Data storage device and method of operation thereof

By introducing a replay protection block mechanism into the data storage device, using authentication keys and write counters to control access and generate MACs, the security deficiencies of data storage devices in preventing replay attacks are solved, and effective protection of sensitive information is achieved.

CN114254402BActive Publication Date: 2026-06-26SK HYNIX INC

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
SK HYNIX INC
Filing Date
2021-05-18
Publication Date
2026-06-26

Smart Images

  • Figure CN114254402B_ABST
    Figure CN114254402B_ABST
Patent Text Reader

Abstract

The present invention relates to a data storage device and an operating method thereof. According to the present invention, a data storage device providing an improved security function includes a memory device including a protected storage block protected by a security protocol; and a memory controller configured to receive a command protocol component associated with the security protocol, the security protocol including a host-side protection message requesting to write data from a host to the protected storage block, perform an authentication operation on the protected storage block using a host message authentication code included in the host-side protection message, and store the data from the host according to a result of the authentication operation.
Need to check novelty before this filing date? Find Prior Art

Description

[0001] Cross-references to related applications

[0002] This patent document claims priority and benefit to Korean patent application No. 10-2020-0122028, filed on September 22, 2020, which is incorporated herein by reference in its entirety. Technical Field

[0003] The technology and embodiments disclosed in this patent document relate to an electronic device, and more particularly, to a data storage device and a method of operating the same. Background Technology

[0004] A storage device or data storage device may include a memory device for storing data and a controller that allows a host device, such as a computer or smartphone, to read data from the data storage device and / or write data to the data storage device. Based on its ability to retain stored data in the absence of power, a memory device may be characterized as a volatile memory device or a non-volatile memory device.

[0005] Volatile memory devices retain stored data while power is on, but the stored data is lost when power is interrupted. Examples of volatile memory devices can include static random access memory (SRAM) and dynamic random access memory (DRAM).

[0006] Non-volatile memory devices retain stored data even when there is no power supply. Examples of non-volatile memory devices include read-only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), and flash memory. Summary of the Invention

[0007] In addition to other features and benefits, embodiments of the disclosed technology provide a data storage device and a method of operation thereof that can provide improved security features.

[0008] Data storage apparatus based on some embodiments of the disclosed technology includes: a memory device including a protected memory block protected by a security protocol; and a memory controller configured to receive a command protocol component associated with the security protocol, the security protocol including a host-side protection message requesting data from a host to be written to the protected memory block, performing an authentication operation on the protected memory block using a host message authentication code included in the host-side protection message, and storing the data from the host according to the result of the authentication operation, wherein the command protocol component includes: a basic header segment common to protocol components transmitted between the host and the memory controller; a transaction-specific field including a value for identifying the type of the protocol component; and an additional header segment as a header segment different from the basic header segment and configured to include the host-side protection message.

[0009] Data storage devices based on some embodiments of the disclosed technology include: a non-volatile memory device including a replay protection block; and a memory controller configured to receive a command protocol component, the command protocol component including a host replay protection block message in which a host requests to read data stored in the replay protection block, performing a read operation to obtain data corresponding to an address included in the host replay protection block message, and providing the data read from that address to the host, wherein the command protocol component includes: a basic header segment, collectively included in protocol components transmitted and received between the host and the memory controller; a transaction-specific field including a value for identifying the type of the protocol component; and an additional header segment, as a header segment different from the basic header segment, and configured to include the host replay protection block message.

[0010] According to this technology, a data storage device and its operation method that provide improved security functions are provided. Attached Figure Description

[0011] Figure 1 This is a diagram illustrating an example of a data storage device based on some embodiments of the disclosed technology.

[0012] Figure 2 It is shown Figure 1 An example illustration of a memory device.

[0013] Figure 3 It is shown Figure 2 A diagram illustrating an example configuration of a storage block.

[0014] Figure 4 This is a diagram showing access to the playback protection block.

[0015] Figure 5 This is a diagram illustrating the data structure of the data transmitted between the playback protection block host controller and the playback protection block device controller.

[0016] Figure 6 This is a diagram showing the structure of the basic header segment of a protocol component or protocol information unit (PIU).

[0017] Figure 7 This is a diagram showing the structure of the replay protection block message used when performing a replay protection block write operation or a replay protection block read operation.

[0018] Figure 8 This is a diagram illustrating an example of a replay protection block write operation.

[0019] Figures 9A to 9C This illustrates some embodiments based on the disclosed technology. Figure 8 A diagram illustrating an example of the replay protection block message provided during a replay protection block write operation.

[0020] Figure 10 This is an example diagram illustrating the playback protection block read operation.

[0021] Figure 11A and Figure 11B This illustrates some embodiments based on the disclosed technology. Figure 10 A diagram illustrating an example of the replay protection block message provided during a replay protection block read operation.

[0022] Figure 12 This is a flowchart illustrating an example of a replay protection block write operation based on some embodiments of the disclosed technology.

[0023] Figure 13 This is a flowchart illustrating an example of a replay protection block read operation based on some embodiments of the disclosed technology.

[0024] Figure 14 This illustrates some embodiments based on the disclosed technology. Figure 12 and Figure 13 An example diagram of the PIU command.

[0025] Figure 15 This illustrates some embodiments based on the disclosed technology. Figure 12 and Figure 13 An example diagram of the PIU response.

[0026] Figure 16 It is shown Figure 4 A diagram illustrating the operation of the playback protection block host controller.

[0027] Figure 17 It is shown Figure 4 A diagram illustrating the operation of the playback protection block device controller during a playback protection block write operation.

[0028] Figure 18 It is shown Figure 4 A diagram illustrating the operation of the playback protection block device controller during playback protection block reading operations.

[0029] Figure 19 This illustrates some embodiments based on the disclosed technology. Figure 1 An example diagram of a memory controller.

[0030] Figure 20 This is a block diagram illustrating a memory card system including a data storage device based on some embodiments of the disclosed technology.

[0031] Figure 21 This is a block diagram illustrating a solid-state drive (SSD) system that includes a data storage device based on some embodiments of the disclosed technology.

[0032] Figure 22 This is a block diagram illustrating a user system including a data storage device based on some embodiments of the disclosed technology. Detailed Implementation

[0033] The technology disclosed in this patent document can be implemented in some embodiments to provide a data storage device and a data storage method that, among other features and advantages, can also provide improved security by using security protocols such as replay protection of storage block features.

[0034] Figure 1 This is a diagram illustrating an example of a data storage device based on some embodiments of the disclosed technology.

[0035] Reference Figure 1 The data storage device 50 may include a memory device 100 and a memory controller 200. The data storage device 50 may be a device that stores data under the control of a host 400 such as a mobile phone, smartphone, MP3 player, laptop computer, desktop computer, game console, TV, tablet PC, or in-vehicle infotainment system. Alternatively, the data storage device 50 may be a device that stores data under the control of a host 400 that stores high-capacity data in one location, such as a server or data center.

[0036] Data storage device 50 can be any type of data storage device that communicates with host 400 via a host interface. Examples of data storage device 50 may include SSDs, multimedia cards in the form of MMC, eMMC, RS-MMC, and micro MMC, secure digital cards in the form of SD, mini SD, and micro SD, universal serial bus (USB) storage devices, universal flash memory (UFS) devices, PCMCIA card-type data storage devices, peripheral component interconnect (PCI) card-type data storage devices, high-speed PCI (PCI-E) card-type data storage devices, compact flash memory (CF) cards, smart media cards, and memory sticks.

[0037] The data storage device 50 can be manufactured in any of a variety of package types. For example, the data storage device 50 can be manufactured in any of the following package types: Point-of-Package (POP), System-in-Package (SIP), System-on-Chip (SOC), Multi-Chip Package (MCP), Chip-on-Board (COB), Wafer-Level Fabrication Package (WFP), and Wafer-Level Stacked Package (WSP).

[0038] The memory device 100 can store data. The memory device 100 operates under the control of the memory controller 200. The memory device 100 may include a memory cell array (not shown) comprising a plurality of memory cells for storing data.

[0039] Each memory cell can be configured as a single-level cell (SLC) that stores one data bit, a multi-level cell (MLC) that stores two data bits, a three-level cell (TLC) that stores three data bits, or a four-level cell (QLC) that can store four data bits.

