Memory controller and storage device
By generating device authentication codes in the memory controller and storage device, access to secure storage areas is controlled, thus solving the problem of weakened data security caused by open operating systems and achieving higher data protection and transmission security.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- SK HYNIX INC
- Filing Date
- 2022-11-02
- Publication Date
- 2026-06-23
AI Technical Summary
The open operating systems of existing electronic devices may weaken data security and make them vulnerable to malicious code attacks, necessitating improved data protection measures.
By employing a memory controller and storage device, and generating device authentication codes, access to the secure storage area is controlled to ensure data security. This includes host interfaces, processor and memory interfaces, enabling authentication of the secure storage area and control of data transmission.
It improves the data security of electronic devices, prevents unauthorized access and data leakage, and enhances the security and integrity of data transmission.
Smart Images

Figure CN116069691B_ABST
Abstract
Description
[0001] Cross-references to related applications
[0002] This application claims priority to Korean Patent Application No. 10-2021-0150047, filed with the Korean Intellectual Property Office on November 3, 2021, and Korean Patent Application No. 10-2022-0086366, filed with the Korean Intellectual Property Office on July 13, 2022, the entire disclosure of which is incorporated herein by reference. Technical Field
[0003] One or more embodiments described herein relate to an electronic device, and more specifically, to a memory controller and a storage device. Background Technology
[0004] The proliferation and use of various electronic devices are rapidly increasing. Some of these devices are portable and offer a variety of services, often involving the transmission and reception of data with and from external servers.
[0005] To perform these services, an electronic device may include at least one processor and an operating system (OS). The OS may be strategically made available by major manufacturers and suppliers, while application programming interfaces (APIs), software development kits (SDKs), and source files may be made available to users.
[0006] However, using an open operating system can compromise the security of data on electronic devices. For example, data can be corrupted or compromised using various malicious codes. Therefore, various methods have been sought to protect the data on electronic devices. Summary of the Invention
[0007] According to embodiments of the present disclosure, a memory controller for controlling a memory device including a secure storage region may include: a host interface configured to receive a command from a host, the command including authentication information for requesting access to the secure storage region; a processor configured to generate a device authentication code based on the authentication information; and a memory interface configured to access the secure storage region under the control of the processor, wherein the processor may perform at least a portion of a computation on the device authentication code upon receiving data from either the host interface or the memory interface, as per the command.
[0008] According to embodiments of this disclosure, a storage device may include: a memory device including a secure storage area for storing data accessed based on authentication; and a memory controller configured to receive from a host a command requesting data to be stored in the secure storage area and a command including the data to be stored in the secure storage area. The command requesting data to be stored in the secure storage area may include information for authentication, and the memory controller may, upon receiving the command including the data, perform at least a portion of an operation on a device authentication code based on the information for authentication.
[0009] According to embodiments of this disclosure, a storage device may include: a memory device including a secure storage area for storing data accessed based on authentication; and a memory controller configured to receive a command from a host requesting to read data stored in the secure storage area and to read the data from the secure storage area in response to the command. The command includes information for authentication, and when the data is read, the memory controller may perform at least a portion of an operation on a device authentication code based on the authentication information.
[0010] According to embodiments of this disclosure, a method for controlling secure access to a memory device may include: receiving a command from a host, the command including information for authenticating a request to access a secure storage area in the memory device; generating a device authentication code based on the authentication information; and accessing the secure storage area. At least a portion of the computation of the device authentication code may be performed upon receiving data, according to the command.
[0011] According to the present technology, a memory controller and a storage device are provided that provide improved security functions. Attached Figure Description
[0012] Figure 1 This is a diagram illustrating a storage device according to an embodiment of the present disclosure.
[0013] Figure 2 This is a diagram illustrating a storage device according to an embodiment of the present disclosure.
[0014] Figure 3 This is a diagram showing the data communication unit between the host access controller and the device access controller.
[0015] Figure 4 This is a diagram illustrating an example structure of the basic header segment of a Protocol Information Unit (PIU).
[0016] Figure 5 This is a diagram showing an example configuration of the PIU command.
[0017] Figure 6This is a diagram showing an example configuration for responding to PIU.
[0018] Figure 7 This is a diagram illustrating an embodiment of a PIU transmitter included in a starter device.
[0019] Figure 8 This is a diagram illustrating an embodiment of a PIU receiver included in the target device.
[0020] Figure 9 This is a diagram illustrating an example of replaying protected memory block (RPMB) messages.
[0021] Figure 10 A flowchart illustrating an example of an authentication data write operation performed in normal RPMB mode.
[0022] Figure 11 It shows through Figure 10 A diagram illustrating an embodiment of the RPMB message provided by operation S1005.
[0023] Figure 12 It shows through Figure 10 A diagram illustrating an embodiment of the RPMB message provided by operation S1013.
[0024] Figure 13 It shows through Figure 10 The diagram illustrates an example of the RPMB message provided by operation S1019.
[0025] Figure 14 This is a flowchart illustrating an embodiment of the Message Authentication Code (MAC) operation performed during an authentication data write operation in normal RPMB mode.
[0026] Figure 15 It shows the use Figure 14 A flowchart illustrating an example of writing authentication data to the MAC address in a computational operation.
[0027] Figure 16 This is a flowchart illustrating an authentication data write operation performed in the advanced RPMB mode of a storage device according to an embodiment of the present disclosure.
[0028] Figure 17 It is shown in Figure 16 A diagram illustrating an example structure of the command PIU transmitted in operation S1601.
[0029] Figure 18 It is shown in Figure 16 A diagram illustrating an example structure of the response PIU transmitted in operation S1607.
[0030] Figure 19This is a flowchart illustrating the MAC operation process performed during an authentication data write operation in the advanced RPMB mode of a storage device according to an embodiment of the present disclosure.
[0031] Figure 20 It shows the use Figure 19 A flowchart illustrating an example of writing authentication data to the MAC address in a computational operation.
[0032] Figure 21 This is a flowchart illustrating an example of an authentication data reading operation performed in normal RPMB mode.
[0033] Figure 22 It shows through Figure 21 The diagram illustrates an example of the RPMB message provided by the S2105 operation.
[0034] Figure 23 It shows through Figure 21 The diagram illustrates an example of the RPMB message provided by the S1811 operation.
[0035] Figure 24 This is a flowchart illustrating an embodiment of the MAC operation process performed during an authentication data read operation in normal RPMB mode.
[0036] Figure 25 It shows the use Figure 24 A flowchart illustrating an example of MAC authentication data reading operations in a computational manner.
[0037] Figure 26 This is a flowchart illustrating an authentication data read operation performed in the advanced RPMB mode of a storage device according to an embodiment of the present disclosure.
[0038] Figure 27 It is shown in Figure 26 A diagram illustrating an example structure of the command PIU transmitted in operation S2601.
[0039] Figure 28 It is shown in Figure 26 A diagram illustrating an example structure of the response PIU transmitted in operation S2605.
[0040] Figure 29 This is a flowchart illustrating the MAC operation process performed during an authentication data read operation in the advanced RPMB mode of a storage device according to an embodiment of the present disclosure.
[0041] Figure 30 It shows the use Figure 29 A flowchart illustrating an example of MAC authentication data reading operations in a computational manner.
[0042] Figure 31It is shown Figure 1 An illustration of an embodiment of the memory device.
[0043] Figure 32 It is shown Figure 1 A diagram illustrating an embodiment of the memory controller.
[0044] Figure 33 This is a block diagram illustrating a memory card system using a storage device according to an embodiment of the present disclosure.
[0045] Figure 34 This is a block diagram illustrating a solid-state drive (SSD) system using a storage device according to an embodiment of the present disclosure.
[0046] Figure 35 This is a block diagram illustrating a user system employing a storage device according to an embodiment of the present disclosure. Detailed Implementation
[0047] The specific structural or functional descriptions illustrating embodiments based on the concepts disclosed in this specification or application are for illustrative purposes only. Embodiments based on the concepts of this disclosure may be implemented in various forms and should not be construed as limited to the embodiments described in this specification or application.
[0048] Figure 1 This is a diagram illustrating a storage device according to an embodiment of the present disclosure.
[0049] Reference Figure 1 Storage device 50 may include memory device 100 and memory controller 200. Storage device 50 may be a device for storing data under the control of a host such as a mobile phone, smartphone, MP3 player, portable computer, desktop computer, game player, TV, tablet PC, or in-vehicle infotainment system. Optionally, storage device 50 may be a device for storing data under the control of host 400 that stores high-capacity data in a location such as a server or data center.
[0050] Depending on the host interface used as a communication method with host 400, storage device 50 can be manufactured as one of various types of storage devices. Examples of storage devices 50 include: SSDs, multimedia cards in the form of MMC, eMMC, RS-MMC, or Micro MMC, SD cards in the form of Secure Digital (SD), Mini SD, or Micro SD, Universal Serial Bus (USB) storage devices, Universal Flash Memory (UFS) devices, PCMCIA card-type storage devices, Peripheral Component Interconnect (PCI) card-type storage devices, High Speed PCI (PCI-E) card-type storage devices, Compact Flash Memory (CF) cards, Smart Media Cards, and Memory Sticks.
[0051] The storage device 50 can be manufactured in any of a variety of packages. Examples of storage devices 50 include: point-of-purchase (POP), system-in-package (SIP), system-on-a-chip (SOC), multi-chip package (MCP), chip-on-board (COB), wafer-level fabrication package (WFP), and wafer-level stacked package (WSP).
[0052] The memory device 100 can store data and can operate under the control of the memory controller 200. The memory device 100 may include a memory cell array comprising a plurality of memory cells for storing data. Each of the memory cells may be configured as a single-level cell (SLC) storing one data bit, a multi-level cell (MLC) storing two data bits, a three-level cell (TLC) storing three data bits, or a four-level cell (QLC) capable of storing four data bits.
[0053] The memory cell array may include multiple memory blocks. Each memory block may include multiple pages. In an embodiment, a page may be a unit for performing actions to store data in the memory device 100 or for retrieving data stored in the memory device 100. A memory block may be a unit for erasing data.
[0054] The memory blocks included in the memory device 100 may include a secure storage area 110a (where access is restricted) and a general storage area 110b. The secure storage area 110a may be an area used to store data that can only be accessed based on authentication. Additional conditions or procedures may be further executed to access the secure storage area 110a. For example, access to the secure storage area 110a may only be possible when the memory device 50 receives a predetermined specific command or passes authentication performed by the memory controller 200. An authentication key may be stored in the secure storage area 110a. The authentication key may be a unique key used when the memory controller 200 generates an authentication code for authentication, and may be read-only data subsequently stored in the secure storage area 110a by the host 400.
[0055] In this embodiment, secure storage area 110a may be a replay protected memory block (RPMB). Normal storage area 110b may be a storage block accessible without separate authentication. Normal storage area 110b may be a storage block storing data other than that stored in secure storage area 110a.
[0056] In this specification, for ease of description, secure storage area 110a may be described as RPMB. However, the embodiments of this disclosure are not limited to secure storage area 110a being an RPMB embodiment, but can be applied to all types of storage blocks whose access methods differ from those of ordinary storage area 110b.
[0057] In embodiments, the memory device 100 may be a Double Data Rate Synchronous Dynamic Random Access Memory (DDR SDRAM), a fourth-generation Low Power Double Data Rate (LPDDR4) SDRAM, a Graphics Double Data Rate (GDDR) SDRAM, Low Power DDR (LPDDR), Rambus Dynamic Random Access Memory (RDRAM), NAND Flash Memory, Vertical NAND Flash Memory, NOR Flash Memory, Resistive Random Access Memory (RRAM), Phase Change Random Access Memory (PRAM), Magnetoresistive Random Access Memory (MRAM), Ferroelectric Random Access Memory (FRAM), or Spin-Transfer Torque Random Access Memory (STT-RAM), etc. In this specification, for ease of description, it is assumed that the memory device 100 is a NAND Flash Memory.
[0058] Memory device 100 is configured to receive commands and addresses from memory controller 200 and access a region in a memory cell array selected by the address. Memory device 100 can perform operations indicated by the command on the region selected by the address. For example, memory device 100 can perform write (programming) operations, read operations, or erase operations. During a programming operation, memory device 100 can program data into the region selected by the address. During a read operation, memory device 100 can read data from the region selected by the address. During an erase operation, memory device 100 can erase data stored in the region selected by the address.
[0059] The memory controller 200 can control the overall operation of the storage device 50. When power is applied to the storage device 50, the memory controller 200 can run firmware (e.g., flash translation layer (FTL)) for controlling communication between the host 400 and the storage device 100.
[0060] In an embodiment, the memory controller 200 may receive data and logical block addresses (LBAs) from the host 400 and convert the LBAs into physical block addresses (PBAs), which indicate the address of a memory cell containing data to be stored in the memory device 100.
[0061] The memory controller 200 can control the memory device 100 to perform programming, reading, or erasing operations according to requests from the host 400. During a programming operation, the memory controller 200 can provide programming commands, PBA, and data to the memory device 100. During a reading operation, the memory controller 200 can provide reading commands and PBA to the memory device 100. During an erasing operation, the memory controller 200 can provide erasing commands and PBA to the memory device 100.
[0062] In this embodiment, regardless of the request from host 400, memory controller 200 can independently generate commands, addresses, and data, and can transmit these commands, addresses, and data to memory device 100. For example, memory controller 200 can provide memory device 100 with commands, addresses, and data for programming operations, read operations, and erase operations performed during wear leveling, read recycling, garbage collection, etc.
[0063] In an embodiment, the memory controller 200 may control at least two or more memory devices 100. In this case, the memory controller 200 may control the memory devices 100 according to an interleaving method to improve operational performance. The interleaving method may be a method of controlling the operation of at least two memory devices 100 such that the operation overlaps with each other.
[0064] The memory controller 200 may include a device access controller 210, a host interface 220, and a memory interface 230. The host interface allows the memory controller 200 to exchange commands, addresses, and data with the host 400. For example, the host interface 220 may receive requests, addresses, data, etc., from the host 400 and output data read from the memory device 100 to the host 400. The host interface 220 may communicate with the host 400 using protocols such as: Universal Serial Bus (USB), Serial AT Accessory (SATA), Serial SCSI (SAS), High Speed Chip Interconnect (HSIC), Small Computer System Interface (SCSI), Peripheral Component Interconnect (PCI), High Speed PCI (PCIe), High Speed Non-Volatile Memory (NVMe), Universal Flash Memory (UFS), Secure Digital (SD), Multimedia Card (MMC), Embedded MMC (eMMC), Dual In-line Memory Module (DIMM), Registered DIMM (RDIMM), Low Load DIMM (LRDIMM), Enhanced Small Disk Interface (ESDI), or Electronic Integrated Drive (IDE).
[0065] The memory interface 230 can exchange commands, addresses, data, etc., between the memory controller 200 and the memory device 100. For example, the memory interface 230 can transmit commands, addresses, data, etc. to the memory device 100 through a channel, and can also receive data from the memory device 100. Under the control of the device access controller 210, the memory interface 230 can access the secure storage area 110a, for example, to store data in the secure storage area 110a of the memory device 100 or to read data from the secure storage area.
[0066] The device access controller 210 can be a processor that controls the host interface 220, memory interface 230, etc. For example, the device access controller 210 can control the memory interface 230 to access the secure storage area 110a or control the host interface 220 to provide data, etc., to the host 400. Additionally, the device access controller 210 can determine whether to access the secure storage area 110a or generate information for determining whether to access the secure storage area 110a. In an embodiment, the device access controller 210 can perform authentication for accessing the secure storage area 110a, or it can generate authentication codes for performing authentication. The authentication codes can be computed using authentication information received from the host 400, data to be stored in the memory device 100 or data read from the memory device 100, and an authentication key stored in the secure storage area 110a.
[0067] In one embodiment, host interface 220 may receive a command from host 400 requesting access to secure storage area 110a. This command may include information for performing authentication. In this embodiment, when secure storage area 110a is an RPMB, the information received via the command for performing authentication may be metadata included in the RPMB message from the host.
[0068] When host interface 220 receives such a command, device access controller 210 can use the authentication information included in the command and the authentication key stored in secure storage area 110a to initiate an operation on the authentication code. At this time, host interface 220 or memory interface 230 can perform at least a portion of the operation on the authentication code when receiving data from host 400 or secure storage area 110a. For example, when a command requests data to be stored in secure storage area 110a, host interface 220 can receive data to be stored in secure storage area 110a from host 400 according to the command. In one embodiment, when a command requests data to be read from secure storage area 110a, memory interface 230 can read data from secure storage area 110a in response to the command. For example, memory controller 200 can receive data after receiving a command from the host requesting access to secure storage area 110a, and device access controller 210 in memory controller 200 can perform at least a portion of the operation on the authentication code when receiving data, using the authentication information and authentication key. For example, the operation can be started before data is received, and the operation can be executed continuously during data reception, or the operation can be started during data reception.
[0069] However, to complete the calculation of the authentication code, data received from the host 400 or the secure storage area 110a can be used. Therefore, the device access controller 210 can first use the authentication information and authentication key to calculate the authentication code, and then, upon receiving data or after receiving data, further calculate the received data using the first-calculated authentication code to complete the calculation of the authentication code. For example, according to an embodiment of this disclosure, the memory controller can first use only the authentication information and authentication key to calculate the authentication code before or during data reception. Then, the memory controller can further calculate the first-calculated authentication code using the data upon receiving data. Therefore, the time for generating the authentication code can be further reduced. Additionally, when receiving data via multiple data packets, data included in data packets received before the currently received data packets can be used to perform a portion of the authentication code calculation. (See also...) Figures 16 to 20 as well as Figures 26 to 30 Describe the example.
[0070] For example, when the secure storage area 110a is an RPMB, the device access controller 210 can handle authentication data write operations that store data in the RPMB and authentication data read operations that read data stored in the RPMB. (See reference...) Figures 16 to 20 as well as Figures 26 to 30 An example of how the device access controller 210 processes authentication data write operations and authentication data read operations is described.
[0071] The host 400 can communicate with the storage device 50 using at least one of a variety of communication methods. Examples include: Universal Serial Bus (USB), Serial AT Accessory (SATA), Serial SCSI (SAS), High Speed Chip Interconnect (HSIC), Small Computer System Interface (SCSI), Peripheral Component Interconnect (PCI), High Speed PCI (PCIe), High Speed Non-Volatile Memory (NVMe), Universal Flash Memory (UFS), Secure Digital Storage (SD), Multimedia Card (MMC), Embedded MMC (eMMC), Dual In-line Memory Module (DIMM), Registered DIMM (RDIMM), and Low Load DIMM (LRDIMM).
[0072] In one embodiment, storage device 50 and host 400 may perform data communication according to a UFS communication interface, but embodiments of this disclosure are not limited to performing data communication according to a UFS communication interface. For example, storage device 50 and host 400 may perform data communication using commands defined as Protocol Information Units (PIUs). A PIU may be a data packet generated according to a predetermined protocol. Therefore, according to one or more embodiments, a PIU is simply a form of command sent and received between storage device 50 and host 400, and thus, commands and PIUs may have the same meaning.
[0073] Commands may include requests, instructions, or responses from host 400 or storage device 50 for performing any operation. In embodiments, various commands may be defined depending on their purpose and intended use. For example, all query requests, commands, responses, data outputs, data inputs, and preparations for transmission can be referred to as commands. In one embodiment, commands may be transmitted in the form of a PIU as described above.
[0074] The smallest unit of a PIU can be a predetermined length (e.g., 32 bytes), and the maximum size of a PIU can be another predetermined length, such as 65,600 bytes. The format of a PIU can vary in size, for example, depending on its type.
[0075] The host 400 can provide commands regarding the secure storage area 110a to the storage device 50. For example, the command could be a request to access the secure storage area 110a. In one embodiment, the command regarding the secure storage area 110a may include common segments publicly included in commands sent and received between the host and the memory controller, unique fields including unique values based on the type of command, and additional segments as segments in addition to the common segments. For example, the common segments may include information indicating the length of the additional segments.
[0076] At this point, the extra segment may include information for authentication. Therefore, the information indicating the length of the extra segment can be used to indicate that the length of the extra segment is nonzero by including a nonzero value.
[0077] When commands are provided in the form of a PIU, commands concerning secure storage area 110a (e.g., a command requesting access to secure storage area 110a) can be provided in the form of a command PIU. For example, a common segment can be a basic header segment, a unique field can be a transaction-specific field, and an additional segment can be an additional header segment. Additionally, the basic header segment can include an additional header segment total length field, which includes the length information of the additional header segment. See reference... Figures 3 to 6 Describe the example.
[0078] Host 400 may further include host access controller 410. Host access controller 410 can generate commands for controlling secure storage area 110a. These commands can be provided to host interface 220. Host access controller 410 can receive commands from host interface 220.
[0079] Figure 2 This is a diagram illustrating a storage device according to an embodiment of the present disclosure. Hereinafter, as an embodiment of the present disclosure, in... Figures 2 to 30 In this disclosure, it may be disclosed that the secure storage area 110a is an RPMB, but the embodiments disclosed are not limited thereto. The secure storage area can be various types of storage blocks with restricted access.
[0080] Furthermore, as an embodiment of this disclosure, in Figures 2 to 30 In this embodiment, commands sent and received between storage device 50 and host 400 are transmitted in the form of PIUs, but other embodiments of this disclosure are not limited thereto. Various communication methods can be employed.
[0081] Reference Figure 1 and Figure 2 The storage device 50 may include a secure storage area 110a and a device access controller 210. The secure storage area 110 may be a reference... Figure 1 The described memory device 100 includes at least a portion of a storage region. In an embodiment, the secure storage region 1100a may be an RPMB. A device access controller 210 may be included in the memory controller 200, and a host access controller 410 may be included in the host 400.
[0082] Secure storage area 110a may include an authentication key 111, a write counter 112, a result register 113, and a data area 114. The authentication key 111 may be a value pre-stored in secure storage area 11a for use during authentication of access to secure storage area 110a. For example, when secure storage area 110a is an RPMB, the authentication key 111 may only be stored once initially, cannot be read by itself, and can only be accessed when calculating the Message Authentication Code (MAC) used to authenticate access to the RPMB. In embodiments, the authentication key 111 may have a predetermined size (e.g., 32 bytes), but the size of the authentication key is not limited to 32 bytes.
[0083] Write counter 112 can count the number of times access is performed on secure storage area 110a. In one embodiment, access to secure storage area 110a can be allowed only within a preset number of times, thus improving security. In an embodiment, when secure storage area 110a is an RPMB, write counter 112 can count the number of times an authenticated data write operation (e.g., an operation to store data in the RPMB) is successfully performed. The value indicated by write counter 112 or the value stored in write counter 112 can be a write count value. Write counter 112 can store a write count value corresponding to a predetermined number (e.g., 4) of bytes, but can also store a write count value corresponding to a larger size of data. The initial write count value can be "0000 0000h". The write count value of write counter 112 cannot be reset or decreased. After reaching the maximum value "FFFF FFFFh", the write count value of write counter 112 cannot be increased further. Therefore, when the write count value of write counter 112 reaches its maximum value, data can no longer be stored in secure storage area 110a, and secure storage area 110a can be operated as a read-only storage area.
[0084] Result register 113 can store the result of an operation performed on secure storage area 110a. For example, when secure storage area 110a is an RPMB, result register 113 can store a result code indicating the result of an operation performed on the RPMB. Examples of result codes stored in the result register are shown in Table 1.
[0085] Table 1
[0086]
[0087]
[0088] In embodiments, the authentication key 111, write counter 112, and result register 113 can be independently included in each distinct area of the secure storage area 110a and can have unique values. In various embodiments, the secure storage area 110a can be divided into multiple secure storage sub-areas. In embodiments, when the secure storage area 110a is an RPMB, the maximum number of RPMB sub-areas included in the RPMB can be a predetermined number, such as four. Each RPMB sub-area can have a unique authentication key and write counter value. The data area can be an area that stores data only when authentication is successful. In embodiments, when the secure storage area 110a is an RPMB, the capacity of the data area (RPMB data area) can be a minimum of a certain number of bytes (e.g., 128KB) and a maximum of, for example, 16MB.
[0089] Device access controller 210 may further include authentication manager 211 and access execution unit 212. When a write operation is performed on secure storage area 110a, host access controller 410 may provide a message regarding the write request for secure storage area 110 to device access controller 210 according to a predetermined format. Such a message may include, for example, information indicating a write request for secure storage area 110a, metadata for authentication, authentication data for authentication, etc. For example, when secure storage area 110a is an RPMB, when performing an authentication data write operation, host access controller 410 may provide an RPMB message to device access controller 210 according to a predetermined format. The RPMB message provided by host access controller 410 may include information for performing authentication on the RPMB. For example, the RPMB message may include metadata for performing authentication and authentication data for performing authentication. The authentication data may include a MAC generated by host access controller 410.
[0090] The authentication manager 211 can initiate the calculation of the device MAC using the authentication key 111 stored in the secure storage area 110a and metadata from the message received from the host access controller 410 related to accessing the secure storage area 1100a. When data to be stored in the secure storage area 110a is received from the host access controller 410, at least a portion of the calculation on the device MAC can be performed. The calculation on the device MAC can be completed by further using the received data. The authentication manager 211 can perform authentication by comparing the device MAC (after calculation) with the host MAC generated by the host access controller 410. The authentication manager 212 can provide the result of the authentication to the access execution unit 212. The access execution unit 212 can store the data in the secure storage area 110a or prevent the data from being stored in the secure storage area 110a based on the result of the authentication.
[0091] When authentication is successful, access execution unit 212 can control secure storage area 110a to store data received from host 400 and intended for storage in secure storage area 11a into data area 114. When the data is successfully stored, access execution unit 212 can increment the write count value stored in write counter 112 and store the result of the authenticated data write operation in result register 113. Additionally, when data is stored in data area 114, access execution unit 212 can calculate the response MAC to be provided to the host. Furthermore, when all data is stored in data area 114, access execution unit 212 can provide a response including the response MAC to host access controller 410.
[0092] When authentication fails, access execution unit 212 may not store the data requested to be stored in secure storage area 110a in data area 114. Access execution unit 121 may maintain the value of write counter 112 and store the information indicating authentication failure in result register 113.
[0093] When a read operation is performed on secure storage area 110a, host access controller 410 may provide a message related to the read request for secure storage area 110 to device access controller 210 in a predetermined format. For example, when secure storage area 110a is an RPMB, when performing an authentication data read operation, host access controller 410 may transmit an RPMB message to device access controller 210 in a predetermined format.
[0094] Access execution unit 212 can read data stored in secure storage area 110a and generate a message related to the read result of secure storage area 110a to be provided to host access controller 410. Access execution unit 121 can generate metadata to be included in the message related to the read result of secure storage area 110a. For example, when secure storage area 110a is an RPMB, the metadata may include a portion of the information included in the RPMB message received from host access controller 410, the data read from the RPMB, and a result code indicating the result of performing the authentication data read operation. In an embodiment, access execution unit 212 can use authentication key 111 stored in secure storage area 110a and metadata to initiate a computation on device MAC, which is authentication data. At least a portion of the computation on device MAC can be performed when reading data from secure storage area 110a, and the computation on device MAC can be completed by further using the read data.
[0095] When the calculation of the device MAC is completed, the access execution unit 212 can provide the read data to the host access controller 410. While providing the read data to the host access controller 410, the access execution unit 212 can simultaneously generate a message related to the read result of the secure storage area 110a, including the device MAC and metadata. After the access execution unit 212 provides all the read data to the host access controller 410, it can provide a response including a message related to the read result of the secure storage area 110a to the host access controller 410.
[0096] Figure 3 This is a diagram illustrating an embodiment of a data communication unit between a host access controller and a device access controller.
[0097] Reference Figure 1 and Figure 3The host access controller 410 and the device access controller 210 can communicate using data packets called Protocol Information Units (PIUs). In terms of physical devices, the host access controller 410 is included in the host 400, and the device access controller 210 is included in the storage device 50. Regarding the interface between the two devices, one device can transmit a PIU to the other. In this case, the device generating the PIU can be called the initiator device, and the device receiving the generated PIU can be called the target device. For example, the PIU can be a data packet transmitted between the two devices, rather than a data packet unilaterally transmitted from one device (host 400 or storage device 50) to the other.
[0098] Depending on the operation to be performed by the host access controller 410 or the device access controller 210, the PIU may include a query request PIU, a command PIU, a response PIU, a data output PIU, a data input PIU, and a prepare for transmission PIU.
[0099] The Query Request Unit (PIU) can provide a device descriptor containing various parameters of the storage device 50 to the storage device 50. The Query Request PIU may include an RPMB cell descriptor. The RPMB cell descriptor may include information indicating whether the advanced RPMB mode of the storage device 50 is activated. For example, the RPMB cell descriptor may include an 8-bit RPMB region enable field, bRPMBRegionEnable, which sets the RPMB region included in the RPMB. Information regarding whether the storage device 50 currently supports accessing the RPMB in normal RPMB mode or advanced RPMB mode may be included in the RPMB region enable field, bRPMBRegionEnable.
[0100] The command PIU can be a PIU transmitted when the host 400 transmits a command to the storage device 50.
[0101] A response PIU can be a PIU transmitted when the storage device 50 responds to a command provided by the host 400.
[0102] The data output PIU can be the PIU transmitted when the host 400 provides data to the storage device 50.
[0103] The data input PIU can be a PIU transmitted when the storage device 50 provides data to the host 400.
[0104] A PIU ready for transmission can be a PIU transmitted when storage device 50 notifies storage device 50 that it is ready to receive a data output PIU from host 400. A PIU ready for transmission can be transmitted when storage device 50 has sufficient buffer space to store the data provided by host 400.
[0105] The minimum size of a PIU can be a predetermined size (e.g., 32 bytes), and the maximum size of a PIU can be another predetermined size (e.g., 65,600 bytes). The format of a PIU can, for example, vary in size depending on its type.
[0106] In an embodiment, a PIU may include a basic header segment 61, transaction-specific fields 62, additional header segments 63, and data segments 64. The size of the basic header segment 61 may be, for example, 12 bytes. The basic header segment 61 is commonly included in all PIUs. The basic header segment 61 may include basic configuration information related to the PIU.
[0107] Transaction-specific field 62 may be included in byte addresses 12 to 31 of the PIU. Depending on the type of PIU, transaction-specific field 62 may include a dedicated transaction code.
[0108] An additional header segment 63 can be defined when the Total EHS Length field of the basic header segment 61 has a non-zero value. The additional header segment 63 may begin at byte address 32 of the PIU. The additional header segment 63 may be a region capable of storing additional data when sufficient information may not be included in the basic header segment 61.
[0109] Data segment 64 may be included in a data output PIU or a data input PIU, and may not be included in other PIUs. In an embodiment, additional header segment 63 and data segment 64 may not be included in all PIUs, but may be included only in specific PIUs.
[0110] Figure 4 This is a diagram illustrating an example structure of the basic header segment 61 of the PIU. (Refer to...) Figure 4 The basic header segment 61 may include transaction type, flags, logical unit number (LUN), task tag, initiator ID, command set type, query function / task management function, response, status, total length of additional header segments (TotalEHS Length), device information, and data segment length.
[0111] The transaction type can have a unique value depending on the PIU type. Examples of transaction types based on the PIU type are shown in Table 2.
[0112] Table 2
[0113]
[0114] Depending on the transaction type, flags can be fields with different values. A Logical Unit Number (LUN) can be a field indicating the number of the logical unit to be operated on, among multiple logical units included in the object to be operated on. For example, refer to... Figure 1 Each of the described host 400 and storage device 50 may include multiple logical units, and the logical unit number included in the basic header segment 61 of the PIU may indicate a specific logical unit among the multiple logical units.
[0115] Depending on the transaction type, the task tag can be a field with different values.
[0116] The Initiator ID can be a field that identifies the initiator of the requested operation. Therefore, the Initiator ID can have different values depending on whether the PIU is generated by the host or the storage device.
[0117] Command set type can be a field included in the command PIU and response PIU. Command set type can also be a field indicating which interface supports the command (e.g., whether the command is a SCSI command, a UFS command, or a manufacturer-defined command).
[0118] Query functions / task management functions can be fields that are input into the PIU (such as query requests, query responses, or task management requests).
[0119] The response can be a field indicating whether the requested operation was executed successfully or failed.
[0120] The status can be a field indicating the SCSI status.
[0121] The Total EHS Length can be a field indicating the size of the additional header segment in 32-bit units. The Total EHS Length can be used when the PIU includes an additional header segment. For example, the length of the additional header segment can be 4 bytes. The maximum size of the additional header segment can be 1024 bytes. When no additional header segment is used, the Total EHS Length can be 0.
[0122] Device information may include information that is used only when performing a specific function.
[0123] The data segment length can be a field that indicates the length of the data segment in the PIU. When the PIU does not include a data segment, the data segment length can be 0.
[0124] Figure 5 This is a diagram showing an example configuration of the PIU command. Figure 6 This is a diagram showing an example configuration for responding to PIU.
[0125] Reference Figure 1 , Figure 5 and Figure 6 Command and response PIUs can include a basic header field, transaction-specific fields, additional header fields, and a data field. The basic header field included in the command and response PIUs can include a Total EHS Length field. Additional header fields included in the command and response PIUs can be used when the Total EHS Length field has a non-zero value. Additional header fields can begin at byte address 32 of the PIU. Additional header fields can be areas capable of storing additional data when sufficient information may not be included in the basic header field.
[0126] According to an embodiment, the storage device can operate according to an advanced RPMB mode. In advanced RPMB mode, host 400 and storage device 50 can transmit RPMB messages using additional header segments included in the command PIU and response PIU. For example, host 400 and storage device 50 can set the Total EHS Length field of the additional header segments included in the basic header segments of the command PIU and response PIU to a non-zero value, and can transmit RPMB messages by including the RPMB message in the additional header segments. (Refer to...) Figures 16 to 20 as well as Figures 26 to 30 An embodiment of the operation method for the advanced RPMB mode is described.
[0127] Figure 7 This is a diagram illustrating an embodiment of the PIU transmitter 700 included in the initiator device. (Refer to...) Figure 2 and Figure 7 The host 400 and storage device 50 can perform RPMB-related operations when sending and receiving PIUs. (Referencing...) Figure 2 During the described authentication data write and read operations, both the host access controller 410 and the device access controller 210 can generate and transmit the generated PIU or receive the PIU transmitted by the other to perform authentication. Therefore, for example, as described in reference... Figure 8 Both the host access controller 410 and the device access controller 210 may include a PIU transmitter 700 and a PIU receiver 800.
[0128] The device that generates the PIU can be an initiator device. The device that receives the generated PIU can be a target device. When the host access controller 410 provides the PIU to the device access controller 210, the host 400 can be an initiator device, and the storage device 50 can be a target device. Conversely, when the device access controller 210 provides the PIU to the host access controller 410, the storage device 50 can be an initiator device, and the host 400 can be a target device.
[0129] The PIU transmitter 700 may include a MAC calculator 720, an authentication key storage device 730, a metadata generator 710, and a PIU generator 740. The authentication key storage device 730 can store authentication keys. The authentication key storage device 730 may correspond to a reference... Figure 2 The described RPMB includes an authentication key 111. The authentication key can be stored in the RPMB according to programmable operations. Since the authentication key is used to generate the MAC when performing authentication data write and read operations, it can be stored in the RPMB before performing either operation. Metadata generator 710 can generate metadata. Metadata can be included in the RPMB message. Depending on the type of RPMB message, the metadata can include different components. For example, as referenced... Figure 9 The components described that may be included in the metadata may be at least one of the following: write count value (write counter), request message type, response message type, result, address, random number, data, advanced RPMB data, block count, and / or advanced RPMB block count.
[0130] Metadata generator 710 can provide the generated metadata to MAC calculator 720 and PIU generator 740. MAC calculator 720 can generate a MAC using the metadata and the authentication key stored in authentication key storage device 730. For example, MAC calculator 720 can generate a MAC using a hash-based MAC (HMAC SHA-256). The target device can use the generated MAC to perform authentication. The MAC can have a predetermined number of bits (e.g., 256 bits or 32 bytes) in length. The authentication key used to generate the MAC can also be a predetermined number of bits, such as 256 bits. However, according to embodiments of this disclosure, the size of the MAC and authentication key is not limited. MAC calculator 720 can provide the generated MAC to PIU generator 740.
[0131] PIU generator 740 can generate a PIU to be provided to a target device. For example, PIU generator 740 can generate an RPMB message that includes authentication data and metadata. The authentication data can be a MAC generated by MAC calculator 720. In an embodiment, the authentication data included in the RPMB corresponding to the authentication key programming request provided in the authentication key programming operation can be the authentication key itself.
[0132] In advanced RPMB mode, PIU generator 740 can generate a PIU that includes the RPMB message in an additional header segment and provide the generated PIU to the target device. In advanced RPMB mode, the total length field of the additional header segment in the basic header segment of the PIU that includes the RPMB message can include a non-zero value.
[0133] For example, when performing an authentication data read operation, storage device 50 can be an initiator device. In this case, the MAC calculator 720 of storage device 50 can perform a portion of the MAC calculation using metadata received from metadata generator 710 and the authentication key stored in authentication key storage device 730 while reading data from the RPMB. Alternatively, the MAC calculation can be completed by further using data read from the RPMB.
[0134] When the MAC calculator 720 completes its MAC operation, the storage device 50 can provide the data read from the RPMB to the host 400. Simultaneously, the PIU generator 740 can generate an RPMB message including the completed MAC operation and a PIU including the RPMB message in an additional header segment. The generated PIU can be a response PIU. When the data provision to the host 400 is complete, the response PIU generated by the PIU generator 740 can be provided to the host 400.
[0135] Figure 8 This is a diagram illustrating an embodiment of the PIU receiver 800 included in the target device.
[0136] Reference Figure 2 and Figure 8 The host 400 and storage device 50 can perform RPMB-related operations when sending and receiving PIUs. (Referencing...) Figure 2 During the authentication data write and read operations described, both the host access controller 410 and the device access controller 210 can generate a PIU and can transmit the generated PIU or receive a PIU transmitted from the other to perform authentication. Therefore, the host access controller 410 and the device access controller 210 may include, for example, references to... Figure 7 The PIU transmitter 700 and PIU receiver 800 are described.
[0137] The device that generates the PIU can be an initiator device. The device that receives the generated PIU can be a target device. When the host access controller 410 provides the PIU to the device access controller 210, the host 400 can be an initiator device, and the storage device 50 can be a target device. Conversely, when the device access controller 210 provides the PIU to the host access controller 410, the storage device 50 can be an initiator device, and the host 400 can be a target device.
[0138] The PIU receiver 800 may include a PIU parser 810, a MAC calculator 820, and a MAC comparator 830. The PIU parser 810 may receive PIUs provided by the initiator device. The PIUs received by the PIU parser 810 may be command PIUs or response PIUs in advanced RPMB mode.
[0139] The PIU parser 810 can obtain RPMB messages by parsing received PIUs, and can obtain the included metadata and authentication data by parsing RPMB messages. In embodiments, depending on, for example, the type of RPMB message, the metadata may include different components. Components that may be included in the metadata may be references to... Figure 9 The description includes at least one of the following: write count value (write counter), request message type, response message type, result, address, random number, data, advanced RPMB data, block count, and advanced RPMB block count.
[0140] The authentication data can be a MAC generated by the initiator device. In an embodiment, the authentication data included in the RPMB corresponding to the authentication key programming request provided in the authentication key programming operation can be the authentication key itself.
[0141] The MAC Calculator 820 can retrieve the authentication key previously stored in the target device. The value of the authentication key previously stored in the target device can be the same as the value of the authentication key stored in the initiator device.
[0142] The MAC calculator 820 can calculate the MAC using metadata received from the PIU parser 810 and the authentication key previously stored in the target device. For example, the MAC calculator 820 can calculate the MAC using a hash-based MAC (HMAC SHA-256). The MAC calculator 820 can then provide the calculated MAC to the MAC comparator 830.
[0143] The MAC comparator 830 compares the MAC received from the PIU parser 810 with the MAC received from the MAC calculator 820 to see if they match, and outputs the authentication result based on the comparison result. The authentication result can be used to perform authentication data write operations and authentication data read operations, which are all operations on the RPMB.
[0144] Therefore, authentication may fail when the authentication keys stored in the initiator device and the target device are different, or when the metadata used to calculate the MAC is different. In one embodiment, authentication can only succeed when the authentication keys stored in the initiator device and the target device are the same, and the metadata used to calculate the MAC is the same. Thus, RPMB can provide data storage functionality with high security.
[0145] For example, when performing an authentication data write operation, storage device 50 can be the target device. In this case, the PIU resolver 810 of storage device 50 can receive a PIU requesting access to the RPMB from host 400. The PIU resolver 810 can obtain the RPMB message by resolving the received PIU, and can also obtain the included metadata and host MAC address by resolving the RPMB message.
[0146] According to the PIU command, when storage device 50 receives data to be stored in the RPM from the host, MAC calculator 820 can use the metadata received from PIU parser 810 and the authentication key previously stored in the RPMB to perform part of the MAC operation. Alternatively, the MAC operation can be completed by further using the data to be stored received from the host.
[0147] When the MAC calculator 820 completes its MAC calculation, the MAC comparator 830 compares the host MAC received from the PIU parser 810 with the device MAC calculated by the MAC calculator 820. As a result of the comparison, if authentication is successful, the data can be stored in the RPMB. At this time, refer to... Figure 7 The described PIU transmitter 700 can generate a response PIU.
[0148] Figure 9 This is a diagram showing an example of an RPMB message. (See also...) Figure 1 and Figure 9 When host 400 or storage device 50 sends and receives PIUs related to RPMB, host 400 or storage device 50 can transmit RPMB messages to each other. RPMB messages may include information for authentication.
[0149] In one embodiment, an RPMB message may include multiple components. For example, depending on how the RPMB message is transmitted, it may include... Figure 9Some or all of the multiple components shown.
[0150] The request message type can have a predetermined size, such as 2 bytes. The request message type can indicate the type of request to the RPMB. The request message type can be included in a request sent from the initiator device to the target device. Examples of code values that a request message type can have are shown in Table 3.
[0151] Table 3
[0152] code Request information type 0001h Authentication key programming request 0002h Write counter read request 0003h Authentication data write request 0004h Authentication data read request 0005h Result retrieval request 0006h Secure write protection configuration block write request 0007h Secure write protection configuration block read request other Reserved
[0153] An authentication key programming request can be a message type that requests programming of the authentication key. A write counter read request can be a message type that requests the write count value stored in the write counter. An authentication data write request can be a message type that requests data to be stored in the RPMB. An authentication data read request can be a message type that requests to read data stored in the RPMB. A result read request can be a message type that requests the execution result (the value stored in the result register) of an operation related to the RPMB. An RPMB message with these request message types can be an example of a message requesting access to secure storage area 110a. The size of a response message type can be 2 bytes. A response message type can be a component indicating the response type. A response message type may not be included in the request sent by the initiator device to the target device, but may be included in the response sent by the target device to the initiator device. Example code values that a response message type can have are shown in Table 4.
[0154] Table 4
[0155] code Response information type 0100h Authentication key programming response 0200h Write counter, read response 0300h Authentication data written to response 0400h Authentication data read response 0005h Reserved 0600h Secure write protection configuration block write response 0700h Secure write protection configuration block read response other Reserved
[0156] An authentication key programming response can be a response message type indicating a response to an RPMB message requesting the programming of the authentication key. A write counter read response can be a response message type indicating a response to an RPMB message requesting the transfer of the write counter value stored in the write counter to the initiator device. An authentication data write response can be a response message type indicating a response to a request to write authentication data stored in the RPMB. An authentication data read response can be a response message type indicating a response to a request to read authentication data stored in the RPMB. A result read response can be a response message type indicating a response to a request to read the result of an operation related to the RPMB (e.g., a value stored in a result register). The authentication key can have a predetermined size, such as 32 bytes. The authentication key can be a component of the RPMB message included in the PIU corresponding to the authentication key programming request when the initial request for programming is made to the RPMB. Therefore, the authentication key can be included only in the request sent by the initiator device to the target device.
[0157] The MAC can have a predetermined size (e.g., 32 bytes) and can be included not only in a request sent by the initiator device to the target device but also in a response sent by the target device to the initiator device. The MAC can be a component of an RPMB message used for authentication.
[0158] The result can have a predetermined size (e.g., 2 bytes) and can be a value stored in a result register included in the RPMB. Therefore, the result can be included in the response sent by the target device to the initiator device.
[0159] The write counter may have a predetermined size (e.g., 4 bytes) and may indicate the total number of successfully executed authentication data write operations. The write counter may be a write count value stored in the write counters included in the RPMB. The write counter may be included not only in the request sent by the initiator device to the target device, but also in the response sent by the target device to the initiator device.
[0160] The address can have a predetermined size (e.g., 2 bytes) and can be the data to be stored in the RPMB or the logical address of the data stored in the RPM. The address can be included not only in a request sent by the initiator device to the target device, but also in a response sent by the target device to the initiator device.
[0161] The random number may have a predetermined size (e.g., 16 bytes) and may be a value with randomness. The random number can be included not only in a request sent by the initiator device to the target device, but also in a response sent by the target device to the initiator device. In an embodiment, the random number may be generated by the host 400, and the storage device 50 may copy and use the random number generated by the host 400.
[0162] The data can be data to be stored in the RPMB, or it can be data read from the RPMB. The data can have a predetermined size (e.g., 256 bytes). In an embodiment, when accessing the RPMB in normal RPMB mode, the data can be data transferred between the initiator device and the target device.
[0163] Advanced RPMB data can be data to be stored in the RPMB in advanced RPMB mode, or data read from the RPMB. Advanced RPMB data can be transferred in units of a predetermined size (e.g., 4KB). Advanced RPMB data can be data to be stored in the RPMB according to an authentication data write request, or data read from the RPMB by the storage device 50 according to an authentication data read request.
[0164] The block count can have a predetermined size (e.g., 2 bytes) and can be a value indicating the number of data blocks transferred between the initiator device and the target device in normal RPMB mode. In normal RPMB mode, the size of a block can be, for example, 256 bytes.
[0165] Advanced RPMB block count can indicate the number of blocks of Advanced RPMB data transferred between the initiator device and the target device in Advanced RPMB mode. In Advanced RPMB mode, a block can have a predetermined size, such as 4KB.
[0166] When accessing RPMB blocks in normal RPMB mode or advanced RPMB mode, refer to Figure 9 The described RPMB message components may be included in RPMB information transmitted between host 400 and storage device 50 or between initiator device and target device. Depending on the type of operation, RPMB message components may be included in a single PIU, or may be divided and included in multiple PIUs.
[0167] Figure 10 This is a flowchart illustrating an example of an authentication data write operation performed in normal RPMB mode.
[0168] Reference Figure 1 , Figure 2 and Figure 10In normal RPMB mode, host 400 can transmit three command PIUs to perform authentication data write operations, and storage device 50 can transmit three response PIUs.
[0169] For example, an authentication data write operation may include the process of transmitting RPMB messages via PIU, including authentication data write request, result read request, and result read response.
[0170] The authentication data write request can be executed through operations S1001 to S1007, the result read request can be executed through operations S1009 to S1015, and the result read response can be executed through operations S1017 to S1021.
[0171] The authentication data write request includes the process of the host 400 transmitting an RPMB message requesting data to be stored in the RPMB and the data to be stored in the storage device 50.
[0172] A result read request can be an RPMB message that transmits from host 400 to storage device 50 to store the value in the result register included in the RPMB, where the execution result of the authentication data write operation is stored.
[0173] The result read response may be a response from storage device 50 transmitting an RPMB message providing the value of the result register to host 400.
[0174] In operation S1001, host 400 may provide a command PIU to storage device 50. The command PIU transmitted in operation S1001 may be a security protocol output command instructing host 400 to transmit data. In operation S1003, storage device 50 may provide a ready-to-transmit PIU to host 400 in response to the command PIU received in operation S1001. The ready-to-transmit PIU may be a PIU provided when storage device 50 is ready to receive data to be provided by host 400. In an embodiment, the ready-to-transmit PIU may be a PIU that provides a message instructing storage device 50 to prepare to receive a data output PIU.
[0175] In operation S1005, host 400 can provide a data output PIU to storage device 50. The data output PIU provided by host 400 may include an RPMB message corresponding to an authentication data write request. The RPMB message transmitted in operation S1005 may include content bytes, authentication data, and metadata. The metadata may include data to be stored in the RPMB. Because... Figure 10 This illustrates a scenario where an authentication data write operation is performed in normal RPMB mode, so the data can include multiple blocks of a predetermined size, such as 256 bytes. See also... Figure 11The example embodiment describes the RPMB message transmitted in operation S1005.
[0176] In operation S1007, storage device 50 may provide a response PIU to host 400. The response PIU transmitted in operation S1007 may be a response to the command PIU transmitted in operation S1001.
[0177] In operation S1009, host 400 may provide a command PIU to storage device 50. The command PIU transmitted in operation S1009 may be a security protocol output command instructing host 400 to transmit data. Subsequently, in operation S1011, storage device 50 may provide a ready-to-transmit PIU to host 400 in response to the command PIU received in operation S1009. The ready-to-transmit PIU may be a PIU provided when storage device 50 is ready to receive data to be provided by host 400. In an embodiment, the ready-to-transmit PIU may be a PIU that provides a message instructing storage device 50 to prepare to receive a data output PIU.
[0178] In operation S1013, the host 400 may provide a data output PIU to the storage device 50. The data output PIU provided in operation S1013 may include an RPMB message corresponding to a result read request. In an embodiment, refer to... Figure 12 The example embodiment describes the RPMB message included in the data output PIU provided in operation S1013.
[0179] In operation S1015, storage device 50 may provide a response PIU to host 400. The response PIU transmitted in operation S10015 may be a response to the command PIU transmitted in operation S1009.
[0180] In operation S1017, the host 400 may provide a command PIU to the storage device 50. The command PIU provided in operation S1017 may be a security protocol input command that indicates a command to request data and information from the storage device 50.
[0181] In operation S1019, storage device 50 may provide a data input PIU to host 400. The data input PIU transmitted in step S1019 may include an RPMB message corresponding to a result read response. The RPMB message transmitted in operation S1019 may include content bytes, authentication data, and metadata. The metadata may include an updated write count value and a value in a result register indicating the result of the authentication data write operation. (See reference...) Figure 13 The example embodiment describes the RPMB message transmitted in operation S1019.
[0182] In operation S1021, storage device 50 may provide a response PIU to host 400. The response PIU transmitted in operation S1021 may be a response to the command PIU transmitted in operation S1017.
[0183] Figure 11 It shows through Figure 10 The diagram illustrates an example of the RPMB message provided by operation S1005.
[0184] Reference Figure 1 , Figure 2 , Figure 10 and Figure 11 The RPMB message corresponding to the authentication data write request can include content bytes, authentication data, and metadata.
[0185] The content byte can be bits added to synchronize a predetermined data format or data communication. In an embodiment, the field corresponding to the content byte can be "0".
[0186] The authentication data included in the RPMB message corresponding to the authentication data write request can be, for example, referenced from Figure 2 The MAC generated by the host access controller 410 is described.
[0187] Metadata may include the data to be stored in the RPMB, a random number, the current write count, the address corresponding to the data, the number of data blocks (e.g., a block is 256B), and a request message type indicating that the RPMB message is an authenticated data write request. In an embodiment, the field corresponding to the random number may be "0".
[0188] Figure 12 It shows through Figure 10 The diagram illustrates an example of the RPMB message provided by operation S1013.
[0189] Reference Figure 1 , Figure 2 , Figure 10 and Figure 12 The RPMB message corresponding to the result read request can include content bytes, authentication data, and metadata.
[0190] In this embodiment, in the RPMB message corresponding to the result read request, only the request message type included in the metadata can have a non-zero value; the values of the other fields can be "0". The request message type can include the code value 0005h indicating that the RPMB message is a result read request.
[0191] Figure 13 It shows through Figure 10 The diagram illustrates an example of the RPMB message provided by operation S1019.
[0192] Reference Figure 1 , Figure 2 , Figure 10 and Figure 13 The RPMB message corresponding to the result read response can include content bytes, authentication data, and metadata.
[0193] The content byte can be bits added to synchronize a predetermined data format or data communication. In an embodiment, the field corresponding to the content byte can be "0".
[0194] The authentication data included in the RPMB message corresponding to the result read response can be, for example, referenced from... Figure 2 The described device access controller 210 generates a MAC.
[0195] In one embodiment, the access execution unit 212 can generate metadata to be included in the RPMB message, and can use the generated metadata and the authentication key 111 stored in the RPMB to generate a MAC.
[0196] Metadata may include an updated write count value, the address of the data stored via the authentication data write operation, a result code indicating the execution result of the authentication data write operation, and a predetermined code (e.g., "0300h") as a response message type code indicating that the RPMB message is an authentication data write response. Here, the address may have, for example, reference to... Figure 11 The authentication data described is written to the same address value included in the RPMB message corresponding to the request.
[0197] In this embodiment, the content byte, data, random number, and block count fields included in the RPMB message corresponding to the result read response can be "0".
[0198] Figure 14 This is a flowchart illustrating an embodiment of the MAC operation process performed during an authentication data write operation in normal RPMB mode.
[0199] Reference Figure 1 , Figure 2 as well as Figures 10 to 14 In operation S1401, the storage device 50 can receive the command PIU from the host 400. This can correspond to Figure 10 In operation S1001, the storage device 50 can then receive a data output PIU from the host 400 in operation S1403. This corresponds to... Figure 10 Operation S1005, and the received data output PIU at this time may include, for example, Figure 11The RPMB message shown is an example of this. Therefore, storage device 50 can receive data to be stored in the RPMB and other metadata from the data output PIU.
[0200] In operation S1405, the storage device can use metadata and data received from the data output PIU and the authentication key stored in the RPMB to calculate the MAC. Figure 10 The operation is initiated after operation S1005. Subsequently, the MAC that completes the operation in operation S1407 can be included in... Figure 10 The response message from operation S1021 to PIU is included in the RPMB message and provided to host 400. At this time, it can be accessed via... Figure 13 Confirm RPMB information.
[0201] Figure 15 It shows the use Figure 14 A flowchart illustrating an example of writing authentication data to the MAC address in a computational operation.
[0202] Reference Figure 1 , Figure 2 as well as Figures 10 to 15 In operation S1501, the storage device 50 can compare the host MAC received from the host 400 with the data stored in the host computer. Figure 14 The MAC (Machine Interface) of the processing device is compared. This can be done from... Figure 10 The host MAC address can be obtained from the RPMB message included in the data output PIU of operation S1005, and can be obtained through... Figure 11 Confirm this RPMB message.
[0203] When the device MAC and host MAC match in operation S1503, data can be stored in secure storage area 110a, for example, in RPMB, in operation S1505. When data storage is complete, storage device 50 can generate a response PIU including the response MAC in operation S1517, and can provide the response PIU to host 400 in operation S1509. This can correspond to... Figure 10 Operation S1021, and can be performed via Figure 13 Confirm the RPMB message included in the PIU response.
[0204] When the device MAC address and host MAC address do not match in operation S1503, the storage device may be unable to complete a write request to the secure storage area 110a (e.g., RPMB) in operation S1511. Therefore, data cannot be stored, and an error message may be provided to the host 400. Such an error message may be included in the form of a result code. Figure 13 In the RPMB message, and is provided to host 400.
[0205] Figure 16 This is a flowchart illustrating an authentication data write operation performed in the advanced RPMB mode of a storage device according to an embodiment of the present disclosure.
[0206] Reference Figure 1 , Figure 2 and Figure 16 In advanced RPMB mode, host 400 can transmit a command PIU to perform an authentication data write operation, and storage device 50 can transmit a response PIU.
[0207] For example, in operation S1601, host 400 can provide a command PIU to storage device 50. The command PIU may include an RPMB message in an additional header segment. The command PIU may be a security protocol output command instructing host 400 to transmit data. (See reference...) Figure 17 An example of an RPMB message transmitted in operation S1601 is described.
[0208] In operation S1603, storage device 50 may provide a ready-to-transmit PIU to host 400 in response to the command PIU received in operation S1601.
[0209] In operation S1605, host 400 can provide the data output PIU to storage device 50. Since host 400 has already provided the RPMB message to storage device 50 by including the RPMB message in the additional header segment of the command PIU in operation S1601, the data output PIU transmitted in operation S1605 may not include the RPMB message, but may only include the data to be stored in the RPMB.
[0210] In operation S1607, storage device 50 may provide a response PIU to host 400. The response PIU provided by storage device 50 may include an RPMB message. The RPMB message may be included in the additional header field of the response PIU.
[0211] Figure 17 It is shown in Figure 16 A diagram illustrating an example of the structure of the command PIU transmitted in operation S1601.
[0212] Reference Figure 1 , Figure 2 , Figure 16 and Figure 17 Unlike in reference Figures 10 to 15 The command PIU transmitted in the described embodiment may be a PIU using additional header segments in operation S1601. Therefore, the field indicating the total length information of the additional header segments included in the basic header segment can be set to a non-zero value (02h).
[0213] The additional header segment of the command PIU transmitted in operation S1601 may include an RPMB message. The RPMB message included in the additional header segment may include references to... Figure 11 The described authentication data is written into the RPMB information corresponding to the request.
[0214] For example, the additional header fields of the PIU command can include authentication data and metadata. Figure 11 Unlike regular RPMB messages, the metadata included in the additional header segment may not include the data to be stored in the RPMB. The metadata may include a random number generated by the host, the current write count, the address corresponding to the data, the number of data blocks (e.g., a block is 4KB), and a request message type (0003h) indicating that the RPMB message is an authentication data write request. For example, the authentication data could be generated by a reference... Figure 2 The described device access controller 210 generates a MAC.
[0215] Figure 18 It is shown in Figure 16 A diagram illustrating an example of the structure of the response PIU transmitted in operation S1607.
[0216] Reference Figure 1 , Figure 2 , Figure 16 and Figure 18 Unlike in reference Figures 10 to 15 The response PIU transmitted in the described embodiment may be a PIU using additional header segments in operation S1607. Therefore, the field indicating the total length information of the additional header segments included in the basic header segment can be set to a non-zero value (02h).
[0217] The additional header segment of the response PIU transmitted in operation S1607 may include an RPMB message. The RPMB message included in the additional header segment may include, as referenced... Figure 13 The description indicates that the result reads some data from the corresponding RPMB message in the response.
[0218] For example, the additional header fields in a PIU response may include authentication data and metadata. Metadata may include a write counter value updated according to the execution of the authentication data write operation, the address of the data stored by the authentication data write operation, a result code indicating the result of the authentication data write operation, and a response message type indicating that the RPMB message is an authentication data write response. Here, the address may be a value corresponding to a reference... Figure 17 The authentication data described is written to the same address as the value included in the RPMB message of the request. The random number can be generated through copying and referencing. Figure 17The authentication data described is obtained by writing a random number included in the RPMB message corresponding to the request. Figure 2 The described device access controller 210 generates a MAC using metadata and an authentication key stored in the RPMB.
[0219] Figure 19 This is a flowchart illustrating the MAC operation process performed during an authentication data write operation in the advanced RPMB mode of a storage device according to an embodiment of the present disclosure.
[0220] Reference Figure 1 , Figure 2 as well as Figures 16 to 19 In operation S1901, storage device 50 can receive command PIU from host 400 and obtain metadata from command PIU. This can correspond to Figure 16 Operation S1601. Then, in operation S1903, storage device 50 can receive data output PIU from host 400 and simultaneously use metadata received from the command PIU and the authentication key stored in the RPMB to calculate device MAC. This can be done... Figure 16 Such an operation is performed in part during operation S1605. For example, the operation can be performed before operation S1606, continuously during operation S1605, or initiated when operation S1605 is performed. Furthermore, the data output PIU transmitted via operation S1605 can be provided multiple times. For example, when the size of the data included in the data output PIU is large (e.g., greater than a predetermined value), data can be transmitted in multiple data PIUs. In this case, a portion of the operation on the device MAC can be performed using the data included in the data output PIU received before the currently being received data output PIU. The operation on the device MAC can be completed using all the data received from the data output PIU in operation S1905.
[0221] For example, in illustrating the MAC operation process according to an embodiment of this disclosure... Figure 19 In the case of, with Figures 10 to 15 Unlike other methods, RPMB messages are received from the host via command PIUs, rather than data output PIUs, allowing for relatively faster metadata retrieval. Furthermore, by initiating MAC operations before or during the receipt of data to be stored in the RPMB, rather than after receiving the data, the MAC operation can be completed earlier.
[0222] Figure 20 It shows the use in Figure 19 A flowchart illustrating an example of writing authentication data to the MAC address in a computational operation.
[0223] Reference Figure 1 , Figure 2 as well as Figures 16 to 20 In operation S2001, the storage device 50 can compare the host MAC received from the host 400 with the data stored in the host computer. Figure 19 The MAC (Machine Interface) of the computational device is compared. Figure 16 In operation S1601, the host MAC address can be obtained from the PIU command, and can be obtained through... Figure 17 Confirm the command PIU.
[0224] When the device MAC address and host MAC address match in operation S2003, in operation S2005, data can be stored in secure storage area 110a (e.g., RPMB), and storage device 50 can generate a response PIU including the response MAC address. Then, in operation S2007, the response PIU can be provided to host 400. This can correspond to... Figure 16 Operation S1607, and can be performed via Figure 18 Confirmed response PIU.
[0225] When the device MAC address and host MAC address do not match in operation S2003, the storage device may be unable to complete a write request to the secure storage area 110a (e.g., RPMB) in operation S2009. Therefore, data cannot be stored, and an error message may be provided to the host 400. Such an error message may be included in the form of a result code. Figure 18 The response PIU includes the RPMB message and is provided to host 400.
[0226] For example, in illustrating the process of writing authentication data according to an embodiment of this disclosure... Figure 20 In different circumstances Figures 10 to 15 Since the generation of the response MAC and the response PIU are performed together with the data storage in the secure storage area 110a, the completion time of the authentication data write operation can be earlier.
[0227] Figure 21 This is a flowchart illustrating an example of an authentication data reading operation performed in normal RPMB mode.
[0228] Reference Figure 1 , Figure 2 and Figure 21 In normal RPMB mode, host 400 can transmit two command PIUs to perform an authentication data read operation, and storage device 50 can transmit two response PIUs. For example, the authentication data read operation may include the process of transmitting RPMB messages corresponding to each of the authentication data read request and authentication data read response via PIUs.
[0229] An authentication data read request can be executed through operations S2101 to S2107, and an authentication data read response can be executed through operations S2109 to S2113.
[0230] An authentication data read request may include the process by which host 400 transmits an RPMB message indicating a read request for data stored in the RPMB to storage device 50. An authentication data read response may include the process by which storage device 50 transmits data read from the RPMB to host 400.
[0231] In operation S2101, the host 400 can provide a command PIU to the storage device 50. The command PIU provided in operation S2101 can be a command instructing the host 400 to output a security protocol for transmitting data.
[0232] In operation S2103, storage device 50 can provide the ready-to-transmit PIU to host 400.
[0233] In operation S2105, host 400 may provide a data output PIU to storage device 50. The data output PIU provided in operation S2105 may include an RPMB message. For example, the RPMB message provided in operation S2105 may include metadata. Here, the metadata includes a random number generated by the host, the address to be read, a block count indicating the number of data blocks to be read, and a request message type indicating that the RPMB message is an authenticated data read request. (See reference...) Figure 22 An example of an RPMB message corresponding to an authentication data read request is described.
[0234] In operation S2107, storage device 50 may provide a response PIU to host 400. The response PIU provided by storage device 50 may be a response to the command PIU transmitted in operation S2101.
[0235] In operation S2109, the host 400 may provide a command PIU to the storage device 50. The command PIU provided in operation S2109 may be a security protocol input command that indicates a command to request data and information from the storage device 50.
[0236] In operation S2111, storage device 50 may provide a data input PIU to host 400. The data input PIU provided by storage device 50 may include an RPMB message. For example, the RPMB message provided in operation S2111 may include content bytes, authentication data, and metadata. Here, the authentication data may be a MAC generated by storage device 50. The metadata may include data read from the RPMB, a random number, an address, a block count indicating the number of blocks of data read, and a response message type indicating that the RPMB message is an authentication data read response. (See also...) Figure 23 An example of an RPMB message corresponding to an authentication data read response is described.
[0237] In operation S2113, storage device 50 may provide a response PIU to host 400. The response PIU received by host 400 in operation S2113 may be a response to the command PIU transmitted in operation S2109.
[0238] Figure 22 It shows through Figure 21 The diagram illustrates an example of the RPMB message provided by the S2105 operation.
[0239] Reference Figure 1 , Figure 4 , Figure 21 and Figure 22 The RPMB message corresponding to the authentication data read request may include metadata and content bytes, but not authentication data. The content bytes may be bits added to synchronize a predetermined data format or data communication. In an embodiment, the field corresponding to the content bytes may be "0".
[0240] Metadata may include a random number generated by the host, the address to be read, a block count indicating the number of blocks of data to be read, and a request message type indicating that the RPMB message is an authentication data read request.
[0241] In various embodiments, the value corresponding to each of the content byte, MAC, data, write counter, and result included in the RPMB message corresponding to the authentication data read request can be "0".
[0242] Figure 23 It shows through Figure 21 The diagram illustrates an example of the RPMB message provided by the S1811 operation.
[0243] Reference Figure 1 , Figure 2 , Figure 21 and Figure 23The RPMB message corresponding to the authentication data read response may include authentication data and metadata. The authentication data may be a MAC generated by the device access controller 210 of the storage device 50. The metadata may include the data read from the RPMB, a random number, an address, a block count indicating the number of blocks of data read, and a response message type indicating that the RPMB message is an authentication data read response.
[0244] The random number can be a random number included in the RPMB message corresponding to the authentication data read request transmitted via operation S2105, for example, a value obtained by copying a random value generated by host 400 as is. The address and the block count of the data read can be the same as the block count values included in the RPMB message indicating the address to be read and the number of blocks to be read, corresponding to the authentication data read request. The result can be a result code indicating the execution result of the authentication data read operation. The response message type can be a predetermined code (e.g., 0400h) indicating that the RPMB message is an authentication data read response.
[0245] The host access controller 410 included in host 400 can receive an RPMB message containing data read according to the authentication data read operation, and then use the authentication key included in host access controller 410 and the metadata included in the RPMB message to calculate the MAC. Only when the MAC calculated by host access controller 410 matches the MAC generated by storage device 50 as authentication data included in the RPMB message can host access controller 410 obtain the read data.
[0246] like Figures 10 to 15 As shown, in the normal RPMB mode, authentication data write and read operations only provide a single command PIU for providing the data to be stored or the data to be read. However, additional command PIUs or response PIUs can be used to transmit RPMB messages. This may lead to delays in RPMB access speed and design complexity.
[0247] Figure 24 This is a flowchart illustrating an embodiment of the MAC operation process performed during an authentication data read operation in normal RPMB mode.
[0248] Reference Figure 1 , Figure 2 as well as Figures 21 to 24 In operation S2401, the storage device 50 can receive the command PIU from the host 400. This can correspond to Figure 21 In operation S2101, the storage device 50 can then receive a data output PIU from the host 400 in operation S2403. This corresponds to... Figure 21 In operation S2105, the received data output PIU may include, for example... Figure 22 The RPMB message is shown. Therefore, storage device 50 can receive other metadata from the RPMB from the data output PIU. In operation S2405, the storage device can read data stored in the secure storage area 110a (e.g., the RPMB). Then, in operation S2407, the storage device can use the metadata received from the data output PIU, the data read from the RPMB, and the authentication key stored in the RPMB to calculate the MAC. Figure 21 This operation is initiated after operation S2105. Subsequently, the MAC that completes the operation in operation S2409 can be included... Figure 21 The RPMB message in the response PIU of operation S2113 is provided to host 400. This can be achieved through... Figure 23 Confirm the RPMB information at this time.
[0249] Figure 25 It shows the use Figure 24 A flowchart illustrating an example of MAC authentication data reading operations in a computational manner.
[0250] Reference Figure 1 , Figure 2 as well as Figures 21 to 25 In operation S2501, storage device 50 can check whether the device MAC has been successfully calculated. When the device MAC has been successfully calculated, in operation S2503, data read from secure storage area 110a (e.g., RPMB) can be provided to host 400. When the data provision to host 400 is complete, storage device 50 can generate a response PIU including the device MAC in operation S2505, and can provide the response PIU to host 400 in operation S2507. This can correspond to Figure 21 Operation S2113, and can be performed via Figure 23 Confirm the RPMB message included in the PIU response.
[0251] If the device MAC fails to be calculated successfully in operation S2501, the storage device may be unable to complete a read request to the secure storage area 110a (e.g., RPMB) in operation S2509. Therefore, the read data cannot be provided to the host, and an error message may be provided to the host 400. Such an error message may be included in the form of a result code. Figure 23 In the RPMB message, and is provided to host 400.
[0252] Figure 26 This is a flowchart illustrating an authentication data read operation performed in the advanced RPMB mode of a storage device according to an embodiment of the present disclosure.
[0253] Reference Figure 1 , Figure 2 and Figure 26 In advanced RPMB mode, host 400 can transmit a command PIU to perform an authentication data read operation, and storage device 50 can transmit a response PIU.
[0254] For example, in operation S2601, host 400 can provide a command PIU to storage device 50. The command PIU may include an RPMB message in an additional header segment. The command PIU may be a security protocol input command instructing host 400 to request data transfer to storage device 50. (See reference...) Figure 27 An example of an RPMB message transmitted in operation S2601 is described.
[0255] In operation S2603, storage device 50 can use the RPMB message included in the command PIU received in operation S2601 to read data stored in the RPMB and provide the data input PIU including the read data to host 400. Since host 400 has already provided the RPMB message to storage device 50 by including the RPMB message in the additional header segment of the command PIU in operation S2601, the data in the PIU transmitted in operation S2603 may not include the RPMB message, but may only include the data read from the RPMB.
[0256] In operation S2605, storage device 50 may provide a response PIU to host 400. The response PIU provided by storage device 50 may include an RPMB message. The RPMB message may be included in the additional header field of the response PIU. See reference... Figure 28 An example of an RPMB message provided by storage device 50 to host 400 in operation S2605 is described.
[0257] Figure 27 It is shown in Figure 26 A diagram illustrating an embodiment of the structure of the command PIU transmitted in operation S2601.
[0258] Reference Figure 1 , Figure 2 , Figure 26 and Figure 27 Unlike in reference Figure 21 and Figure 25 The command PIU transmitted in the described embodiment may be a PIU using additional header segments in operation S2601. Therefore, a field indicating the total length of additional header segments included in the basic header segment can be set to a non-zero value (e.g., 02h).
[0259] The additional header segment of the command PIU transmitted in operation S2601 may include an RPMB message. The RPMB message included in the additional header segment may include, as referenced... Figure 22 The described authentication data read request corresponds to some or all of the data in the RPMB message.
[0260] For example, the additional header field of a command PIU may include authentication data and metadata. In an embodiment, the command PIU may include only metadata and not authentication data. The metadata may include a random number generated by the host, the address to be read, an advanced RPMB block count indicating the number of blocks of data to be read (e.g., a block is 4KB), and a 0004h as a request message type indicating that the RPMB message included in the additional header field is an authentication data read request. In an embodiment, the value corresponding to each of the MAC, write counter, and result in the RPMB message included in the additional header field may be "0".
[0261] Figure 28 It is shown in Figure 26 A diagram illustrating an embodiment of the structure of the response PIU transmitted in operation S2605.
[0262] Reference Figure 1 , Figure 2 , Figure 26 and Figure 28 , and reference Figures 21 to 25 The corresponding PIU transmitted in the described embodiments differs; the response PIU transmitted in operation S2605 may be a PIU using additional header segments. Therefore, the field indicating the total length information of the additional header segments included in the basic header segment can be set to a non-zero value (02h).
[0263] The additional header segment of the response PIU transmitted in operation S2605 may include an RPMB message. The RPMB message included in the additional header segment may be similar to the referenced... Figure 23 The description includes RPMB information corresponding to the authentication data read response. Additional header fields may include authentication data and metadata. Authentication data may be a MAC generated by the device access controller 210 of storage device 50. Metadata may include the data read from the RPMB, a random number, an address, an advanced RPMB block count indicating the number of blocks of data read, and a response message type indicating that the RPMB message is an authentication data read response.
[0264] The random number can be the random number included in the RPMB message corresponding to the authentication data read request transmitted via operation S2601, i.e., a value obtained by copying the random value generated by host 400 as is. The address and the block count of the data read can be the same as the block count values included in the RPMB message, which corresponds to the authentication data read request, indicating the address to be read and the number of blocks of data to be read. The result can be a result code indicating the execution result of the authentication data read operation. The response message type can be a predetermined code (e.g., 0400h) indicating that the RPMB message is an authentication data read response.
[0265] In operation S2603, the host access controller 410 included in the host 400 can receive data read according to the authentication data read operation. In operation S2605, after receiving the RPMB message corresponding to the authentication data read response, the host access controller 410 can use the authentication key included in the host access controller 410 and the metadata included in the RPMB message to calculate the MAC. The host access controller 410 can only acquire the read data if the MAC calculated by the host access controller 410 matches the MAC generated by the storage device 50 (the authentication data included in the RPMB message).
[0266] According to reference Figures 26 to 28 In the described embodiment, in advanced RPMB mode, unlike normal RPMB mode, RPMB messages are included in additional header segments and transmitted, thus eliminating the need for transmission via data input PIUs or data output PIUs. Therefore, in advanced RPMB mode, since the number of PIUs to be transmitted is less than in normal RPMB mode, advanced RPMB can be a mode where RPMB can be accessed at a faster speed than normal RPMB mode.
[0267] Figure 29 This is a flowchart illustrating the MAC operation process performed during an authentication data read operation in the advanced RPMB mode of a storage device according to an embodiment of the present disclosure.
[0268] Reference Figure 1 , Figure 2 as well as Figures 26 to 29 In operation S2901, storage device 50 can receive command PIU from host 400 and retrieve metadata from command PIU. This can correspond to Figure 26 Operation S2601. Then, in operation S2903, storage device 50 can read data from secure storage area 110a (e.g., RPMB), while simultaneously calculating the device MAC using metadata received from command PIU and the authentication key stored in the RPMB. For example, it can... Figure 26 Such operations are performed before operation S2603. The device MAC operation can be initiated before data is read from the RPMB and can be partially performed during data reading, or the operation can be initiated while data is being read from the RPMB. When the size of the data to be read is large, and the data is read in multiple partitions, a portion of the device MAC operation can be performed using data read prior to the currently read data. In operation S2905, the device MAC operation can be completed using all the data read from the RPMB.
[0269] For example, in illustrating the MAC operation process according to an embodiment of this disclosure... Figure 29 In different circumstances Figures 21 to 25 Because RPMB messages are received from the host via command PIUs rather than data output PIUs, metadata for MAC operations can be obtained much faster. Furthermore, by initiating MAC operations before or during data reading from RPMB, the MAC operation completion time can be earlier.
[0270] Figure 30 It shows the use in Figure 29 A flowchart illustrating an example of MAC authentication data reading operations in a computational manner.
[0271] Reference Figure 1 , Figure 2 as well as Figures 26 to 30 In operation S3001, storage device 50 can check whether the device MAC has been successfully computed. When the device MAC has been successfully computed, in operation S3003, data read from secure storage area 110a (e.g., RPMB) can be provided to host 400, and simultaneously, storage device 50 can generate a response PIU including the device MAC. Then, in operation S3005, the response PIU can be provided to host 400. This can correspond to... Figure 26 The operation of S2605 can be performed, and can be done through Figure 28 Confirmed response PIU.
[0272] If the device MAC fails to be computed in operation S3001, the storage device may be unable to complete a read request to secure storage area 110a (e.g., RPMB in operation S3007). Therefore, the read data cannot be provided to the host, and an error message may be provided to host 400. In one embodiment, such an error message may be included in the form of a result code. Figure 28 The response PIU includes the RPMB message and is provided to host 400.
[0273] For example, in illustrating the process of reading authentication data according to an embodiment of this disclosure... Figure 30 In different circumstances Figures 21 to 25 Since the generation of the device MAC and the generation of the response PIU are performed together with the provision of data to the host 400, the completion time of the authentication data write operation can be earlier.
[0274] Figure 31 It is shown Figure 1 A diagram illustrating an embodiment of the memory device 100. (Refer to...) Figure 31 The memory device 100 may include a memory cell array 110, a voltage generator 120, an address decoder 130, an input / output circuit 140, and control logic 150.
[0275] The memory cell array 110 includes multiple memory blocks BLK1 to BLKi, which are connected to the address decoder 130 via row lines RL. The memory blocks BLK1 to BLKi can be connected to the input / output circuitry 140 via column lines CL. In an embodiment, the row lines RL may include word lines, source select lines, and drain select lines. In an embodiment, the column lines CL may include bit lines.
[0276] Each of the memory blocks BLK1 to BLKi includes a plurality of memory cells. In an embodiment, the memory cells may be non-volatile memory cells. Memory cells connected to the same word line among the plurality of memory cells may be defined as a physical page. The memory cell array 110 may include a plurality of physical pages. Each memory cell of the memory device 100 may be configured as a single-level cell (SLC) storing one data bit, a multi-level cell (MLC) storing two data bits, a three-level cell (TLC) storing three data bits, or a four-level cell (QLC) capable of storing four data bits.
[0277] A portion of storage blocks BLK1 to BLKi can be referenced Figure 1 The described secure storage area is 110a. The remaining portion may be a regular storage area 110b. In an embodiment, secure storage area 110a may be an RPMB.
[0278] In this embodiment, the voltage generator 120, address decoder 130, and input / output circuitry 140 can be collectively referred to as peripheral circuitry. Under the control of control logic 150, the peripheral circuitry can drive the memory cell array 110 to perform programming, reading, and erasing operations.
[0279] Voltage generator 120 is configured to generate multiple operating voltages using an external power supply voltage supplied to memory device 100. Voltage generator 120 operates in response to control of control logic 150.
[0280] In this embodiment, the voltage generator 120 can generate an internal power supply voltage by adjusting an external power supply voltage. The internal power supply voltage generated by the voltage generator 120 can be used as the operating voltage of the memory device 100.
[0281] In this embodiment, voltage generator 120 can use an external power supply voltage or an internal power supply voltage to generate multiple operating voltages. Voltage generator 120 can be configured to generate various voltages used in memory device 100. For example, voltage generator 120 can generate multiple erase voltages, multiple programming voltages, multiple pass voltages, multiple select read voltages, and multiple unselect read voltages.
[0282] Voltage generator 120 may include multiple pump capacitors that receive an internal power supply voltage to generate multiple operating voltages with various voltage levels. Voltage generator 120 may generate multiple operating voltages by selectively activating the pump capacitors in response to control logic 150. The generated operating voltages may be provided to memory cell array 110 by address decoder 130.
[0283] Address decoder 130 is connected to memory cell array 110 via row line RL and is configured to operate in response to control of control logic 150. Address decoder 130 can receive address ADDR from control logic 150 and can decode block addresses in the received address ADDR. Address decoder 130 selects at least one memory block from memory blocks BLK1 to BLKi based on the decoded block address. Address decoder 130 can decode row addresses in the received address ADDR. Address decoder 130 can select at least one word line from the word lines of the selected memory block based on the decoded row address. In an embodiment, address decoder 130 can decode column addresses in the received address ADDR. Address decoder 130 can interconnect input / output circuitry 140 and memory cell array 110 based on the decoded column address. For example, address decoder 130 may include components such as row decoders, column decoders, and address buffers.
[0284] The input / output circuitry 140 may include multiple page buffers. The page buffers can be connected to the memory cell array 110 via bit lines. During programming operations, data can be stored in selected memory cells based on the data stored in the page buffers.
[0285] During a read operation, data stored in the selected memory cell can be sensed via bit lines, and the sensed data can be stored in the page buffer.
[0286] Control logic 150 can control address decoder 130, voltage generator 120, and input / output circuitry 140. Control logic 150 can operate in response to commands (CMD) transmitted from external devices. Control logic 150 can generate control signals in response to commands (CMD) and addresses (ADDR) to control peripheral circuitry.
[0287] Figure 32 It is shown Figure 1 A diagram illustrating an embodiment of the memory controller. (Refer to...) Figure 32 The memory controller 1000 may include a processor 1010, internal memory 1020, error correction code circuit 1030, host interface 1040 and memory interface 1050.
[0288] The processor 1010 can perform various operations or generate various commands for controlling the memory device 100. When receiving a request from the host 400, the processor 1010 can generate commands based on the received request and transmit the generated commands to the queue controller. Additionally, the processor 1010 can perform authentication operations for accessing secure storage areas, or generate information for authentication operations by manipulating or comparing authentication codes. Furthermore, the processor 1010 can access secure storage areas in the memory device 100 based on requests from the host 400.
[0289] Internal memory 1020 may store various information for the operation of memory controller 1000. For example, internal memory 1020 may include a logical and physical address mapping table. For example, internal memory 1020 may be configured with at least one of the following: random access memory (RAM), dynamic RAM (DRAM), static RAM (SRAM), cache, and tightly connected memory (TCM). In embodiments, device access mode information may be stored in internal memory 1020 (but is not limited thereto), and may also be stored in a separate memory different from memory controller 1000.
[0290] Error correction code circuit 1030 is configured to detect and correct errors in data received from memory device 100 using error correction code (ECC). Processor 1010 can adjust the read voltage based on the error detection result of error correction code circuit 1030 and control memory device 100 to perform a reread. In an exemplary embodiment, the error correction block can be configured as a component of memory controller 1000.
[0291] Host interface 1040 can exchange commands, addresses, data, etc., between memory controller 1000 and host 400. For example, host interface 1041 can receive requests, addresses, data, etc. from host 400, and can output data read from memory device 100 to host 400. Host interface 1042 can communicate with host 400 using protocols. Examples of protocols include Universal Serial Bus (USB), Serial AT Accessory (SATA), Serial SCSI (SAS), High Speed Chip Interconnect (HSIC), Small Computer System Interface (SCSI), Peripheral Component Interconnect (PCI), High Speed PCI (PCIe), High Speed Non-Volatile Memory (NVMe), Universal Flash Memory (UFS), Secure Digital (SD), Multimedia Card (MMC), Embedded MMC (eMMC), Dual In-line Memory Module (DIMM), Registered DIMM (RDIMM), Low Load DIMM (LRDIMM), Enhanced Small Disk Interface (ESDI), or Electronic Integrated Drive (IDE).
[0292] The memory interface 1050 can exchange commands, addresses, and data between the memory controller 1000 and the memory device 100. For example, the memory interface 1050 can transmit commands, addresses, and data to the memory device 100 via a channel, and can also receive data from the memory device 100. The memory interface 1050 can store data in or retrieve data from the secure storage area of the memory device 100 according to instructions from the processor 1010. The memory interface 1050 may include a buffer memory interface concept. The buffer memory interface can transfer data between the processor 1010 and the buffer memory. The buffer memory can be used as the operational memory or cache memory of the memory controller 1000, and can store data used in the storage device 50. Through the processor 1010, the buffer memory interface can use the buffer memory as a read buffer, write buffer, mapping buffer, etc.
[0293] According to embodiments, the buffer memory may include Double Data Rate Synchronous Dynamic Random Access Memory (DDR SDRAM), DDR4 SDRAM, Generation 4 Low Power Double Data Rate (LPDDR4) SDRAM, Graphics Double Data Rate (GDDR) SDRAM, Low Power DDR (LPDDR), or Rambus Dynamic Random Access Memory (RDRAM). When the buffer memory is included in the memory controller 1000, the buffer memory interface may be omitted.
[0294] Figure 33 This is a block diagram illustrating a memory card system 2000 using a storage device according to an embodiment of the present disclosure.
[0295] Reference Figure 33 The memory card system 2000 includes a memory controller 2100, a memory device 2200, and a connector 2300. The memory controller 2100 is connected to the memory device 2200 and configured to access the memory device 2200. In embodiments, the memory controller 2100 can access secure storage areas within the memory device 2200. For example, the memory controller 2100 can be configured to control read operations, programming operations, erase operations, and background operations of the memory device 2200. The memory controller 2100 is configured to provide an interface between the memory device 2200 and a host. The memory controller 2100 is configured to drive firmware for controlling the memory device 2200. The memory controller 2100 can be configured to... Figure 1 The memory controller 200 described is implemented in the same manner.
[0296] For example, memory controller 2100 may include components such as random access memory (RAM), processor, host interface, memory interface, and error corrector.
[0297] The memory controller 2100 can communicate with an external device via connector 2300. The memory controller 2100 can communicate with the external device (e.g., a host) according to a specific communication standard. For example, the memory controller 2100 is configured to communicate with the external device via at least one of various communication standards such as: Universal Serial Bus (USB), Multimedia Card (MMC), Embedded MMC (MCM), Peripheral Component Interconnect (PCI), High Speed PCI (PCI-E), Advanced Technology Attachment (ATA), Serial ATA, Parallel ATA, Small Computer System Interface (SCSI), Enhanced Small Disk Interface (ESDI), Electronic Integrated Drive (IDE), FireWire, Universal Flash Memory (UFS), Wi-Fi, Bluetooth, or NVMe. For example, connector 2300 can be defined by at least one of the aforementioned communication standards. The external device can request the memory controller 2100 to access a secure storage area in the memory device 2200.
