This application is based on and claims priority under 35 U.S.C. § 119 to Korean Patent Application No. 10-2023-0009027, filed on Jan. 20, 2023, in the Korean Intellectual Property Office, the disclosure of which is incorporated by reference herein in its entirety.
The inventive concepts relate to storage systems, and more particularly, to systems for provisioning a certificate into a storage device.
When a storage device boots, a host may authenticate the storage device based on a certificate stored in the storage device. When the authentication is complete, the storage device may execute a bootloader.
A bootloader distributor may update the bootloader stored in the storage device via the host. The certificate stored in the storage device is generated based on the bootloader, and thus, after the bootloader is updated, the storage device may not be authenticated using the prior certificate. In this case, it is needed to provision a new certificate into the storage device.
The inventive concepts provide storage systems configured to provide a common key to a host and a storage device in a bootloader update process, establish a secure session based on a pre-shared key, and provision a certificate into the storage device in the secure session.
According to some aspects of the inventive concepts, there is provided a system including a storage device, a first device, and a second device. The storage device is configured to execute a software image. The first device is configured to store a first secret key and a first public key associated with the first secret key. The second device is configured to store a first key and a second key and is configured to receive the first public key from the first device, generate a first ciphertext for an updated software image, based on the first key, and the second key, and generate a second ciphertext for the first ciphertext and the second key, based on the first public key. The first device is configured to obtain the first ciphertext and the second key by decrypting the second ciphertext based on the first secret key and provide the first ciphertext and the second key to the storage device. The storage device is further configured to obtain the updated software image and the second key by decrypting the first ciphertext based on the first key. The first device is further configured to provision, based on the second key, a certificate for a unique key of the storage device into the storage device.
According to some aspects of the inventive concepts, there is provided a method of operating a system, the method including providing, by a second device, a first device with a second key and an updated software image that are encrypted based on a first key as a first ciphertext, providing, by the first device, the first ciphertext to a storage device, encrypting, by the second device, the second key based on a public key received from the first device, decrypting, by the first device, the encrypted second key based on a secret key associated with the public key, obtaining, by the storage device, the updated software image and the second key by decrypting the first ciphertext based on the first key, establishing a secure session between the first device and the storage device based on the second key, and provisioning, by the first device, a certificate for a unique key of the storage device into the storage device within the secure session.
According to some aspects of the inventive concepts, there is provided a storage system including a storage device and a host. The storage device stores a first key provisioned during manufacture and is configured to execute a software image. The host stores a secret key and is configured to receive a first ciphertext encrypted for an updated software image, based on the first key, and a second key and a second ciphertext for the second key, the second ciphertext being encrypted based on a public key associated with the secret key and obtain the second key by decrypting the second ciphertext based on the secret key. The storage device is further configured to obtain the updated software image and the second key by decrypting the first ciphertext based on the first key. The host is further configured to provision, based on the second key, a certificate for a unique key of the storage device into the storage device.
Example embodiments will be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings in which:
Hereinafter, various example embodiments will be described with reference to the accompanying drawings.
Referring to
The external device 10 may correspond to a firmware distributor. The external device 10 may manage a first key KEYA and a second key KEYB such that the first key KEYA and the second key KEYB may not be disclosed to the outside. For example, the external device 10 may manage the first key KEYA and the second key KEYB using a hardware security module (HSM). The first key KEYA may be a key provisioned into the storage device 30 when the storage device 30 is manufactured. The second key KEYB may be a key that is valid while a secure session is maintained between the host 20 and the storage device 30.
The host 20 may be one of stationary computing systems such as a desktop computer, a server, a workstation, or the like, or one of mobile computing systems such as a laptop computer, a tablet computer, a personal digital assistant (PDA), a mobile phone, a smartphone, or the like. The host 20 may include a processor configured to control the storage device 30. For example, the host 20 may include a central processing unit (CPU), an application processor (AP), a graphics processing unit (GPU), a neural processing unit (NPU), an image signal processor (ISP), or the like. The host 20 may store a unique secret key sKEYH and a public key pKEYH.
The storage device 30 may include non-volatile memory or volatile memory. The storage device 30 may perform various operations based on a software image IMG (for example, a bootloader BL and firmware FW). For example, when power is applied to the storage device 30, the bootloader BL and the firmware FW may be sequentially executed. In some example embodiments, the firmware FW may control the storage device 30 such that the storage device 30 may perform an address conversion operation to convert a logical address into a physical address. The storage device 30 may store the first key KEYA provisioned into the storage device 30 during the storage device 30 is manufactured. In some example embodiments, the software image IMG may refer to the bootloader BL or the firmware FW.
The storage device 30 may generate and store a unique device identifier DevID. The device identifier DevID may be generated based on the software image IMG (for example, the bootloader BL). The device identifier DevID may include a device identifier secret key DevIDs (refer to
The storage device 30 may receive a certificate for the device identifier DevID from the host 20 and store the certificate. When the storage device 30 boots, the storage device 30 may provide the stored certificate to the host 20, and the host 20 may identify whether the certificate of the storage device 30 is genuine. When the certificate is genuine, the host 20 may store data in the storage device 30 or read data from the storage device 30.
When an update of the software image IMG is required, the external device 10 may provide a new software image IMG to the storage device 30 directly of via the host 20, and then, the device identifier DevID of the storage device 30 may be changed. When the device identifier DevID of the storage device 30 is changed, the storage device 30 may need to receive a new certificate from the host 20. An operation in which the host 20 provisions a certificate into the storage device 30 may be performed through a secure session to prevent or reduce a security threat. In some example embodiments, the host 20 and the storage device 30 may establish a secure session by performing encryption and decryption based on the second key KEYB that is pre-shared (or, alternatively, shared at a same time as establish a secure session or another time) and provided from the external device 10.
The host 20 and the storage device 30 may safely pre-share the second key KEYB through an update operation on the software image IMG.
For example, referring to
The host 20 may decrypt the second ciphertext Enc2 and the third ciphertext Enc3 based on the secret key sKEYH. The host 20 may obtain the first ciphertext Enc1 by decrypting the second ciphertext Enc2. The host 20 may obtain the second key KEYB by decrypting the third ciphertext Enc3.
The host 20 may provide the first ciphertext Enc1 to the storage device 30. The storage device 30 may obtain the new software image IMG and the second key KEYB by decrypting the first ciphertext Enc1 based on the first key KEYA that is provisioned into the storage device 30 during the storage device 30 is manufactured.
The host 20 may provision a certificate for a new device identifier DevID to the storage device 30 based on the second key KEYB that is shared therebetween. For example, the host 20 and the storage device 30 may establish a secure session based on the second key KEYB that is shared therebetween, and the host 20 may provision a certificate for new device identifier DevID into the storage device 30 through the secure session. The second key KEYB may be a symmetric key.
According to some example embodiments, because the first key KEYA provisioned into the storage device 30 during the manufacture of the storage device 30 is not disclosed to the host 20, security of the first key KEYA may be improved.
In addition, before the host 20 provisions the certificate into the storage device 30, the host 20 and the storage device 30 may share the second key KEYB with each other. Because the host 20 and the storage device 30 are capable of establishing a secure session based on the second key KEYB that is pre-shared therebetween, a certificate issued by a verified host, that is, the host 20, may be provisioned into the storage device 30. Therefore, according to some example embodiments, the first key KEYA and the second key KEYB may be used while still reducing the risk of malicious actors accessing data the consumer is accessing and/or using in the storage device 30. Additionally, by using the above example embodiments, the ability of malicious actors to access sensitive data, confidential data, technical data, etc., of the storage devices may be decreased and/or have reduced ability of malicious actors to access sensitive data, confidential data, technical data, etc.
The signature generating system 40 may be included in the host 20 described above with reference to
The signature generating system 40 may receive a certificate signing request (CSR) and may provide a certificate. The CSR may include a public key (for example, a device identifier public key DevIDp shown in
The signature generation system 40 may include a key generator 41, a hash circuit 42, a signature generator 43, and a certificate generator 44.
The key generator 41 may generate a key pair including a secret key sKEY and a public key pKEY. For example, the key generator 41 may include a random number generator and may generate a key pair based on a random number. In some example embodiments, the key generator 41 may be omitted, and the signature generation system 40 may receive at least one of the key pairs from the outside.
The hash circuit 42 may receive the CSR and may generate a digest DIG for the CSR. The digest DIG may refer to a hash value generated based on a hash algorithm such as Secure Hash Algorithm (SHA).
The signature generator 43 may receive the secret key sKEY from the key generator 41 and may generate a digital signature SIG for the digest DIG based on the secret key sKEY. The digital signature SIG may be generated based on any signature algorithm such as Elliptic Curve Digital Signature Algorithm (ECDSA). In some example embodiments, as shown in
The certificate generator 44 may receive the CSR and the digital signature SIG and may generate a certificate. That is, the certificate may include the CSR and the digital signature SIG. In some example embodiments, the certificate generator 44 may generate the certificate in the form of a digital envelope and may provide the digital envelope.
Although the process in which the signature generation system 40 generates a certificate for a CSR is described above, the signature generation system 40 may also (for example, alternatively, or in addition to) generate a certificate for any firmware, program, software, or data. In some example embodiments, the signature generation system 40 may provide a certificate chain for a CSR by receiving an additional certificate from the CA server. The certificate chain may be stored in the storage device 30. In some example embodiments, data that is subject to a certificate may be referred to as a message MSG.
Referring to
The signature verification system 50 may include a hash circuit 51, a decryption circuit 52, and a comparison circuit 53. The hash circuit 51 may generate a digest DIG of the message MSG based on a hash algorithm. The decryption circuit 52 may generate a comparison digest DIG′ by decrypting the signature SIG based on the public key pKEY. The comparison circuit 53 may generate validity information VLD by comparing the digest DIG with the comparison digest DIG′. The validity information VLD may be information indicating that the message MSG is generated by a genuine entity (for example, the signature generation system 40 of
Referring to
The host memory 220 may function as a buffer memory for temporarily storing data to be transmitted to the storage device 30 or data transmitted from the storage device 30. The host memory 220 may include a secure memory, and the secure memory may store a secret key sKEYH, a public key pKEYH, and a second key KEYB described above with reference to
The storage device 30 may include storage media for storing data according to requests from the host 20. For example, the storage device 30 may include at least one selected from the group consisting of a solid state drive (SSD), an embedded memory, and a removable external memory. When the storage device 30 is an SSD, the storage device 30 may conform to the non-volatile memory express (NVMe) standard. When the storage device 30 is an embedded memory or an external memory, the storage device 30 may conform to the universal flash storage (UFS) or embedded multi-media card (eMMC) standard. The host 20 and the storage device 30 may each generate and transmit packets according to an adopted standard protocol. For example, the host 20 and the storage device 30 may transmit/receive encrypted data according to the security protocol and data model (SPDM) protocol.
When the non-volatile memory 320 of the storage device 30 includes a flash memory, the flash memory may include a 2D NAND memory array or a 3D (or vertical) NAND (VNAND) memory array. In another example, the storage device 30 may include various other types of non-volatile memories. For example, the storage device 30 may include magnetic random access memory (MRAM), spin-transfer torque MRAM, conductive bridging RAM (CBRAM), ferroelectric RAM (FeRAM), phase RAM (PRAM), resistive memory (Resistive RAM), or various other types of memory.
In some example embodiments, the host controller 210 and the host memory 220 may be implemented as separate semiconductor chips. Alternatively, in some example embodiments, the host controller 210 and the host memory 220 may be integrated on the same semiconductor chip. For example, the host controller 210 may be any one of a plurality of modules included in an application processor. The application processor may be implemented as a system-on-chip (SoC). In addition, the host memory 220 may be an embedded memory included in the application processor, or may be a non-volatile memory or a memory module disposed outside the application processor.
The host controller 210 may manage an operation in which data stored in the host memory 220 is stored in the storage device 30 or an operation in which data stored in the storage device 30 is stored in the host memory 220. The host controller 210 may perform encryption and decryption operations. As described above with reference to
The storage controller 310 may include a host interface 311, a memory interface 312, a processor 313, a secure device 314, a buffer memory 315, and a read only memory (ROM) 316. In some example embodiments, the buffer memory 315 may also be referred to as a system memory. In some example embodiments, the ROM 316 may be programmable read only memory (PROM), erasable programmable read only memory (EPROM), electrically erasable programmable read only memory (EEPROM), or flash memory.
The host interface 311 may transmit/receive packets to/from the host 20. A packet transmitted from the host 20 to the host interface 311 may include a command and data to be written to the non-volatile memory 320 or a storage space in the storage controller 310 (for example, the ROM 316 or the buffer memory 315), and a packet transmitted from the host interface 311 to the host 20 may include a response to the command or data read from the non-volatile memory 320.
The memory interface 312 may transmit data to be written in the non-volatile memory 320 to the non-volatile memory 320 or may receive data read from the non-volatile memory 320. The memory interface 312 may comply with standard protocols such as Toggle or ONFI.
The processor 313 may further include a hardware accelerator designed to perform a predefined (or, alternatively, desired or selected) operation at high speed, an input/output (I/O) interface providing a communication channel for communication with external components, or the like. In some example embodiments, components of the processor 313 may be integrated on a single chip or single die, and the processor 313 may be referred to as an SoC. In some example embodiments, components of processor 313 may be integrated into two or more chips included in one package, and the processor 313 may be referred to as a system-in-package (SiP). The processor 313 may also be referred to as a micro control unit (MCU).
In some example embodiments, the processor 313 may execute instructions included in a software image such as a bootloader BL or firmware FW stored in the ROM 316. For example, at least some of the instructions included in the software image stored in the ROM 326 may be loaded on a cache memory or the buffer memory 315 included in the processor 313, and the processor 313 may execute the loaded instructions.
The ROM 316 may store a software image, in a non-volatile manner, that is executable by the processor 313. In some example embodiments, the ROM 316 may store the bootloader BL, including instructions to be preferentially executed by the processor 313 when power is supplied to the storage controller 310 or the storage controller 310 is reset, and the firmware FW to be executed by the bootloader BL. The firmware FW may include a flash translation layer (FTL), a host interface layer (HIL), or a flash interface layer (FIL).
The secure device 314 may store a certificate used to authenticate a device identifier DevID. The secure device 314 may store keys (for example, a first key KEYAand a second key KEYB) that are used for encrypting and decrypting data to be transmitted to the host 20 or data received from the host 20. The secure device 314 may store unique data, in a non-volatile manner, of the storage device 30. The secure device 314 may generate a compound device identifier (CDI) by using, as input values, unique information of the storage device 30 (for example, a unique device secret (UDS) value) and a software image (the firmware FW or the bootloader BL)). The secure device 314 may include a device identifier composition engine (DICE) based on a DICE standard.
The buffer memory 315 may temporarily store data to be used by the processor 313. For example, the buffer memory 315 may temporarily store data read from the ROM 316, the secure device 314, or the non-volatile memory 320, or may temporarily store data to be written into the ROM 316, the secure device 314, or the non-volatile memory 320. In addition, the buffer memory 315 may temporarily store instructions to be executed by the processor 313. In some example embodiments, the buffer memory 315 may include volatile memory providing a relatively high operating speed, such as dynamic random access memory (DRAM) or static random access memory (SRAM).
The firmware FW may perform several functions such as address mapping, wear-leveling, and garbage collection. The address mapping refers to an operation of translating a logical address received from the host 110 into a physical address used to actually store data in the non-volatile memory 320. The wear-leveling refers to a technique for preventing or reducing excessive deterioration of a specific block by uniformly using blocks of the non-volatile memory 320. For example, the wear-leveling may be implemented through a firmware technique of balancing erase counts of physical blocks. The garbage collection refers to a technique for securing the available capacity of the non-volatile memory 320 by copying valid data distributed to victim blocks to a new block and then erasing the victim blocks.
In some example embodiments, the storage controller 310 may obtain a new (or updated) software image and a second key KEYB by decrypting a first ciphertext Enc1 received from the host 20 based on a first key KEYA. Hereinafter, this may be described as updating the bootloader BL. However, example embodiments are not limited thereto. A description for the bootloader BL may be applied to any software image. A new bootloader BL may be stored in the ROM 316 and the second key KEYB may be stored in the secure device 314.
The storage controller 310 may establish a secure session with the host 20 based on the second key KEYB and may receive a certificate for a new device identifier DevID from the host 20 through the established secure session. The storage controller 310 may update the certificate for the device identifier DevID by storing the received certificate.
According to some example embodiments, the storage controller 310 and the host 20 may share the second key KEYB before the certificate for the new device identifier DevID is renewed. The storage controller 310 and the host 20 may safely transmit/receive the certificate for the new device identifier DevID by establishing a secure session based on the shared second key KEYB.
The device authentication architecture may include a secure device 314, a bootloader BL, and firmware FW. The bootloader BL may be referred to as a layer 0, and the firmware FW may be referred to as a layer 1. Hereinafter, operations of the bootloader BL or the firmware FW may be understood as operations of components of the storage controller 310 shown in
In some example embodiments, the bootloader BL may generate a device identifier certificate signing request DevID CSR and may provide the device identifier certificate signing request DevID CSR to the host 20 (refer to
Referring to
The bootloader BL may include an alias key generator 62, a DevID generator 63, an alias key certificate generator 64, a DevID certificate generator 65, and a DevID CSR generator 66. Components of the bootloader BL may be implemented with hardware, software, or a combination of hardware and software.
The DevID generator 63 may generate a device identifier key pair (DevIDs and DevIDp) based on the CDI. In some example embodiments, the device identifier key pair (DevIDs and DevIDp) may be referred to as a device identifier DevID.
The DevID certificate generator 65 may generate a device identifier certificate DevID Cert based on a device identifier public key DevIDp.
The DevID CSR generator 66 may generate a device identifier certificate signing request DevID CSR based on the device identifier secret key DevIDs and the device identifier public key DevIDp. The device identifier certificate signing request DevID CSR may be provided to the host 20, and the host 20 may send a device identifier certificate DevID Cert corresponding to the device identifier certificate signing request DevID CSR to the storage device 30. The storage device 30 may store the device identifier certificate DevID Cert in a secure memory inside the secure device 314.
The alias key generator 62 may generate an alias key pair (Aliass and Aliasp) based on the CDI and a firmware (FW) image digest. The FW image digest may refer to a hash value of the firmware FW.
Referring to
Therefore, the storage device 30 may need to receive a new device identifier certificate DevID Cert corresponding to a new device identifier DevID from the host 20.
Referring to
In the authentication operation, the host 20 may provide a certificate request GET_CERT_REQ to the storage device 30. The storage device 30 may provide a certificate response CERT_RSP including a certificate chain to the host 20 in response to the certificate request GET_CERT_REQ. The certificate chain may include a device identifier certificate DevID Cert. The host 20 may determine the validity of certificates by verifying signatures in the certificate chain. The host 20 may obtain a device identifier public key in a valid certificate.
In the challenge operation, the host 20 may provide a challenge request CHALLENGE_REQ to the storage device 30. The challenge request CHALLENGE_REQ may include a random value. In response to the challenge request CHALLENGE_REQ, the storage device 30 may provide the host 20 with a challenge response CHALLENGE_AUTH_RSP that includes a hash value of the certificate chain including a signature for the random value. The host 20 may authenticate the storage device 30 by verifying the signature for the random value based on the device identifier public key.
In the certificate provisioning operation, the host 20 may provide a CSR request GET_CSR_REQ to the storage device 30. The storage device 30 may provide a device identifier certificate signing request DevID CSR (described with reference to
The host 20 may provide the device identifier certificate signing request DevID CSR to a certificate authority (CA) server 3, and the CA server 3 may generate a certificate chain by signing the device identifier certificate signing request DevID CSR based on a plurality of secret keys. The CA server 3 may provide the certificate chain to the host 20. The host 20 may store the certificate chain in the storage device 30 by providing the storage device 30 with a certificate set request SET_CERT_REQ including the certificate chain. The storage device 30 may provide a certificate set response SET_CERT_RSP to the host 20 to inform that the certificate chain has been stored.
The certificate provisioning operation may be performed in a secure session through encryption and decryption based on a pre-shared key between the host 20 and the storage device 30.
In general, a manufacturer may manufacture a plurality of storage devices and may provide one of the plurality of storage devices to a producer as the storage device 30. The manufacturer may provision unique keys into the plurality of storage devices, respectively. The producer may receive the storage device 30 from the manufacturer and may produce the storage system 2 by connecting the host 20 and the storage device 30 to each other.
In a comparative embodiment, the host 20 may manage all keys of the plurality of storage devices so that a pre-shared key is provided before a secure session is established between the host 20 and the storage device 30. In this case, however, the host 20 may have a heavy key management burden, and the unique keys of all the plurality of storage devices may be hacked by an attack on the host 20.
According to some example embodiments, in the system 1, a common key is provided to the host 20 and the storage device 30 while a software image is updated, and thus a certificate provisioning operation may be performed in the secure session based on the common key (pre-shared key). Thus, the updated software image may be more securely relied upon.
Referring to
The storage device 30 may provide a response PSK_EXCHANGE_RSP including a first hash value encrypted based on the second key KEYB to the host 20 in response to the request PSK_EXCHANGE_REQ (operation S702). For example, the storage device 30 may generate the first hash value by encrypting, based on the second key KEYB, data previously shared with the host 20.
The host 20 may provide a request PSK_FINISH_REQ including a second hash value encrypted based on the second key KEYB to the storage device 30 (operation S703). For example, the host 20 may generate the second hash value by encrypting, based on the second key KEYB, data previously shared with the storage device 30. When it is verified that the first hash value and the second hash value are generated based on the same key, the host 20 may provide a request PSK_FINISH_REQ to the storage device 30.
The storage device 30 may provide a response PSK_FINISH_RSP indicating establishment of a secure session to the host 20 (operation S704). For example, the storage device 30 may compare the first hash value and the second hash value with each other, and when it is verified that the first hash value and the second hash value are generated based on the same key, the storage device 30 may provide the response PSK_FINISH_RSP to the host 20.
Through these operations, the secure session may be established between the host 20 and the storage device 30. Subsequent operations (for example, the certificate provisioning operation described with reference to
When the storage device 30 is manufactured, the external device 10 may provision a first key KEYA into the storage device 30 (operation S801). The storage device 30 may store the first key KEYA in the secure memory such that the first key KEYA may not be disclosed to the outside.
The host 20 may provide a public key pKEYH associated with a unique secret key sKEYH to the external device 10 (operation S802). The host 20 may store the secret key sKEYH and the public key pKEYH in the secure memory of the host 20.
The external device 10 may generate a second key KEYB (operation S703). The second key KEYB may be set to be valid while a secure session is established between the host 20 and the storage device 30.
The external device 10 may provide a second ciphertext Enc2 and a third ciphertext Enc3 to the host 20 (operation S804). For example, the external device 10 may generate a first ciphertext Enc1 by encrypting a new bootloader BLnew and a second key KEYB based on the first key KEYA, the second ciphertext Enc2 by encrypting the first ciphertext Enc1 based on the public key pKEYH, and the third ciphertext Enc3 by encrypting the second key KEYB based on the public key pKEYH. The term “bootloader BL” may refer to a software image that is first executed when the storage device 30 is reset or when the storage device 30 is powered on.
In some example embodiments, the external device 10 does not generate the second ciphertext Enc2 and the third ciphertext Enc3 separately, but may generate one ciphertext by commonly encrypting the first ciphertext Enc1 and the second key KEYB based on the public key pKEYH.
The host 20 may obtain the second key KEYB by decrypting the third ciphertext Enc3 based on the secret key sKEYH (operation S805). The host 20 may store the second key KEYB in the secure memory of the host 20.
The host 20 may obtain the first ciphertext Enc1 by decrypting the second ciphertext Enc2 based on the secret key sKEYH, and may provide the first ciphertext Enc1 to the storage device 30 (operation S806).
The storage device 30 may obtain the new bootloader BLnew and the second key KEYB by decrypting the first ciphertext Enc1 based on the first key KEYA (operation S807). The storage device 30 may store the new bootloader BLnew in the ROM 316 (refer to
As described above with reference to
The storage device 30 may provide a CSR response CSR_RSP including the new device identifier public key DevIDp in response to a CSR request GET_CSR_REQ from the host 20 (operation S808). In some example embodiments, the storage device 30 may encrypt the CSR response CSR_RSP based on the second key KEYB and may provide the encrypted CSR response CSR_RSP to the host 20. The host 20 may decrypt the encrypted CSR response CSR_RSP based on the second key KEYB.
Although not shown in
The host 20 may provide a certificate set request SET_CERT_REQ including the new certificate chain Cert to the storage device 30 S809. The host 20 may encrypt the certificate set request SET_CERT_REQ based on the second key KEYB and may provide the encrypted certificate set request SET_CERT_REQ to the storage device 30. The storage device 30 may decrypt the encrypted certificate set request SET_CER_REQ based on the second key KEYB.
The storage device 30 may store the new certificate chain Cert in the secure device 314. The new certificate chain Cert may be stored in a slot of the secure device 314.
Although
According to some example embodiments, the host 20 and the storage device 30 may share the second key KEYB in the process of updating a new bootloader BLnew. The host 20 and the storage device 30 may establish a secure session based on the second key KEYB and may perform a certificate provisioning operation within the secure session.
Operations S901, S902, and S903 shown in
The host 20 may issue a token that is valid for a given period of time (operation S904). The token may include information NotBefore indicating the start time of a valid time period Tval, information NotAfter indicating the end time of the valid time period Tval, and identification information on a storage device set to receive the token. The token may be valid for the valid time period Tval.
The host 20 may provide a first ciphertext Enc1 and the token to the storage device 30 (operation S905). In some example embodiments, the storage device 30 may reset the information NotBefore indicating the start time of the valid time period Tval and the information NotAfter indicating the end time of the valid time period Tval. That is, the storage device 30 may set the start time of the valid time period Tval of the token to be the time at which the storage device 30 receives the token. The token may be valid for the valid time period Tval. In some example embodiments, the host 20 may encrypt the token based on a first key KEYA and may provide the encrypted token to the storage device 30. In some example embodiments, the storage device 30 may obtain the token by decrypting the encrypted token based on the first key KEYA.
The storage device 30 may obtain a new bootloader BLnew and a second key KEYB by decrypting the first ciphertext Enc1 based on the first key KEYA (operation S906).
The storage device 30 may provide the token and a CSR response CSR_RSP including a new device identifier public key DevIDp to the host 20 (operation S907). In some example embodiments, the storage device 30 may encrypt the CSR response CSR_RSP and the token based on the second key KEYB and may provide the encrypted data to the host 20.
The host 20 may obtain the CSR response CSR_RSP and the token by decrypting the received data based on the second key KEYB. The host 20 may verify the token to verify whether the CSR response CSR_RS is received within the valid time period Tval (operation S908). When the CSR response CSR_RSP is received within the valid time period Tval, operation S909 may be performed, and when the CSR response CSR_RSP is not received within the valid time period Tval, operation S909 may not be performed.
In some example embodiments, the valid time period Tval may refer to a time period between a time at which the storage device 30 receives the token and a time at which the storage device 30 provides the token to the host 20. In some example embodiments, the validity time interval Tval may refer to a time period between a time at which the host 20 provides the token to the storage device 30 and a time at which the host 20 receives the token from the storage device 30.
The host 20 may encrypt a certificate set request SET_CERT_REQ including a certificate chain Cert based on the second key KEYB and may provide the encrypted data to the storage device 30 (operation S909).
According to some example embodiments, after the valid time period Tval elapses, the certificate chain Cert is not provided to the storage device 30, thereby reducing the possibility of certificate theft.
Operations S1001, S1002, S1003, and S1004 shown in
The host 20 may provide a token to the external device 10 (operation S1005).
The external device 10 may generate a fourth ciphertext Enc4 by encrypting the token based on a first key KEYA, and may provide the fourth ciphertext Enc4 to the host 20 (operation S1006). The first key KEYA may be a key provisioned into the storage device 30 when the storage device 30 is manufactured.
A first ciphertext Enc1 and the fourth ciphertext Enc4 may be provided to the storage device 30 (operation S1007). Because the token is transmitted/received between the host 20 and the storage device 30 in an encrypted state, confidentiality of the token may be secured.
The storage device 30 may obtain a new bootloader BLnew, a second key KEYB, and the token by decrypting the first ciphertext Enc1 and the fourth ciphertext Enc4 based on the first key KEYA (operation S1010).
Operations S1011 to S1013 may correspond to operations S907 to S909 shown in
As described herein, any electronic devices and/or portions thereof according to any of the example embodiments may include, may be included in, and/or may be implemented by one or more instances of processing circuitry such as hardware including logic circuits; a hardware/software combination such as a processor executing software; or any combination thereof. For example, the processing circuitry more specifically may include, but is not limited to, a central processing unit (CPU), an arithmetic logic unit (ALU), a graphics processing unit (GPU), an application processor (AP), a digital signal processor (DSP), a microcomputer, a field programmable gate array (FPGA), and programmable logic unit, a microprocessor, application-specific integrated circuit (ASIC), a neural network processing unit (NPU), an Electronic Control Unit (ECU), an Image Signal Processor (ISP), and the like. In some example embodiments, the processing circuitry may include a non-transitory computer readable storage device (e.g., a memory), for example a DRAM device, storing a program of instructions, and a processor (e.g., CPU) configured to execute the program of instructions to implement the functionality and/or methods performed by some or all of any devices, systems, modules, units, controllers, circuits, architectures, and/or portions thereof according to any of the example embodiments, and/or any portions thereof.
While the inventive concepts have been particularly shown and described with reference to example embodiments thereof, it will be understood that various changes in form and details may be made therein without departing from the spirit and scope of the following claims.
Number | Date | Country | Kind |
---|---|---|---|
10-2023-0009027 | Jan 2023 | KR | national |