1. Field of the Invention
The present invention relates generally to an improved process of encrypting data and corresponding process of decrypting data for use within non-volatile memory, for example to provide a known level of security within a data processing system and particularly to a reversible method and apparatus of processing data comprising the data being encrypted before being written to a non-volatile memory wherein the data cannot be accessed without decryption in the case of a direct physical access to the non-volatile memory.
2. Description of the Prior Art
In known data processing systems having an on-volatile memory such as flash memory it is common for user data to be written to the flash memory without any modification taking place. An example of a known data processing system shown in FIG. 1 is a flash memory card 12 connected via a controller chip 19 to a host 8 (such as an ATA PC Card or Compact Flash card). The controller chip 19 is provided with an input/output port 15 which connects host 8 to host interface 16. Host interface and registers 16 are then connected to a port of a sector buffer SRAM 10 which conveniently is dual-port. A datapatch controller 18, and ECC generator and checker 20 and a flash memory interface (FMI) 22 are also all connected to the SRAM 10. The FMI 22 is also connected via a flash memory port 25 to flash memory 12. The controller chip 19 also includes microprocessor 32, I this case being a RISC processor, a processor SRAM 30, a processor mask ROM 28 and a port for an external program ROM/RAM 27 which is connected to a program RAM interface 26. An optional debug port 34 may also be provided for the RISC processor 32. Data and commands are communicated between various components of the controller 19, with the exception of the sector buffer memory 10, via microprocessor bus 24. The user data which is sent by the host 8 via the host interface port 15 is transferred to the sector buffer 10 without modification. The controller 19 then adds a control overhead, and writes the composite data (which typically is referred to as a (‘logical sector’) to the flash memory 12 via the flash memory port 25. The control overhead typically includes header data, which contains control information, and error correct code (ECC). Memory 12 stores the data (or logical sector) after encryption in a group of memory locations which are referred to as a ‘memory sector’. A memory sector need not be a physical portion within memory 12 nor need it be formed by contiguous memory locations. The function of the controller 19 is to present the logical characteristics of a disc storage device to the host 8.
In FIG. 2 the typical data partitioning in flash memory is shown. A typical memory sector 1 contains 512 memory is shown. A typical memory sector 1 contains 512 bytes of information data 1a, 4 bytes of header data 1b, and 12 bytes of ECC 1c. Generally the information data 1a comes from the host, the header data 1b is generated by the controller processor 32 and the ECC is generated by hardware, i.e. ECC generator 20 of FIG. 1. The ECC may protect the user data only, or both the user data and the header data depending on the ECC generation function applied.
This means that if the flash memory card 12 is physically opened and disassembled the flash memory contents can be accessed directly and the contents of the user data portions, or memory sectors, can be read.
In FIG. 3 is illustrated a top level structure 40 of a memory device system such as that of FIG. 1. The system 40 has a secure memory card interface 44 which is capable of enabling or disabling access to the memory card 41 as a data storage device. As detailed previously the user data, or host data, from host system 42 is written to the memory 48. However, the host system 42 cannot access the memory 48 of the system 40 without sending a valid password to the memory card 41. This password protected interface, or secure memory card interface 44, between the host system 42 and the card 41 protects the data from unauthorized access via the standard host interface 44. However, it is still possible to access the data directly via the memory interface if the device is disassembled. This type of method of password protected access is incorporated into the ATA and compact flash standards for non-volatile memory devices.
Thus, a need arises to obviate or mitigate at least one of the aforementioned problems.