WO2014039453A1 - Secure deletion of data stored in a memory - Google Patents

Secure deletion of data stored in a memory Download PDF

Info

Publication number
WO2014039453A1
WO2014039453A1 PCT/US2013/057883 US2013057883W WO2014039453A1 WO 2014039453 A1 WO2014039453 A1 WO 2014039453A1 US 2013057883 W US2013057883 W US 2013057883W WO 2014039453 A1 WO2014039453 A1 WO 2014039453A1
Authority
WO
WIPO (PCT)
Prior art keywords
memory
controller
block
encryption key
array
Prior art date
Application number
PCT/US2013/057883
Other languages
French (fr)
Inventor
Markus T. Metzger
Original Assignee
Intel Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corporation filed Critical Intel Corporation
Priority to EP13835982.3A priority Critical patent/EP2893451A4/en
Priority to KR1020157001560A priority patent/KR101659590B1/en
Priority to CN201380004608.5A priority patent/CN104205070B/en
Priority to JP2015525647A priority patent/JP6219391B2/en
Publication of WO2014039453A1 publication Critical patent/WO2014039453A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2143Clearing memory, e.g. to prevent the data from being stolen

Definitions

  • This relates generally to deleting data stored in electronic memories.
  • Another approach is to encrypt each file in the memory and store an encryption key in another file. But this method is usually visible to the user and so places some overhead on the user. In addition, it may raise security concerns because the encryption key is stored in a file accessible to an attacker. Thus, from the user's point of view the deletion process requires the user's attention.
  • Figure 1 is a schematic depiction of one embodiment of a platform according to the present invention.
  • Figure 2 is a sequence for reading a block according to one embodiment of the present invention.
  • Figure 3 is a sequence for writing a block according to one embodiment of the present invention.
  • Figure 4 is a sequence for deleting a block according to one embodiment of the present invention
  • Figure 5 is a cross-sectional view of one embodiment of the present invention.
  • Figure 6 is a cross-sectional view taken generally along the line 6-6 in Figure 5, according to one embodiment.
  • deletion refers to any action taken to limit access to stored information in the future.
  • a granularity of memory such as block
  • a block is the smallest addressable storage granularity. Other granularities larger than a block may also be used.
  • the encryption of the granularity of memory may be handled entirely within the memory. Then the encryption process cannot be accessed from the outside and the user need not be burdened with the encryption sequence since it is done automatically within the storage device.
  • the types of storage devices that may be implemented according to embodiments of the present invention includes semiconductor, magnetic and optical memories.
  • these memories include some type of onboard processing power that advantageously is not accessible from outside the memory.
  • the encryption process and the process of deleting granularities of memory, such as a block cannot be interfered with by outside software.
  • a platform 10 may include one or more
  • processors 12 coupled to input/output devices 14.
  • Typical input/output devices include keyboards, printers, monitors or displays, mice, and touch screens to mention a few examples.
  • the processor may be coupled to a storage device 16 that may be any type of electronic storage. It may include a memory array 18 made up of rows and columns cells of any conventional or future memory technology. One area of that array, in one embodiment, may be used for storing an encryption key store 20. However, in other embodiments, the encryption key may be stored in a separate memory within the storage device 16.
  • the array 18 may be controlled by an onboard controller 17 which may be a processor-based device capable of executing instructions. It may implement the sequences for one or more of reading, writing and deleting a granularity of memory such as a block. Thus it may be capable of performing operations for deletion of a memory portion without interference by outside entities.
  • the controller 17 may be an integrated circuit within a package enclosing an integrated amount for said memory array. In one embodiment the memory array and controller are formed on the same integrated circuit die.
  • the controller may erase a portion of the array or the entire array by simply changing an encryption key that is used to encrypt the data in the target memory portion. Then even if the data is accessed by an interloper, it cannot be decrypted because the encryption key cannot be found. Moreover, when an interloper tries to access data, that data is decrypted with a wrong key. In this way, rather than actually physically removing the stored state from each memory cell, a portion of the memory can be erased as a whole by simply making the encryption key inaccessible and thereby preventing anyone from being able to read the information encoded therein.
  • a number of different sequences for reading, writing, and erasing, 22, 30 and 40 may be stored in the array. In other embodiments, the sequences may be implemented in hardware or firmware.
  • the sequences may be implemented by computer executed instructions stored in one or more non-transitory computer readable media such as a magnetic, optical and/or semiconductor storage.
  • the computer executed instructions in one embodiment may be implemented entirely by the controller 17 within the storage device 16, which controller may be largely or entirely inaccessible from outside the storage device 16.
  • the storage device 16 is typically organized in fixed size blocks. Software operates on one block at a time. Higher levels provide finer granularity.
  • An array of registers may be defined in the storage device, one for each block in the encryption key store 20, for example.
  • the register for block N contains an encryption key used to encrypt block N.
  • the key register is not accessible from outside of the storage device 16 in some embodiments. Instead the register is solely used by the storage device 16 to perform its operations.
  • the encryption process itself may be transparent to the user outside the storage device 16.
  • the storage device 16 automatically encrypts and decrypts data using the block's encryption key.
  • the encrypted data may only be seen when the storage device 16 is removed from the platform 10 and read by other means.
  • a new encryption key is generated for that block, overriding the old key, in a register with an encryption key storage 20.
  • the new key is generated by the controller 17.
  • the register holding the key is not accessible from outside, no copies of it may exist in some embodiments. Since the data on the memory array 18 is automatically encrypted and decrypted in some embodiments, the original encrypted data is normally not visible outside the storage 16 except when the storage device 16 is physically removed.
  • the storage device 16 When the storage device 16 is powered off, in one embodiment, it may simply lose all the data, guaranteeing the highest level of security. This may be useful in cases where the device is holding temporary data or the stored data is highly sensitive. Well known techniques may also be used to avoid intermittent loss of power in other embodiments.
  • a key array may be written to an internal persistent memory within the storage device 16.
  • the key array may be used to encrypt the key using a predefined device specific key. When powered on, the storage device may re-encrypt the data, thereby rendering the copy of the key array in the internal persistent memory useless.
  • other techniques may be used to securely delete the copy of the key array. In this case, the problem has been reduced from securely deleting an entire memory disc to securely deleting a comparatively small storage medium.
  • the key array may be written to an external removable storage medium.
  • the key array may be encrypted using a pre-defined device, specific key or using a user defined-key. This encryption allows the user to remove the key array from the storage device, rendering its content worthless to attackers. In some embodiments, neither the encryption key, nor its encrypted data are accessible to attackers remotely. An attempt to use the Linux dd command to circumvent the encryption, decrypts the deleted data using a wrong key, rendering the data useless to the attacker.
  • the sequence read block 22 may be implemented in software, firmware and/or hardware. In one embodiment it may be implemented by the controller 17. In software and firmware embodiments it may be implemented by computer executed instructions stored in one or more non-transitory computer readable media such as magnetic, semiconductor or optical storage.
  • a block of memory is read from the storage medium by the controller 17. Then, the controller 17 decrypts the block using the block's own encryption key as indicated in block 26. Finally, the controller 17 delivers the decrypted block of data 28 to the processor 12 ( Figure 1).
  • the sequence 30 in Figure 3 may be used.
  • the sequence 30 may be executed in firmware, hardware and/or software.
  • software and firmware embodiments it may be implemented by computer executed instructions stored in one or more non-transitory computer readable media such as magnetic, semiconductor or optical storage. In one embodiment it may be implemented by the controller 17.
  • Data to be written may be obtained, for example from the processor 12 as indicated in block 32. Then the data is encrypted by the controller 17 with the blocks encryption key as indicated in block 34. Therefore the encrypted data is actually stored in the array 18 by the controller 17 as indicated in block 36.
  • a delete block sequence 40, shown in Figure 4 may be implemented in software, firmware and/or hardware.
  • software and firmware embodiments it may be implemented by computer executed instructions stored in one or more non- transitory computer readable media such as magnetic, optical or semiconductor storage. In one embodiment it may be implemented by the controller 17.
  • the sequence begins by generating a new encryption key. Then the new encryption key is written into the block's key register, overriding the previous encryption key as indicated in block 44. This has the result of preventing access to the storage at least without removing the storage from the rest of the platform 10.
  • the storage device 16 may be mounted on a circuit board 50.
