公开(公告)号：US20200169395A1

公开(公告)日：2020-05-28

申请号：US16674413

申请日：2019-11-05

Applicant: SAMSUNG ELECTRONICS CO., LTD.

Inventor： Hyunsook Hong ,  Jintaek Kwon ,  Myeongjong Lee ,  Seung-Jae Lee ,  Seokgi Hong ,  Byung-Gook Kim ,  Jisoo Kim

IPC: H04L9/08 ,  H04L9/32 ,  G06F12/14

Abstract: A storage device includes a nonvolatile memory device, and a controller that manages a data encryption key (DEK). The DEK is used to encrypt data to be written in a storage space of the nonvolatile memory device by a first user and to decrypt data read from the storage space. The controller grants a second user authority to access the storage space by encrypting the DEK based on a Diffie-Hellman (DH) algorithm, grants a second user authority to access the encrypted DEK, and decrypts the encrypted DEK based on the DH algorithm.

公开(公告)号：US20240020426A1

公开(公告)日：2024-01-18

申请号：US18189412

申请日：2023-03-24

Applicant: Samsung Electronics Co., Ltd.

Inventor： Jimin Ryu ,  Yonghwan Song ,  Jaegyu Lee ,  Dong-Min Kim ,  Byungjune Song ,  Myeongjong Lee ,  Daejin Jung

IPC: G06F21/79 ,  G06F21/60 ,  G06F21/55

CPC classification number: G06F21/79 ,  G06F21/602 ,  G06F21/556

Abstract: A method for managing a replay protection memory block (RPMB) of a storage device includes allocating an RPMB master region managed separately from an RPMB region in which an RPMB key is stored in the RPMB of the storage device, programming a master key into the RPMB master region responsive to a request from a host, receiving a reset request for the RPMB region using the master key from the host, resetting the RPMB key in response to the reset request for the RPMB region, and receiving a reset lock request for the RPMB region from the host.

公开(公告)号：US11381388B2

公开(公告)日：2022-07-05

申请号：US16674413

申请日：2019-11-05

Applicant: SAMSUNG ELECTRONICS CO., LTD.

Inventor： Hyunsook Hong ,  Jintaek Kwon ,  Myeongjong Lee ,  Seung-Jae Lee ,  Seokgi Hong ,  Byung-Gook Kim ,  Jisoo Kim

IPC: H04L9/08 ,  G06F12/14 ,  H04L9/32

Abstract: A storage device includes a nonvolatile memory device, and a controller that manages a data encryption key (DEK). The DEK is used to encrypt data to be written in a storage space of the nonvolatile memory device by a first user and to decrypt data read from the storage space. The controller grants a second user authority to access the storage space by encrypting the DEK based on a Diffie-Hellman (DH) algorithm, grants a second user authority to access the encrypted DEK, and decrypts the encrypted DEK based on the DH algorithm.

公开(公告)号：US20250165162A1

公开(公告)日：2025-05-22

申请号：US18936517

申请日：2024-11-04

Applicant: SAMSUNG ELECTRONICS CO., LTD.

Inventor： Daejin JUNG ,  Minji Kim ,  Myeongjong Lee ,  Hyungsup Kim ,  Seongchan Jo ,  Jeongwoo Park

IPC: G06F3/06

Abstract: Provided are a universal flash storage (UFS) device for preventing a replay attack, a method of operating the same, and a UFS system. The UFS device including: a memory including a replay protection memory block (RPMB) region, the RPMB region including one or more index fields storing a second write failure index; and a memory controller including at least one controller memory storing one or more instructions, wherein the memory controller is configured to execute the one or more instructions to cause the UFS device to: receive, from an external device, an RPMB write request including a first write failure index, meta information, and a first message authentication code generated based on the first write failure index and the meta information, and determine whether to perform an authentication operation on the external device based on the first write failure index and the second write failure index.

公开(公告)号：US20240354448A1

公开(公告)日：2024-10-24

申请号：US18390736

申请日：2023-12-20

Applicant: SAMSUNG ELECTRONICS CO., LTD.

Inventor： Myeongjong Lee ,  Seongchan Jo ,  Jisoo Kim ,  Hyungsup Kim

IPC: G06F21/78 ,  G06F21/60 ,  G06F21/64

CPC classification number: G06F21/78 ,  G06F21/602 ,  G06F21/64

Abstract: A method of writing data in a replay protected memory block (RPMB) area of a storage device in response to a request of a host device includes receiving a write request, including a message authentication code, data, and a bitmap index, from the host device and verifying the write request based on the message authentication code and the bitmap index. The verifying the write request may include calculating a message authentication code based on data and a bitmap index received from the host device, comparing a message authentication code, calculated in the storage device, with the message authentication code of the write request, and comparing the bitmap index of the write request with bitmap indexes, stored in the storage device, to check whether a replay attack has been made.