The present disclosure relates to technology for non-volatile storage.
Semiconductor memory is widely used in various electronic devices such as mobile computing devices, mobile phones, solid-state drives, digital cameras, personal digital assistants, medical electronics, servers, and non-mobile computing devices. Semiconductor memory may include non-volatile memory or volatile memory. A non-volatile memory device allows information to be stored or retained even when the non-volatile memory device is not connected to a power source.
A non-volatile memory device may be used to provide data for a host. Examples of hosts include, but are not limited to, smartphones, personal digital assistants (PDA), laptop computers, notebook computers, set top boxes, cameras, or other electronic device. In some cases, the non-volatile memory device may be embedded within the host. However, in other cases, the non-volatile memory device is not embedded within the host. For example, a USB flash drive is typically not embedded in a host.
It may be desirable for the data (such as, but not limited to, a program) used by an electronic device to be trusted by the electronic device. As one example, the program code that is used to boot a cellular telephone may need to be trusted by the cellular telephone for secure execution. It can be very difficult to be sure the data used by the electronic device is trusted. Many electronic devices, such as cellular telephones, laptop computers, etc., allow software applications to be loaded thereon, thereby presenting challenges in being sure the data used by the electronic device is trusted.
Verifying the integrity of data refers to verifying that the data has not been altered relative to some reference version of the data. For example, there may be a reference version of boot data for a cellular telephone. It is possible for a hacker, or the like, to alter or replace the reference version of the boot data for malicious purposes.
Verifying the authenticity of data refers to verifying that the data is what it purports to be. For example, the aforementioned boot data may originate from a “true” source, such as an entity that manufactured the cellphone. Verifying the authenticity of data can be used to determine whether the data originated from the true source. Note that a data integrity check might or might not pass if the authenticity test fails. For example, a non-authentic copy of software could exactly match a reference version of the software.
As the term is used herein, “trusted data” refers to data for which either the integrity or authenticity has been verified.