WO2008009040A1 - Procédé et agencement de protection de données - Google Patents

Procédé et agencement de protection de données Download PDF

Info

Publication number
WO2008009040A1
WO2008009040A1 PCT/AU2007/000941 AU2007000941W WO2008009040A1 WO 2008009040 A1 WO2008009040 A1 WO 2008009040A1 AU 2007000941 W AU2007000941 W AU 2007000941W WO 2008009040 A1 WO2008009040 A1 WO 2008009040A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
address
memory
location identifier
location
Prior art date
Application number
PCT/AU2007/000941
Other languages
English (en)
Inventor
Brian Johnson
David Airlie
David Spicer
Original Assignee
Stargames Corporation Pty Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2006903862A external-priority patent/AU2006903862A0/en
Application filed by Stargames Corporation Pty Limited filed Critical Stargames Corporation Pty Limited
Publication of WO2008009040A1 publication Critical patent/WO2008009040A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography

Definitions

  • This invention relates to a method and arrangement for protecting data and software in a memory.
  • the invention is applicable to storage protection generally, and can be used to with various memory types including flash memory and disc memory.
  • the invention can be applied in circumstances where the integrity of the data in a mass storage device must be ensured.
  • Electronic gaming machines are one such application, where regulations require high standards of data integrity.
  • ROM does not provide sufficient storage capacity at a viable cost.
  • physical authentication for such large amounts of data is difficult.
  • AU758204 discloses a casino game data set stored in ROM and a signature which are encrypted from an original message digest computed from the original computer game dataset, an unalterable read only memory device storing a message digest computing program corresponding to the original message digest computing program used to compute the original message digest, and a decryption program and decryption key corresponding to the encryption program and encryption key used to prepare the encrypted signature of the original message digest.
  • the message digest is produced using a hash function. This involves a computation that produces a fixed size string of bits (a hash value) from a variable sized digital input. Where the hash value is difficult to invert, the hash function is called a message digest function, and the result is known as a message digest.
  • a message digest is unique to the variable sized data set from which it was derived.
  • AU758204 transfers part of the game data to another memory and subjects it to a one-way hash function to produce a message digest, decrypts a previously generated and encrypted message, and compares the two message digests.
  • the address of the location of data stored in a memory is not necessarily tied to its physical location. Physical data storage is divided into blocks. When data is stored, data blocks are assigned addresses and the physical location of the data block is mapped against the address to enable the operating system to retrieve the data from the data map. In flash memories, when a block of data is changed, it is written to a different block and the address is remapped to identify the location of the new data. The map is used by the computer operating system to locate the required blocks of data.
  • the invention proposes to protect data from unauthorized access by altering the address of one or more data blocks.
  • the addresses may be altered according to a reversible process such as tabular translation, algorithm etc.
  • the reversible process is protected by encryption.
  • a decryption key can be provided to enable the reversible process to be used by the system to determine the correct address.
  • the decryption key can be a public key.
  • the invention provides a method of rearranging the location of at least some of the data blocks relative to corresponding ostensible location identifiers associated with each block.
  • the data has an ostensible location identifier, which can be, for example, the location identifier assigned by a memory management system, and an actual location identifier which identifies where the data is stored.
  • a concordance is provided between the ostensible location and the actual location.
  • data is stored in memory in association with location identifiers which identify the location of the data on the storage medium.
  • location identifiers which identify the location of the data on the storage medium.
  • the table can also be encrypted.
  • the invention provides a method of protecting stored data in a memory having a plurality of blocks of data, each block being stored at a location associated with a corresponding location identifier, the method including the steps of : preparing an address concordance including a first address table corresponding to first location identifiers of the data and a second address table including second location identifiers; each second location identifier being associated with a first location identifier, wherein one or more of the second location identifiers is changed to differ from its associated first location identifier.
  • the invention also provides a method of protecting data stored in a memory, the method including the steps of: providing an address concordance having a first list of first location identifiers and a second list of second location identifiers; at least one location identifier in the second list of identification identifiers; each second location identifier being associated with a first location identifier; at least one second location identifier differing from its associated first location identifier; and storing data in accordance with the second list of identification identifiers.