  • the circuit board 50 may be used to implement a platform, such as a personal computer. But it could also be used in connection with a wide variety of processor-based devices, including laptop computers, cellular phones, mobile Internet devices, tablets, and desktop computers, to mention a few examples.
  • the circuit board 50 may be secured to the storage device 16 through its package 46 which may have appropriate interconnects, such as solder balls, pins, or the like (not shown). Inside the package 46, in one embodiment, may be a single integrated circuit 48. However, in other embodiments, more than one integrated circuit may be provided inside the package. For example, separate integrated circuits could be provided for the controller 17 and memory array 18, in some embodiments. In such case, the controller and memory array may be connected using interconnects, such as vias, wires, or other interconnection devices.
  • a single integrated circuit 48 may include a portion for the controller 17 and a portion for the memory array 18.
  • one single integrated circuit incorporates both the controller and the memory array. This may be economical and result in a relatively small footprint, in some embodiments.
  • One example embodiment may be a method comprising encrypting data to be stored in a memory using an encryption key; and deleting a block of the memory by erasing the encryption key so that if the deleted block is accessed, it is automatically decrypted using a wrong encryption key.
  • the method may include encrypting from within the memory.
  • the method may include using a controller internal to said memory to delete the block.
  • the method may include preventing external access to said controller.
  • the method may include executing instructions for deleting said block within said memory.
  • the method may include storing a plurality of blocks in the memory and storing encryption keys for each block within said memory.
  • the method may also include using a controller within a package enclosing said memory to write and read from the memory.
  • the method may include using a memory and controller integrated on the same die.
  • the method may include making the encryption key inaccessible to a user.
  • the method may also include making the encrypted data unreadable after deletion.
  • One example embodiment may be a non-transitory computer readable media storing instructions that cause a controller to perform a sequence comprising encrypting data to be stored in a memory using an encryption key, and deleting a unit of memory by erasing the encryption key so that if the deleted unit is accessed, a wrong encryption key is used to attempt decryption.
  • the media may also include encrypting from within the memory.
  • the media may also include using a controller internal to said memory to delete the unit.
  • the media may also include preventing external access to said controller.
  • the media may also include executing
  • the media may also include storing a plurality of memory units in the memory and storing encryption keys for each unit within said memory.
  • the media may also include using a controller within a memory package to write and read from the memory.
  • Another example embodiment may be a memory comprising a memory array and a controller coupled to said array to encrypt data to be stored in the memory using an encryption key and deleting a block of memory by erasing the encryption key so that, if the deleted block is accessed, it is automatically decrypted using a wrong encryption key.
  • the memory may also include said controller is within said memory.
  • the memory may include said controller is within a package surrounding said memory array.
  • the memory may include said controller to encrypt from within the memory.
  • the memory may include said controller to prevent external access to said controller.
  • the memory may include said controller to execute instructions for deleting said block within said memory.
  • the memory may include a plurality of memory blocks and storing encryption keys for each block within said memory.
  • the memory may include said controller and said memory array integrated in the same die.
  • One example embodiment may be a system comprising a processor and a memory coupled to said processor to encrypt data to be stored in the memory using an encryption key and deleting a block of memory by erasing the encryption key so that, if the deleted block is accessed, it is automatically decrypted using a wrong encryption key.
  • the system may include said processor is within said memory.
  • the said system may include said processor to encrypt from within the memory.
  • the system may include said processor to prevent external access to said processor.
  • the system may also include said processor to execute instructions for deleting said block within said memory.
  • references throughout this specification to "one embodiment” or “an embodiment” mean that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one implementation encompassed within the present invention. Thus, appearances of the phrase “one embodiment” or “in an embodiment” are not necessarily referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be instituted in other suitable forms other than the particular embodiment illustrated and all such forms may be encompassed within the claims of the present application.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

In accordance with some embodiments, a granularity of memory such as block, may be deleted in a way to make it very difficult for an interloper to ever gain access to that block. Moreover the deletion may be done in a sufficiently efficient way and in a way that does not overly burden the user. In some embodiments, the encryption of the granularity of memory (such as a block) may be handled entirely within the memory. Then the encryption process cannot be accessed from the outside and the user need not be burdened with the sequence of encryption sequence since it is done automatically within the storage device.

Description

SECURE DELETION OF DATA STORED IN A MEMORY
Background
[0001] This relates generally to deleting data stored in electronic memories.
[0002] Conventionally, if a user attempts to delete data stored in a semiconductor memory, the data that the user thinks has been totally removed from the system is still present and can be extracted. This creates security concerns since confidential data may be available to an interloper who gains access to a user's computer either by obtaining the physical device or by accessing the device remotely.
[0003] One way to limit access to deleted data stored in a memory is to try to repeatedly overwrite the data. But this tends to be time consuming and may be error prone because the repeated writes may not totally overwrite the data, allowing some portions of the data to still be accessed.
[0004] Another approach is to encrypt each file in the memory and store an encryption key in another file. But this method is usually visible to the user and so places some overhead on the user. In addition, it may raise security concerns because the encryption key is stored in a file accessible to an attacker. Thus, from the user's point of view the deletion process requires the user's attention.
Brief Description Of The Drawings
[0005] Some embodiments are described with respect to the following figures:
Figure 1 is a schematic depiction of one embodiment of a platform according to the present invention;
Figure 2 is a sequence for reading a block according to one embodiment of the present invention;
Figure 3 is a sequence for writing a block according to one embodiment of the present invention;
Figure 4 is a sequence for deleting a block according to one embodiment of the present invention; Figure 5 is a cross-sectional view of one embodiment of the present invention; and
Figure 6 is a cross-sectional view taken generally along the line 6-6 in Figure 5, according to one embodiment.
Detailed Description
[0006] As used herein, deletion refers to any action taken to limit access to stored information in the future.
[0007] In accordance with some embodiments, a granularity of memory such as block, may be deleted in a way to make it very difficult for an interloper to ever gain access to that block. Moreover the deletion may be done in a sufficiently efficient way and in a way that does not overly burden the user. In one embodiment, a block is the smallest addressable storage granularity. Other granularities larger than a block may also be used.
[0008] In some embodiments, the encryption of the granularity of memory (such as a block) may be handled entirely within the memory. Then the encryption process cannot be accessed from the outside and the user need not be burdened with the encryption sequence since it is done automatically within the storage device.
[0009] Among the types of storage devices that may be implemented according to embodiments of the present invention includes semiconductor, magnetic and optical memories. Generally, these memories include some type of onboard processing power that advantageously is not accessible from outside the memory. As a result, the encryption process and the process of deleting granularities of memory, such as a block, cannot be interfered with by outside software.
[0010] Thus referring to Figure 1 , a platform 10 may include one or more
processors 12 coupled to input/output devices 14. Typical input/output devices include keyboards, printers, monitors or displays, mice, and touch screens to mention a few examples.
[0011] The processor may be coupled to a storage device 16 that may be any type of electronic storage. It may include a memory array 18 made up of rows and columns cells of any conventional or future memory technology. One area of that array, in one embodiment, may be used for storing an encryption key store 20. However, in other embodiments, the encryption key may be stored in a separate memory within the storage device 16.
[0012] The array 18 may be controlled by an onboard controller 17 which may be a processor-based device capable of executing instructions. It may implement the sequences for one or more of reading, writing and deleting a granularity of memory such as a block. Thus it may be capable of performing operations for deletion of a memory portion without interference by outside entities. The controller 17 may be an integrated circuit within a package enclosing an integrated amount for said memory array. In one embodiment the memory array and controller are formed on the same integrated circuit die.
[0013] In one embodiment, the controller may erase a portion of the array or the entire array by simply changing an encryption key that is used to encrypt the data in the target memory portion. Then even if the data is accessed by an interloper, it cannot be decrypted because the encryption key cannot be found. Moreover, when an interloper tries to access data, that data is decrypted with a wrong key. In this way, rather than actually physically removing the stored state from each memory cell, a portion of the memory can be erased as a whole by simply making the encryption key inaccessible and thereby preventing anyone from being able to read the information encoded therein.
[0014] A number of different sequences for reading, writing, and erasing, 22, 30 and 40 may be stored in the array. In other embodiments, the sequences may be implemented in hardware or firmware.
