U.S. patent application number 14/172489 was filed with the patent office on 2014-07-24 for method and system for generating a random number.
This patent application is currently assigned to Seagate Technology LLC. The applicant listed for this patent is Seagate Technology LLC. Invention is credited to Sung-Youn Cho, Seung-Youl Jeong, Jong-Lak Park, Hak-Yeoul Sohn.
Application Number | 20140205093 14/172489 |
Document ID | / |
Family ID | 33516438 |
Filed Date | 2014-07-24 |
United States Patent
Application |
20140205093 |
Kind Code |
A1 |
Cho; Sung-Youn ; et
al. |
July 24, 2014 |
METHOD AND SYSTEM FOR GENERATING A RANDOM NUMBER
Abstract
For generating a seed, such as for a random number, a plurality
of data storage location identifiers, such as sectors, can be
combined. A random number can be calculated using the seed. The
selection of the data storage location identifiers can be time
varied based on commands received from a host. The seed that is
generated can have enhanced unpredictability and complexity for
secure data cryptography.
Inventors: |
Cho; Sung-Youn; (Seoul,
KR) ; Jeong; Seung-Youl; (Gyeonggi-Do, KR) ;
Park; Jong-Lak; (Gyeonggi-Do, KR) ; Sohn;
Hak-Yeoul; (Seoul, KR) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
Seagate Technology LLC |
Cupertino |
CA |
US |
|
|
Assignee: |
Seagate Technology LLC
Cupertino
CA
|
Family ID: |
33516438 |
Appl. No.: |
14/172489 |
Filed: |
February 4, 2014 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
10872838 |
Jun 21, 2004 |
8650234 |
|
|
14172489 |
|
|
|
|
Current U.S.
Class: |
380/46 |
Current CPC
Class: |
H04L 9/0816 20130101;
G11B 20/10 20130101; G11B 20/00086 20130101 |
Class at
Publication: |
380/46 |
International
Class: |
H04L 9/08 20060101
H04L009/08 |
Foreign Application Data
Date |
Code |
Application Number |
Jun 21, 2003 |
KR |
200340481 |
Claims
1. A method of generating a random number in a data storage device,
comprising: generating a seed from a respective data storage
location identifier for each of a plurality of data storage
locations of the data storage device, wherein the seed is generated
from a combination of the plurality of respective data storage
location identifiers of the plurality of data storage locations
before the random number is generated from the seed; and
calculating the random number based on the seed.
2. The method of claim 1, further comprising the respective data
storage location identifier is a respective sector for each of a
plurality of sectors of the data storage device.
3. The method of claim 1, further comprising each of the respective
data storage location identifiers is selected, at a respective
time, from accessed data storage locations.
4. The method of claim 3, further comprising a time period between
reading a previous data storage location identifier and a
subsequent data storage location identifier is determined based on
the previous data storage location identifier.
5. The method of claim 4, further comprising the time period
between reading the previous data storage location identifier and a
subsequent data storage location identifier varies based on a value
of the previous data storage location identifier.
6. The method of claim 1, further comprising performing data
encryption based on the random number generator.
7. The method of claim 1, further comprising sequentially appending
each of the respective data storage location identifiers to
generate the seed.
8. A system comprising: a processor adapted to: generate a seed
from a combination of data storage location identifiers for a
plurality of data storage locations of a data storage device; and
generate a random number based on the seed.
9. The system of claim 8, further comprising a data storage unit
and the processor is adapted to store the data storage location
identifiers in the data storage unit.
10. The system of claim 8, further comprising each of the
respective data storage location identifiers is selected, at
varying times, from accessed data storage locations.
11. The system of claim 8, further comprising: an interface coupled
to the processor, the interface adapted to receive data access
commands from a host system; and the processor is adapted to select
the data storage location identifiers for generating the seed from
data storage location identifiers corresponding to the commands
received from the host.
12. The system of claim 8, further comprising the data storage
device is a disk drive.
13. The system of claim 12, further comprising the disk drive is a
hard disk drive.
14. A data storage device comprising: a data storage memory having
data storage locations addressable with data storage location
identifiers; a processor unit coupled to the data storage memory
and configured to generate a seed from a combination of a plurality
of data storage location identifiers corresponding to data storage
locations of the data storage device; and a random number generator
configured to generate a random number based on the seed.
15. The data storage device of claim 14 further comprising: an
interface coupled to the processor unit, the interface adapted to
receive data access commands from a host; and the processor unit is
configured to select the plurality of data storage location
identifiers for generating the seed from data storage location
identifiers corresponding to the commands received from the
host.
16. The data storage device of claim 15, further comprising each of
the plurality of data storage location identifiers for generating
the seed is selected, at varying times, from data storage location
identifiers received from the host.
17. The data storage device of claim 14, further comprising the
processor is configured to determine a time period between reading
a previous data storage location identifier and a subsequent data
storage location identifier based on the previous data storage
location identifier.
18. The data storage device of claim 17, further comprising the
processor is configured to vary the time period between reading the
previous data storage location identifier and a subsequent data
storage location identifier based on a value of the previous data
storage location identifier.
19. The data storage device of claim 12, further comprising the
data storage device is a disk drive.
20. The data storage device of claim 19, further comprising the
disk drive is a hard disk drive and the data storage memory is a
magnetic disk.
Description
CROSS REFERENCE TO RELATED APPLICATIONS
[0001] The present application is a continuation of and claims
priority to pending U.S. patent applications Ser. No. 10/872,838,
filed Jun. 21, 2004, entitled "Method and System for Generating a
Random Number in Disk Drive,", which claimed priority to Korean
Patent Application No. 2003-40481, filed on Jun. 21, 2003 in the
Korean Intellectual Property Office, the contents of which are both
hereby incorporated by reference in their entireties.
BACKGROUND OF THE INVENTION
[0002] 1. Field of the Invention
[0003] The present invention relates to a method and system for
generating a random number, and more particularly, to generating
the random number using sector numbers within a disk drive.
[0004] 2. Description of the Related Art
[0005] Random numbers are used in many applications, and especially
in cryptography which is broadly defined as "the art and science of
keeping data secure." Three major elements of data security include
authentication, confidentiality, and integrity.
[0006] Authentication ensures that only an authorized user has
access to data. An example protocol for authentication using a
random number is as follows:
[0007] A. a user requests access to data that is password protected
on a server;
[0008] B. the server responds with a random challenge which is a
random number combined with other information;
[0009] C. the user encrypts the random challenge using its password
as a key and returns the encrypted challenge to the server;
[0010] D. the server encrypts the same random challenge with the
user's password retrieved from its own database; and
[0011] E. the server compares the two encrypted random challenges,
and if they are the same, the user is authorized to have access to
the data.
[0012] In this manner, because the random challenge is used, the
user is authorized without the user ever sending just the password
over a network. In addition, because a random number is used, the
random challenge constantly changes over time for secure
authorization.
[0013] Confidentiality ensures that an unauthorized person is not
able to extract meaningful data from encrypted data. Data
encryption is the process of combining plain text with a
cryptographic key to generate encrypted data which ideally is
impossible to decrypt without a decryption key. Random numbers,
used for such encryption and description keys, are essential for
data encryption.
[0014] Integrity detects for undesired tampering to data using a
digital signature which is a binary string of fixed length (i.e., a
cryptography hash) unique to a given message and signed with the
originator's private key. A user having the Originator's public key
decrypts the message and is ensured that the owner of the private
key originated the message. Random numbers are used to generate
such digital signatures.
[0015] In this manner, random numbers are essential for the various
data security protocols, and a higher degree of randomness of the
random number enhances the level of security.
[0016] FIGS. 1 and 2 show a flowchart and a system 100 for
generating a random number according to the prior art. The system
100 includes a data processor 102 that receives a variable SEED
from a system timer 104 (step 106 of FIG. 1). The system timer 104
generates SEED depending on the current time at the system 100. The
data processor 102 then sets a variable X(n)=SEED, initially with
n=O (step 108 of FIG. 1). Next, the RANDOM NUMBER X(n+1) is
generated as follows (step 110 of FIG. 1):
RANDOM NUMBER, X(n+1)=[1103515245*X(n)+12345]mod M
[0017] Such an equation is an example of a linear congruential
random number generator calculated by the data processor 102 of
FIG. 2. This equation for X(n+1) is described in the well-known
book entitled The C Programming Language by Brian W. Kernighan and
Dennis M. Ritchie. Such an equation for X(n+1) includes modular
arithmetic with mod M that returns a random integer in the range
[0-(M-1)], when the SEED=X(O) is also in a range of [0-(M-1)]. For
example, if the SEED=X(O) is eight bits long, the SEED is in a
range of 0 to (2.sup.8-1)=255, and M=256.
[0018] After the RANDOM NUMBER X(n+1) is calculated at step 110 and
if n is not greater than 7 (step 116 of FIG. 1), X(n+1) is stored
within a data buffer 112 in the system 100 (step 110 of FIG. 1). In
addition in that case, n is incremented by 1 (i.e., n=n+1) (step
116 of FIG. 1), and the flowchart loops back to step 110 to
calculate the next X(n+1) with the incremented n. On the other
hand, if n is great than 7, the flowchart of FIG. 1 ends.
[0019] Thus, steps 110,114, and 116 are repeated until n>7 when
X(1), X(2), X(3), X(4), X(5), X(6), X(7), and XeS) are generated
and stored within the data buffer 112. The binary bits of such
random numbers X(1), X(2), X(3), X(4), X(5), X(6), X(7), and X(8)
may be sequentially appended to form a random number of increased
bits. For example, when the SEED from the timer 104 is just eight
bits long, each of the random numbers X(1), X(2), X(3), X(4), X(5),
X(6), X(7), and X(8) is also eight bits long. To generate a random
number that is 64-bits long, X(1), X(2), X(3), X(4), X(5), X(6),
X(7), and X(8) are sequentially appended together.
[0020] Any random number generated from calculation by a data
processor is not "purely random." In contrast, tossing a dice or
movement of an electron are "purely random" physical processes.
Thus, a random number generated from calculation by a data
processor is deemed to be "pseudo random." Such a pseudo random
number follows a same repeatable pattern when the starting SEED is
the same, and there is only a finite set of possible SEED
values.
[0021] Thus, the quality (i.e., the level of randomness) of a
pseudo random number generator depends on the quality of the SEED
value. The SEED value is desired to be as random as possible and is
desired to have high complexity meaning a high number of bits that
are as unpredictable as possible.
[0022] The prior art method and system of FIGS. 1 and 2 are
disadvantageous because the SEED value from the timer 104 is
comprised of only eight bits. In addition, because the SEED value
is dependent on the current time from the timer 104, such a value
may not necessarily be unpredictable.
[0023] Data security is becoming an important factor in HDD (hard
disk drives) for modern consumer electronics. A hard disk drive has
advantages of random access, high data transmission speed, low
cost, and high capacity as compared with other auxiliary memory
devices. Thus, hard disk drives are being widely used in storing
multimedia data for example.
[0024] In particular, a personal video recorder (PVR) is generally
used for storing digital audio/video (AV) data received from
broadcasting stations on a hard disk drive and reproducing the
stored digital AV data. The digital AV data is generally encrypted
and scrambled, so that it cannot be used without a valid broadcast
receiver. However, the digital AV data to be stored on the hard
disk drive may be intercepted during transmission by an
unauthorized third party. Thus, various measures have been taken to
prevent such interception. For example, Korean Patent Publication
No. 2001-27550 discloses a device for storing received digital AV
data on a hard disk drive through repeated descrambling and
encryption. The device includes a random number generator having a
different initial value with respect to each broadcast receiver for
such descrambling and encryption.
[0025] In any case, because data security is becoming such an
important factor for hard disk drive applications, a mechanism for
generating a random number with high randomness is desired.
SUMMARY OF THE INVENTION
[0026] In some embodiments, a method of generating a random number
in a data storage device can include generating a seed from a
respective data storage location identifier for each of a plurality
of data storage locations of the data storage device, wherein the
seed is generated from a combination of the plurality of respective
data storage location identifiers of the plurality of data storage
locations before the random number is generated from the seed. The
method can also include calculating the random number based on the
seed.
[0027] In other embodiments, a system can include a processor
adapted to generate a seed from a combination of data storage
location identifiers for a plurality of data storage locations of a
data storage device. The processor can also be adapted to generate
a random number based on the seed.
[0028] In yet other embodiments, a data storage device can include
a data storage memory having data storage locations addressable
with data storage location identifiers and a processor unit coupled
to the data storage memory and configured to generate a seed from a
combination of a plurality of data storage location identifiers
corresponding to data storage locations of the data storage device.
The data storage device can also include a random number generator
configured to generate a random number based on the seed.
BRIEF DESCRIPTION OF THE DRAWINGS
[0029] The above and other features and advantages of the present
invention will become more apparent by describing in detail
exemplary embodiments thereof with reference to the attached
drawings in which:
[0030] FIG. 1 is a flowchart of a prior art method of generating a
random number;
[0031] FIG. 2 is a prior art system for generating the random
number according to the method of FIG. 1;
[0032] FIG. 3 is a block diagram of components within a HDD (hard
disk drive) adapted to generate a random number according to an
embodiment of the present invention;
[0033] FIG. 4 is a block diagram of a system implemented with
components within the HDD in FIG. 3 for generating the random
number according to an embodiment of the present invention;
[0034] FIG. 5 shows a flowchart of steps during operation of the
system of FIG. 4 for generating the random number according to an
embodiment of the present invention;
[0035] FIG. 6 shows a flowchart of steps during operation of the
system of FIG. 5 for generating a seed using sector numbers
according to an embodiment of the present invention;
[0036] FIG. 7 shows a magnetic disk of the HOD of FIG. 3 organized
into tracks and sectors;
[0037] FIG. 8 shows an example ATA interface register storing the
track number and the sector number for a sector to be accessed;
and
[0038] FIG. 9 shows a flowchart of steps for generating a seed
using sector numbers of sectors located on different tracks,
according to another embodiment of the present invention.
[0039] The figures referred to herein are drawn for clarity of
illustration and are not necessarily drawn to scale. Elements
having the same reference number in FIGS. 1, 2, 3, 4, 5, 6, 7, 8,
and 9 refer to elements having similar structure and/or
function.
DETAILED DESCRIPTION OF THE INVENTION
[0040] The present invention is described herein for a HDD (hard
disk drive). However, the present invention may be applied for
generating a random number within any other types of disk drives
having sectors that are accessed for read/write of data.
[0041] FIG. 3 shows a block diagram of a disk drive 200 such as a
HDD (hard disk drive) for example that stores data magnetically. A
host system 202 accesses the disk drive 200 for reading/writing
data from/to a magnetic disk 204 within the disk drive 200. The
disk drive 200 includes a disk interface 206 to the host system
202.
[0042] A MPU (main processing unit) 208 is a data processor that
controls operation of the components of the disk drive 200 and is
coupled to the disk interface 206. The MPU 208 is also coupled to a
data storage unit 210 that stores various instructions and data for
operation of the
[0043] MPU 208. In addition, the MPU 208 is coupled to a read/write
IC (integrated circuit) 211 for performing the read/write of data
from/to the magnetic disk 204. A pre-amplifier 212 amplifies
signals from/to a magnetic head 214 used for reading/writing data
from/to the magnetic disk 204. The MPU 208 controls a VCM (voice
coil motor) driver 216 that moves the magnetic head 214 with
respect to the magnetic disk 204. The MPU 208 also controls a SPM
(spindle motor) driver 218 that rotates the magnetic disk 204 with
respect to the magnetic head 214. The components of FIG. 3 for
typical operations of read/write from/to the magnetic disk 204 are
known to one of ordinary skill in the art.
[0044] However, the components of the HDD 200 are further modified
from the prior art to form a system 201 of FIG. 4 for generating a
random number according to the present invention. Referring to FIG.
4, the MPU 208 is modified to include a random number generator
252, and the data storage unit 210 is modified to store a plurality
of sector numbers to generate a seed according to the present
invention.
[0045] Furthermore, the MPU 208 is modified to perform the steps of
the flowcharts of FIGS. 5, 6, and/or 9, especially when the HDD 200
is used within an application requiring data cryptography such as a
PVR (personal video recorder) for processing A/V (audio/video)
data. FIGS. 5, 6, and 9 show flowcharts of steps performed by the
MPU 208 when executing sequences of instructions stored within the
data storage unit 210.
[0046] FIG. 5 shows a flowchart of steps for generating a random
number for data cryptography within the HDD 200. Referring to FIGS.
4 and 5, the MPU 208 receives a request for data cryptography such
as user authentication or data encryption (step 302 of FIG. 5).
Upon such a request, the MPU 208 generates a SEED using sector
numbers within the HDD 200 (step 304 of FIG. 5). Using such a SEED,
the MPU 208 generates the RANDOM NUMBER with the random number
generator 252 that is a linear congruential random number generator
according to one embodiment of the present invention (step 306 of
FIG. 5). The MPU 208 then uses the RANDOM NUMBER for performing
user authentication or data decryption (step 308 of FIG. 5).
[0047] FIG. 6 shows a flowchart with detailed sub-steps for
generating the SEED in step 304 of FIG. 5. Referring to FIGS. 3, 4,
5, and 6, for generating the SEED, the MPU 208 sets a variable n=0
(step 312 of FIG. 6). The MPU 208 then waits until the head 214
settles on a track of the magnetic disk 204 (step 314 of FIG.
6).
[0048] Referring to FIG. 7, the magnetic disk 204 is organized into
a plurality of concentric tracks. Each track is then divided into a
plurality of sectors. Thus, each sector on the disk 204 is labelled
with TX,SY, with X referring to a track number and Y referring to a
sector number. FIG. 7 shows three tracks with eight sectors per
track for clarity of illustration and description. However, a
typical disk of a modem HDD has tens of thousands of tracks and
about 2.sup.8=256 sectors per track.
[0049] For reading/writing data from/to the disk 204, the host
system 202 specifies the track number and the sector number to be
accessed for such a read/write operation via the disk interface
206. Such information is transferred to the disk interface 206
according to the ATA/IDE standard as known to one of ordinary skill
in the art. Thus, referring to FIGS. 4 and 5, the disk interface
206 includes ATA interface registers 254 for storing such track and
sector numbers. A first ATA interface register 256 stores the track
number of the sector to be accessed, and a second ATA interface
register 258 stores the sector number of the sector to be accessed.
In the ATA/IDE standard, the first ATA interface register 256 is a
16-bit register for storing the selected track number, and the
second ATA interface register 258 is an 8-bit register for storing
the selected sector number.
[0050] Referring back to step 314 of FIG. 6, the magnetic head 214
settles to the track having the track number specified in the first
ATA interface register 256. Thereafter, the 8-bit sector number
S(n) stored in the second ATA interface register 258 is read and
stored within the data storage unit 210 (steps 316 and 318 of FIG.
6). Thereafter, the MPU 208 waits a time period (step 320 of FIG.
6). In one embodiment of the present invention, such a time period
depends on the value of the previous sector number S(n) read in
step 316.
[0051] When such a time period has elapsed and if the value n is
not greater than 7 (step 322 of FIG. 6), n is incremented by one,
n=n+1 (step 324 of FIG. 6), and the flowchart loops back to step
316. With such looping back, steps 316, 318, 320, 322, and 324 are
repeated with the incremented n to read a subsequent sector number
stored within the second ATA interface register 258.
[0052] In this manner, each of eight sector numbers S(0), S(1).
S(2), S(3), S(4), S(5), S(6), and S(7) are read at a respective
time point. Each of the sector numbers S(0), S(1). S(2), S(3),
S(4), S(5), S(6), and S(7) are sequentially read in that order.
Because the time points for reading such eight sector numbers is
different, such sector numbers are likely to be different. In the
example embodiment of the present invention, each of the sector
numbers is 8-bits long. In an example embodiment of the present
invention, the SEED is generated by appending the sector numbers
S(0), S(1), S(2), S(3), S(4), S(5), S(6), and S(7) together in that
order such that the SEED is 64 bits long. Thus, the maximum value
for the variable n in step 322 is dictated by the bit-length of the
sector number and the desired bit-length of the SEED. When n is
greater than 7 in step 322, the SEED is generated by appending the
sector numbers S(0), S(1), S(2), S(3), S(4), S(5), S(6), and S(7)
in that order. Referring to FIGS. 6 and 7, such a 64-bit SEED is
used to determine the RANDOM NUMBER in step 306 of FIG. 7 with
M'=2.sup.64 for the mod function.
[0053] In one embodiment of the present invention, the sector
numbers S(0), S(1), S(2), S(3), S(4), S(5), S(6), and S(7) are for
sectors on a same track of the disk 204. In an alternative
embodiment of the present invention, the sector numbers S(0), S(1),
S(2), S(3), S(4), S(5), S(6), and S(7) are for sectors on different
tracks of the disk 204. In that case, the flowchart of FIG. 9 is
followed such that the MPU determines whether the head has settled
on a track before each sector number is read. Thus, the flowcharts
of FIGS. 6 and 9 are similar except that the flowchart of FIG. 9
loops back to step 314 after n is incremented in step 324.
[0054] Furthermore, in another embodiment of the present invention,
the flowchart of FIG. 9 has a different step 326 from the step 320
of FIG. 6. In step 326 of FIG. 9, the MPU 208 determines whether a
same predetermined time period has elapsed between readings of the
sector numbers. Such a predetermined time period may be selected to
ensure that the sector number within the second ATA interface
register 258 changes within such a predetermined time period.
[0055] In contrast, in step 320 of FIG. 6, the time period elapsed
between readings of the sector numbers varies depending on the
value of the previously read sector number. Such variation
advantageously adds further unpredictability to the read sector
numbers and thus to the SEED generated with such sector
numbers.
[0056] In this manner, the seed is generated using sector numbers
of sectors that are accessed at various time points such that the
seed is relatively unpredictable. In addition, the sector numbers
are combined to form the seed having a relatively high number of
bits for enhanced complexity. The seed that is generated with such
unpredictability and complexity is used to generate a random number
for secure data cryptography within the disk drive.
[0057] The foregoing is by way of example only and is not intended
to be limiting. For example, the present invention is described
herein for a HDD (hard disk drive). However, the present invention
may be applied for generating a random number within any other
types of disk drives having sectors that are accessed for
read/write of data. In addition, the present invention may be used
when the sector numbers are used with other functions or other
combinations to generate the SEED. Furthermore, any numbers and
values used herein are by way of example only. Thus, it should be
understood by those of ordinary skill in the art that various
changes in form and details may be made without departing from the
spirit and scope of the present invention as defined by the
following claims.
* * * * *