 11 may also use the same verification information SKey to decrypt the data from the memory storage device 10, which is not described herein.
From another perspective, in the first handshake operation as in fig. 9, the memory storage device 10 verifies the validity of the host system 11 according to the verification information Cert; in the second handshake operation as shown in fig. 10, the memory storage device 10 verifies the validity of the host system 11 according to the verification information RN. Further, in the developer instruction transmission phase as in fig. 11, the memory storage device 10 parses the developer instruction received from the host system 11 according to the authentication information SKey. In particular, the authentication information Cert, the authentication information RN and the authentication information SKey are different from each other. For example, the authentication information Cert, RN and SKey are respectively one-time random numbers generated in corresponding operations/stages.
It should be noted that although the RSA encryption algorithm and the AES encryption algorithm are mainly used as examples of encryption/decryption in the foregoing exemplary embodiment, in another exemplary embodiment, the encryption algorithms used in the first handshake operation, the second handshake operation and the developer instruction transmission stage may use the same or different algorithms, which may be adjusted according to practical requirements, and the invention is not limited thereto. In an exemplary embodiment, the encryption algorithm (e.g., RSA) used by the encryption information CI3 (i.e., the third encryption information) has a higher protection strength for the data than the encryption algorithm (e.g., AES) used by the encryption information CI4 (i.e., the fourth encryption information), but the present invention is not limited thereto. In an exemplary embodiment, the encryption algorithm and the data protection strength used by different encryption information can be adjusted according to the practical requirements.
In an exemplary embodiment, the instruction set used by the host system 11 to communicate with the memory storage device 10 in the developer instruction transmission phase is different from the instruction set used by the host system 11 to communicate with the memory storage device 10 in the general instruction transmission phase. For example, in the developer command transmission phase, the host system 11 uses a specific command set (also referred to as a developer command set) to issue a developer command indicating system operation such as system parameter update, firmware update, or returning specific information to the host system 11; in the general command transmission phase, the host system 11 uses the general command set to issue general data access commands such as data reading, writing and erasing to instruct the memory storage device 10 to perform corresponding data access operations. In an exemplary embodiment, the generic instruction transfer phase may be entered without verification by the first handshake operation and/or the second handshake operation. For example, in an exemplary embodiment, after the connection between the host system 11 and the memory storage device 10 is established, the general command transmission phase may be automatically enabled, and the host system 11 may transmit the general data access command in the general command transmission phase.
FIG. 12 is a schematic diagram of a memory storage system according to an exemplary embodiment of the invention. Referring to fig. 12, in the present exemplary embodiment, the external storage device 1200 is the same as or similar to the storage medium 710 of fig. 7. After the external memory device 1200 is electrically connected to the host system 1211, the host system 1211 may perform the first handshake operation between the external memory device 1200 and the memory storage device 1210. If the host system 1211 passes the verification of the first handshake operation, the host system 1211 may further perform a second handshake operation through the external storage device 1200 and the memory storage device 1210. If the host system 1211 also passes the verification of the second handshake operation, the host system 1211 may further perform an encryption communication with the memory storage device 1210 through the external storage device 1200 in the developer command transmission stage to transmit the developer command.
FIG. 13 is a schematic diagram of a memory storage system according to another example embodiment of the invention. Referring to fig. 13, in the exemplary embodiment, an external storage device 1300 is the same as or similar to the storage medium 710 of fig. 7. After electrically connecting the external storage device 1300 to the host system 1301, the host system 1301 may download the developer tool stored in the external storage device 1300 to the host systems 1311 (1) -1311 (N). Meanwhile, the host system 1301 may provide information (e.g., key information PvKey, etc.) at least partially used for the aforementioned first and second handshake operations in the external storage device 1300 to the host systems 1311 (1) to 1311 (N). Information from the host system 1301 (or the external storage device 1300) may be temporarily stored in the buffer memory of the host systems 1311 (1) to 1311 (N). Thus, the host systems 1311 (1) to 1311 (N) can respectively perform the operations as shown in fig. 9 to 11 with the memory storage devices 1310 (1) to 1310 (N) according to the developer tool programs in the respective buffer memories, which is not described herein. For example, the example embodiment of FIG. 13 may be a scenario that describes the production or repair of memory storage devices 1310 (1) -1310 (N) at the production site.
In summary, the memory storage device can authenticate the host system in at least two handshake operations through different authentication information, and the information transmitted in the handshake operations is encrypted. Furthermore, the memory storage device and the host system can exchange the authentication information used for encrypting and/or parsing the developer instructions in the developer instruction transmission stage through the handshake operation, thereby enhancing the authentication capability of the memory storage device to the host system and reducing the probability that an attacker successfully uses an unauthorized developer program to modify the parameters of the memory storage device or steal the data in the memory storage device.
Although the present invention has been described with reference to the above embodiments, it should be understood that the invention is not limited to the embodiments, and various changes and modifications can be made by those skilled in the art without departing from the spirit and scope of the invention.

