`USUL16199163BI
`
`(.2) United States Patent
`Dumas et al.
`
`(I0) Patent N0.:
`(45} Date of Patent:
`
`US 6,199,163 B1
`Mar. 6, 2001
`
`(54) HARD DISK PASSWORD LOCK
`
`(75)
`
`Inventors: Patrick A. Dumas, Harrington; Mark
`Pulver, Elmhurst, lmlh of II. (US)
`‘-
`‘
`a
`-
`.
`‘
`3
`,‘
`(73) A%Ig“°"‘ NIL Lflrpomtm‘ ”my“ {11]
`.
`.
`.
`.
`‘
`.
`‘
`.‘
`.
`‘
`‘
`(*) Nolicc.
`5ubchl-io any disclaimer: lhu. term or tins
`palenl
`Is extended or adjusted under 35
`USC. 1540)} by [I days.
`
`(2]) APPL N0; 03I621,672
`(22)
`Filed:
`Mar. 26, 1996
`
`Int. Cl.7 ......................... H04K ”00
`(51)
`
`(52) U5_ CL ,,,,,
`713133; 7135134
`(58) Field of Search ________________________ 330E441 94. “3:133
`’
`' 7133184.
`H
`
`(56)
`
`Refcmnces Cited
`US‘ PATENT DOCUMENTS
`
`380M
`4.031861 " M1990 Cummins .
`5.211129 *
`5:10.03 Si‘hafcr ..................... 380M
`
`5.111.962 " Tflws van Rump: cl nl.
`5283.828 "
`2.11994 Saunders er. a].
`.
`
`
`
`.
`.. 3mm
`SSW-4
`
`33””
`5.321.563 "
`7321994 Singh ---------
`
`38””
`3334-3-52? ‘
`3,1094 Hung at a|-
`330M
`3,375,243 " 12.51904 Pantych et al.
`
`38030
`...............
`5.497.419 “
`JIIWI‘I
`llill
`4;“1996 van Run‘lpt el al.
`380M
`5,513.262 *
`
`5.615262 “
`3.:‘199? Guy et al.
`
`6.033320 ‘ M2000 Miller IIIIIIIIIIII
`
`'“ cilcd by examiner
`
`Primary Examiner—Salvatore (.‘anSiaIUsi
`(7'4) Arromey, Agent, or i-I‘rm—Katicn Muchin Zavis
`{5?}
`ABSTRACT
`
`The invention provides an encryption circuil lbr cncrypling
`and decrypling dala as il lraveIs lo and from a hard disk. The
`encryption circuit can be turned on or olf under control of
`the BIOS prngram and a user supplied password. Wiih the
`present
`invenlinn. a removed hard disk cannnl he read
`wilhnul the user supplied password and a similar encryption
`eireuil.
`
`8 Claims, 5 Drawlng Sheets
`
`
`CONTROL
`
`
`PHOC ESSOR
`—
`
`
`
`)ISIGGHVH IDE DISK
`
`CONTROLLER
`
`Toshiba_Apricorn 1005-0001
`Toshiba_Apricorn 1005-0001
`IPR2018-01067
`|PR2018—01067
`
`
`
`US. Patent
`
`Hm,
`
`w5“S
`
`5f
`
`SU
`
`lB36I...99I...
`
`E
`
`X .
`
`. HARDDISK
`
`mmmjomkzoomxwamm.
`
`10a-
`
`6xmaH:
`
`H
`
`KB
`
`mtooEomzo_E>mozm
`
`JOIFZOO
`
`JOmFZOO
`
`JOEHZOO
`
`mOmmeOIm
`
`Toshiba_Apricorn 1005-0002
`TosMba_Apflcon110050002
`IPR2018-01067
`|PR201801067
`
`
`
`
`
`
`
`
`US. Patent
`
`Mar. 15,2001
`
`Sheet 2 MS
`
`US 6,199,163 B1
`
`PROMPT USER FOR
`POWER-ON
`PASSWORD
`
`
`
`“0
`
`PASSWORD
`CORRECT?
`
`
`Fig. 3
`
`
`
`IS HARD DISK
`
`
`DOES USER WANT
`ENCRYPTED?
`TO ENCRYPT DISK?
`
`
`
`NO
`
`
`
`(FIGURE 4)
`
`
`
`
`
`
`
`PROMPT USER FOR HARD
`DISK PASSWORD
`(FIGURE 5}
`
`ENCRYPT DISK
`(FIGURE 6)
`
`/,/44
`
`ENABLE ENCRYPTION
`CIRCUIT
`
`DISABLE ENCRYPTION
`CIRCUIT
`
`CONTINUE WITH 08 BOOT
`AS NORMAL
`
`Toshiba_Apricorn 1005-0003
`Toshiba_Apricorn 1005-0003
`IPR2018-01067
`|PR2018—01067
`
`
`
`US. Patent
`
`Mar. 15,2001
`
`Sheet 3 MS
`
`US 6,199,163 B1
`
`READ HARD DISK
`PASSWORD FROM
`END OF BOOT BLOCK
`
`READ HARD DISK
`PASSWORD FIELD FROM
`
`END 0]: 300T DISK
`
`
`
`
` PROMPT USER
`FOR HARD DISK
`PASSWORD
`
`
`
`
`ENCRYPT ENTRY WITH
`HARD DISK PASSWORD
`
`
`DISK IS
`ENCRYPTED
`
`
`
` Fig. 5
`
`
`PASSWORD MATCHES
`ARD DISK PASSWORD?
`NO
`
`ACCESS GRANTED
`OK TO BOOT
`
`
`
`Toshiba_Apricorn 1005-0004
`Toshiba_Apricorn 1005-0004
`IPR2018-01067
`|PR2018—01067
`
`
`
`US. Patent
`
`Mar. 6, 2001
`
`Sheet 4 M5
`
`Us 6,199,163 Bl
`
`PROMPT USER FOFI
`HARD DISK
`PASSWORD
`
`SEEK TO END OF 2ND FILE
`ALLOCATION TABLE
`
`DISABLE ENCRYPTION
`CIRCUIT
`
`
`
`
`90
`PROMPT USER FOR
`HARD DISK
`
`PASSWORD
` x72
`
`
`
`/a/
`SEEK TO END OF 2ND FILE
`ALLOCATION TABLE
`
`
`COMPLETE
`
`4/76
`
`READ NEXT BLOCK
`
`J 78
`
`ENABLE ENCRYPTION
`CIRCUIT
`
`ENCRYPTION
`
`ABLE ENCRYPTION
`CIRCUIT
`
`DISABLE ENCRYPTION
`CIRCUIT
`
`WRITE BLOCK
`
`
`
`YES
`
`104
`
`DECRYPTION
`COMPLETE
`
`Fig.
`
`Toshiba_Apricorn 1005-0005
`Toshiba_Apricorn 1005-0005
`IPR2018-01067
`|PR2018—01067
`
`
`
`US. Patent
`
`Mar. 6, 2001
`
`Sheet 5 of 5
`
`US 6,199,163 B1
`
`Dmpntrmozm \
`EOFmev5.0Dmdf0504EOX
`
`
`
`m.3
`
`a:fix
`
`\
`
`
`
`DmOgmw<ameQI<I
`
`
`
`
`
`ADm—FQEmOZNZDV>><m
`
`v5.0DI<I
`
`IOFomw
`
`Toshiba_Apricorn 1005-0006
`Toshiba_Apricorn 1005-0006
`IPR2018-01067
`|PR2018—01067
`
`
`
`
`
`
`
`US 6,199,163 Bl
`
`1
`HARD DISK PASSWORD LOCK
`
`FIELD OF THE INVENTION
`
`The invention relates to computer security devices.
`Specifically, this invention relates to a method of encrypting
`data on a removable hard disk.
`
`5
`
`BACKGROUND OI’ ‘I‘IIE INVEN'I'ION
`
`2
`FIG. 4 is a flow chart showing the test for an encrypted
`hard disk.
`
`FIG. 5 is a flow chart showing the test for the user
`supplied password.
`FIG. 6 is a flow chart showing the method for encrypting
`an unencrypted disk.
`FIG. 7 is a flow chart showing the method for unencrypt-
`ing an encrypted disk.
`FIG. 8 is a block diagram of the encryption circuit.
`
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS OF TI IE
`INVENTION
`
`Referring to FIG. I, a computer system according to the
`prior art. consists of a processor 10, requesting data through
`a bus 12. Requests for data from a hard disk 14 are sent by
`the processor 10 over the bus 12 lo a disk controller 16. The
`disk controller 16 retrieves the data front the hard disk 14
`and returns the data over the bus 12 to the processor 10.
`FIG. 2 shows a block diagram of a computer system
`incorporating the present invention. A processor 20, requests
`data through a bus 22. Requests for data from a hard disk 24
`are sent by the processor 20 over the bus 22 to a disk
`controller 26. The disk controller 26 retrieves the data from
`the hard disk 24 and returns the data over the bus 22 to the
`processor 20. The present
`invention adds an encryption
`circuit 28. Data must pass through encryption circuit 28 to
`travel from hard disk 24 to processor 20. or from processor
`20 to hard disk 24. In the preferred embodiment of the
`invention, an encryption circuit 28, is implemented in an
`application specific integrated circuit (ASIC). An ASIC can
`encrypt or decrypt a word of data in a single clock cycle.
`This allows the encryption process to work within the
`normal data transfer time and hence be transparent to the rest
`of the computer system. Data is encrypted as it passes
`through encryption circuit 28, as it goes from processor 2|}
`to hard disk 24. Data is decrypted as it passes through
`encryption circuit 28 as it goes from hard disk 24 to
`processor 20. The encryption algorithm is a function of a
`provided password.
`Since the encryption algorithm is a function of the user's
`password, many users can have identical encryption circuit
`and not be able to read each other’s data without
`the
`encrypting password. At the same time. encrypted data can
`easily be moved to another machine with the same encryp—
`tion circuit and the same password. As long as the user
`protects his password, the data is secure even though the
`encryption algorithm may be well known.
`The password is stored in twu locations. It is stored in a
`write only register on the encryption ASIC. The password
`register is non-volatile memory, and is lost each time the
`computer is turned off. The password is also stored at the end
`of the boot block on the hard disk. Since the data on the hard
`disk survives power loss, the password is encrypted by itself.
`Hence, an intruder who is able to access the password cannot
`read the password unless he already has the password. The
`encryption circuit simply replicates the encryption algorithm
`in hardware to caecute it quickly.
`It is possible. if desired by the user. to store the password
`both on the drive and in the computer system. As long as the
`two passwords match the hard disk can be used without
`having to input a password. If the hard disk is removed from
`the computer system and placed in another computer
`system. the password must he entered in the new computer
`system before a user can access the data on the hard disk.
`
`Toshiba_Apricorn 1005-0007
`Toshiba_Apricorn 1005-0007
`IPR2018-01067
`|PR2018—01067
`
`It)
`
`15
`
`Early compttter systems were protected by physical secu-
`rity. These computers were kept in locked rooms and often
`had around the clock security or were used around the clock
`because of their extreme cost. The first challenge to com-
`puter security came with remote terminals. The terminals
`were often distributed throughout a building or campus, and
`did not receive the same security as the computer.
`To meet this challenge, computer operating systems were
`equipped with user accounts. Each user account was pro—
`tected by a password. A user at a remote terminal could not
`access the computer without his assigned password. In these
`early systems,
`the password control
`formed part of the
`operating system. The computer itself had to remain secure
`or the user account and password security was useless.
`With the advent of personal computers, operating system
`or application software security systems became unreliable.
`An u nauthorized user could simply turn otf the computer and
`restart it using software from an external source, such as a
`floppy disk.
`In response to this new threat
`to security.
`personal computers were equipped with BIOS (Basic Input
`Output System) based software passwords. A BIOS based
`password program runs before control of the computer is
`given to any disk based software. This prevents an unau-
`thorized user from accessing data by starting the computer
`from a floppy disk or using other means to change the disk ,
`based software.
`
`2|)
`
`'
`
`3t)
`
`While the BIOS based security software is better than disk
`based security software,
`it still does not protect data
`removed from the computer. An unauthorized user can
`remove a hard disk or other mass storage device from a
`protected computer and read the data using another com-
`puter. Many computers now come with easily removable
`hard disks. This is particularly common in servers and
`portable computers. Removable hard disks make it easier
`than ever to bypass a computer‘s security by moving data to
`another computer.
`
`SUMMARY OI" THE INVENTION
`
`The invention provides an encryption circuit for encrypt~
`ing and decrypting data as it travels to and front a hard disk
`or other mass storage device. The encryption circuit can be
`turned on or oil‘ under control of the BIOS program and a
`user supplied password. With the present
`invention, a
`removed hard disk cannot be read without the user supplied
`password and a similar encryption circuit.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`Preferred embodiments demonstrating the various objec-
`tives and features of the invention will now be described in
`conjunction with the following drawings:
`FIG. I is a block diagram of a typical prior art computer
`system.
`FIG. 2 is a block diagram of a computer system including
`the present invention.
`FIG. 3 is a flow chart showing control of the encryption
`circuit.
`
`40
`
`4:1
`
`50
`
`55
`
`fit]
`
`as
`
`
`
`US 6,199,163 Bl
`
`It)
`
`15
`
`2|)
`
`30
`
`3
`Therefore, encryption circuit 28 can be identical in mul-
`tiple computers. Art encrypted hard disk can only be read on
`another computer if the computer operator has the password
`used to encrypt the disk.
`As with the BIOS based system password, the software
`that controls the encryption circuit 28 must run as part of the
`BIOS before control of the computer is given any disk based
`software.
`Referring to FIG. 3, the drive security program begins
`with a power-on password such as exists in many prior art
`systems. The system prompts the user for a password 32 and
`then tests to see if the user supplied password matches a
`password stored on the hard disk. If the passwords do not
`match, the user again receives a prompt for the user pass—
`word 32. This loop will continue until the correct password
`is supplied. The BIOS will not start the computer without the
`correct password. If the user supplied password matches the
`password stored on the hard disk, tlten the software tests to
`determine if the hard drive is encrypted 36. Step 36 is
`described in more detail
`in FIG. 4. If the hard disk 24- is
`encrypted,
`the software prompts the user for hard disk
`password 38. Step 38 is shown in more detail in FIG. 5.
`[f the hard drive is not encrypted, the software asks if the
`user wants to encrypt the hard drive 40. If the user reSponds
`yes, the drive is encrypted 42. Step 42 is shown in greater
`detail in FIG. 6. Then, the encryption circuit 28 is enabled
`44. If the user responds “no" lo the question in step 40, the
`encryption circuit 28 is disabled 46. Then, the normal BIOS
`boot up procedure continues 48.
`FIG. 4 expands on step 36 in FIG. 3. The system deter—
`mines if the drive is encrypted by reading the hard disk
`password 50 and comparing it with null 52. If the password
`is null, the drive is not encrypted 54. [f the password is not
`null, the drive is encrypted. 56.
`FIG. 5 expands on step 38 in FIG. 3. The hard disk _~
`password verification routine begins by reading the
`encrypted hard disk password 60. The system prompts the
`user for the hard disk password 62, loads the user provided
`password into the encryption circuit 28, and then encrypts
`the user’s entry using itself 64. The system compares the two
`passwords 66. If there is a match the boot process continues
`68. If not, the system again prompts the user for the hard disk
`password 62.
`FIG. 6 expands on step 42 in FIG. 3. The hard disk
`encryption routine begins by prompting the user for a new
`hard disk password 70. Then, the drive seeks the end of the
`second tile allocation table (PM) 72. The tile allocation
`tables are not encrypted. The following loop is repeated: the
`encryption circuit is disabled 74; a block is read from the
`hard disk 76; the encryption circuit is enabled 78; the .same
`block is written back to the hard disk 80. After each
`repetition, the system tests for the end of the hard disk 82.
`if it is not the end of the hard disk, the process '14-80 is
`repeated. The encryption is complete 84 after encryption of
`the last block on the drive.
`FIG. 7 describes the opposite function, the decryption of
`an encrypted disk. The hard disk decryption routine begins
`by prompting the user for the current hard disk password 90.
`Then, the drive seeks the end of the second file allocation
`table (FAT) 92. The following loop is repeated: the encryp—
`tion circuit is enabled 94; a block is read from the hard disk
`96; the encryption circuit is disabled 98; the same block is
`written back to the hard disk 100. After each repetition the
`system tests for the end ofthe hard disk 102. If it is not the
`end of the hard disk, the process 94—80 is repeated. The
`encryption is complete 104 after encryption of the last block
`on the drive.
`
`40
`
`4:1
`
`50
`
`55
`
`fit]
`
`as
`
`4
`Referring to FIG. 8, the encryption circuit 28 includes a
`password storage register 111]. Password storage register 110
`is both write only and volatile. The register cannot be read
`and loses its contents when power is lost. The encryption
`circuit 28 also includes a memory for storing one unen—
`crypted sector 112. The password and unencrypted sector are
`combined in exclusive or (XOR) logic 114 and output to a
`memory for storing one encrypted sector 116.
`The password can be combined with the data to be
`encrypted in many dilferent ways depending on how much
`complexity is desired. The simplest method is to combine
`the first byte of the password with the first byte of the data
`with an XOR. 'lhen, combine the second byte of the data
`with the second byte of the password with the XOR. When
`the last byte of the pasword is used, the first byte is used
`again to XOR with the data. This iscontinued to the end of
`the sector. A new sector always begins at the beginning of
`the password.
`Although described above in terms of the preferred
`embodiment, the present invention is set fonh with particu-
`larity in the appended claims. Such modifications and alter—
`ations as would be apparent to one ofordinary skill in the art
`and familiar with the teachings of this application shall be
`deemed to fall within the spirit and scope of the invention.
`In particular, the preferred embodiment of the invention
`describes a hard disk. In the near future, it is probable that
`computer mass data storage will not be in the form of a
`magnetic hard disk but in some form of non—volatile silicon.
`The invention is independent of the technology used to store
`data and any mass-storage device is deemed to be within the
`spirit of the invention.
`What is claimed is:
`1. A computer system comprising:
`a CPU:
`at mass storage device;
`a bus for coupling the CPU and the mass storage device;
`a encryption circuit intercepting data traveling between
`said CPU and said mass storage device, for encrypting
`and decrypting data as it travels to and from said mass
`storage device and said CPU.
`2. The computer system according to claim 1 further
`comprising means for storing a password.
`3. ’lhe computer system according to claim 2 wherein said
`encryption circuit
`includes means for encrypting and
`decrypting data according to said password.
`further
`4. The computer system according to claim I
`comprising means for removing said mass storage device.
`5. The computer system according to claim I
`further
`comprising means for removing said mass storage device
`and said means for storing a password as a single unit.
`6. A mass storage device for installation in a computer
`comprising:
`mass storage media for storing data;
`nteans for storing a password;
`mounting means for men uting said mass storage device in
`a computer; and
`an encryption circuit [or encrypting data using said pass-
`word as a key.
`7. A method for encrypting and decrypting data compris—
`mg:
`providing a computer system including a CPU and a mass
`storage device connected by a bus;
`requesting a password from a user;
`encrypting data, using said passwurd as a key, as it travels
`from said CPU to said mass storage device: and
`
`Toshiba_Apricorn 1005-0008
`Toshiba_Apricorn 1005-0008
`IPR2018-01067
`|PR2018—01067
`
`
`
`US 6,199,163 B]
`
`5
`decrypting data using saidpusmword asakcy, as it lravuls
`from said may»; sluragc duvicu It: said CPU.
`8. The mclhod according [a claim 7 furl hcr comprising
`storing said password and only rcqucsiing said password on
`
`6
`a lirst use and retrieving said pa5~3w0n| from storage on
`subscqucnl uses.
`
`’k
`
`*
`
`*
`
`*
`
`1*
`
`Toshiba_Apricorn 1005-0009
`Toshiba_Apricorn 1005-0009
`IPR2018-01067
`|PR2018—01067
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`CERTIFICATE OF CORRECTION
`
`PATENT NO.
`DATED
`INVENTORG)
`
`: 6.l99,163 Bl
`: March 6, 2001
`: Dumas et al.
`
`Page 1 of 3
`
`It is certified that error appears in the above—identified patent and that said Letters Patent is
`hereby corrected as shown below:
`
`predetermined enmtion algoritlun.
`
`Claims.
`
`1. (Amended) A computer system comprising:
`a CPU;
`
`a mass storage device;
`a bus for coupling the CPU and the mass storage device;
`a encryption circuit employing a predetermined encgjption algorithm:
`a password storage register Operable with said encpyption circuit for
`intercepting data traveling between said CPU and said mass storage device.
`for encrypting and decrypting data as it travels to and from said mass storage
`device and said CPU; and
`system software for retreiving a password from said mass storage device
`for comparision with said password storage register.
`
`(Amended) The computer system according to claim 1 [further comprising
`2.
`means for] wherein said password storage register comprises a write only register for
`storing a password.
`
`(Amended) The computer system according to claim 2 wherein
`3.
`said encryption circuit [includes means] provides for encrypting and decrypting
`data including the password from said mass storage device according to said password.
`
`(Amended) The computer system according to claim 1 [further
`4.
`comprising means for removing] wherein said mass storage device is removable.
`
`(Amended) The computer system according to claim I [further comprising
`5.
`means for removing said mass storage device and said means for storing a password as
`a single unit] wherein said system software comprises a basic input output system
`{BIOS} for retreiving the password from said mass storage device facilitating the
`removal of said mass storage device for use in personal compppers employingsaid
`
`Toshiba_Apricorn 1005-0010
`Toshiba_Apricorn 1005-0010
`IPR2018-01067
`|PR2018—01067
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`CERTIFICATE OF CORRECTION
`
`PATENT N0.
`DATED
`INVENTOR{S)
`
`: 6.199.163 Bl
`: March 6. 2001
`: Dumas El 231.
`
`Page 2 of 3
`
`It is certified that error appears in the above-identified patent and that said Letters Patent is
`hereby corrected as shown below:
`
`(Amended) A mass storage device for installation in a computer
`
`6.
`comprising:
`mass storage media for storing data;
`[means for storing a password;]
`[mounting means] a bus connection for mounting said mass storage
`device in a computer; [and]
`an encryption circuit employing a pledetermined encryption algorithm;
`
`a password storage registegppggable with said encggption circuit for for
`encrypting data using {said} a password as a key-Lid
`system software for retreivingthppassword from said mass storage
`media for comparison with said password storage register.
`
`(Amended) A method for encrypting and decrypting data comprising:
`7.
`providing a computer system including a CPU and a mass storage device
`connected by a bus;
`requesting a password from a user;
`encrypting data emplogp‘ng a predetermined encryption algorithm and a
`stored password Operable with an encryption circuit, using said password
`as a key. as it travels from said CPU to said mass storage device; and
`decrypting data using said password as a key. as it travels from said mass
`storage device to said CPU;a_nd
`retrieving a password from the mass storage device for comparison with
`- the stored password.
`
`.
`
`Toshiba_Apricorn 1005-0011
`Toshiba_Apricorn 1005-0011
`IPR2018-01067
`|PR2018—01067
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`CERTIFICATE OF CORRECTION
`
`PATENT NO.
`DATED
`INVENTORG)
`
`: 6.199.163 Bl
`: March 6. 2001
`: Dumas et a].
`
`Page 3 of 3
`
`It is certified that error appears in the abovehidentified patent and that said Letters Patent is
`hereby corrected as shown below:
`
`(Amended) The method according to claim 7 further comprising
`8.
`storing said password in a write only register and only requesting said password
`from a user on a first use and retrieving said password from [storage] the mass
`storage device on subsequent uses.
`
`Acting Directorojrhr United States Patent and deemrk Qfi‘ir‘e
`
`Signed and Sealed this
`
`Twentieth Day of November, 2001
`
`77m 29M;
`
`NICHOLAS Pt GODICI
`
`Arresting Qfi'icer
`
`Toshiba_Apricorn 1005-0012
`Toshiba_Apricorn 1005-0012
`IPR2018-01067
`|PR2018—01067
`
`