Browse Prior Art Database

Tweak modification to improve reliability and durability in an encrypted Flash based back-up system

IP.com Disclosure Number: IPCOM000248984D
Publication Date: 2017-Jan-25
Document File: 3 page(s) / 45K

Publishing Venue

The IP.com Prior Art Database

Abstract

This article describes a method to improve the reliability and durability of an encrypted Flash based back-up system. Many encryption methods (such as XTS AES 256) use tweaks to modify how data is encrypted. By varying the tweak between back up operations, using the method described in this article, the reliability of a Flash based back-up system can be improved.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 39% of the total text.

Tweak modification to improve reliability and durability in an encrypted Flash based back-up system

Non-volatile NAND Flash memory technology is very often used, in computer systems, to back up data from a volatile memory source (e.g DRAM) especially in the case of an unexpected power fail.

As NAND Flash geometries shrink, its memory cells become more susceptible to bit errors. Furthermore, it is widely known that certain bit patterns are more prone to causing bit errors. Depending upon the application, the set of data that is to be backed up to Flash may only change very slightly between back ups. Many of the same data patterns written to Flash may persist from back up to back up. As a consequence there is a greater chance that error prone bit patterns (once written during a single back-up operation) will persist following future back-ups reducing the overall endurance and error resistance of the NAND Flash memory.

The above problem could be mitigated in the following ways: The data that is to be backed up is often encrypted before it is written to1.

Flash in order to secure that data. A secondary benefit of a strong encryption scheme, such as the Advanced Encryption Standard (AES), is that it acts like a data scrambler. Even if a large percentage of the data set to be backed up does not change between back up operations the actual pattern of data stored on Flash (as ciphertext) could be changed by altering the encryption key used.

The encryption scheme could be augmented with the use of a tweak.2. "XEX-based Tweaked-codebook mode with ciphertext Stealing" (XTS) AES 256 is an example of a scheme that uses a tweak. Modifying a tweak is often less expensive or complex than replacing an entire key.

Solution 1 may be expensive and in some cases unfeasible. This is because the key must be altered before every back up operation. This adds complexity to the computer system's key management if that management system is to remain secure. In a typical computer system, the changing of a key will be an event completely independent of the occurrence of a back-up. Several back-ups may occur before a key is changed. Thus error prone data patterns, written into the Flash as ciphertext, may still linger from back-up to back-up.

Solution 2 also has a drawback. A typical storage system using encryption would calculate the tweak using a hashing algorithm based upon address. For a Flash based system, hashing could be based upon the page address and block address of the page being accessed. Thus different Flash pages would use different values of tweak with the same key because they would be at different page and block addresses. However the same page would use the same tweak/key combination from back-up to back-up. Given that only a small percentage of the total data saved could change between back-ups the chance of an error prone bit pattern being carried through to the next back-up operation is high and thus this does not solve the above problem.

The idea desc...