CPC H04L 9/083 (2013.01) [H04L 9/0822 (2013.01); H04L 9/0825 (2013.01); H04L 9/0869 (2013.01); H04L 9/3247 (2013.01); H04L 9/3263 (2013.01)] | 20 Claims |
1. A method of performing key exchange for a security operation in a storage device to be accessed by a plurality of user identifications (IDs), the method comprising:
generating, by a trusted third party (TTP) in or coupled to the storage device, a first certificate based on a first user ID and a first public key;
generating, by the TTP, a second certificate based on a second user ID and a second public key;
while the storage device is accessed by the first user ID, performing a first verification on the second certificate based on a third certificate in or accessed by the TTP;
when the first verification is successfully completed, deriving a ciphering key based on a first private key and the second public key obtained by the first verification;
while the storage device is accessed by the second user ID, performing a second verification on the first certificate based on the third certificate; and
when the second verification is successfully completed, deriving the ciphering key based on a second private key and the first public key obtained by the second verification.
|