Abstract: An information processing device of one embodiment includes a first memory being volatile, a second memory being non-rewritable and nonvolatile, and a processor. A first program, a second program, and a digital signature for the second program are loaded into the first memory. A third program and a public key are stored in the second memory. Upon satisfaction of a certain condition during execution of the first program, the processor verifies the second program on the basis of the digital signature and the public key, in accordance with the third program. After finding a result of the verification as a pass, the processor analyzes the first program in accordance with the second program. The processor refrains from analyzing the first program after finding the result of the verification as a fail.

Abstract: According to one embodiment, a server device includes a memory and a processor. The memory stores verification information. The processor accepts a request to transmit a certificate number, generates information in which identification information of one of storage devices from which data is to be erased, a public key, a secret key, and the certificate number are associated with one another, transmits the certificate number, performs verification using an authenticator transmitted by the one storage device and verification information, generates, based on a result of the verification, an erasure certificate that includes the identification information and the certificate number and is signed using the secret key, and transmits the erasure certificate.

Abstract: According to an embodiment, a data transfer control device includes a controller, and the controller generates tag information when the controller receives a tag generation request, and encrypts the tag information, transmits the encrypted tag information to a device that transmits the tag generation request, processes data stored at a predetermined address to generate data for transmission when an address at which the data related to the data transfer request is stored includes the predetermined address, scrambles or encrypts the data for transmission using the tag information, and transmits the scrambled or encrypted data to the device.

Abstract: According to one embodiment, a storage device includes a SoC, a disk, and an e-fuse. The SoC is an integrated circuit configured on one chip on which a CPU is mounted. The disk is controlled through the SoC. The e-fuse is provided on a clock signal line mounted in the SoC and is disconnected by an external input to the CPU.

Abstract: According to one embodiment, a server device includes a memory and a processor. The memory stores verification information. The processor accepts a request to transmit a certificate number, generates information in which identification information of one of storage devices from which data is to be erased, a public key, a secret key, and the certificate number are associated with one another, transmits the certificate number, performs verification using an authenticator transmitted by the one storage device and verification information, generates, based on a result of the verification, an erasure certificate that includes the identification information and the certificate number and is signed using the secret key, and transmits the erasure certificate.

Abstract: An information processing device of one embodiment includes a first memory being volatile, a second memory being non-rewritable and nonvolatile, and a processor. A first program, a second program, and a digital signature for the second program are loaded into the first memory. A third program and a public key are stored in the second memory. Upon satisfaction of a certain condition during execution of the first program, the processor verifies the second program on the basis of the digital signature and the public key, in accordance with the third program. After finding a result of the verification as a pass, the processor analyzes the first program in accordance with the second program. The processor refrains from analyzing the first program after finding the result of the verification as a fail.

Abstract: According to an embodiment, a data transfer control device includes a controller, and the controller generates tag information when the controller receives a tag generation request, and encrypts the tag information, transmits the encrypted tag information to a device that transmits the tag generation request, processes data stored at a predetermined address to generate data for transmission when an address at which the data related to the data transfer request is stored includes the predetermined address, scrambles or encrypts the data for transmission using the tag information, and transmits the scrambled or encrypted data to the device.

Abstract: According to one embodiment, a processor of a storage device is configured: to receive an instruction of setting a portion of an area of a storage medium from a first state to a second state and receive first information defining a condition of setting the portion of the area from the second state to the first state again from a first host device among a plurality of host devices; to set the portion of the area to the second state in response to the instruction; and to set, after the portion of the area is set to the second state in response to the instruction, the portion of the area from the second state to first state again based on the first information.

Abstract: A storage device includes a non-volatile memory having a plurality of storage areas. Received data is encrypted with a first cryptographic key and stored in one of the storage areas. Upon receiving an request from a host, a key processor replaces the first cryptographic key used to encrypt data stored on a specified one of the non-volatile memories with a different cryptographic key not previously used for any of the storage areas by generating a second cryptographic key, converting the previously used keys into first value by an operation, converting the candidate key into a second value by the same operation. The first and second values are compared, and when the first information is not the same as the second information, the second cryptographic key replaces the first cryptographic key, and when not, the second cryptographic key is discarded and a new second cryptographic key generated.

Abstract: According to embodiments, a storage device includes a storage unit, a receiving unit, an authenticating unit, and a control unit. Prior to executing erasure processing of data that has been stored in the storage unit, the receiving unit receives, from an external device that clocks time, third information including first information and second information, the first information regarding time counted by the external device and the second information being information for authenticating the external device. The authenticating unit performs authentication processing of the external device by using the second information included in the third information. When the authentication of the external device has succeeded, the control unit generates an erasure log that contains erasure time when the erasure processing has been executed on the basis of the first information included in the third information. When the authentication of the external device has failed, the execution of the erasure processing is prohibited.

Abstract: According to one embodiment, a storage device comprises a cipher processing unit, a memory, and a key processing unit. The cipher processing unit encrypts data using a key. The memory stores the encrypted data. The key processing unit replaces a first key having been used by the cipher processing unit with a second key. The key processing unit comprises a generating unit, a history managing unit, a computing unit, and a comparing unit. The history managing unit converts the first key into first information by an operation and stores the first information. The computing unit converts a candidate key generated by the generating unit into second information by the operation. The comparing unit compares the first information and the second information, and, if the two do not coincide, determines the candidate key as the second key and, if the two coincide, discards the candidate key.

Abstract: A storage device includes a storage module, an authentication process execution module, an encryption processor and a security setting module. The storage module stores an encryption key, a flag indicating whether the encryption key can be used, a password used for authentication associated with the encryption key and the flag, and user data. The authentication process execution module uses a password to authenticate a connected host device. The encryption processor uses an encryption key stored being associated with a flag indicating permission to use the encryption key in accordance with an instruction from the host device, and encrypts user data received from the host device or decrypts the user data stored in the storage module. On encryption or decryption, the security setting module changes the setting of a flag stored being associated with the encryption key used for the encryption or the decryption.

Abstract: According to one embodiment, a control device of a storage device that is supplied with a power supply voltage from a power supply and writes write data to a recording medium, includes an input module and a controller. The input module receives a comparison result obtained by comparing the power supply voltage with a threshold voltage. The controller saves the write data to a save area when determining, immediately before writing the write data to the recording medium, that the power supply voltage is lower than the threshold voltage based on the comparison result, and writes the write data saved in the save area to the recording medium.

Abstract: A data reading unit reads inner offset data from an offset reading in an inner direction toward a center of a storage medium and outer offset data from an offset reading in an outer direction toward a circumference of the storage medium. A data comparing unit compares the inner offset data and the outer offset data read by the data reading unit. A data-output control unit that outputs the read-data when a result of comparison by the data comparing unit indicates that the inner offset data matches the outer offset data.

Abstract: A data reading unit reads inner offset data from an offset reading in an inner direction toward a center of a storage medium and outer offset data from an offset reading in an outer direction toward a circumference of the storage medium. A data comparing unit compares the inner offset data and the outer offset data read by the data reading unit. A data-output control unit that outputs the read-data when a result of comparison by the data comparing unit indicates that the inner offset data matches the outer offset data.