[0015] In some embodiments, the sequences may be implemented by computer executed instructions stored in one or more non-transitory computer readable media such as a magnetic, optical and/or semiconductor storage. The computer executed instructions in one embodiment may be implemented entirely by the controller 17 within the storage device 16, which controller may be largely or entirely inaccessible from outside the storage device 16. [0016] The storage device 16 is typically organized in fixed size blocks. Software operates on one block at a time. Higher levels provide finer granularity.
[0017] An array of registers may be defined in the storage device, one for each block in the encryption key store 20, for example. The register for block N contains an encryption key used to encrypt block N. The key register is not accessible from outside of the storage device 16 in some embodiments. Instead the register is solely used by the storage device 16 to perform its operations.
[0018] The encryption process itself may be transparent to the user outside the storage device 16. The storage device 16 automatically encrypts and decrypts data using the block's encryption key. The encrypted data may only be seen when the storage device 16 is removed from the platform 10 and read by other means.
[0019] When software wants to delete a block or other granularity, a new encryption key is generated for that block, overriding the old key, in a register with an encryption key storage 20. In some embodiments the new key is generated by the controller 17.
[0020] While the stored data is still unmodified on the memory array 18, after it has been deleted, it comes worthless to any attacker since a unique key is necessary to decode the data that has been effectively destroyed or erased.
[0021] Any attempt to access the deleted data through the storage device 16 results in an automatic, futile decryption attempt, using the wrong encryption key, resulting in material which is undecipherable.
[0022] Since the register holding the key is not accessible from outside, no copies of it may exist in some embodiments. Since the data on the memory array 18 is automatically encrypted and decrypted in some embodiments, the original encrypted data is normally not visible outside the storage 16 except when the storage device 16 is physically removed.
[0023] When the storage device 16 is powered off, in one embodiment, it may simply lose all the data, guaranteeing the highest level of security. This may be useful in cases where the device is holding temporary data or the stored data is highly sensitive. Well known techniques may also be used to avoid intermittent loss of power in other embodiments.
[0024] According to another embodiment, a key array may be written to an internal persistent memory within the storage device 16. The key array may be used to encrypt the key using a predefined device specific key. When powered on, the storage device may re-encrypt the data, thereby rendering the copy of the key array in the internal persistent memory useless. In still another embodiment, other techniques may be used to securely delete the copy of the key array. In this case, the problem has been reduced from securely deleting an entire memory disc to securely deleting a comparatively small storage medium.
[0025] According to another embodiment, the key array may written to an external removable storage medium.
[0026] In one embodiment, the key array may be encrypted using a pre-defined device, specific key or using a user defined-key. This encryption allows the user to remove the key array from the storage device, rendering its content worthless to attackers. In some embodiments, neither the encryption key, nor its encrypted data are accessible to attackers remotely. An attempt to use the Linux dd command to circumvent the encryption, decrypts the deleted data using a wrong key, rendering the data useless to the attacker.
[0027] Referring to Figure 2, in order to read a block or other granularity of memory, the sequence read block 22 may be implemented in software, firmware and/or hardware. In one embodiment it may be implemented by the controller 17. In software and firmware embodiments it may be implemented by computer executed instructions stored in one or more non-transitory computer readable media such as magnetic, semiconductor or optical storage.
[0028] Initially at block 24, a block of memory is read from the storage medium by the controller 17. Then, the controller 17 decrypts the block using the block's own encryption key as indicated in block 26. Finally, the controller 17 delivers the decrypted block of data 28 to the processor 12 (Figure 1).
[0029] To write a block to the memory array, the sequence 30 in Figure 3 may be used. The sequence 30 may be executed in firmware, hardware and/or software. In software and firmware embodiments it may be implemented by computer executed instructions stored in one or more non-transitory computer readable media such as magnetic, semiconductor or optical storage. In one embodiment it may be implemented by the controller 17.
[0030] Data to be written may be obtained, for example from the processor 12 as indicated in block 32. Then the data is encrypted by the controller 17 with the blocks encryption key as indicated in block 34. Therefore the encrypted data is actually stored in the array 18 by the controller 17 as indicated in block 36.
[0031] A delete block sequence 40, shown in Figure 4 may be implemented in software, firmware and/or hardware. In software and firmware embodiments it may be implemented by computer executed instructions stored in one or more non- transitory computer readable media such as magnetic, optical or semiconductor storage. In one embodiment it may be implemented by the controller 17.
[0032] At block 42 the sequence begins by generating a new encryption key. Then the new encryption key is written into the block's key register, overriding the previous encryption key as indicated in block 44. This has the result of preventing access to the storage at least without removing the storage from the rest of the platform 10.
[0033] Referring to Figure 5, the storage device 16 may be mounted on a circuit board 50. In some embodiments, the circuit board 50 may be used to implement a platform, such as a personal computer. But it could also be used in connection with a wide variety of processor-based devices, including laptop computers, cellular phones, mobile Internet devices, tablets, and desktop computers, to mention a few examples.
[0034] The circuit board 50 may be secured to the storage device 16 through its package 46 which may have appropriate interconnects, such as solder balls, pins, or the like (not shown). Inside the package 46, in one embodiment, may be a single integrated circuit 48. However, in other embodiments, more than one integrated circuit may be provided inside the package. For example, separate integrated circuits could be provided for the controller 17 and memory array 18, in some embodiments. In such case, the controller and memory array may be connected using interconnects, such as vias, wires, or other interconnection devices.
[0035] In some embodiments, as shown in Figure 6, a single integrated circuit 48 may include a portion for the controller 17 and a portion for the memory array 18. Thus, in some embodiments, one single integrated circuit incorporates both the controller and the memory array. This may be economical and result in a relatively small footprint, in some embodiments.
[0036] The following clauses and/or examples pertain to further embodiments:
One example embodiment may be a method comprising encrypting data to be stored in a memory using an encryption key; and deleting a block of the memory by erasing the encryption key so that if the deleted block is accessed, it is automatically decrypted using a wrong encryption key. The method may include encrypting from within the memory. The method may include using a controller internal to said memory to delete the block. The method may include preventing external access to said controller. The method may include executing instructions for deleting said block within said memory. The method may include storing a plurality of blocks in the memory and storing encryption keys for each block within said memory. The method may also include using a controller within a package enclosing said memory to write and read from the memory. The method may include using a memory and controller integrated on the same die. The method may include making the encryption key inaccessible to a user. The method may also include making the encrypted data unreadable after deletion.
[0037] One example embodiment may be a non-transitory computer readable media storing instructions that cause a controller to perform a sequence comprising encrypting data to be stored in a memory using an encryption key, and deleting a unit of memory by erasing the encryption key so that if the deleted unit is accessed, a wrong encryption key is used to attempt decryption. The media may also include encrypting from within the memory. The media may also include using a controller internal to said memory to delete the unit. The media may also include preventing external access to said controller. The media may also include executing
instructions for deleting said unit within said memory. The media may also include storing a plurality of memory units in the memory and storing encryption keys for each unit within said memory. The media may also include using a controller within a memory package to write and read from the memory.
[0038] Another example embodiment may be a memory comprising a memory array and a controller coupled to said array to encrypt data to be stored in the memory using an encryption key and deleting a block of memory by erasing the encryption key so that, if the deleted block is accessed, it is automatically decrypted using a wrong encryption key. The memory may also include said controller is within said memory. The memory may include said controller is within a package surrounding said memory array. The memory may include said controller to encrypt from within the memory. The memory may include said controller to prevent external access to said controller. The memory may include said controller to execute instructions for deleting said block within said memory. The memory may include a plurality of memory blocks and storing encryption keys for each block within said memory. The memory may include said controller and said memory array integrated in the same die.
[0039] One example embodiment may be a system comprising a processor and a memory coupled to said processor to encrypt data to be stored in the memory using an encryption key and deleting a block of memory by erasing the encryption key so that, if the deleted block is accessed, it is automatically decrypted using a wrong encryption key. The system may include said processor is within said memory. The said system may include said processor to encrypt from within the memory. The system may include said processor to prevent external access to said processor. The system may also include said processor to execute instructions for deleting said block within said memory. [0040] References throughout this specification to "one embodiment" or "an embodiment" mean that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one implementation encompassed within the present invention. Thus, appearances of the phrase "one embodiment" or "in an embodiment" are not necessarily referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be instituted in other suitable forms other than the particular embodiment illustrated and all such forms may be encompassed within the claims of the present application.
[0041] While the present invention has been described with respect to a limited number of embodiments, those skilled in the art will appreciate numerous
modifications and variations therefrom. It is intended that the appended claims cover all such modifications and variations as fall within the true spirit and scope of this present invention.