[0040] A memory cell array (not shown) may include multiple memory blocks. Each memory block may include multiple pages. In an embodiment, a page may be a unit for storing data in or retrieving data stored in the memory device 100. A memory block may be a unit for erasing data.

[0041] The memory blocks included in the memory device 100 may include protection memory blocks such as a replay protection block or replay protection memory block (RPMB) 110a and normal blocks (Normal BLK) 110b.

[0042] A protection block is configured to store information used to authenticate data to be read from or written to the memory device and is protected by a security protocol. A replay protection block (RPMB) 110a is an example of such a protection block, accessible only via a security protocol such as using a predetermined private command or authentication. The host 400 can limit the write count of the replay protection block 110a to a predetermined number. When a write operation corresponding to the maximum write count value of the replay protection block 110a is performed, only read operations on the replay protection block 110a are permitted.

[0043] In some implementations, the replay protection block or RPMB may include a secure storage block for storing a small amount of sensitive information. In one example, the replay protection block or RPMB may be configured to enable a device to store data in a small, dedicated area that is authenticated and protected against replay attacks by retransmitting or replaying the initial messages between right entities at a later stage, an attack that occurs when malware running a replay attack intercepts such identical messages. To protect sensitive information from such replay attacks, RPMB authentication key information is first written to the secure storage block by the host and then used by both the host and the storage device to authenticate read and write messages involving the RPMB area.

[0044] The size of the data written to a protection memory block, such as playback protection block 110a (e.g., the data written to the protection memory block), can be predetermined. For example, the data stored in playback protection block 110a can be in units of 128 KB (kilobytes). In an embodiment, the maximum data size stored in playback protection block 110a can be 16 MB (megabytes).

[0045] Access to replay protection block 110a is permitted only upon successful authentication. Authentication of replay protection block 110a may include the following operations: each of host 400 and data storage device 50 initially stores the same authentication key only once, and uses the data to be stored and the authentication key to determine whether the message authentication code (MAC) generated by each of host 400 and data storage device 50 matches. In some implementations, each of host 400 and data storage device 50 may use a hash-based MAC, such as the HMAC secure hash algorithm (SHA)-256, to generate the MAC. In replay protection block 110a, the data stored in replay protection block 110a can be maintained while retaining the values ​​of the authentication key and write counter.

[0046] exist Figure 1In this embodiment, the memory device 100 includes one replay protection block 110a, but the memory device 100 may include two or more replay protection blocks 110a. In this case, each replay protection block 110a may have a unique authentication key and write count value.

[0047] A regular block can be a storage block that can be accessed without separate authentication. A regular block can be a storage block that stores data other than the data stored in the replay protection block 110a.

[0048] In embodiments, the memory device 100 may be a Double Data Rate Synchronous Dynamic Random Access Memory (DDR SDRAM), a fourth-generation Low Power Double Data Rate (LPDDR4) SDRAM, a Graphics Double Data Rate (GDDR) SDRAM, Low Power DDR (LPDDR), Rambus Dynamic Random Access Memory (RDRAM), NAND Flash Memory, Vertical NAND Flash Memory, NOR Flash Memory, Resistive Random Access Memory (RRAM), Phase Change Memory (PRAM), Magnetoresistive Random Access Memory (MRAM), Ferroelectric Random Access Memory (FRAM), Spin-Torque Random Access Memory (STT-RAM), etc. In this specification, for ease of description, it is assumed that the memory device 100 is a NAND Flash Memory.

[0049] Memory device 100 is configured to receive commands and addresses from memory controller 200 and access address-selected regions in a memory cell array. Memory device 100 can perform operations instructed by commands on the address-selected regions. For example, memory device 100 can perform write operations (programming operations), read operations, and erase operations. During a programming operation, memory device 100 can program data into the address-selected regions. During a read operation, memory device 100 can read data from the address-selected regions. During an erase operation, memory device 100 can erase data stored in the address-selected regions.

[0050] The memory controller 200 can control all operations of the data storage device 50.

[0051] When power is applied to the data storage device 50, the memory controller 200 can run firmware such as a flash translation layer (FTL) to control communication between the host 400 and the memory device 100.

[0052] In an embodiment, the memory controller 200 may receive data and logical block addresses (LBAs) from the host 400 and may convert the LBAs into physical block addresses (PBAs) that indicate the addresses of memory cells containing data to be stored in the memory device 100.

[0053] The memory controller 200 can control the memory device 100 to perform programming, reading, or erasing operations according to requests from the host 400. During a programming operation, the memory controller 200 can provide programming commands, PBA, and data to the memory device 100. During a reading operation, the memory controller 200 can provide reading commands and PBA to the memory device 100. During an erasing operation, the memory controller 200 can provide erasing commands and PBA to the memory device 100.

[0054] In this embodiment, the memory controller 200 can autonomously generate commands, addresses, and data regardless of requests from the host 400, and transmit these commands, addresses, and data to the memory device 100. For example, the memory controller 200 can provide the memory device 100 with commands, addresses, and data for performing programming operations, read operations, and erase operations accompanied by wear leveling, read recycling, garbage collection, etc.

[0055] In this embodiment, the memory controller 200 can control at least two or more memory devices 100. In this case, the memory controller 200 can control the memory devices 100 according to an interleaving method to improve operational performance. The interleaving method can be a method in which the operation of controlling at least two memory devices 100 overlaps with each other.

[0056] The memory controller 200 may include a replay protection block device controller 210.

[0057] The playback protection block device controller 210 can handle access requests to the playback protection block 110a.

[0058] The playback protection block device controller 210 can handle playback protection block write operations that store data in playback protection block 110a, and playback protection block read operations that read data stored in playback protection block 110a. (Refer to the description below.) Figures 4 to 19 The specific methods by which the playback protection block device controller 210 handles playback protection block write operations and playback protection block read operations are described in more detail.

[0059] The host 400 can communicate with the data storage device 50 using at least one of the following communication methods: Universal Serial Bus (USB), Serial AT Accessory (SATA), Serial SCSI (SAS), High Speed ​​Chip Interconnect (HSIC), Small Computer System Interface (SCSI), Peripheral Component Interconnect (PCI), High Speed ​​PCI (PCIe), High Speed ​​Non-Volatile Memory (NVMe), Universal Flash Memory (UFS), Secure Digital (SD), Multimedia Card (MMC), Embedded MMC (eMMC), Dual In-line Memory Module (DIMM), Registered DIMM (RDIMM), and Reduced Load DIMM (LRDIMM). For example, the disclosed techniques can be used in some embodiments to implement a Replay Protection Block (RPMB) in a UFS.

[0060] The host 400 may further include a playback protection block host controller 410.

[0061] The playback protection block host controller 410 can generate various requests or commands for controlling the playback protection block 110a, and provide these requests or commands to the playback protection block device controller 210. The playback protection block host controller 410 can receive responses or processing results from the playback protection block device controller 210.

[0062] Figure 2 It is shown Figure 1 An example illustration of a memory device.

[0063] Reference Figure 2 The memory device 100 may include a memory cell array 110, a voltage generator 120, an address decoder 130, an input / output (I / O) circuit 140, and control logic 150.

[0064] Memory cell array 110 includes multiple memory blocks BLK1 to BLKi. The multiple memory blocks BLK1 to BLKi are connected to address decoder 130 via row lines RL. The multiple memory blocks BLK1 to BLKi are connected to input / output circuitry 140 via column lines CL. In an embodiment, row lines RL may include word lines, source select lines, and drain select lines. In an embodiment, column lines CL may include bit lines.

[0065] Each of the plurality of memory blocks BLK1 to BLKi includes a plurality of memory cells. In an embodiment, the plurality of memory cells may be non-volatile memory cells. Memory cells connected to the same word line among the plurality of memory cells may be defined as a physical page. That is, the memory cell array 110 may include a plurality of physical pages. Each of the memory cells in the memory device 100 may be used as a single-level cell (SLC) storing one data bit, a multi-level cell (MLC) storing two data bits, a three-level cell (TLC) storing three data bits, or a four-level cell (QLC) capable of storing four data bits.

[0066] Multiple storage blocks BLK1 to BLKi may include references Figure 1 The replay protection block 110a and the normal block 110b are described.

[0067] In this embodiment, the voltage generator 120, address decoder 130, and input / output circuitry 140 can be collectively referred to as peripheral circuitry. Peripheral circuitry can be used to operate the memory cell array 110 under the control of control logic 150. Peripheral circuitry can be used to operate the memory cell array 110 during programming, reading, and erasing operations.

[0068] Voltage generator 120 is configured to generate multiple operating voltages using an external power supply voltage supplied to memory device 100. Voltage generator 120 operates in response to control of control logic 150.

[0069] In some implementations, voltage generator 120 can generate an internal power supply voltage by adjusting an external power supply voltage. The internal power supply voltage generated by voltage generator 120 is used as the operating voltage of memory device 100.

[0070] In some implementations, voltage generator 120 can generate multiple operating voltages using an external or internal power supply voltage. Voltage generator 120 can be configured to generate various voltages required in memory device 100. For example, voltage generator 120 can generate multiple erase voltages, multiple programming voltages, multiple pass voltages, multiple select read voltages, and multiple unselect read voltages.

[0071] Voltage generator 120 may include multiple pump capacitors that receive an internal power supply voltage to generate multiple operating voltages with various voltage levels, and multiple operating voltages may be generated by selectively enabling the multiple pump capacitors in response to control of control logic 150.

[0072] The generated operating voltages can be supplied to the memory cell array 110 through the address decoder 130.

[0073] Address decoder 130 is connected to memory cell array 110 via row line RL. Address decoder 130 is configured to operate in response to control of control logic 150. Address decoder 130 can receive address ADDR from control logic 150. Address decoder 130 can decode the block address in the received address ADDR. Address decoder 130 selects at least one memory block from memory blocks BLK1 to BLKi based on the decoded block address. Address decoder 130 can decode the row address in the received address ADDR. Address decoder 130 can select at least one word line from the word lines of the selected memory block based on the decoded row address. In an embodiment, address decoder 130 can decode the column address in the received address ADDR. Address decoder 130 can connect input / output circuitry 140 and memory cell array 110 to each other based on the decoded column address.

[0074] For example, address decoder 130 may include components such as row decoder, column decoder, and address buffer.

[0075] The input / output circuitry 140 may include multiple page buffers. These page buffers can be connected to the memory cell array 110 via bit lines. During programming operations, data can be stored in selected memory cells based on the data (DATA) stored in the multiple page buffers.

[0076] During a read operation, data stored in the selected memory cell can be sensed via bit lines, and the sensed data can be stored in the page buffer.

[0077] Control logic 150 can control address decoder 130, voltage generator 120, and input / output circuitry 140. Control logic 150 can operate in response to commands (CMD) transmitted from external devices. Control logic 150 can generate control signals to control peripheral circuitry in response to commands (CMD) and addresses (ADDR).

[0078] Figure 3 It is shown Figure 2 A diagram illustrating an example configuration of a storage block.

[0079] Storage block BLKi is Figure 2 Any one of the storage blocks BLK1 to BLKi.

[0080] Reference Figure 3Multiple word lines arranged in parallel to each other can be connected between a first select line and a second select line. Here, the first select line can be a source select line (SSL), and the second select line can be a drain select line (DSL). More specifically, the memory block BLKi can include multiple string STs connected between bit lines BL1 to BLn and the source line SL. Bit lines BL1 to BLn can be connected to string STs individually, and the source line SL can be connected to string STs collectively. Because string STs can be configured to be identical to each other, the string ST connected to the first bit line BL1 is specifically described as an example.

[0081] A string ST may include a source selection transistor SST connected in series between the source line SL and the first bit line BL1, a plurality of memory cells MC1 to MC16, and a drain selection transistor DST. A string ST may include at least one or more of the source selection transistor SST and the drain selection transistor DST, and may include more memory cells MC1 to MC16 than shown in the figures.

[0082] The source of the source select transistor SST can be connected to the source line SL, and the drain of the drain select transistor DST can be connected to the first bit line BL1. Memory cells MC1 to MC16 can be connected in series between the source select transistor SST and the drain select transistor DST. The gates of the source select transistors SST included in different string STs can be connected to the source select line SSL, the gates of the drain select transistor DSTs can be connected to the drain select line DSL, and the gates of memory cells MC1 to MC16 can be connected to multiple word lines WL1 to WL16. A group of memory cells connected to the same word lines among the memory cells included in different string STs can be referred to as a page PPG. Therefore, the memory block BLKi can include as many page PGs as word lines WL1 to WL16.

[0083] A memory cell can store one bit of data. This is often referred to as a single-level cell (SLC). In this case, a physical page (PG) can store one logical page (LPG) of data. A logical page (LPG) of data can include the same number of data bits as the cells included in a physical page (PG).

[0084] A memory cell can store two or more data bits. In this case, a physical page (PG) can store two or more logical pages (LPG) of data.

[0085] Figure 4 This is a diagram showing access to the playback protection block.

[0086] Reference Figure 4The data storage device 50 may include a playback protection block 110a and a playback protection block device controller 210 for controlling the playback protection block 110a. The playback protection block 110a may be a reference... Figure 1 The memory device 100 described includes one of the memory blocks, and the playback protection block device controller 210 may be included in the memory controller 200.

[0087] The replay protection block 110a may include an authentication key 111, a write counter 112, a result register 113, and a replay protection block data area (RPMB data area) 114.

[0088] The authentication key 111 can be stored only once, may not be read, and can only be accessed when calculating the MAC used for authentication. In an embodiment, the size of the authentication key 111 may be 32 bytes.

[0089] Write counter 112 counts the number of successful write operations to the replay protection block. Write counter 112 can store a write count value corresponding to 4 bytes. The initial value of write counter 112 can be "0000 0000h". The write count value of write counter 112 may not be reset or decreased. The value of write counter 112 may stop increasing after reaching its maximum value of "FFFF FFFFh". Therefore, when the value of write counter 112 reaches its maximum value, data may no longer be stored in replay protection block 110a, and replay protection block 110a can be used as a read-only block.

[0090] Result register 113 can store the results of replay protection block write operations or replay protection block read operations.

[0091] In an embodiment, the authentication key 111, the write counter 112, and the result register 113 may be independently included in each replay protection block 110a and may have unique values.

[0092] The replay protection block data area 114 can be an area where data is stored only when authentication is successful.

[0093] When a replay protection block write operation is performed, the replay protection block host controller 410 can provide protection messages, such as replay protection block messages, to the replay protection block device controller 210 according to a predetermined format. In some embodiments, the protection messages may include host-side protection messages. The replay protection block messages provided by the replay protection block host controller 410 may include information required to perform authentication operations on the replay protection block. For example, the replay protection block messages may include authentication data and metadata. Authentication data may include a MAC generated by the replay protection block host controller 410.

[0094] The replay protection block device controller 210 may further include an authentication manager 211 and an access controller 212.

[0095] The authentication manager 211 can perform authentication operations using the authentication data and metadata included in the replay protection block message and the authentication key 111 stored in the replay protection block 110a. The authentication manager 211 can provide the result of the authentication operation to the access controller 212. The access controller 212 can store data in the replay protection block 110a or prevent data from being stored in the replay protection block 110a based on the result of the authentication operation.

[0096] When the authentication operation is successful, the access controller 212 can control the replay protection block 110a to store the write data to be stored in the replay protection block in the replay protection block data area 114. The access controller 212 can increment the value of the write counter 112 and store information indicating that the replay protection block write operation is complete in the result register 113.

[0097] When the authentication operation fails, the access controller 212 may not store the write data requested in the replay protection block in the replay protection block data area 114. The access controller 212 may maintain the value of the write counter 112 and store information indicating that the replay protection block write operation is complete in the result register 113.

[0098] When performing a replay protection block read operation, the replay protection block host controller 410 can provide protection messages, such as replay protection block messages, to the replay protection block device controller 210 according to a predetermined format. In some embodiments, the protection messages may include device-side protection messages. The replay protection block messages provided by the replay protection block host controller 410 may include information required to perform authentication operations on the replay protection block. For example, the replay protection block messages may include metadata.

[0099] Access controller 212 can read data stored in the replay protection block and generate a replay protection block message to be provided to the replay protection block host controller 410. Access controller 212 can obtain metadata (e.g., random numbers) included in the replay protection block message received from the replay protection block host controller 410 and generate a message including the metadata included in the replay protection block message received from the replay protection block host controller 410 and the result of the replay protection block read operation. Access controller 212 can use the generated metadata and the authentication key 111 stored in replay protection block 110a to generate authentication data. The authentication data may include a MAC address used by the replay protection block host controller 410 to perform an authentication operation for later access to read data.

[0100] Access controller 212 can generate replay protection block messages that include the generated metadata and authentication data, and provide the read data and replay protection block messages to replay protection block host controller 410. In an embodiment, the replay protection block messages provided by access controller 212 may include result information stored in result register 113.

[0101] Figure 5 This is a diagram showing the data structure of the data transmitted between the playback protection block host controller and the playback protection block device controller.

[0102] Reference Figure 4 and Figure 5 The replay protection block host controller 410 and the replay protection block device controller 210 can communicate using data packets. A data packet or message, which may be referred to as a protocol component or protocol information unit (PIU), can transmit information such as security information between a host (e.g., a UFS host) and a data storage device. A protocol component (or PIU) may have a predefined data structure comprising multiple sequentially addressed bytes arranged as fields, as discussed below.

[0103] Depending on the operation to be performed by the playback protection block host controller 410 or the playback protection block device controller 210, the PIU may include a command PIU, a response PIU, a data output PIU, a data input PIU, and a prepare to transmit PIU.

[0104] The command PIU can be the PIU transmitted when the host 400 transmits a command to the data storage device 50.

[0105] A response PIU can be a PIU transmitted when the data storage device 50 provides a response to a command provided by the host 400.

[0106] The data output PIU can be the PIU transmitted when the host 400 provides data to the data storage device 50.

[0107] The data input PIU can be the PIU transmitted when the data storage device 50 provides data to the host 400.

[0108] A PIU ready to be transmitted can be a PIU transmitted when the data storage device 50 notifies the data storage device 50 that it is ready to receive a data output PIU from the host 400. A PIU ready to be transmitted can also be a PIU transmitted when the data storage device 50 has sufficient buffer space to store the data provided by the host 400.

[0109] The minimum size of a PIU can be 32 bytes, and the maximum size can be 65,600 bytes. Depending on the type, the format of a PIU can have different sizes.

[0110] A PIU may include a basic header field 61, transaction-specific fields 62, additional header fields 63, and data fields 64.

[0111] The size of the basic header segment 61 can be 12 bytes. The basic header segment 61 can be included together in all PIUs.

[0112] Transaction-specific field 62 may be included in byte address 31 from byte address 12 of the PIU. Depending on the type of the PIU, transaction-specific field 62 may include a specific transaction code.

[0113] An additional header segment 63 can be defined when the value of the Total Length of Additional Headers (EHS) field of the basic header segment 61 is non-zero. The additional header segment 63 may begin at byte address 32 of the PIU. The additional header segment 63 can be a region capable of storing additional data when the basic header segment 61 may not contain sufficient information.

[0114] Data segment 64 may be included in a data output PIU or a data input PIU, but may not be included in other PIUs.

[0115] In an embodiment, the additional header segment 63 and data segment 64 may not be included in all protocol PIUs, but may be included only in specific PIUs.

[0116] Figure 6 This is a diagram showing the structure of the basic head segment of the PIU.

[0117] Reference Figure 6 The basic header segment 61 may include transaction type, flags, logical unit number (LUN), task label, initiator ID, command group type, query function / task management function, response, status, total length of additional header segments (total length of EHS), device information, and data segment length.

[0118] Depending on the type of the PIU, the transaction type can have a unique value. Examples of transaction types based on the type of the PIU are shown in [Table 1] below.

[0119] [Table 1]

[0120]

[0121] Depending on the transaction type, the flag can be a field with different values.

[0122] A Logical Unit Number (LUN) can be a field that indicates the number of logical components among the multiple logical components included in the target of the operation to be performed, and which performs the corresponding operation.

[0123] Depending on the transaction type, task labels can be fields with different values.

[0124] The initiator ID can be a field that identifies who initiated the request for the operation. Therefore, the initiator ID can have different values ​​if both the host and the data storage device generate the PIU.

[0125] The command group type can be a field included in the command PIU and the response PIU. The command group type can also be a field indicating which interface the command supports (e.g., whether the command is a SCSI command, a UFS command, or a manufacturer-defined command).

[0126] The query function / task management function can be a field input to the PIU, such as a query request, query response, or task management request.

[0127] The response can be a field indicating whether the requested operation was executed successfully or failed.

[0128] The status can be a field indicating the SCSI status.

[0129] The Total Length of the Additional Header Section (EHS) can be a field indicating the size of the additional header section in 32-bit units. The Total Length of the Additional Header Section (EHS) can be used when the PIU includes an additional header section. The length of the additional header section can be in units of 4 bytes. The value of the Total Length of the Additional Header Section (EHS) can be obtained by dividing the total number of bytes in the additional header section by 4. The maximum size of the additional header section can be 1024 bytes. When no additional header section is used, the Total Length of the Additional Header Section (EHS) can be 0.

[0130] Device information may include information that is only used when performing a specific function.

[0131] The data segment length can be a field that indicates the length of the data segment in the PIU. When the PIU does not include a data segment, the data segment length can be 0.

[0132] Figure 7 This is a diagram showing the structure of the replay protection block message used when performing a replay protection block write operation or a replay protection block read operation.

[0133] Reference Figure 4 and Figure 7 Replay Protection Block (RPMB) messages can be messages provided when an operation is performed on a replay protection block.

[0134] Replay Protected Block Messages (RPMB messages) can include authentication data and metadata.

[0135] Authentication data may include padding bytes and a MAC (Authentication Code). The MAC may be the result calculated by the replay protection block host controller 410 using a pre-stored authentication key and metadata. That is, the MAC may be an authentication code calculated using a hash-based MAC (HMAC SHA-256). The MAC may be 256 bits (32 bytes) long. The authentication key used to generate the MAC may also be 256 bits.

[0136] Metadata can include random numbers, write counters, addresses, block counts, results, and request / response message types.

[0137] The random number can be a random value generated by the playback protection block host controller 410. The random number provided by the playback protection block host controller 410 can be copied to the response provided by the playback protection block device controller 210 to the playback protection block host controller 410.

[0138] The write counter can be the number of times a write operation has been successfully performed on the replay protection block 110a.

[0139] The address can be a logical address where data is to be stored in replay protection block 110a, or a logical address where data is to be read from replay protection block 110a.

[0140] The block count can be the number of logical blocks for which a replay protection block write operation or a replay protection block read operation is requested. The block count can be the number of logical blocks in units of 256 bytes.

[0141] The result can be the result of performing a replay protection block write operation or a replay protection block read operation.

[0142] The request message type / response message type can indicate whether the replay protection block message is related to a replay protection block write operation or a replay protection block read operation.

[0143] Figure 8 This is a diagram illustrating the write operation of the replay protection block.

[0144] Reference Figure 8 The replay protection block write operation, which stores data in the replay protection block, involves a combination of three commands (protocol handshake) between the host 400 and the data storage device 50.

[0145] Specifically, the replay protection block write operation includes an authentication write request, a result read request, and a result read response.

[0146] An authentication write request can be executed by performing multiple operations S801 to S807, a result read request can be executed by performing multiple operations S809 to S815, and a result read response can be executed by performing multiple operations S817 to S821.

[0147] An authentication write request can be a request for data storage and data to be stored that are included in the replay protection block.

[0148] A result read request can be a request for a command to transmit the value stored in the result register, where the result of the replay protection block write operation is stored.

[0149] The result read response can be a response that provides the value of the result register.

[0150] In S801, host 400 can provide a command PIU to data storage device 50. The command PIU provided in S801 can include a replay protection block message. Data storage device 50 can use the MAC and metadata included in the replay protection block message to perform authentication operations on the replay protection block.

[0151] In S803, the data storage device 50 may provide a Ready to Transmit PIU to the host 400. The Ready to Transmit PIU may be a PIU provided when the data storage device 50 is ready to receive data to be provided by the host 400. In an embodiment, the Ready to Transmit PIU may be a PIU that provides a message indicating readiness to receive a data output PIU.

[0152] In S805, the host 400 can provide a data output PIU to the data storage device 50. The data output PIU provided by the host 400 may include multiple data segments, which include data to be stored in the replay protection block.

[0153] In S807, the data storage device 50 can provide a response PIU to the host 400. The response PIU provided by the data storage device 50 may include the result of performing a replay protection block write operation.

[0154] In S809, the host 400 may provide a command PIU to the data storage device 50. The command PIU provided in S809 may include a replay protection block message. In an embodiment, the replay protection block message included in the command PIU provided in S809 may include a message requesting a value stored in the result register by the command PIU provided by the host 400.

[0155] In S811, the data storage device 50 may provide a Ready to Transmit PIU to the host 400. The Ready to Transmit PIU may be a PIU provided when the data storage device 50 is ready to receive data to be provided by the host 400. In an embodiment, the Ready to Transmit PIU may be a PIU that provides a message indicating readiness to receive a data output PIU.

[0156] In S813, host 400 can provide data output PIU to data storage device 50.

[0157] In S815, the data storage device 50 can provide a response PIU to the host 400. In S815, the response PIU provided by the data storage device 50 may include information indicating successful reception of the message received in S809, which indicates a command requesting the value stored in the result register.

[0158] In S817, host 400 can provide command PIU to data storage device 50. The command PIU provided in S817 can be a command used to request data from data storage device 50.

[0159] In S819, data storage device 50 can provide data input PIU to host 400.

[0160] In S821, the data storage device 50 can provide a response PIU to the host 400. The response PIU received by the host 400 in S821 may include a replay protection block message, which includes the value stored in the result register.

[0161] Figures 9A to 9C This illustrates some embodiments based on the disclosed technology. Figure 8 A diagram illustrating an example of a replay protection block message provided during a replay protection block write operation.

[0162] Figure 9A It is a replay protection block message provided by host 400 to data storage device 50 in the authentication write request.

[0163] Reference Figure 9A The replay protection block message for the authentication write request can be included in Figure 8 The command PIU provided by the host 400 to the data storage device 50 in the S801 shown.

[0164] Specifically, the replay protection block message of the authentication write request may include the MAC calculated by host 400, the current write counter value, the address where the data is to be stored in the replay protection block, the logical block count, and a message indicating that the PIU is an authentication write request.

[0165] Figure 9BIt is a replay protection block message provided by host 400 to data storage device 50 in the result read request.

[0166] Reference Figure 9B The replay protection block message of the result read request can be included in the reference. Figure 8 The command PIU provided by host 400 to data storage device 50 in the described S809.

[0167] The replay protection block message for a result read request may only include a message indicating that the PIU is a result read request, and the remaining fields may be 0.

[0168] Figure 9C The replay protection block message is provided to the host 400 by the data storage device 50 in the result read response.

[0169] Reference Figure 9C The result of reading the replay protection block message in the response can be included in the reference. Figure 8 The response PIU provided by the data storage device 50 to the host 400 in the described S821.

[0170] Reference Figure 9C The replay protection block message of the result read response may include a MAC calculated by the data storage device. The MAC calculated by the data storage device may be an authentication code calculated using the authentication key stored in the data storage device and the metadata included in the replay protection block message of the result read response.

[0171] The replay protection block message in the result read response may include an updated write counter value, which is compared to... Figure 9A The write counter value for the replay protection block message has increased.

[0172] In an embodiment, the replay protection block message of the result read response may further include a message indicating that the command PIU is a result read response.

[0173] Figure 10 This is an example diagram illustrating the playback protection block read operation.

[0174] Reference Figure 10 The replay protection block read operation, which reads the data stored in the replay protection block, involves two handshakes between the host 400 and the data storage device 50.

[0175] Specifically, the replay protection block read operation includes an authentication read request and an authentication read response.

[0176] An authentication read request can be executed by performing multiple operations S1001 to S1007, and an authentication read response can be executed by performing multiple operations S1009 to S1013.

[0177] An authentication read request can be a request that instructs the reading of data stored in the replay protection block.

[0178] An authentication read response can be a response that provides data to be read.

[0179] In S1001, host 400 can provide a command PIU to data storage device 50. The command PIU provided in S1001 can include a replay protection block message. Data storage device 50 can use the MAC and metadata included in the replay protection block message to perform authentication operations on the replay protection block.

[0180] In S1003, the data storage device 50 may provide the Ready to Transmit PIU to the host 400. The Ready to Transmit PIU may be a PIU provided when the data storage device 50 is ready to receive data to be provided by the host 400. In an embodiment, the Ready to Transmit PIU may be a PIU that provides a message indicating readiness to receive a data output PIU.

[0181] In S1005, the host 400 can provide the data output PIU to the data storage device 50.

[0182] In S1007, the data storage device 50 may provide a response PIU to the host 400. The response PIU provided by the data storage device 50 may include the result of normally receiving a request to perform a replay protection block read operation.

[0183] In S1009, host 400 may provide a command PIU to data storage device 50. The command PIU provided in S1009 may include a replay protection block message. In an embodiment, the replay protection block message included in the command PIU provided in S1009 may include a message indicating that the command PIU provided by host 400 is a request for a command to read data.

[0184] In S1011, the data storage device 50 can provide a data input PIU to the host 400. The data input PIU provided by the data storage device 50 can include multiple data segments. The multiple data segments can be read data.

[0185] In S1013, the data storage device 50 can provide a response PIU to the host 400. In S821, the response PIU received by the host 400 may include a replay protection block message, which includes the value stored in the result register.

[0186] Figure 11A and Figure 11B This illustrates some embodiments based on the disclosed technology. Figure 10 A diagram illustrating an example of the replay protection block message provided during a replay protection block read operation.

[0187] Figure 11A It is a replay protection block message provided by host 400 to data storage device 50 in the authentication read request.

[0188] Reference Figure 11A The replay protection block message for the authentication read request can be included in the reference. Figure 10 The command PIU provided by the host 400 to the data storage device 50 in the described S1001.

[0189] Specifically, the replay protection block message of the authentication read request may include a random number provided by the host 400, the address to be read, the block count to be read, and a message indicating that the command PIU provided by the host 400 to the data storage device 50 in S1001 is an authentication read request.

[0190] Figure 11B It is a replay protection block message provided by data storage device 50 to host 400 in the authentication read response.

[0191] Reference Figure 11B The replay protection block message of the authentication read response can be included in the reference. Figure 10 The response PIU provided by the data storage device 50 to the host 400 in the described S1009.

[0192] The replay protection block message of the authentication read response may include Figure 11A The replay protected block message of the authentication read request contains a random number, read address, read block count, result code, and a response PIU indicating that it is provided by the data storage device 50 to the host 400, which is a result read response message. In an embodiment, the replay protected block message of the result read response may further include a MAC generated by the data storage device 50.

[0193] If passed Figure 8 and Figure 10 As described in the embodiments, in conventional replay protection block write and read operations, the handshake that actually provides the written or read data occurs only once. However, unnecessary handshakes are involved, including requesting a replay protection block write operation and providing a response to it. This leads to latency in the replay protection block, design complexity, etc. Therefore, embodiments of this disclosure provide a method for performing this operation using a combination of commands (a combination of PIUs).

[0194] Figure 12This is a flowchart illustrating an example of a replay protection block write operation based on some embodiments of the disclosed technology.

[0195] Reference Figure 12 In S1201, host 400 can provide a command PIU to the data storage device. The command PIU may include an additional header field. The additional header field may include a replay protection block message. The replay protection block message may include a message indicating that the command PIU is a PIU that instructs a replay protection block write operation. For example, the replay protection block message included in the command PIU may be a reference... Figure 9A The replay protection block message describing the authentication write request.

[0196] In S1203, the host 400 can provide the data output PIU to the data storage device 50. The data output PIU may include data to be stored in the replay protection block.

[0197] In S1205, the data storage device 50 can provide a response PIU to the host 400. The response PIU provided by the data storage device 50 may include a replay protection block message. For example, the replay protection block message included in the response PIU may be a reference... Figure 9C The described result reads the replay protection block message of the response. In an embodiment, the response PIU may include an additional header field, and the replay protection block message may be included in the additional header field.

[0198] Figure 13 This is a flowchart illustrating an example of a replay protection block read operation based on some embodiments of the disclosed technology.

[0199] Reference Figure 13 In S1301, host 400 can provide a command PIU to the data storage device. The command PIU may include an additional header field. The additional header field may include a replay protection block message. The replay protection block message may include a message in which the command PIU is a PIU indicating a replay protection block read operation. For example, the replay protection block message included in the command PIU may be a reference... Figure 11A The replay protection block message described in the authentication read request.

[0200] In S1303, the data storage device 50 can provide the data input PIU to the host 400. The data input PIU may include data read from the playback protection block.

[0201] In S1305, the data storage device 50 can provide a response PIU to the host 400. The response PIU provided by the data storage device 50 may include a replay protection block message. For example, the replay protection block message included in the response PIU may be a reference... Figure 11BThe described authentication read response includes a replay protection block message. In an embodiment, the response PIU may include an additional header field, and the replay protection block message may be included in the additional header field.

[0202] Figure 14 This illustrates some embodiments based on the disclosed technology. Figure 12 and Figure 13 An example diagram of the PIU command.

[0203] Reference Figure 14 The PIU command can include a basic header field, transaction-specific fields, additional header fields, and a data field. Based on some embodiments of the disclosed technology, because... Figure 12 The command PIU and Figure 13 The command PIU includes an additional header segment, so the total length of the additional header segment (AHS total length) corresponding to byte address 8 in the fields included in the basic header segment can have a non-zero value. Figure 12 The command PIU and Figure 13 The command PIU can include data in the additional header segment corresponding to the size of the replay protection block message provided by host 400. Therefore, Figure 12 The command PIU and Figure 13 The value of the total length of the additional header segment (AHS total length) of the command PIU can be obtained by dividing the total number of bytes of the replay protection block message by 4.

[0204] Figure 15 This illustrates some embodiments based on the disclosed technology. Figure 12 and Figure 13 An example diagram of the PIU response.

[0205] Reference Figure 15 A PIU response may include a basic header field, transaction-specific fields, additional header fields, and a data field. Based on some embodiments of the disclosed technology, because... Figure 12 Response PIU and Figure 13 The response PIU includes an additional header segment, so the total length of the additional header segment (EHS total length) corresponding to byte address 8 among the fields included in the basic header segment can have a non-zero value. Figure 12 Response PIU and Figure 13 The response PIU may include data in the additional header segment corresponding to the size of the replay protection block message provided by the data storage device 50 to the host 400. Therefore, Figure 12 Response PIU and Figure 13 The total length of the additional header segment (EHS total length) of the response PIU can be obtained by dividing the total number of bytes of the replay protection block message by 4.

[0206] Figure 16 It is shown Figure 4 A diagram illustrating the operation of the playback protection block host controller.

[0207] Reference Figure 16 The replay protection block host controller 410 may include a host message authentication code calculator 411, a host authentication key data storage device 412, a host metadata generator 413, and a host protocol component generator 414.

[0208] The host authentication key data storage device 412 can store authentication keys. The authentication key stored by the host authentication key data storage device 412 can be the same authentication key as the authentication key stored in the data storage device 50. The authentication key can be pre-stored before performing write or read operations on the replay protection block.

[0209] When a replay protection block write operation is performed, the host metadata generator 413 can generate metadata. The metadata may include the current write counter value, the address of the data to be stored, the block count of the data to be stored, and information about the message requesting the replay protection block write operation.

[0210] The host metadata generator 413 can provide the generated metadata to the host message authentication code calculator 411 and the host protocol component generator 414.

[0211] The host message authentication code calculator 411 can generate a MAC using metadata and an authentication key. Specifically, the host message authentication code calculator 411 can generate a MAC using a hash-based MAC (HMAC SHA-256). The generated MAC can be used by the data storage device 50 to perform authentication operations. The MAC length can be 256 bits (32 bytes). The authentication key used to generate the MAC can also be 256 bits. The host message authentication code calculator 411 can provide the generated MAC to the host protocol component generator 414.

[0212] The host protocol component generator 414 can generate a PIU to be provided to the data storage device 50. Specifically, the host protocol component generator 414 can generate a replay protection block message that includes authentication data and metadata. The authentication data may include a MAC generated by the host message authentication code calculator 411. The host protocol component generator 414 can generate a command PIU that includes the replay protection block message in an additional header segment, and provide the generated command PIU to the data storage device 50. The command PIU may include an additional header segment, and the total length field of the additional header segment in the base header segment may include a non-zero value.

[0213] The host protocol component generator 414 can generate protocol components, such as a data output PIU. The data output PIU may include data segments. The host protocol component generator 414 generates the data output PIU and provides the generated data output PIU to the data storage device 50, where the write data to be stored in the replay protection block is included in the data segments.

[0214] When a replay protection block read operation is performed, the host metadata generator 413 can generate metadata. The metadata may include information about a random number (an arbitrary random value), the address to be read, the block count to be read, and the message requesting the replay protection block read operation.

[0215] The host metadata generator 413 can provide the generated metadata to the host protocol component generator 414.

[0216] The host protocol component generator 414 can generate a PIU to be provided to the data storage device 50. Specifically, the host protocol component generator 414 can generate a replay protection block message including the generated metadata. The host protocol component generator 414 can generate a command PIU that includes the replay protection block message in an additional header segment and provide the generated command PIU to the data storage device 50. The command PIU may include an additional header segment, and the total length field of the additional header segment in the base header segment may include a non-zero value.

[0217] Subsequently, the replay protection block host controller 410 can receive data read from the data storage device 50 via the data input PIU and receive a response PIU. The replay protection block host controller 410 can obtain the replay protection block message included in the additional header field of the response PIU. The replay protection block message included in the response PIU provided by the data storage device 50 may include a MAC generated by the data storage device 50, a copy of the random number generated by the host metadata generator 413, an address, a read block count, a code obtained due to the replay protection block read operation, and a replay protection block read response.

[0218] The replay protection block host controller 410 can use the metadata included in the received replay protection block message and the authentication key stored in the host authentication key data storage device 412 to perform an authentication operation on the read data. Depending on the result of the authentication operation, the replay protection block host controller 410 can obtain the read data or destroy the read data.

[0219] Figure 17 It is shown Figure 4 A diagram illustrating the operation of the playback protection block device controller during a playback protection block write operation.

[0220] Reference Figure 17The replay protection block device controller 210 may include an authentication manager 211 and an access controller 212.

[0221] The authentication manager 211 may include a device message authentication code calculator 211a and a message authentication code comparator 211b.

[0222] During a replay protection block write operation, the device message authentication code calculator 211a can obtain metadata from the command PIU received from the replay protection block host controller 410. The device message authentication code calculator 211a can obtain the authentication key stored in the replay protection block. The device message authentication code calculator 211a can calculate the MAC using a hash-based MAC (HMAC SHA-256). The device message authentication code calculator 211a can provide the MAC calculated using the metadata of the replay protection block message from the replay protection block host controller 410 and the authentication key stored in the replay protection block of the memory device to the authentication code comparator 211b.

[0223] The message authentication code comparator 211b can obtain the MAC from the command PIU received from the replay protection block host controller 410. Specifically, the message authentication code comparator 211b can obtain the MAC generated by the replay protection block host controller 410 from the replay protection block message included in the command PIU received from the replay protection block host controller 410. The message authentication code comparator 211b can compare whether the MAC generated by the replay protection block host controller 410 is the same as the MAC calculated by the device message authentication code calculator 211a. The message authentication code comparator 211b can provide the comparison result to the access controller 212.

[0224] When the MAC generated by the replay protection block host controller 410 is the same as the MAC calculated by the device message authentication code calculator 211a, the access controller 212 can control the memory device to store data in the replay protection block. The access controller 212 can increment the write counter value and store information indicating that the replay protection block write operation was successful in the result register.

[0225] When the MAC generated by the replay protection block host controller 410 is different from the MAC calculated by the device message authentication code calculator 211a, the access controller 212 may not store the data in the replay protection block. In this case, the access controller 212 may not increment the write counter value and may store the information indicating authentication failure in the result register.

[0226] Access controller 212 can generate a replay protection block message and generate a PIU that includes the generated message. Specifically, access controller 212 can generate a response PIU. The response PIU generated by access controller 212 may include additional header fields. Access controller 212 may include the replay protection block message in the additional header fields of the response PIU and provide the replay protection block message to host 400.

