公开(公告)号：US09973485B2

公开(公告)日：2018-05-15

申请号：US15486673

申请日：2017-04-13

Applicant: QUALCOMM Incorporated

Inventor： Ron Keidar

IPC: H04L29/06 ,  G06F21/62

CPC classification number: H04L63/062 ,  G06F21/51 ,  G06F21/6218 ,  G06F21/629 ,  H04L9/00 ,  H04L9/0863 ,  H04L9/0877 ,  H04L63/083 ,  H04L63/0876

Abstract: Disclosed is a device that obtains and stores a secret key. The device may comprise a transceiver configured to: transmit a command for a secret key to a server; transmit an identifier to the server; and receive a wrapped secret key from the server. The device may further comprise: a storage device; and a processor. The processor may be coupled to the transceiver and the storage device and the processor may be configured to: receive the wrapped secret key from the transceiver; unwrap the wrapped secret key to obtain the secret key; and store the secret key in the storage device.

公开(公告)号：US09836414B2

公开(公告)日：2017-12-05

申请号：US14572520

申请日：2014-12-16

Applicant: QUALCOMM Incorporated

Inventor： Sudeep Kittilingal ,  Jayanth Mandayam ,  Ron Keidar

IPC: G06F21/62 ,  G06F12/14 ,  G06F21/79

CPC classification number: G06F12/1408 ,  G06F21/62 ,  G06F21/6218 ,  G06F21/79 ,  G06F2221/2113

Abstract: A processor for processing data from a buffer memory, implemented in hardware, may allow writing of output data, processed based on input data from at least one secure location associated with a secure address range of the buffer memory, to one or more secure locations associated with the secure address range. Further, the processor may block writing of output data, processed based on input data from at least one secure location associated with the secure address range, to one or more insecure locations associated with an insecure address range of the buffer memory.

公开(公告)号：US09798887B2

公开(公告)日：2017-10-24

申请号：US14836651

申请日：2015-08-26

Applicant: QUALCOMM Incorporated

Inventor： Ron Keidar ,  Yau Chu ,  Xu Guo

IPC: G06F21/62 ,  G06F9/44 ,  G06F21/57 ,  H04L9/30 ,  H04L9/08 ,  H04L9/32

CPC classification number: G06F21/62 ,  G06F9/4401 ,  G06F21/575 ,  H04L9/0891 ,  H04L9/30 ,  H04L9/3268

Abstract: Disclosed is an apparatus and method to securely activate or revoke a key. For example, the apparatus may comprise: a storage device to store a plurality of pre-stored keys; a communication interface to receive an activate key command and a certificate associated with one of the pre-stored keys; and a processor. The processor may be coupled to the storage device and the communication interface and may be configured to: implement the activate key command to reboot the apparatus with the pre-stored key and the certificate; and determine if the reboot is successful.

公开(公告)号：US09749141B2

公开(公告)日：2017-08-29

申请号：US14866636

申请日：2015-09-25

Applicant: QUALCOMM Incorporated

Inventor： Ron Keidar ,  Eugen Pirvu ,  Jeff Smith

IPC: H04L29/06 ,  H04L9/32 ,  G06F9/44 ,  G06F21/57 ,  G06F21/64

CPC classification number: H04L9/3263 ,  G06F9/4416 ,  G06F21/575 ,  G06F21/64 ,  H04L2209/64

Abstract: A secure boot method includes: obtaining a certificate digest at a digest processor from a write-once, always-on memory; calculating a flash digest using the digest processor by cryptographically processing a sensitive information image; and comparing, using the digest processor, the flash digest with the certificate digest.

公开(公告)号：US20140148159A1

公开(公告)日：2014-05-29

申请号：US14169824

申请日：2014-01-31

Applicant: QUALCOMM INCORPORATED

Inventor： Chong U. Lee ,  Babak Aryan ,  Alejandro R. Holcman ,  Kirk Allan Burroughs ,  Ron Keidar

IPC: H04W52/02 ,  H04W4/14 ,  H04W72/12

CPC classification number: H04W52/0216 ,  H04W4/14 ,  H04W52/0235 ,  H04W52/0248 ,  H04W72/12 ,  H04W88/02 ,  Y02D70/122 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/162 ,  Y02D70/164

Abstract: The subject matter disclosed herein relates to a system and method for establishing communication between a low duty cycle device and other devices through a wireless communication network. In one particular implementation, the low duty cycle device may awaken from a hibernating state in synchronization with transmission of messages.

Abstract translation: 本文公开的主题涉及通过无线通信网络建立低占空比装置与其他装置之间的通信的系统和方法。 在一个特定实现中，低占空比设备可以与消息的传输同步地从休眠状态唤醒。

公开(公告)号：US20170308705A1

公开(公告)日：2017-10-26

申请号：US15136752

申请日：2016-04-22

Applicant: QUALCOMM Incorporated

Inventor： Chad Karaginides ,  Xu Guo ,  Eugen Pirvu ,  Dhaval Patel ,  Ron Keidar ,  Amit Shukla ,  Selvaraj Jaikumar ,  Yau Chu

IPC: G06F21/57 ,  G06F9/44 ,  G06F9/445 ,  H04L29/08 ,  H04L29/06

CPC classification number: G06F21/575 ,  G06F8/654 ,  G06F9/4401 ,  G06F9/4406 ,  G06F11/1433 ,  G06F2221/033 ,  H04L63/0428 ,  H04L63/0876 ,  H04L63/12 ,  H04W12/0013 ,  H04W12/0023 ,  H04W12/10

Abstract: Technologies for updating a processing device, where a first device image is stored in a first (non-volatile) memory. When a new second device image is received via a communication interface, a first boot of the device is performed and a boot loader performs security processing on the second device image. Once security processing has passed, the second device image is set as a trial image and executed. The executed image is monitored to determine if predetermined operational parameters in the device are met. If the parameters are met, the second device image is set as a current image and the first device image is deactivated. A second boot is performed to make the new image operational for the device and the anti-rollback version one-time programmable fuses are blown. If the parameters are not met, the device revers to the first device image.

公开(公告)号：US09767063B2

公开(公告)日：2017-09-19

申请号：US14638669

申请日：2015-03-04

Applicant: QUALCOMM Incorporated

Inventor： Ron Keidar ,  Osman Koyuncu ,  Michael Batenburg

IPC: G06F13/40 ,  G06F9/455 ,  G06F9/50 ,  G06F21/82

CPC classification number: G06F13/4068 ,  G06F9/45558 ,  G06F9/5077 ,  G06F13/40 ,  G06F21/82 ,  G06F2009/45579

Abstract: System and method for providing adaptive access to a hardware block on a computer system. In one embodiment, a method includes receiving a first access request and a second access request with an access controller, wherein the second access request is received sequentially after the first access request, and the first access request includes a first master identification and the second access request includes a second master identification, determining if the second master identification is equal to the first master identification, providing access to the second access request if the second master identification is equal to the first master identification, wherein the first master identification is associated with one or more hardware block interface values, invalidating the one or more hardware block interface values associated with the first master identification if the second master identification is not equal to the first master identification, and associating the one or more hardware block interface values with the second master identification and a corresponding privilege.

公开(公告)号：US20170076106A1

公开(公告)日：2017-03-16

申请号：US14856299

申请日：2015-09-16

Applicant: QUALCOMM Incorporated

Inventor： Ron Keidar

IPC: G06F21/62 ,  G06F21/44

CPC classification number: H04L63/062 ,  G06F21/51 ,  G06F21/6218 ,  G06F21/629 ,  H04L9/0863 ,  H04L9/0891 ,  H04L9/3226 ,  H04L63/083 ,  H04L63/0876

Abstract: Disclosed is a device to securely authorize a software operation. The device may comprise: a processor to transmit a software operation including an operation parameter; and a security verification device. The security verification device may be coupled to the processor and may be configured to: receive a secret key selection and a first password; select a secret key; receive the software operation including the operation parameter; and implement a key derivation function to generate a second password based upon the selected secret key and the software operation including the operation parameter. Further, the security verification device may be configured to determine if the second password matches the first password, and if so, authorize the performance of the software operation.

Abstract translation: 公开了一种安全授权软件操作的设备。 该设备可以包括：处理器，用于发送包括操作参数的软件操作; 和安全验证装置。 安全验证设备可以耦合到处理器，并且可以被配置为：接收秘密密钥选择和第一密码; 选择一个秘密密钥; 接收软件操作，包括操作参数; 并且基于所选择的秘密密钥和包括操作参数的软件操作来实现密钥导出功能以生成第二密码。 此外，安全验证装置可以被配置为确定第二密码是否匹配第一密码，如果是，则授权执行软件操作。

公开(公告)号：US20170060595A1

公开(公告)日：2017-03-02

申请号：US14836651

申请日：2015-08-26

Applicant: QUALCOMM Incorporated

Inventor： Ron Keidar ,  Yau Chu ,  Xu Guo

IPC: G06F9/44 ,  H04L9/30 ,  G06F21/57

CPC classification number: G06F21/62 ,  G06F9/4401 ,  G06F21/575 ,  H04L9/0891 ,  H04L9/30 ,  H04L9/3268

Abstract: Disclosed is an apparatus and method to securely activate or revoke a key. For example, the apparatus may comprise: a storage device to store a plurality of pre-stored keys; a communication interface to receive an activate key command and a certificate associated with one of the pre-stored keys; and a processor. The processor may be coupled to the storage device and the communication interface and may be configured to: implement the activate key command to reboot the apparatus with the pre-stored key and the certificate; and determine if the reboot is successful.

Abstract translation: 公开了一种安全地激活或撤销密钥的装置和方法。 例如，该设备可以包括：存储设备，用于存储多个预先存储的密钥; 用于接收激活密钥命令的通信接口和与预先存储的密钥之一相关联的证书; 和处理器。 处理器可以耦合到存储设备和通信接口，并且可以被配置为：实现激活密钥命令以用预存的密钥和证书重新启动设备; 并确定重启是否成功。