News Column

"Encryption Key Generation in Encrypted Storage Devices" in Patent Application Approval Process

July 8, 2014

By a News Reporter-Staff News Editor at Information Technology Newsweekly -- A patent application by the inventor Johnson, Simon (Bonney Lake, WA), filed on December 19, 2012, was made available online on June 26, 2014, according to news reporting originating from Washington, D.C., by VerticalNews correspondents.

This patent application has not been assigned to a company or institution.

The following quote was obtained by the news editors from the background information supplied by the inventors: "Encrypted storage devices are used to store sensitive and confidential information. Drives of the self-encrypting variety contain their own encryption engine in which data gets encrypted when being written, and decrypted when read. Paramount to this whole process is the encryption key. How did this key get created? Who created it and in what country? What is its entropy?

"A strong encryption key has the maximum amount of entropy allowed by its size. For example, a 256 bit AES key should have 256 bits of entropy. An encryption key based on a user password has relatively little entropy. A password of 8 characters, assuming upper and lower chase letters and numbers, can generate up to 218,340,105,584,896 different numbers. Which seems like a lot, but not when compared to 1.16.times.10.sup.77 possible values available from a 256 bit key.

"Given the ever increasing processing power of computers, it is desirable to have maximum entropy in order to thwart brute force attacks. Therefore, an encryption key based on a user password is not the most desired means.

"Generating a truly random number is difficult. Some mass storage manufacturers program encryption keys at the factory. These keys are generated by factory computers and copied into a region of private memory within the mass storage device. Customers are typically concerned with how these keys are created and whether the factory can associate a serial number with an encryption key. In addition, can the factory be trusted to create encryption keys with sufficient entropy? And, do mass storage devices contain duplicate keys?

"Given the difficulty of having a mass storage device create its own entropy, once factory programmed encryption keys are zeroized, the drive will no longer work and becomes a paper weight.

"There is accordingly an unmet need in the art to provide a mass storage device with the built-in ability to create a virtually unlimited supply of encryption keys with the entropy equivalent to its key length.

"An example of a prior art device is shown in US Publication No. 2011/0075840, entitled Method and System for Generating Random Numbers in a Storage Device, filed Sep. 30, 2009, to Fernando Zayas et al.

"Another example of a prior art device is shown in US Publication No. 2008/0263363, entitled Portable Data Encryption Device with Configurable Security Functionality and Method for File Encryption, filed Jan. 22, 2008 to Robert R. Jueneman.

"A further example of such a prior art device is shown in U.S. Pat. No. 6,044,388, entitled Pseudo-random number generator, issued Mar. 28, 2000 to Robert S. Debellis et al.

"Another prior art device is shown in U.S. Pat. No. 5778069, entitled Non-biased pseudo random number generator, issued Jul. 7, 1998 to Thomlinson et al.

"A prior art device is shown in U.S. Pat. No. 8,001,054, issued Aug. 16, 2011 entitled System and method for generating an unpredictable number using a seeded algorithm, to Lee J. Peart et al.

"A further prior art device is shown in U.S. Pat. No. 4,694,412, issued Sep. 15, 1987, entitled Random number generator for use in an authenticated read-only memory, to Domenik et al.

"A prior art device is shown in U.S. Pat. No. 7,421,462, issued Sep. 2, 2008, entitled Method and apparatus for generating a random bit stream, to Castejon-Amenedo et al.

"Another prior art device is shown in U.S. Pat. No. 6,728,740, entitled Random number generator seeding method and apparatus, to Kelly et al. This patent shows a plurality of event sensors associated with separate counters, and which is used to create a seed number which is then stored in a seed register. The counters identified in this patent are for a time stamp count, instructions executed, date of reads and writes, and a microsecond timer.

"A publication in US 2012/0179735 having a filing date of Jan. 16, 2011 shows a device entitled Scalable random number generation, having inventors Ferguson et al."

In addition to the background information obtained for this patent application, VerticalNews journalists also obtained the inventor's summary information for this patent application: "The present invention relates to disk drives having encryption, and more specifically to removable disk drives which have password protection.

"The apparatus and system according to the present invention provides a mass storage device with an integrated input device mechanism that is electrically connected to a micro-controller equipped with a cyclic counter. In use, an input event causes the micro-controller to read the cyclic counter's current value; a predetermined number of such input events results in providing a mechanism of creating enough entropy to seed a deterministic random number generator (DRNG). The output of the DRNG is then used as an encryption key for encrypting/decrypting data contained within mass storage media.

"Certain embodiments of the invention have other aspects in addition to or in place of those mentioned above. These aspects will become apparent to those skilled in the art from a reading of the following detailed description when taken with reference to the accompanying drawings.

"Other objects and advantages of the present invention will be more readily apparent from the following detailed description when read in conjunction with the accompanying drawings.


"FIG. 1 schematically depicts a self-encrypting mass storage device with an integrated human interface device ('HID').

"FIG. 2 represents a flow diagram showing a user defining a PIN which simultaneously results in the creation of a random seed with sufficient entropy.

"FIG. 3 schematically depicts a self-encrypting mass storage device and a separate HID which are both connected to a host computer, whereby event detection occurs in the host computer, to provide entropy creation.

"FIG. 4 is a perspective view of a preferred embodiment of a self-encrypting flash drive with integrated user authentication."

URL and more information on this patent application, see: Johnson, Simon. Encryption Key Generation in Encrypted Storage Devices. Filed December 19, 2012 and posted June 26, 2014. Patent URL:

Keywords for this news article include: Patents, Information Technology, Information and Data Encoding and Encryption.

Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC

For more stories covering the world of technology, please see HispanicBusiness' Tech Channel

Source: Information Technology Newsweekly

Story Tools Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters