| CPC G06F 21/602 (2013.01) [G06F 3/0604 (2013.01); G06F 3/0659 (2013.01); G06F 3/0679 (2013.01); G06F 12/10 (2013.01); G06F 2212/7201 (2013.01)] | 18 Claims |
|
1. A method for encrypting and decrypting physical-address information, performed by a flash controller, comprising:
receiving a first read command requesting of the flash controller for a plurality of first physical block addresses (PBAs) corresponding to a logical block address (LBA) range from a host side, wherein each first PBA indicates which physical address that first user data of a first LBA of the LBA range is physically stored in a flash device;
reading the first PBAs corresponding to the first LBAs of the LBA range from the flash device;
arranging the first PBAs into a plurality of entries;
grouping the entries into a plurality of groups according to the first LBAs;
encrypting groups of entries by using the same encryption algorithm with a plurality of encryption parameters, respectively, or a plurality of encryption algorithms individually with a corresponding encryption parameter, respectively;
delivering the encrypted entries to the host side;
receiving a second read command requesting of the flash controller for second user data from the host side;
obtaining information indicating which group that a second LBA carried in the second read command belongs to;
decrypting an encrypted entry carried in the second read command by using a decryption algorithm with a decryption parameter for a belonged group to obtain a decrypted entry, wherein the decryption algorithm with the decryption parameter is a reverse process of an encryption algorithm with an encryption parameter for the belonged group;
obtaining a second PBA from the decrypted entry;
reading the second user data from the second PBA in the flash device; and
delivering the second user data to the host side.
|