1. Field
Example embodiments of the present inventive concepts may relate generally to storage devices. Example embodiments of the present inventive concepts may relate generally to generation and assignment of host keys corresponding to storage devices.
2. Description of Related Art
Flash memory may be used as a storage medium for a variety of computer applications. Flash memory may use electrically-erasable programmable read-only memory (EEPROM) as a non-volatile storage. Secure Flash (SF) may be a Digital Rights Management (DRM) technology applicable to flash memory, aimed at the protection of digital content from unauthorized or pirated usage. The content may be stored onto the media in an encrypted fashion in an SF device.
Enhanced Media Identifier (EMID) and Gamma may be two authentication protocols used in the SF technology. Both EMID and Gamma authentication protocols must be successfully passed when the media is plugged into a host device for content to be successfully decrypted. Typically, on inserting a Secure Flash memory card into a Secure Flash host device, an EMID authentication protocol may be executed using sets of cryptographic keys assigned to the host device and the memory card, respectively. The EMID authentication protocol may pass only if keys assigned to the host device and the memory card are valid.
Generally, cryptographic keys may be assigned to the host device and the memory card using a key management system. The key management may be performed by a host key generation device. The key management system may receive a request for generation of host keys in bulk amounts.
At its core, the key management system of the EMID technology may be a tree data structure called the Key Management Tree (KMT) having a plurality of layers. Each layer of the KMT may constitute one or more nodes. The nodes present at the last layer of the KMT may represent real-world EMID host devices.
Currently, in the key management system, a brute force approach may be used to generate host key sets. Key sets for all nodes may be generated individually. An existing approach may require many additional operations to be performed per node for generating host key sets. This may require enormous amounts of time, thereby affecting the throughput of the host key generation device.