[0298] For example, memory device 2200 can be configured as a variety of non-volatile memory elements. Examples include electrically erasable programmable ROM (EEPROM), NAND flash memory, NOR flash memory, phase-change RAM (PRAM), resistive RAM (ReRAM), ferroelectric RAM (FRAM), and spin-transfer torque magnetic RAM (STT-MRAM). Memory device 2200 may include secure storage regions and general storage regions. Secure storage regions are areas in the memory device with restricted access, such as areas accessible only through predetermined special commands or authentication, while general storage regions are areas that can be accessed without individual restrictions.
[0299] The memory controller 2100 and the memory device 2200 can be integrated into a single semiconductor device to configure a memory card. For example, the memory controller 2100 and the memory device 2200 can be integrated into a single semiconductor device to form memory cards such as: PC cards (Personal Computer Memory Card International Association, PCMCIA), compact flash (CF) cards, smart media cards (SM or SMC), memory sticks, multimedia cards (MMC, RS-MMC, micro MMC or eMMC), SD cards (SD, mini SD, micro SD or SDHC), and universal flash memory (UFS).
[0300] Figure 34 This is a block diagram illustrating a solid-state drive (SSD) system 3000 that applies a storage device according to an embodiment of the present disclosure.
[0301] Reference Figure 34 The SSD system 3000 includes a host 3100 and an SSD 3200. The SSD 32000 exchanges signals with the host 3100 through a signal connector 3001 and receives power through a power connector 3002. The SSD 3200 includes an SSD controller 3210, multiple flash memories 3221 to 322n, an auxiliary power supply 3230, and a cache memory 3240.
[0302] According to embodiments of this disclosure, the SSD controller 3210 can execute reference... Figure 1 The functions of the memory controller 200 are described.
[0303] SSD controller 3210 can control multiple flash storage devices 3221 to 322n in response to signals received from host 3100. For example, the signal can be based on the interface between host 3100 and SSD 3200. For example, the signal can be defined by at least one of various interfaces such as: Universal Serial Bus (USB), Multimedia Card (MMC), Embedded MMC (MCM), Peripheral Component Interconnect (PCI), High-Speed PCI (PCI-E), Advanced Technology Attachment (ATA), Serial ATA, Parallel ATA, Small Computer System Interface (SCSI), Enhanced Small Disk Interface (ESDI), Electronic Integrated Drive (IDE), FireWire, Universal Flash Memory (UFS), Wi-Fi, Bluetooth, and NVMe. The signal can be sent and received in the form of various commands, and can be a signal requesting access to a secure storage area located within a portion of the multiple flash storage devices 3221 to 322n, or a signal responding to a request.
[0304] Auxiliary power supply 3230 is connected to host 3100 via power connector 3002. Auxiliary power supply 3220 can receive power from host 3100 and can charge it. When the power supply from host 3100 is unstable, auxiliary power supply 3230 can provide power to SSD 3200. For example, auxiliary power supply 3230 can be located inside or outside SSD 3200. For example, auxiliary power supply 3230 can be located on the motherboard and can supply auxiliary power to SSD 3200.
[0305] Buffer memory 3240 serves as a buffer for SSD 3200. For example, buffer memory 324 may temporarily store data received from host 3100 or from multiple flash memories 3221 to 322n, or it may temporarily store metadata (e.g., a mapping table) of flash memories 3221 to 322n. Buffer memory 3240 may include volatile memory such as DRAM, SDRAM, DDR SDRAM, LPDDR SDRAM, and GRAM, or non-volatile memory such as FRAM, ReRAM, STT-MRAM, and PRAM.
[0306] Figure 35 This is a block diagram illustrating a user system 4000 that applies a storage device according to an embodiment of the present disclosure.
[0307] Reference Figure 35 The user system 4000 includes an application processor 4100, a memory module 4200, a network module 4300, a storage module 4400, and a user interface 4500. The application processor 4100 can drive the components, operating system (OS), and user programs included in the user system 4000. For example, the application processor 4100 may include controllers, interfaces, graphics engines, etc., that control the components included in the user system 4000. The application processor 4100 can be configured as a system-on-a-chip (SoC).
[0308] Memory module 4200 can be used as main memory, operating memory, buffer memory, or cache memory of user system 4000. Memory module 4200 may include volatile random access memory such as DRAM, SDRAM, DDR SDRAM, DDR2 SDRAM, DDR3 SDRAM, LPDDR SDRAM, LPDDR2 SDRAM, and LPDDR3 SDRAM, or non-volatile random access memory such as PRAM, ReRAM, MRAM, and FRAM. For example, application processor 4100 and memory module 4200 may be packaged based on a stacked package (POP) and then configured as a single semiconductor package.
[0309] Network module 4300 can communicate with external devices. For example, network module 4300 can support wireless communications such as, but not limited to, the following: Code Division Multiple Access (CDMA), Global System for Mobile Communications (GSM), Wideband CDMA (WCDMA), CDMA-2000, Time Division Multiple Access (TDMA), Long Term Evolution (LTE), WiMAX, WLAN, UWB, Bluetooth, and Wi-Fi communication. For example, network module 4300 may be included in application processor 4100.
[0310] Storage module 4400 can store, for example, data received from application processor 4100. In one embodiment, storage module 4400 can transfer data stored in storage module 4400 to application processor 410. For example, storage module 4400 can be implemented using non-volatile semiconductor memory elements. Examples include phase-change RAM (PRAM), magnetic RAM (MRAM), resistive RAM (RRAM), NAND flash memory, NOR flash memory, and three-dimensional (3D) NAND flash memory. For example, storage module 4400 can be configured as a removable storage device (removable drive) such as a memory card or an external drive of user system 4000.
[0311] For example, storage module 4400 may include a plurality of non-volatile memory devices that can operate in the same manner as storage device 100 described with reference to 1. For example, a portion of the non-volatile memory devices may include a secure storage region. Storage module 4400 can operate in the same manner as described with reference to 1. Figure 1 The storage device 50 described operates in the same manner.
[0312] User interface 4500 may include interfaces for inputting data or instructions to application processor 4100 or for outputting data to external devices. For example, user interface 4500 may include user input interfaces such as keyboards, keypads, buttons, touch panels, touchscreens, touchpads, touch balls, cameras, microphones, gyroscope sensors, vibration sensors, and piezoelectric elements. User interface 4500 may include user output interfaces such as liquid crystal displays (LCDs), organic light-emitting diode (OLED) display devices, active-matrix OLED (AMOLED) display devices, LEDs, speakers, and monitors.
[0313] The methods, processes, and / or operations described herein can be performed by code or instructions executable by a computer, processor, controller, or other signal processing device. The computer, processor, controller, or other signal processing device can be those devices described herein, or elements other than those described herein. Because the algorithms underlying the methods (or the operation of the computer, processor, controller, or other signal processing device) are described in detail, the code or instructions for implementing the operations of the method embodiments can transform a computer, processor, controller, or other signal processing device into a dedicated processor for performing the methods described herein.
[0314] Alternatively, another embodiment may include a computer-readable medium for storing the aforementioned code or instructions, such as a non-transitory computer-readable medium. This computer-readable medium may be volatile or non-volatile memory or other storage devices, which may be removably or permanently coupled to a computer, processor, controller, or other signal processing device that will execute the code or instructions for performing the operations of the method or device embodiments described herein.
[0315] The controllers, processors, devices, managers, calculators, comparators, parsers, modules, units, multiplexers, generators, logic, interfaces, decoders, drivers, and other signal generation and signal processing features disclosed herein can be implemented, for example, with non-transient logic that may include hardware, software, or both. When implemented at least partially in hardware, the controllers, processors, devices, modules, units, multiplexers, managers, calculators, comparators, parsers, generators, logic, interfaces, decoders, drivers, generators, and other signal processing and signal generation features can be, for example, any of various integrated circuits including, but not limited to, application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), combinations of logic gates, systems-on-a-chip (SoCs), microprocessors, or other types of processing or control circuitry.
[0316] When implemented at least partially in software, controllers, processors, devices, managers, calculators, comparators, parsers, modules, units, multiplexers, generators, logic, interfaces, decoders, drivers, generators, and other signal processing and signal generation features may include, for example, memory or other storage devices for storing code or instructions to be executed by, for example, a computer, processor, microprocessor, controller, or other signal processing device. The computer, processor, microprocessor, controller, or other signal processing device may be the device described herein or elements other than those described herein. Because the algorithms constituting the basis of the method (or the operation of the computer, processor, microprocessor, controller, or other signal processing device) are described in detail, the code or instructions for implementing the operation of the method embodiments can transform the computer, processor, controller, or other signal processing device into a dedicated processor for performing the methods described herein.
[0317] The present disclosure is not limited to the foregoing embodiments and drawings, and it will be apparent to those skilled in the art that various substitutions, modifications, and changes can be made without departing from the technical scope of the present disclosure. These embodiments can be combined to form additional embodiments.
Claims
1. A memory controller that controls a memory device including a secure storage region, the memory controller comprising: A host interface receives commands and data segments from a host, the commands including authentication information for requesting access to the secure storage area; The processor generates an authentication code based on the information used for the authentication. as well as The memory interface, under the control of the processor, accesses the secure storage region. When the processor receives the data segment on the host interface or the memory interface according to the command, it repeatedly performs at least a portion of the operation to generate the device authentication code whenever a single data segment is received.
2. The memory controller of claim 1, wherein the secure storage area includes an area accessed when the memory controller receives a predetermined command or through authentication performed by the memory controller.
3. The memory controller according to claim 1, wherein the command includes: Common segments are commonly included in commands sent and received between the host and the memory controller; A unique field, including a unique value based on the type of the command; as well as Additional segments are segments other than the common segments.
4. The memory controller of claim 3, wherein the additional segment includes information for the authentication.
5. The memory controller of claim 4, wherein the common segment includes information indicating the length of the additional segment.
6. The memory controller of claim 5, wherein the information indicating the length of the additional segment includes a non-zero value.
7. The memory controller of claim 1, wherein the processor uses an authentication key stored in the secure storage area to perform operations on the device authentication code.
8. The memory controller of claim 7, wherein the processor uses the authentication information, the authentication key, and the data segment to perform calculations on the device authentication code.
9. A storage device, comprising: A memory device, including a secure storage area for access based on authentication; as well as The memory controller receives from the host a command requesting the storage of a data segment in the secure storage area, as well as a command including the data segment to be stored in the secure storage area; in The command requesting that the data segment be stored in the secure storage area includes information for the authentication, and When the memory controller receives a command that includes the data segment, it repeatedly performs at least a portion of the calculation of the generating device authentication code based on the information used for authentication whenever it receives a single data segment from the data segment.
10. The storage device according to claim 9, wherein The secure storage area includes authentication keys, and The memory controller uses the authentication information, the authentication key, and the data segment to perform calculations on the device authentication code.
11. The storage device of claim 10, wherein the command requesting the data segment to be stored in the secure storage area includes a host authentication code computed by the host.
12. The storage device of claim 11, wherein the memory controller compares the calculated device authentication code with the host authentication code.
13. The storage device of claim 12, wherein the memory controller controls the storage of the data segment in the secure storage area when the device authentication code and the host authentication code match.
14. The storage device of claim 13, wherein the computation of the authentication code to be provided to the host is performed when the data segment is stored in the secure storage area.
15. The storage device of claim 14, wherein the memory controller provides a response including the response authentication code to the host after completing the storage of the data segment in the secure storage area.
16. A storage device, comprising: A memory device, including a secure storage area for storing data segments accessed based on authentication; as well as The memory controller receives a command from the host requesting to read a data segment stored in the secure storage area, and reads the data segment from the secure storage area in response to the command. The command includes information for the authentication, and When the data is read, the memory controller repeatedly performs at least a portion of the calculation of the generating device authentication code based on the information used for authentication whenever a single data segment is read from the data segment.
17. The storage device according to claim 16, in, The secure storage area includes authentication keys, and The memory controller uses the authentication information, the authentication key, and the data segment to perform calculations on the device authentication code.
18. The storage device of claim 17, wherein the memory controller provides the data segment to the host when the operation of the device authentication code is completed.
19. The storage device of claim 18, wherein the memory controller generates a response including the device authentication code when providing the data segment to the host.
20. The storage device of claim 19, wherein the memory controller provides the response to the host after completing the provision of the data segment to the host.