公开(公告)号：US08938624B2

公开(公告)日：2015-01-20

申请号：US13234134

申请日：2011-09-15

申请人： Dmitry Obukhov ,  Bin Tan

发明人： Dmitry Obukhov ,  Bin Tan

IPC分类号： H04L9/00 ,  H04K1/00 ,  G06F21/62

CPC分类号： H04L9/0891 ,  G06F21/6209 ,  G06F21/78 ,  G06F21/79 ,  G06F2221/2143

摘要： Techniques for encryption key destruction for secure data erasure via an external interface or physical key removal are described. Electrical destruction of key material retained in a memory of a storage device renders the device securely erased, even when the device is otherwise inoperable. The memory (e.g. non-volatile, such as flash) stores key material for encrypting/decrypting storage data for the device. An eraser provides power and commands to the memory, even when all or any portion of the device is inoperable. The commands (e.g. erase or write) enable zeroizing or destroying the key material, rendering data encrypted with the destroyed key material inaccessible, and therefore securely erased. Alternatively, the memory is a removable component (e.g. an external security device or smartcard) coupled to the device during storage operation. Removing and physically destroying the memory renders the device securely erased. The device and/or the memory are sealed to enable tamper detection.

摘要翻译： 描述了通过外部接口或物理密钥删除进行安全数据擦除的加密密钥破坏技术。 保留在存储设备的存储器中的密钥材料的电破坏使得设备被安全地擦除，即使该设备在其它方面是不可操作的。 存储器（例如非易失性，例如闪存）存储用于加密/解密设备的存储数据的密钥材料。 橡皮擦为内存提供电源和命令，即使设备的全部或任何部分都不可操作。 命令（例如擦除或写入）使得能够使密钥材料归零或破坏，使用被破坏的密钥材料加密的数据不可访问，因此被安全地擦除。 或者，存储器是在存储操作期间耦合到该设备的可移动组件（例如外部安全设备或智能卡）。 删除和物理破坏内存会使设备安全地擦除。 设备和/或存储器被密封以便进行篡改检测。

公开(公告)号：US09087210B2

公开(公告)日：2015-07-21

申请号：US14131665

申请日：2012-07-26

申请人： Leonid Baryudin ,  Timothy Joseph Markey ,  Dmitry Obukhov

发明人： Leonid Baryudin ,  Timothy Joseph Markey ,  Dmitry Obukhov

IPC分类号： G06F21/62 ,  G06F21/78 ,  G06F3/06

CPC分类号： G06F12/1425 ,  G06F3/062 ,  G06F3/0659 ,  G06F3/0679 ,  G06F21/44 ,  G06F21/6218 ,  G06F21/78 ,  G06F2212/1052 ,  G06F2212/202

摘要： A hijack-protected, secure storage device requires proof that the user has actual physical access to the device before protected commands are executed. Examples of protected commands include attempts to change storage device security credentials of the device, erasure of protected portions of the device, and attempts to format, sanitize, and trim the device. Various techniques for proving the actual physical possession include manipulating a magnet to control a magnetic reed switch located within the device, operating a momentary switch located within the device, altering light reaching a light sensor located within the device (such as by opening or shutting a laptop cover to change ambient light reaching the sensor), and manipulating a radio-transmitting device (such as a cell phone) near the storage device for detection of the manipulation by a compatible radio receiver located within the device.

摘要翻译： 受劫持保护的安全存储设备需要证明用户在执行受保护命令之前实际访问设备。 受保护命令的示例包括尝试更改设备的存储设备安全凭证，擦除设备的受保护部分，以及尝试格式化，消毒和修整设备。 用于证明实际物理拥有的各种技术包括操纵磁体以控制位于装置内的磁簧开关，操作位于装置内的瞬时开关，改变到达位于装置内的光传感器的光（例如通过打开或关闭 笔记本电脑覆盖物以改变到达传感器的环境光），以及操纵存储设备附近的无线电发射设备（例如蜂窝电话），以检测位于设备内的兼容无线电接收机的操纵。

公开(公告)号：US20140130188A1

公开(公告)日：2014-05-08

申请号：US14131665

申请日：2012-07-26

申请人： Leonid Baryudin ,  Timothy Joseph Markey ,  Dmitry Obukhov

发明人： Leonid Baryudin ,  Timothy Joseph Markey ,  Dmitry Obukhov

IPC分类号： G06F21/62

CPC分类号： G06F12/1425 ,  G06F3/062 ,  G06F3/0659 ,  G06F3/0679 ,  G06F21/44 ,  G06F21/6218 ,  G06F21/78 ,  G06F2212/1052 ,  G06F2212/202

摘要： A hijack-protected, secure storage device requires proof that the user has actual physical access to the device before protected commands are executed. Examples of protected commands include attempts to change storage device security credentials of the device, erasure of protected portions of the device, and attempts to format, sanitize, and trim the device. Various techniques for proving the actual physical possession include manipulating a magnet to control a magnetic reed switch located within the device, operating a momentary switch located within the device, altering light reaching a light sensor located within the device (such as by opening or shutting a laptop cover to change ambient light reaching the sensor), and manipulating a radio-transmitting device (such as a cell phone) near the storage device for detection of the manipulation by a compatible radio receiver located within the device.

摘要翻译： 受劫持保护的安全存储设备需要证明用户在执行受保护命令之前实际访问设备。 受保护命令的示例包括尝试更改设备的存储设备安全凭证，擦除设备的受保护部分，以及尝试格式化，消毒和修整设备。 用于证明实际物理拥有的各种技术包括操纵磁体以控制位于装置内的磁簧开关，操作位于装置内的瞬时开关，改变到达位于装置内的光传感器的光（例如通过打开或关闭 笔记本电脑覆盖物以改变到达传感器的环境光），以及操纵存储设备附近的无线电发射设备（例如蜂窝电话），以检测位于设备内的兼容无线电接收机的操纵。