  • the invention also provides a method of protecting data by altering the location identification of one or more blocks of the data according to a known algorithm or known pattern.
  • the algorithm or pattern can be encrypted.
  • the second address list can be encrypted.
  • the address concordance can be encrypted.
  • the memory can be a flash memory.
  • the identification identifier can be implicit.
  • a digital signature can be added to the concordance.
  • An overall checksum can be associated with the data.
  • a block checksum can be associated with at least one block of data.
  • a block checksum can be associated with each block of data.
  • the overall checksum can be formed by the addition of the block checksums.
  • the invention also provides a method of writing the data to the memory blocks in accordance with the concordance. [032] The data can be written in accordance with the actual location identifiers.
  • the invention also provides a protected memory arrangement including a memory in which data is stored in blocks, each block having an ostensible location identifier, the data blocks being stored in the memory at locations identified by actual location identifiers, each actual location identifier being associated with an ostensible location identifier, wherein at least one actual location identifier differs from its associated location identifier.
  • Figure 1 is a block diagram representing some of the functional elements of a computer controlled gaming machine
  • Figure 2 is a conceptual diagram illustrating the principle of the invention
  • Figure 3 illustrates the layout of data in memory
  • Figure 4 illustrates the rearrangement of some blocks of data in a memory.
  • Figure 5 is a flow diagram illustrating an embodiment of an operation implementing the address shifting method.
  • Figure 6 illustrates a data retrieval operation
  • Figure 1 is a conceptual block diagram illustrating a computer controlled apparatus such as an electronic gaming machine.
  • a processor 102 is connected to a memory 104, a boot ROM 106, and bus 110 via a bridge 108. Other devices such as peripherals 1 12, disk 114, and compact flash memory port 118 may be connected to the bus.
  • a compact flash memory 116 is connectable to the compact flash port 118 and includes data stored in blocks.
  • a mapping table identifying the ostensible addresses of the data blocks is also stored in the compact flash memory 1 16, In accordance with the invention, one or more of the addresses are altered so that they do not indicate true address of the associated data. In one embodiment, the changed addresses can indicate blank or unused blocks.
  • the addresses to be changed can be chosen to provide a high degree of security by preventing access to critical data associated with those addresses.
  • FIG. 2 illustrates the concept of the invention.
  • Data Dj to D n is stored in blocks 208 of data store 204.
  • the notional addresses of the data blocks Ai to A n are shown in column 206, so that the address subscripts would normally correspond with the data with the same subscript.
  • the addresses of the data blocks have been changed by the use of an algorithm or other suitable means. For the purposes of illustration in this example, it is assumed that the data addresses of the data have been inverted, so that address Ai points to data the data D n , and so on, so that A n points to Di.
  • the invention provides a means for reversing the address changes to enable access to the correct data.
  • This is illustrated conceptually in Figure 2 by the address conversion table 202 which is illustrated with a first column of addresses 210, and a corresponding second set of addresses 212.
  • the first column of addresses 210 corresponds to the address from which the system is seeking to retrieve the data. However, because the addresses have been changed, it is necessary to convert these addresses to actual addresses where the required data is stored. Thus, the address in column 212 is substituted for the address in column 1, and the correct data can be retrieved using the address in column 212.
  • Figure 2 illustrates a lookup table to provide the correct address
  • the address can be changed by the use of a first algorithm
  • the correct address can be derived from the changed address by a second algorithm which reverses the change produced by the first algorithm.
  • the first algorithm may add a certain number to the address, and the second algorithm can then deduct that number to provide the correct address.
  • the means to reverse the address changes is encrypted.
  • the addresses can be implicit.
  • Figure 3 shows a memory map which is arranged in an ordered sequence.
  • Figure 4 shows a memory map which has been changed in accordance with an embodiment of the invention.
  • Figure 5 is a flow diagram illustrating an operation implementing the address shifting method embodying the invention.
  • BIOS or operating system initially verifies the disk at 502.
  • the operating system searches for the encrypted remapping table at 504.
  • the operating system then reads the encrypted remapping table and decrypts it at 506.
  • the remapping table of Figure 4 is an example of the decrypted remapping table.
  • the decrypted table is then verified at 508 and, if it fails, the operating system stops processing at 510.
  • the operating system stores the table for use in the reading process at 512.
  • Figure 6 illustrates a data retrieval operation
  • the operating system requests disk sector read from device driver at
  • the read request is directed to sector 3 at 604, which is translated using the remapping table to 24124 at 606, i.e., the third row of the remapping table in Figure 4 and read at 608. [061] Where ever it is used, the word "comprising" is to be understood in its