Claims

What is claimed is: 1. 1. A method comprising:
encrypting data to be stored in a memory using an encryption key; and deleting a block of the memory by erasing the encryption key so that if the deleted block is accessed, it is automatically decrypted using a wrong encryption key. 2. The method of claim 1 including encrypting from within the memory. 3. The method of claim 2 including using a controller internal to said memory to delete the block. 4. The method of claim 3 including preventing external access to said controller. 5. The method of claim 4 including executing instructions for deleting said block within said memory. 6. The method claim 1 including storing a plurality of blocks in the memory and storing encryption keys for each block within said memory. 7. The method of claim 1 including using a controller within a package enclosing said memory to write and read from the memory. 8. The method of claim 3 including using a memory and controller integrated on the same die. 9. The method of claim 1 including making the encryption key inaccessible to a user. 10. The method of claim 1 including making the encrypted data unreadable after deletion.
1 1. One or more non-transitory computer readable media storing instructions that cause a controller to perform a method according to claims 1 to 10. 12. A memory comprising:
a memory array; and
a controller coupled to said array to encrypt data to be stored in the memory using an encryption key and deleting a block of memory by erasing the encryption key so that, if the deleted block is accessed, it is automatically decrypted using a wrong encryption key. 13. The memory of claim 12 wherein said controller is within said memory. 14. The memory of claim 13 wherein said controller is within a package surrounding said memory array. 15. The memory of claim 12, said controller to encrypt from within the memory. 16. The memory of claim 12, said controller to prevent external access to said controller. 17. The memory of claim 15, said controller to execute instructions for deleting said block within said memory. 18. The memory of claim 12, including a plurality of memory blocks and storing encryption keys for each block within said memory. 19. The memory of claim 12, said controller and said memory array integrated in the same die.
PCT/US2013/057883 2012-09-04 2013-09-03 Secure deletion of data stored in a memory WO2014039453A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
EP13835982.3A EP2893451A4 (en) 2012-09-04 2013-09-03 Secure deletion of data stored in a memory
KR1020157001560A KR101659590B1 (en) 2012-09-04 2013-09-03 Secure deletion of data stored in a memory
CN201380004608.5A CN104205070B (en) 2012-09-04 2013-09-03 The safety deleting of data is stored in memory
JP2015525647A JP6219391B2 (en) 2012-09-04 2013-09-03 Safe deletion of data stored in memory

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13/602,518 US20140068277A1 (en) 2012-09-04 2012-09-04 Secure Deletion of Data Stored in a Memory
US13/602,518 2012-09-04

Publications (1)

Publication Number Publication Date
WO2014039453A1 true WO2014039453A1 (en) 2014-03-13

Family

ID=50189160

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2013/057883 WO2014039453A1 (en) 2012-09-04 2013-09-03 Secure deletion of data stored in a memory

Country Status (6)

Country Link
US (1) US20140068277A1 (en)
EP (1) EP2893451A4 (en)
JP (1) JP6219391B2 (en)
KR (1) KR101659590B1 (en)
CN (1) CN104205070B (en)
WO (1) WO2014039453A1 (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104038634A (en) * 2014-06-25 2014-09-10 深圳市中兴移动通信有限公司 Mobile terminal and privacy disclosure prevention method thereof
US9824231B2 (en) 2014-12-24 2017-11-21 International Business Machines Corporation Retention management in a facility with multiple trust zones and encryption based secure deletion
US9762548B2 (en) * 2015-03-13 2017-09-12 Western Digital Technologies, Inc. Controlling encrypted data stored on a remote storage device
EP3262515B1 (en) 2015-09-30 2019-08-07 Hewlett-Packard Enterprise Development LP Cryptographic-based initialization of memory content
JP7152766B2 (en) 2016-06-29 2022-10-13 株式会社プロスパークリエイティブ data masking system
GB201701747D0 (en) 2017-02-02 2017-03-22 Blancco Tech Group Ip Oy Intelligent verification of cryptographic erase and other firmware erasure processes
US10691837B1 (en) 2017-06-02 2020-06-23 Apple Inc. Multi-user storage volume encryption via secure enclave
KR20210149521A (en) 2020-06-02 2021-12-09 삼성전자주식회사 Memory system and operating method of the same
US11720504B2 (en) * 2021-04-15 2023-08-08 Apple Inc. Secure storage of datasets in a thread network device
CN114996725B (en) * 2022-05-06 2023-07-28 北京中科昊芯科技有限公司 Method for protecting development program and processor

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050013217A1 (en) * 2003-07-18 2005-01-20 Pioneer Corporation Information recording and reproducing apparatus, and information recording and erasing method
US20070300031A1 (en) * 2006-06-22 2007-12-27 Ironkey, Inc. Memory data shredder
US20090172265A1 (en) * 2007-12-27 2009-07-02 Electronics Telecommunication Research Institute Flash memory device having secure file deletion function and method for securely deleting flash file
US20110154060A1 (en) * 2009-12-17 2011-06-23 Hitachi Global Storage Technologies Netherlands B.V. Implementing secure erase for solid state drives
US20120079289A1 (en) * 2010-09-27 2012-03-29 Skymedi Corporation Secure erase system for a solid state non-volatile memory device

