摘要 |
A data storage device comprises a storage medium and a controller including a cryptographic and security module for encrypting and decrypting data to be stored in and retrieved from the storage medium. The cryptographic and security module includes an interface for receiving commands from a processor, a secret root key, an encryption and decryption unit for encrypting and decrypting data using the secret root key, a buffer access unit for receiving encrypted data from and sending encrypted data to a memory, and a command controller for controlling the encryption and decryption unit and the buffer access unit in response to commands from the processor. The command controller implements mechanisms for movement of intermediate results within the cryptographic and security module to protect intermediate and plain text results from visibility outside the cryptographic and security module.
|