-
公开(公告)号:US11068419B1
公开(公告)日:2021-07-20
申请号:US16786633
申请日:2020-02-10
Applicant: Apple Inc.
Inventor: Josh P. de Cesare , Wade Benson , Fabrice L. Gautier , Kaiehu Kaahaaina
Abstract: Techniques are disclosed concerning secure access to data in a computing device. In one embodiment, a computing device includes a communication interface, a memory, a memory controller, and a security processor. The communication interface may communicate with a different computing device. The security processor may generate a host key in response to a successful authentication of the different computing device, and then encrypt a memory key using the host key. The security processor may also send the encrypted memory key to the memory controller, and send the host key to the different computing device. The host key may be included by the different computing device in a subsequent memory request to access data in the memory. The memory controller may, in response to the subsequent memory request, use the included host key to decrypt the encrypted memory key and use the decrypted memory key to access the data.
-
公开(公告)号:US10853504B1
公开(公告)日:2020-12-01
申请号:US16691900
申请日:2019-11-22
Applicant: Apple Inc.
Inventor: Timothy R. Paaske , Mitchell D. Adler , Conrad Sauerwald , Fabrice L. Gautier , Shu-Yi Yu
Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.
-
公开(公告)号:US20230385427A1
公开(公告)日:2023-11-30
申请号:US18301860
申请日:2023-04-17
Applicant: Apple Inc.
Inventor: Timothy R. Paaske , Mitchell D. Adler , Conrad Sauerwald , Fabrice L. Gautier , Shu-Yi Yu
CPC classification number: G06F21/602 , G06F21/71 , H04L9/30 , H04L9/0877 , G09C1/00 , H04L9/3231 , H04L9/0866 , G06F21/6218 , G06F21/32
Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.
-
公开(公告)号:US09892267B1
公开(公告)日:2018-02-13
申请号:US15372697
申请日:2016-12-08
Applicant: Apple Inc.
Inventor: Timothy R. Paaske , Mitchell D. Adler , Conrad Sauerwald , Fabrice L. Gautier , Shu-Yi Yu
CPC classification number: G06F21/602 , G06F21/32 , G06F21/6218 , G06F21/71 , G09C1/00 , H04L9/0866 , H04L9/0877 , H04L9/30 , H04L9/3231 , H04L2209/125
Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.
-
公开(公告)号:US20140086406A1
公开(公告)日:2014-03-27
申请号:US13626476
申请日:2012-09-25
Applicant: APPLE INC.
Inventor: R. Stephen Polzin , Fabrice L. Gautier , Mitchell D. Adler , Conrad Sauerwald , Michael L.H. Brouwer
IPC: H04L9/00
CPC classification number: H04L9/0861 , G06F21/72 , G09C1/00 , H04L9/0822 , H04L9/0897 , H04L2209/24
Abstract: An SOC implements a security enclave processor (SEP). The SEP may include a processor and one or more security peripherals. The SEP may be isolated from the rest of the SOC (e.g. one or more central processing units (CPUs) in the SOC, or application processors (APs) in the SOC). Access to the SEP may be strictly controlled by hardware. For example, a mechanism in which the CPUs/APs can only access a mailbox location in the SEP is described. The CPU/AP may write a message to the mailbox, which the SEP may read and respond to. The SEP may include one or more of the following in some embodiments: secure key management using wrapping keys, SEP control of boot and/or power management, and separate trust zones in memory.
Abstract translation: SOC实现安全飞地处理器(SEP)。 SEP可以包括处理器和一个或多个安全外设。 SEP可以与SOC的其余部分隔离(例如SOC中的一个或多个中央处理单元(CPU),或SOC中的应用处理器(AP))。 对SEP的访问可以由硬件严格控制。 例如,描述了CPU / AP仅能访问SEP中的邮箱位置的机制。 CPU / AP可以向邮箱写入消息,SEP可以读取并响应。 在一些实施例中,SEP可以包括以下一个或多个:使用包装密钥的安全密钥管理,引导和/或电源管理的SEP控制以及存储器中的单独的信任区域。
-
Patent Agency Ranking
公开(公告)号:US10521596B1
公开(公告)日:2019-12-31
申请号:US16138670
申请日:2018-09-21
Applicant: Apple Inc.
Inventor: Timothy R. Paaske , Mitchell D. Adler , Conrad Sauerwald , Fabrice L. Gautier , Shu-Yi Yu
Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.
-
公开(公告)号:US10114956B1
公开(公告)日:2018-10-30
申请号:US15860314
申请日:2018-01-02
Applicant: Apple Inc.
Inventor: Timothy R. Paaske , Mitchell D. Adler , Conrad Sauerwald , Fabrice L. Gautier , Shu-Yi Yu
Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.
-
公开(公告)号:US09547778B1
公开(公告)日:2017-01-17
申请号:US14498820
申请日:2014-09-26
Applicant: Apple Inc.
Inventor: Timothy R. Paaske , Mitchell D. Adler , Conrad Sauerwald , Fabrice L. Gautier , Shu-Yi Yu
CPC classification number: G06F21/602 , G06F21/32 , G06F21/6218 , G06F21/71 , G09C1/00 , H04L9/0866 , H04L9/0877 , H04L9/30 , H04L9/3231 , H04L2209/125
Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.
Abstract translation: 在一个实施例中,提供一种系统,其中私钥是以硬件管理的,并且对于软件是不可见的。 该系统可以为公开密钥生成,数字签名生成,加密/解密以及大量随机素数生成提供硬件支持,而不会向软件揭示私有密钥。 因此,私钥比基于软件的版本更安全。 在一个实施例中,可以访问专用密钥的私有密钥和硬件可以集成到与集成电路(例如芯片上的系统(SOC))相同的半导体衬底上。 私钥在集成电路之外可能不可用,因此,恶意的第三方在尝试获取私钥时面临着很大障碍。
-
公开(公告)号:US20250053667A1
公开(公告)日:2025-02-13
申请号:US18774305
申请日:2024-07-16
Applicant: Apple Inc.
Inventor: Timothy R. Paaske , Mitchell D. Adler , Conrad Sauerwald , Fabrice L. Gautier , Shu-Yi Yu
Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.
-
公开(公告)号:US12079350B2
公开(公告)日:2024-09-03
申请号:US18301860
申请日:2023-04-17
Applicant: Apple Inc.
Inventor: Timothy R. Paaske , Mitchell D. Adler , Conrad Sauerwald , Fabrice L. Gautier , Shu-Yi Yu
CPC classification number: G06F21/602 , G06F21/6218 , G06F21/71 , G09C1/00 , H04L9/0866 , H04L9/0877 , H04L9/30 , H04L9/3231 , G06F21/32 , H04L2209/125
Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.
-
-
-
-
-
-
-
-
-
Search Results
18
records
(took 0.023 seconds)