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH08185448A (en) * 1994-09-30 1996-07-16 Mitsubishi Corp System and device for managing data copyright
JP3905944B2 (en) * 1997-02-28 2007-04-18 株式会社東芝 CONTROL CIRCUIT ELEMENT FOR MAGNETIC DISK DEVICE AND MAGNETIC DISK DEVICE HAVING THE CONTROL CIRCUIT ELEMENT
JPH11224461A (en) * 1998-02-06 1999-08-17 Sony Corp Information processor, information method, providing medium and recording medium
JP3722767B2 (en) * 2002-03-13 2005-11-30 三菱電機インフォメーションテクノロジー株式会社 Hard disk drive, computer
US7162644B1 (en) * 2002-03-29 2007-01-09 Xilinx, Inc. Methods and circuits for protecting proprietary configuration data for programmable logic devices
JP4104488B2 (en) * 2003-05-12 2008-06-18 日本電信電話株式会社 ENCRYPTION KEY STORAGE DEVICE, ITS PROGRAM, AND RECORDING MEDIUM CONTAINING THE PROGRAM
JP2004341768A (en) * 2003-05-15 2004-12-02 Fujitsu Ltd Magnetic disk device, cipher processing method and program
JP2005227995A (en) * 2004-02-12 2005-08-25 Sony Corp Information processor, information processing method and computer program
EP1802030A1 (en) * 2005-12-23 2007-06-27 Nagracard S.A. Secure system-on-chip
US8938624B2 (en) * 2010-09-15 2015-01-20 Lsi Corporation Encryption key destruction for secure data erasure

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050013217A1 (en) * 2003-07-18 2005-01-20 Pioneer Corporation Information recording and reproducing apparatus, and information recording and erasing method
US20070300031A1 (en) * 2006-06-22 2007-12-27 Ironkey, Inc. Memory data shredder
US20090172265A1 (en) * 2007-12-27 2009-07-02 Electronics Telecommunication Research Institute Flash memory device having secure file deletion function and method for securely deleting flash file
US20110154060A1 (en) * 2009-12-17 2011-06-23 Hitachi Global Storage Technologies Netherlands B.V. Implementing secure erase for solid state drives
US20120079289A1 (en) * 2010-09-27 2012-03-29 Skymedi Corporation Secure erase system for a solid state non-volatile memory device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2893451A4 *

Also Published As

Publication number Publication date
EP2893451A1 (en) 2015-07-15
CN104205070B (en) 2018-05-04
KR20150032871A (en) 2015-03-30
KR101659590B1 (en) 2016-09-26
US20140068277A1 (en) 2014-03-06
JP2015529064A (en) 2015-10-01
JP6219391B2 (en) 2017-10-25
CN104205070A (en) 2014-12-10
EP2893451A4 (en) 2016-05-11

Similar Documents

Publication Publication Date Title
US20140068277A1 (en) Secure Deletion of Data Stored in a Memory
CN108139984B (en) Security subsystem
US9092370B2 (en) Power failure tolerant cryptographic erase
US20180260151A1 (en) Data Storage Device and Operating Method Therefor
US8996933B2 (en) Memory management method, controller, and storage system
US8539250B2 (en) Secure, two-stage storage system
US10698840B2 (en) Method and apparatus to generate zero content over garbage data when encryption parameters are changed
US9323943B2 (en) Decrypt and encrypt data of storage device
US8910301B2 (en) System and method for locking and unlocking storage device
JP2010231778A (en) Data whitening for writing and reading data to and from non-volatile memory
RU2353969C2 (en) Method and device for computer memory binding to motherboard
CN108573176B (en) Method and system for safely deleting data of mobile terminal encrypted by key derivation
US9176896B2 (en) Method of managing aligned and unaligned data bands in a self encrypting solid state drive
US10985916B2 (en) Obfuscation of keys on a storage medium to enable storage erasure
US9811477B2 (en) Memory system and method for writing data to a block of an erased page
KR102687192B1 (en) A memory device and system
US9003201B2 (en) Hardware protection for encrypted strings and protection of security parameters
US11550906B2 (en) Storage system with separated RPMB sub-systems and method of operating the same
KR100874872B1 (en) A secure flash-memory-based secondary storage device that supports safe overwriting
US20100211801A1 (en) Data storage device and data management method thereof
CN113536331B (en) Data security for memory and computing systems
US20240220667A1 (en) Storage device and computing device including the same
KR102720140B1 (en) Storage system with separated rpmb sub-systems and method of operating the same
JP7302392B2 (en) File data management device, file data management program and file data management method
TW202036349A (en) Computer system and method for virtual hard disk encryption and decryption

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13835982

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 20157001560

Country of ref document: KR

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 2015525647

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE