In today’s connected world of smart devices, we want to access our data faster and at the same time we want it to be secured and protected from intruders. Flash memories are not only faster but secured and reliable also in its avatar as UFS – Universal Flash Storage. This blog provides an insight into various security modes of UFS devices and how to access them. It also points out how encryption is used to secure the data further.
What security features does the UFS Device offers?
The UFS device will not encrypt/decrypt the data but will protect the memory locations from being overwritten, when configured as write protected by the host controller. The security features are based on the type of the logical unit (Normal LUN or RPMB W-LUN).
Normal LUN: Normal Logical Unit will provide the following protection modes. Once configured as write protected the data in the logical unit (entire LUN or some portion of the LUN) cannot be altered.
RPMB W-LUN: Replay Protected Memory Block (RPMB) Well Known Logical Unit allows access to its locations in an authenticated and replay protected manner. This information is known only to the controller; others can’t access the locations in RPMB W-LUN. The following conditions shall be fulfilled to write data into this area.
Why the controller needs to encrypt/decrypt the payload?
UFS device prohibits writing into its locations when configured as write protected but there are no such restrictions for read. To address this concern, controller is encrypting the data during the write and decrypting the data during the read. Several encryption algorithms are supported – AES-XTS, Bit locker-AES-CBC, AES-ECB and ESSIV-AES-CBC, with different key sizes – 128, 192, 256 and 512 bits. Higher the key size, higher is the security level, and the key size is known only to the host controller.
Stay tuned for upcoming blogs on UFS and other flash memory technologies.
Synopsys provides next generation native SV/UVM based VIP for complete UFS stack verification and other flash memories. To know more about our VIPs please visit http://synopsys.com/vip.
Authored by Manoj Sharma Tanikella.