Claims (32)

1. A memory storage system, comprising:
a host system; and
a memory storage device electrically connected to the host system,
wherein in a first handshake operation, the memory storage device is to transmit first encryption information corresponding to first authentication information to the host system, the host system is to transmit second encryption information corresponding to the first authentication information to the memory storage device, and the memory storage device authenticates the host system based on the first authentication information and the second encryption information and allows the host system to perform a second handshake operation after the host system passes authentication in the first handshake operation,
wherein in the second handshake operation, the memory storage device is configured to transmit third encryption information corresponding to second authentication information to the host system, the host system is configured to receive the third encryption information and transmit fourth encryption information corresponding to third authentication information to the memory storage device based on the third encryption information, and the memory storage device authenticates the host system based on the second authentication information and the fourth encryption information, and after the host system passes authentication in the second handshake operation, allows the host system to enter a developer instruction transmission phase,
wherein the third authentication information is generated based on the second authentication information and used to encrypt data transmitted between the host system and the memory storage device in the developer instruction transmission phase.
2. The memory storage system of claim 1, wherein prior to entering the first handshake operation, the host system is further configured to dynamically generate first key information and second key information corresponding to the first key information, and the host system is further configured to provide the first key information to the memory storage device.
3. The memory storage system of claim 2, wherein in the first handshake operation, the memory storage device is also to generate the first encryption information based on the first key information and the first authentication information, and the host system is also to generate the second encryption information based on the second key information and the first encryption information.
4. The memory storage system of claim 3, wherein in the first handshake operation, the memory storage device is also to generate first comparison information based on the first key information and the second encryption information, and the memory storage device is also to authenticate the host system according to the first authentication information and the first comparison information.
5. The memory storage system of claim 2, wherein in the second handshake operation, the memory storage device is also to generate the third encryption information based on the first key information and the second authentication information, and the host system is also to obtain the second authentication information based on the second key information and the third encryption information.
6. The memory storage system of claim 5, wherein in the second handshake operation, the host system is also to generate the third authentication information based on the second authentication information, and the host system is also to generate the fourth encryption information based on the second authentication information and the third authentication information.
7. The memory storage system of claim 6, wherein in the second handshake operation, the memory storage device is also to generate the third authentication information based on the second authentication information, and the memory storage device is also to generate second comparison information based on the third authentication information and the fourth encryption information,
wherein the memory storage device is further configured to authenticate the host system according to the second authentication information and the second comparison information.
8. The memory storage system of claim 2, wherein the first key information and the second key information belong to an asymmetric key pair.
9. The memory storage system of claim 1, wherein the host system comprises a developer utility to perform the first and second handshake operations and to generate developer instructions in the developer instruction transmission phase, wherein the developer instructions are to instruct the memory storage device to perform system operations.
10. The memory storage system of claim 9, wherein the developer utility is launched via a developer utility loader, the developer utility is stored in a hidden storage area of the host system, and the developer utility loader is stored in an open storage area of the host system.
11. The memory storage system of claim 10, wherein the hidden storage area and the open storage area are both located in an external storage device, and the external storage device is pluggable and electrically connected to the host system.
12. The memory storage system of claim 1, wherein a set of instructions used by the host system to communicate with the memory storage device in the developer command transfer phase is different from a set of instructions used by the host system to communicate with the memory storage device in a general command transfer phase.
13. The memory storage system according to claim 1, wherein a protection strength of data by an encryption algorithm used for the third encryption information is higher than a protection strength of the data by an encryption algorithm used for the fourth encryption information.
14. A host system authentication method for a memory storage device, the host system authentication method comprising:
transmitting first encryption information corresponding to first authentication information to a host system in a first handshake operation with the host system, receiving second encryption information corresponding to the first authentication information from the host system, and authenticating the host system based on the first authentication information and the second encryption information, and allowing the host system to perform a second handshake operation after the host system passes authentication in the first handshake operation;
in the second handshake operation with the host system, transmitting third encryption information corresponding to second authentication information to the host system and generating third authentication information based on the second authentication information, receiving fourth encryption information corresponding to the third authentication information from the host system, and authenticating the host system based on the second authentication information and the fourth encryption information, and after the host system passes authentication in the second handshake operation, allowing the host system to enter a developer instruction transmission phase; and
in the developer instruction transmission phase, the developer instruction received from the host computer system is analyzed according to the third verification information.
15. The host system authentication method of claim 14, further comprising:
storing first key information before entering the first handshake operation, wherein second key information corresponding to the first key information is stored at the host system.
16. The host system authentication method of claim 15, further comprising:
in the first handshake operation, the first encryption information is generated based on the first key information and the first authentication information.
