STORAGE DEVICE

摘要

According to one embodiment, a storage device comprises a cipher processing unit, a memory, and a key processing unit. The cipher processing unit encrypts data using a key. The memory stores the encrypted data. The key processing unit replaces a first key having been used by the cipher processing unit with a second key. The key processing unit comprises a generating unit, a history managing unit, a computing unit, and a comparing unit. The history managing unit converts the first key into first information by an operation and stores the first information. The computing unit converts a candidate key generated by the generating unit into second information by the operation. The comparing unit compares the first information and the second information, and, if the two do not coincide, determines the candidate key as the second key and, if the two coincide, discards the candidate key.

主权项

1. A storage device comprising:
a cipher processing unit that encrypts data from the outside using a cryptographic key; a first non-volatile memory that stores the data encrypted by the cipher processing unit; and a key processing unit that replaces a first cryptographic key having been used by the cipher processing unit with a second cryptographic key that is different from the first cryptographic key according to a request from the outside, wherein the key processing unit comprises: a candidate key generating unit that generates a candidate key; a history managing unit that converts the first cryptographic key into first information by an operation and stores the first information; a computing unit that converts the candidate key into second information by the operation; and a comparing unit that reads out the first information from the history managing unit, compares the read-out first information and the second information, and, if the read-out first information and the second information do not coincide, determines the candidate key as the second cryptographic key and, if the read-out first information and the second information coincide, discards the candidate key.