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne la protection de données contre un accès non autorisé par modification de l'adresse d'un ou plusieurs bloc(s) de données. Les adresses peuvent être modifiées suivant un processus réversible (traduction tabulaire, algorithme, entre autres). Le processus réversible est protégé par chiffrement. Une clé de déchiffrement peut être fournie pour permettre au système d'utiliser le processus réversible afin de déterminer l'adresse correcte.
PCT/AU2007/000941 2006-07-18 2007-07-09 Procédé et agencement de protection de données WO2008009040A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AU2006903862A AU2006903862A0 (en) 2006-07-18 A method and arrangement for protecting data
AU2006903862 2006-07-18

Publications (1)

Publication Number Publication Date
WO2008009040A1 true WO2008009040A1 (fr) 2008-01-24

Family

ID=38956416

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2007/000941 WO2008009040A1 (fr) 2006-07-18 2007-07-09 Procédé et agencement de protection de données

Country Status (1)

Country Link
WO (1) WO2008009040A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001067218A1 (fr) * 2000-03-08 2001-09-13 Shuffle Master, Inc. Chiffrement dans un systeme informatique securise de jeux de hasard
WO2005069288A1 (fr) * 2004-01-19 2005-07-28 Trek 2000 International Ltd. Dispositif d'enregistrement de donnees portable comprenant une table de mise en correspondance d'adresses memoire
US20070028121A1 (en) * 2005-07-29 2007-02-01 Hsiang-Chi Hsieh Method of protecting confidential data using non-sequential hidden memory blocks for mass storage devices

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001067218A1 (fr) * 2000-03-08 2001-09-13 Shuffle Master, Inc. Chiffrement dans un systeme informatique securise de jeux de hasard
WO2005069288A1 (fr) * 2004-01-19 2005-07-28 Trek 2000 International Ltd. Dispositif d'enregistrement de donnees portable comprenant une table de mise en correspondance d'adresses memoire
US20070028121A1 (en) * 2005-07-29 2007-02-01 Hsiang-Chi Hsieh Method of protecting confidential data using non-sequential hidden memory blocks for mass storage devices

Similar Documents

Publication Publication Date Title
JP3810425B2 (ja) 改竄検出用データ生成方法、および改竄検出方法及び装置
US8356178B2 (en) Method and apparatus for authenticated data storage
US7260727B2 (en) Method for secure storage of sensitive data in a memory of an embedded microchip system, particularly a smart card, and embedded system implementing the method
US7444480B2 (en) Processor, memory device, computer system, and method for transferring data
US4319079A (en) Crypto microprocessor using block cipher
JP5175856B2 (ja) セキュアデバイス・システムにおけるフラッシュメモリ・ブロックの保護と方法
CN101946252B (zh) 信息处理装置及其控制方法
CN1740991B (zh) 使用地址比特来发送地址空间中数据安全属性的信号的系统和方法
US6345360B1 (en) Apparatus method and computer readable storage medium with recorded program for managing files with alteration preventing/detecting functions
CN101178759B (zh) 可信设备集成电路和对其中的存储器件进行虚拟化的方法
US20130117577A1 (en) Secure Memory Transaction Unit
US20110208979A1 (en) Method and Apparatus for Implementing Secure and Selectively Deniable File Storage
US20080212770A1 (en) Key Information Generating Method and Device, Key Information Updating Method, Tempering Detecting Method and Device, and Data Structure of Key Information
US20020073326A1 (en) Protect by data chunk address as encryption key
KR20140018410A (ko) 무결성 검사 및 리플레이 공격들에 대한 보호를 이용하는 메모리 암호화를 위한 방법 및 장치
US20030061494A1 (en) Method and system for protecting data on a pc platform using bulk non-volatile storage
EP0849658A2 (fr) Méthode et système de traitement de données sûr
US20090019290A1 (en) Method and central processing unit for processing encrypted software
KR20140051350A (ko) 디지털 서명 권한자 의존형 플랫폼 기밀 생성 기법
CN100547598C (zh) 基于对称密钥加密保存和检索数据
CN1279458C (zh) 数据加密/解密方法及其装置
US20240078323A1 (en) Counter tree
CN107563226A (zh) 一种存储器控制器、处理器模块及密钥更新方法
US20080046760A1 (en) Storage device for storing encrypted data and control method thereof
WO2008009040A1 (fr) Procédé et agencement de protection de données

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07763759

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU

122 Ep: pct application non-entry in european phase

Ref document number: 07763759

Country of ref document: EP

Kind code of ref document: A1