17. The host system authentication method of claim 16, further comprising:
generating first comparison information based on the first key information and the second encryption information in the first handshake operation; and
and authenticating the host system according to the first authentication information and the first comparison information.
18. The host system authentication method of claim 15, further comprising:
in the second handshake operation, the third encryption information is generated based on the first key information and the second authentication information.
19. The host system authentication method of claim 14, further comprising:
generating second comparison information based on the third verification information and the fourth encryption information in the second handshake operation; and
and verifying the host system according to the second verification information and the second comparison information.
20. The host system authentication method of claim 15, wherein the first key information and the second key information belong to an asymmetric key pair.
21. The host system authentication method of claim 14, wherein a set of instructions used by the host system to communicate with the memory storage device in the developer command transmission phase is different from a set of instructions used by the host system to communicate with the memory storage device in a general command transmission phase.
22. The host system authentication method according to claim 14, wherein a strength of protection of data by an encryption algorithm used for the third encryption information is higher than a strength of protection of the data by an encryption algorithm used for the fourth encryption information.
23. A memory storage device, comprising:
the connection interface unit is used for electrically connecting to a host system;
a rewritable non-volatile memory module, wherein the rewritable non-volatile memory module comprises a plurality of entity units; and
a memory control circuit unit electrically connected to the connection interface unit and the rewritable nonvolatile memory module,
wherein the memory control circuit unit is configured to transmit first encryption information corresponding to first authentication information to the host system in a first handshake operation with the host system, receive second encryption information corresponding to the first authentication information from the host system, and authenticate the host system based on the first authentication information and the second encryption information, and allow the host system to perform a second handshake operation after the host system passes authentication in the first handshake operation,
wherein the memory control circuit unit is further configured to, in the second handshake operation with the host system, transmit third encryption information corresponding to second authentication information to the host system and generate third authentication information based on the second authentication information, receive fourth encryption information corresponding to the third authentication information from the host system and authenticate the host system based on the second authentication information and the fourth encryption information, and after the host system passes authentication in the second handshake operation, allow the host system to enter a developer instruction transmission phase,
wherein in the developer instruction transmission phase, the memory control circuitry unit is further configured to parse a developer instruction received from the host system according to the third verification information.
24. The memory storage device of claim 23, wherein prior to entering the first handshake operation, the memory control circuitry is further to store first key information, and second key information corresponding to the first key information is stored at the host system.
25. The memory storage device of claim 24, wherein in the first handshake operation, the memory control circuitry unit is also to generate the first encryption information based on the first key information and the first authentication information.
26. The memory storage device of claim 25, wherein in the first handshake operation, the memory control circuitry unit is further to generate first comparison information based on the first key information and the second encryption information and to authenticate the host system according to the first authentication information and the first comparison information.
27. The memory storage device of claim 24, wherein in the second handshake operation, the memory control circuitry unit is also to generate the third encryption information based on the first key information and the second authentication information.
28. The memory storage device of claim 23, wherein in the second handshake operation, the memory control circuitry unit is further configured to generate second alignment information based on the third authentication information and the fourth encryption information and authenticate the host system according to the second authentication information and the second alignment information.
29. The memory storage device of claim 24, wherein the first key information and the second key information belong to an asymmetric key pair.
30. The memory storage device of claim 23, wherein a set of instructions used by the host system to communicate with the memory storage device in the developer command transfer phase is different than a set of instructions used by the host system to communicate with the memory storage device in a general command transfer phase.
31. The memory storage device of claim 23, wherein the third encryption information uses an encryption algorithm that has a higher protection strength for data than an encryption algorithm used with the fourth encryption information.
32. A memory storage device, comprising:
the connection interface unit is used for electrically connecting to a host system;
a rewritable non-volatile memory module, wherein the rewritable non-volatile memory module comprises a plurality of entity units; and
a memory control circuit unit electrically connected to the connection interface unit and the rewritable nonvolatile memory module,
wherein the memory control circuitry unit is to authenticate the host system according to first authentication information in a first handshake operation with the host system,
wherein the memory control circuit unit is further configured to authenticate the host system according to second authentication information in a second handshake operation with the host system after the host system passes authentication in the first handshake operation,
wherein the memory control circuit unit is configured to parse a developer instruction received from the host system according to third authentication information generated based on the second authentication information in a developer instruction transmission phase after the host system passes authentication in the second handshake operation,
wherein the first verification information, the second verification information, and the third verification information are different from each other.
CN201810062088.8A 2018-01-23 2018-01-23 Memory storage system, host system verification method and memory storage device Active CN110069934B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810062088.8A CN110069934B (en) 2018-01-23 2018-01-23 Memory storage system, host system verification method and memory storage device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810062088.8A CN110069934B (en) 2018-01-23 2018-01-23 Memory storage system, host system verification method and memory storage device

Publications (2)

Publication Number Publication Date
CN110069934A CN110069934A (en) 2019-07-30
CN110069934B true CN110069934B (en) 2022-12-13

Family

ID=67364826

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810062088.8A Active CN110069934B (en) 2018-01-23 2018-01-23 Memory storage system, host system verification method and memory storage device

Country Status (1)

Country Link
CN (1) CN110069934B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113378216A (en) * 2021-05-29 2021-09-10 深圳市得一微电子有限责任公司 eMMC control method, system and storage medium thereof

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200627325A (en) * 2005-01-19 2006-08-01 Lightuning Tech Inc Storage device and method for protecting data stored therein
TW201333701A (en) * 2012-02-10 2013-08-16 Phison Electronics Corp Data protecting method, memory controller and memory storage device
CN103257938A (en) * 2012-02-21 2013-08-21 群联电子股份有限公司 Data protection method, memory controller and memory storage device
CN103427984A (en) * 2012-05-24 2013-12-04 三星电子株式会社 Apparatus for generating secure key using device ID and user authentication information
CN104346103A (en) * 2013-08-09 2015-02-11 群联电子股份有限公司 Instruction executing method, memory controller and memory storage device
CN104573537A (en) * 2013-10-11 2015-04-29 群联电子股份有限公司 Data processing method, memory storage device and memory control circuit unit

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9092635B2 (en) * 2006-03-31 2015-07-28 Gemalto Sa Method and system of providing security services using a secure device
DE102007000589B9 (en) * 2007-10-29 2010-01-28 Bundesdruckerei Gmbh Method for protecting a chip card against unauthorized use, chip card and chip card terminal
US8806572B2 (en) * 2009-05-30 2014-08-12 Cisco Technology, Inc. Authentication via monitoring
GB201119747D0 (en) * 2011-11-15 2011-12-28 Fxi Technologies As Portable storage devices for electronic devices
TWI447580B (en) * 2012-04-03 2014-08-01 Phison Electronics Corp Memory space managing method, and memory controller and memory storage device using the same
US10127055B2 (en) * 2015-10-16 2018-11-13 Quanta Computer Inc. iSCSI based bare metal OS image deployment and diskless boot

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200627325A (en) * 2005-01-19 2006-08-01 Lightuning Tech Inc Storage device and method for protecting data stored therein
TW201333701A (en) * 2012-02-10 2013-08-16 Phison Electronics Corp Data protecting method, memory controller and memory storage device
CN103257938A (en) * 2012-02-21 2013-08-21 群联电子股份有限公司 Data protection method, memory controller and memory storage device
CN103427984A (en) * 2012-05-24 2013-12-04 三星电子株式会社 Apparatus for generating secure key using device ID and user authentication information
CN104346103A (en) * 2013-08-09 2015-02-11 群联电子股份有限公司 Instruction executing method, memory controller and memory storage device
CN104573537A (en) * 2013-10-11 2015-04-29 群联电子股份有限公司 Data processing method, memory storage device and memory control circuit unit

Also Published As

Publication number Publication date
CN110069934A (en) 2019-07-30

Similar Documents

Publication Publication Date Title
TWI641966B (en) Memory storage system, host system authentication method and memory storage device
US8589669B2 (en) Data protecting method, memory controller and memory storage device
US11736276B2 (en) Delegation of cryptographic key to a memory sub-system
TWI688965B (en) Data writing method, memory control circuit unit and memory storage device
US20130080787A1 (en) Memory storage apparatus, memory controller and password verification method
JP7101318B2 (en) Data attestation in memory
US11683155B2 (en) Validating data stored in memory using cryptographic hashes
US11928192B2 (en) Vendor unique command authentication system, and a host device, storage device, and method employing the same
CN110069934B (en) Memory storage system, host system verification method and memory storage device
JP2022526934A (en) Validation of memory commands based on blockchain
US20210243035A1 (en) Multi-factor authentication enabled memory sub-system
CN113448488B (en) Data transfer method and memory storage device
TWI829250B (en) Signature verification method, memory storage device and memory control circuit unit
CN115599407B (en) Firmware burning method, firmware burning system and memory storage device
CN112416240B (en) Data writing method, memory control circuit unit and memory storage device
CN115238321A (en) Signature verification method, memory storage device and memory control circuit unit
KR20240071464A (en) Computing device, storage device and operating method thereof for providing merkletree-based credentials
CN115408729A (en) Vendor independent facility for a provisioning application to access a secure memory device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant