The present invention generally relates to portable storage devices and more particularly to a system and method for providing security to a portable storage device.
As the number of mobile, portable, and handheld devices grows, the popularity of flash memory used as a portable storage device increases. The most common type of flash memory is in the form of a removable memory card such as a USB card. Removable cards allow the contents of the flash memory to be transferred easily between devices or computers. As such, the contents of flash memory can easily be accessed by unauthorized users unless such content is protected from unauthorized access.
A system and method for providing protection of content which may be transmitted over unsecured channels, including storage and transmission in bulk media, is disclosed in U.S. Pat. No. 6,550,011 entitled “Media Content Protection Utilizing Public Key Cryptography”. In order to store a content key within a secure area of a storage device, the disclosed method identifies a secure area within the storage device to associate with a particular protected content. A storage device public key and certificate are then obtained and sent to an originator device. Next a random number encrypted with a storage device secret key is obtained by the originator device. The content key is then exclusive ORed with the random number at the originator device. The use of the random number prevents the replay of the conversation to another storage device sharing the same public secret key set from establishing a useful copy of the content. Further, the user of the random number from the storage device may be relied upon to add an extra layer of security to the transfer of the content key. The disclosed system and method disadvantageously utilizes public key cryptography which is costly and time consuming.
A portable storage device having a microprocessor and a secure user data area is disclosed in U.S. Patent Application Publication No. 2004/0103288 entitled “Apparatus and Method for Securing Data on a Portable Storage Device”. The apparatus disclosed includes a secure portable storage device for securing user data under a user password, the portable storage device being connectable to a host device. The host device is operable to selectably send data to be written onto the portable storage device and receive data read from the portable storage device. The secure portable device includes a storage medium including a secure user area and a microprocessor operable to exclude access from the host device to the secure user area unless the user password is provided to the microprocessor. A method for securing data on the portable storage device includes a step in which the microprocessor randomly generates a clear key of a preferred length under well-known random-generation techniques. The clear key becomes a permanent encryption key for all data stored in the secure user area. The disclosed system and method disadvantageously sends unencrypted data to be written onto the portable storage device and receives unencrypted data read from the portable storage device.
Therefore, there is a need for a system and method for providing security to a portable storage device that overcomes the disadvantages of the prior art. What is needed is a system and method for providing security to a portable storage device that does not rely on public key cryptography. What is further needed is a system and method for providing security to a portable storage device that does not send or receive any unencrypted data between the host system and the portable storage device. What is further needed is a system and method for providing security to a portable storage device that generates a random number each time the portable storage device is queried by the host system, the random number being used by the host system to encrypt data stored in the portable storage device and being encrypted using a key unique to the portable storage device and stored in the portable storage device. What is also needed is a system and method for providing security to a portable storage device that enables the host system to decrypt the random number in order to decrypt encrypted data read from the portable storage device. What is also needed is a system and method for providing security to a portable storage device having an address transform between the host system and the portable storage device.