[0227] The response PIU provided to the host 400 by the access controller 212 may include a MAC calculated by the device message authentication code calculator 211a. The response PIU provided to the host 400 by the access controller 212 may further include a message indicating a write count value, a result code, and a response as a result of the replay protection block write operation. Here, when the replay protection block write operation is successful, the write count value may include the incremented write count value. Additionally, the result code may be a result code indicating that the replay protection block write operation was successful. Conversely, when the replay protection block write operation fails, the write count value may include the existing write count value. Additionally, the result code may be a result code indicating the reason for the failure of the replay protection block write operation.

[0228] Figure 18 It is shown Figure 4 A diagram illustrating the operation of the playback protection block device controller during playback protection block reading operations.

[0229] Reference Figure 18 The replay protection block device controller 210 may include an authentication manager 211 and an access controller 212.

[0230] Access controller 212 may include device metadata generator 212a and device protocol component generator 212b.

[0231] During a replay protection block read operation, the device metadata generator 212a can obtain metadata from the replay protection block message included in the command PIU provided by the replay protection block host controller 410, and obtain the random number included in the metadata.

[0232] Subsequently, the playback protection block device controller 210 can read the data stored in the playback protection block, include the read data in the data segment of the data input PIU, and provide the read data to the playback protection block device controller 210.

[0233] Next, device metadata generator 212a can generate metadata including a random value included in the replay protection block message in the command PIU provided by the replay protection block host controller 410, and a result code indicating the result of performing a replay protection block read operation. Device metadata generator 212a can provide the generated metadata to authentication manager 211. Authentication manager 211 can calculate the MAC using a hash-based MAC (HMAC SHA-256). Specifically, authentication manager 211 can calculate the MAC using the authentication key stored in the replay protection block and the metadata generated by device metadata generator 212a. Authentication manager 211 can provide the calculated MAC to device protocol component generator 212b.

[0234] The device protocol component generator 212b can generate a response PIU. The response PIU generated by the device protocol component generator 212b may include an additional header segment. The device protocol component generator 212b may include a replay protection block message in the additional header segment of the response PIU and provide the replay protection block message to the host 400. The replay protection block message included in the additional header segment may include a MAC calculated by the authentication manager 211. The replay protection block message included in the additional header segment may further include a random number, read address, read block count, result code, and a message indicating a response as a result of the replay protection block read operation, as included in the command PIU provided by the replay protection block host controller 410.

[0235] Figure 19 This illustrates some embodiments based on the disclosed technology. Figure 1 A diagram illustrating an example of a memory controller.

[0236] Reference Figure 19 The memory controller 800 may include a processor 810, RAM 820, error correction (ECC) circuitry 830, host interface 840, ROM 850, and flash memory interface 860.

[0237] The processor 810 can control all operations of the memory controller 800. The RAM 820 can be used as a buffer memory, cache memory, or operation memory for the memory controller 800.

[0238] ROM 850 can store various information required for the operation of memory controller 800 in the form of firmware.

[0239] The memory controller 800 can communicate with external devices (e.g., host 400, application processor, etc.) via host interface 840.

[0240] The memory controller 800 can communicate with the memory device 100 via the flash interface 860. The memory controller 800 can transmit commands (CMD), addresses (ADDR), and control signals (CTRL) to the memory device 100 via the flash interface 860, and also receive data (DATA). For example, the flash interface 860 may include a NAND interface.

[0241] Figure 20 This is a block diagram illustrating a memory card system including a data storage device based on some embodiments of the disclosed technology.

[0242] Reference Figure 20 The memory card system 2000 includes a memory controller 2100, a memory device 2200, and a connector 2300.

[0243] Memory controller 2100 is connected to memory device 2200. Memory controller 2100 is configured to access memory device 2200. For example, memory controller 2100 may be configured to control read operations, programming operations, erase operations, and background operations of memory device 2200. Memory controller 2100 is configured to provide an interface between memory device 2200 and a host computer. Memory controller 2100 is configured to run firmware operations to control memory device 2200. Memory controller 2100 may be used with reference to... Figure 1 The memory controller 200 described is implemented in the same manner.

[0244] For example, memory controller 2100 may include components such as random access memory (RAM), processor, host interface, memory interface, and error corrector.

[0245] The memory controller 2100 can communicate with external devices via connector 2300. The memory controller 2100 can communicate with external devices (e.g., a host) according to specific communication standards. For example, the memory controller 2100 is configured to communicate with external devices via at least one of the following communication standards: Universal Serial Bus (USB), Multimedia Card (MMC), Embedded MMC (eMMC), Peripheral Component Interconnect (PCI), High-Speed ​​PCI (PCI-E), Advanced Technology Attachment (ATA), Serial ATA, Parallel ATA, Small Computer System Interface (SCSI), Enhanced Small Disk Interface (ESDI), Electronic Integrated Drive (IDE), FireWire, Universal Flash Memory (UFS), Wi-Fi, Bluetooth, and NVMe. For example, connector 2300 can be defined by at least one of the aforementioned communication standards.

[0246] For example, memory device 2200 can be configured with various non-volatile memory elements such as electrically erasable programmable ROM (EEPROM), NAND flash memory, NOR flash memory, phase change RAM (PRAM), resistive RAM (ReRAM), ferroelectric RAM (FRAM), and spin-transfer torque magnetic RAM (STT-MRAM).

[0247] The memory controller 2100 and the memory device 2200 can be integrated into a single semiconductor device to configure a memory card. For example, the memory controller 2100 and the memory device 2200 can be integrated into a single semiconductor device to configure memory cards such as PC cards (Personal Computer Memory Card International Association (PCMCIA)), compact flash memory cards (CF), smart media cards (SM or SMC), memory sticks, multimedia cards (MMC, RS-MMC, micro MMC or eMMC), SD cards (SD, mini SD, micro SD or SDHC), and universal flash memory (UFS).

[0248] Figure 21 This is a block diagram illustrating a solid-state drive (SSD) system that includes a data storage device based on some embodiments of the disclosed technology.

[0249] Reference Figure 21 The SSD system 3000 includes a host 3100 and an SSD 3200. The SSD 3200 exchanges signals with the host 3100 through a signal connector 3001 and receives power through a power connector 3002. The SSD 3200 includes an SSD controller 3210, multiple flash memories 3221 to 322n, an auxiliary power supply 3230, and a buffer memory 3240.

[0250] Based on some embodiments of the disclosed technology, the SSD controller 3210 can perform the following... Figure 1 The functions of the memory controller 200 are described.

[0251] SSD controller 3210 can control multiple flash storage devices 3221 to 322n in response to signals received from host 3100. For example, the signals can be based on the interface between host 3100 and SSD 3200. For example, the signals can be defined by at least one of the following interfaces: Universal Serial Bus (USB), Multimedia Card (MMC), Embedded MMC (eMMC), Peripheral Component Interconnect (PCI), High Speed ​​PCI (PCI-E), Advanced Technology Attachment (ATA), Serial ATA, Parallel ATA, Small Computer System Interface (SCSI), Enhanced Small Disk Interface (ESDI), Electronic Integrated Drive (IDE), FireWire, Universal Flash Memory (UFS), Wi-Fi, Bluetooth, and NVMe.

[0252] Auxiliary power supply 3230 is connected to host 3100 via power connector 3002. Auxiliary power supply 3230 can receive power from host 3100 and can be charged. When the power supply from host 3100 is unstable, auxiliary power supply 3230 can provide power to SSD 3200. For example, auxiliary power supply 3230 can be located inside SSD 3200 or external to SSD 3200. For example, auxiliary power supply 3230 can be located on the motherboard and can provide auxiliary power to SSD 3200.

[0253] Buffer memory 3240 operates as a buffer memory for SSD 3200. For example, buffer memory 3240 may temporarily store data received from host 3100 or data received from multiple flash memories 3221 to 322n, or it may temporarily store metadata (e.g., a mapping table) of flash memories 3221 to 322n. Buffer memory 3240 may include volatile memory such as DRAM, SDRAM, DDR SDRAM, LPDDR SDRAM, and GRAM, or non-volatile memory such as FRAM, ReRAM, STT-MRAM, and PRAM.

[0254] Figure 22 This is a block diagram illustrating a user system including a data storage device based on some embodiments of the disclosed technology.

[0255] Reference Figure 22 The user system 4000 includes an application processor 4100, a memory module 4200, a network module 4300, a storage module 4400, and a user interface 4500.

[0256] Application processor 4100 can drive components, operating system (OS), user programs, etc., included in user system 4000. For example, application processor 4100 may include controllers, interfaces, graphics engines, etc., that control components included in user system 4000. Application processor 4100 can be configured as a system-on-a-chip (SoC).

[0257] Memory module 4200 can operate as main memory, operational memory, buffer memory, or cache memory of user system 4000. Memory module 4200 may include volatile random access memory such as DRAM, SDRAM, DDR SDRAM, DDR2 SDRAM, DDR3 SDRAM, LPDDR SDRAM, LPDDR2 SDRAM, and LPDDR3 SDRAM, or non-volatile random access memory such as PRAM, ReRAM, MRAM, and FRAM. For example, application processor 4100 and memory module 4200 may be packaged in a stacked package (POP) and configured as a single semiconductor package.

[0258] Network module 4300 can communicate with external devices. For example, network module 4300 can support wireless communications such as Code Division Multiple Access (CDMA), Global System for Mobile Communications (GSM), Wideband CDMA (WCDMA), CDMA-2000, Time Division Multiple Access (TDMA), Long Term Evolution (LTE), WiMAX, WLAN, UWB, Bluetooth, and Wi-Fi. For example, network module 4300 can be included in application processor 4100.

[0259] Storage module 4400 can store data. For example, storage module 4400 can store data received from application processor 4100. Optionally, storage module 4400 can transfer data stored in storage module 4400 to application processor 4100. For example, storage module 4400 can be implemented using non-volatile semiconductor memory elements such as phase-change RAM (PRAM), magnetic RAM (MRAM), resistive RAM (RRAM), NAND flash memory, NOR flash memory, and 3D NAND flash memory. For example, storage module 4400 can be configured as a removable data storage device (removable drive) such as a memory card in user system 4000, and as an external drive.

[0260] For example, storage module 4400 may include multiple non-volatile memory devices, and the multiple non-volatile memory devices may be used in conjunction with a reference. Figure 1 The memory device 100 described operates in the same manner. The memory module 4400 can be compared with the referenced... Figure 1 The data storage device 50 described operates in the same manner.

[0261] User interface 4500 may include interfaces for inputting data or instructions to application processor 4100 or for outputting data to external devices. For example, user interface 4500 may include user input interfaces such as: keyboard, keypad, buttons, touch panel, touch screen, touchpad, touch ball, camera, microphone, gyroscope sensor, vibration sensor, and piezoelectric element. User interface 4500 may include user output interfaces such as: liquid crystal display (LCD), organic light-emitting diode (OLED) display device, active-matrix OLED (AMOLED) display device, LED, speaker, and monitor.

[0262] Only some examples or embodiments of the disclosed technology have been described. Based on the disclosure, variations can be made to the disclosed examples or embodiments, as well as other embodiments.

Claims

1. A data storage device, comprising: Memory devices, including protected memory blocks protected by security protocols; as well as The memory controller receives a command protocol component, identifies the command protocol component associated with the security protocol, locates a host-side protection message within the command protocol component, performs an authentication operation on the protected storage block using the host message authentication code included in the host-side protection message, and accesses the protected storage block based on the result of the authentication operation. The command protocol component includes: A basic header segment, the basic header segment including an additional header segment total length having a non-zero value, the non-zero value indicating that the command protocol component is associated with the security protocol; as well as An additional header segment is used when the total length of the additional header segment is identified to have the non-zero value, and includes the host protection message when the command protocol component is associated with the security protocol.

2. The data storage device according to claim 1, wherein the protective storage block comprises: An authentication key, used to authenticate access to the protected storage block; A write counter stores a write count value, which is obtained by counting the number of successful write operations that store data in the protection storage block; The result register stores the results obtained by performing operations on the protected memory block; as well as The protected storage block data area stores write data from the host that is to be written to the protected storage block.

3. The data storage device according to claim 2, wherein the memory controller comprises: The authentication manager executes the authentication operation and outputs the result of the authentication operation; as well as The access controller controls the protected storage block based on the result of the authentication operation. The host-side protection message includes authentication data, which includes the host message authentication code and metadata.

4. The data storage device according to claim 3, wherein the authentication manager comprises: A device message authentication code calculator that uses the metadata and the authentication key to generate a device message authentication code; and A message authentication code comparator generates a result of the authentication operation indicating whether the host message authentication code matches the device message authentication code.

5. The data storage device according to claim 4, wherein the device message authentication code calculator generates the device message authentication code using a secure hash algorithm based on the metadata and the authentication key.

6. The data storage device according to claim 4, wherein the access controller controls the memory device to store write data in the protected storage block based on the result of the authentication operation that indicates a match between the host message authentication code and the device message authentication code.

7. The data storage device of claim 6, wherein the access controller controls the memory device to increment the current write count value stored in the write counter, stores the incremented write count value in the write counter, and stores a result code indicating a successful write operation for the protected memory block in the result register.

8. The data storage device of claim 7, wherein the memory controller sends a response protocol component associated with the security protocol to the host, the response protocol component including a device-side protection message, and The response protocol components include: A basic header segment, the basic header segment including information indicating the security protocol using a value representing the total length of the additional header segments, and An additional header segment is provided, which includes the device-side protection message.

9. The data storage device of claim 8, wherein the access controller generates the device-side protection message, the device-side protection message including the device message authentication code, the incremented write count value, the address storing the written data, the result code, and information indicating a response corresponding to the command protocol component.

10. The data storage device of claim 4, wherein the access controller controls the memory device to store a result code indicating a write operation to the protected storage block in the result register based on the result of the authentication operation indicating that the host message authentication code does not match the device message authentication code.

11. The data storage device of claim 8, wherein the access controller generates the device-side protection message, the device-side protection message including the device message authentication code, the current write count value stored in the write counter, the address where the data storage of the written data failed, the result code, and information indicating a response corresponding to the command protocol component.

12. The data storage device of claim 11, wherein the access controller generates the response protocol component including the device-side protection message and provides the response protocol component to the host, and The device-side protection message is included in the additional header segment of the response protocol component.

13. The data storage device of claim 1, wherein the command protocol component further includes a transaction-specific field, the transaction-specific field including information in response to an operation performed by the command protocol component.

14. A data storage device, comprising: Non-volatile memory devices, including replay protection blocks; as well as The memory controller receives a command protocol component, identifies the command protocol component associated with the security protocol, locates a host-side protection message within the command protocol component, performs a read operation to obtain data corresponding to the address included in the host replay protection block message, and provides the data read from the address. The command protocol component includes: A basic header segment, the basic header segment including an additional header segment total length having a non-zero value, the non-zero value indicating that the command protocol component is associated with the security protocol; as well as An additional header segment is used when the total length of the additional header segment is identified to have the non-zero value, and includes the host replay protection block message when the command protocol component is associated with the security protocol.

15. The data storage device according to claim 14, wherein the replay protection block comprises: An authentication key, used to authenticate access to the replay protection block; A write counter stores a write count value, which is obtained by counting the number of successful write operations that store data in the replay protection block; The result register stores the results obtained by performing operations on the replay protection block; as well as Replay the protected block data area and store the data.

16. The data storage device of claim 15, wherein the memory controller comprises: An authentication manager generates a device message authentication code, which is used to authenticate data read by the host from the non-volatile memory device. as well as The access controller generates a response protocol component associated with the command protocol component of the security protocol and provides the response protocol component to the host.

17. The data storage device of claim 16, wherein the access controller comprises: A device metadata generator generates device metadata, which includes at least a portion of the data included in the host replay protection block message and the result of performing the read operation. as well as A device protocol component generator generates device replay protection block messages, which include device metadata and device message authentication codes.

18. The data storage device of claim 17, wherein the authentication manager generates a device message authentication code using a secure hash algorithm based on the device metadata and the authentication key, and The memory controller sends the response protocol component to the host, the response protocol component including the device replay protection block message.

19. The data storage device of claim 14, wherein the command protocol component further includes a transaction-specific field, the transaction-specific field including information in response to an operation performed by the command protocol component.

20. The data storage device of claim 16, wherein the response protocol component comprises: A basic header segment, the basic header segment including information indicating the security protocol using a value representing the total length of the additional header segments, and An additional header segment, which includes a device-side protection message.