| Patent application number | Description | Published |
|---|
| 20090110188 | CONFIGURABLE RANDOM NUMBER GENERATOR - A method for random number generation includes generating random number sequences using a Random Number Generator (RNG) circuit having an externally-modifiable configuration. The RNG circuit generates a first random number sequence having a first measure of randomness, and modifies the configuration of the RNG circuit, causing the RNG circuit to generate a second random number sequence having a second measure of the randomness, indicating a degree of the randomness that is no less than the first measure. | 04-30-2009 |
| 20090110190 | FAST SECURE BOOT IMPLEMENTATION - A method for data storage includes employing a first CPU to execute code from a ROM associated therewith. A second CPU is employed to upload code from a flash memory to a code RAM associated with the first CPU, while the first CPU is available to perform other tasks. | 04-30-2009 |
| 20090112823 | WRITE FAILURE PROTECTION FOR HIERARCHICAL INTEGRITY SCHEMES - A method for data integrity protection includes arranging in an integrity hierarchy a plurality of data blocks, which contain data. The integrity hierarchy includes multiple levels of signature blocks containing signatures computed respectively over lower levels in the hierarchy, wherein the levels culminate in a top-level block containing a top-level signature computed over the hierarchy. A modification to be made in the data stored in a given data block is received. One or more of the signatures is recomputed in response to the modification, including the top-level signature. Copies of the given data block, and of the signature blocks, including a copy of the top-level block, are stored in respective locations in a storage medium. An indication that the copy is a valid version of the top-level block is recorded in the copy of the top-level block. | 04-30-2009 |
| 20090113117 | RE-FLASH PROTECTION FOR FLASH MEMORY - A method for storing data includes providing a memory package including an integrated circuit containing a non-volatile memory and counter circuitry. The data is written to the non-volatile memory. The counter circuitry is operated to maintain a count of write operations performed on the non-volatile memory. The data and the count from the memory package are received at a controller, separate from the memory package, and the data is authenticated in response to the count. | 04-30-2009 |
| 20090113146 | SECURE PIPELINE MANAGER - A method for data storage includes supplying data to and from a host to a storage memory via a secure data path. A first CPU is employed to control operation of the storage memory, and a second CPU is employed to control operation of the secure data path. | 04-30-2009 |
| 20090113207 | SECURE OVERLAY MANAGER PROTECTION - A method for protection of data includes maintaining a control parameter indicative of a current version of the data. The data is partitioned into multiple segments. Respective signatures of the segments are computed, responsively to the control parameter, the segments and respective signatures forming respective signed input segments, which are stored in a memory. After the signed input segments are stored, a signed output segment is fetched from the memory. The signature of the signed output segment is verified responsively to the control parameter, and the data in the signed output segment is processed responsively to verifying the signature. | 04-30-2009 |
| 20090113214 | SOFTWARE PROTECTION AGAINST FAULT ATTACKS - A method for protecting information in a device includes providing a device with a non-secure hardware domain, a processor having a software-controlled mode of operation, and a secure hardware domain having a secure memory that is inaccessible by the processor when the processor is operating in the software-controlled mode of operation. Data from the non-secure hardware domain is established in the secure hardware domain. Computing operations are executed on the data in the secure hardware domain to produce a result. The secure hardware domain is purged, while retaining the result therein. The result is thereafter returned from the secure hardware domain into the non-secure hardware domain. | 04-30-2009 |
| 20090113217 | MEMORY RANDOMIZATION FOR PROTECTION AGAINST SIDE CHANNEL ATTACKS - Side channel attacks against a computing device are prevented by combinations of scrambling data to be stored in memory and scrambling the memory addresses of the data using software routines to execute scrambling and descrambling functions. Encrypted versions of variables, data and lookup tables, commonly employed in cryptographic algorithms, are thus dispersed into pseudorandom locations. Data and cryptographic primitives that require data-dependent memory accesses are thus shielded from attacks that could reveal memory access patterns and compromise cryptographic keys. | 04-30-2009 |
| 20090113218 | SECURE DATA PROCESSING FOR UNALIGNED DATA - A method for data cryptography includes accepting input data, which contains a section that is to undergo a cryptographic operation and starts at an offset with respect to a beginning of the input data, by a Direct Memory Access (DMA) module. The input data is aligned by the DMA module to cancel out the offset. The aligned input data is read out of the DMA module, and the cryptographic operation is performed on the section. | 04-30-2009 |
| 20100153673 | DATA ACCESS AT A STORAGE DEVICE USING CLUSTER INFORMATION - Systems and methods for accessing data at a data storage device are disclosed. In a particular embodiment, a method includes receiving cluster information at a controller of a data storage device, the data storage device further including a memory, the cluster information being associated with a data file that is stored at the memory. The method also includes accessing the cluster information to locate at least one region of the memory corresponding to the data file. The method further includes accessing data from the data file at the at least one region of the memory that is identified by the cluster information. Accessing of data from the data file includes the controller executing an internal application. | 06-17-2010 |
| 20100332855 | Method and Memory Device for Performing an Operation on Data - A method and memory device for implementing long operations and supporting multiple streams are provided. In one embodiment, a memory device receives data and a command from a host to perform an operation on the data, wherein a time required for the memory device to complete the operation exceeds a maximum response time for the memory device to respond to the command. The memory device begins performing the operation on the data and, before exceeding the maximum response time and before completing the operation, sends the context of the operation to the host. At a later time, the memory device receives from the host: (i) a command to resume performing the operation and (ii) the context. The memory device then resumes performing the operation on the data based on the context received from the host. | 12-30-2010 |
