Conventionally, this type of storage device encrypts data that was provided from a host together with a write request and stores such data in a memory medium, and, when a read request of that data is given from the host, the storage device reads the encrypted data from the memory medium while decrypting it and sends the decrypted data to the host.
Here, with this type of storage device, since the encryption processing and decryption processing of data are performed with an encryption key that is pre-set by a system administrator, it is desirable to periodically exchange the encryption key in order to increase the security of data stored in the memory medium.
As this kind of encryption re-key method, conventionally, proposed is a method of reading data to be subject to the encryption re-key from a memory medium while sequentially decrypting such data, and overwriting the obtained decrypted data to the same location of the memory medium by encrypting such data with a new encryption key (this is hereinafter referred to as the “overwrite method”) (specification of U.S. Pat. No. 7,162,647).
In addition, as another encryption re-key method, a method of reading data that is stored in a memory medium from the memory medium while sequentially decrypting such data, and writing the obtained decrypted data into another memory medium while encrypting such data with a new encryption key (this is hereinafter referred to as the “migration method”) is also being widely adopted.