	US 12,216,773 B2
	Memory system and method of controlling nonvolatile memory
Shinichi Kanno, Ota (JP)
Assigned to KIOXIA CORPORATION, Tokyo (JP)
Filed by KIOXIA CORPORATION, Tokyo (JP)
Filed on Mar. 27, 2023, as Appl. No. 18/190,550.
Application 18/190,550 is a continuation of application No. 16/282,491, filed on Feb. 22, 2019, granted, now 11,657,163.
Claims priority of application No. 2018-097908 (JP), filed on May 22, 2018.
Prior Publication US 2023/0229791 A1, Jul. 20, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/60 (2013.01); G06F 3/06 (2006.01); G06F 21/71 (2013.01)

CPC G06F 21/602 (2013.01) [G06F 3/0604 (2013.01); G06F 3/0658 (2013.01); G06F 3/0679 (2013.01); G06F 21/71 (2013.01)]

20 Claims

1. A memory system connectable to a host, comprising:

a nonvolatile memory including a plurality of blocks, the plurality of blocks including at least a first block and a second block; and

a controller electrically connected to the nonvolatile memory and configured to:

manage correspondence between a plurality of encryption keys and a plurality of logical regions obtained by dividing a logical address space of the memory system;

in response to receiving, from the host, a write request that designates at least a first logical address for identifying data to be written,

select, from the managed plurality of encryption keys, a first encryption key associated with a first logical region of the plurality of logical regions, on the basis of the first logical address designated in the write request;

encrypt the data using (i) at least part of the first logical address and (ii) the selected first encryption key;

determine a first physical storage location and a second physical storage location of the first block to respectively write the encrypted data and the first logical address, the second physical storage location being different from the first physical storage location;

write the encrypted data to the determined first physical storage location of the first block;

write the first logical address to the determined second physical storage location of the first block;

in copying the encrypted data from the first block to the second block,

determine that the encrypted data is to be decrypted using at least the first encryption key after the encrypted data is copied to the second block; and

copy both the encrypted data and the first logical address from the first block to the second block, without decrypting or re-encrypting the encrypted data, wherein

the copying of the encrypted data without decrypting is performed on the basis of the determination that the encrypted data is to be decrypted using at least the first encryption key after the encrypted data is copied to the second block.