公开(公告)号：US10084771B2

公开(公告)日：2018-09-25

申请号：US14871951

申请日：2015-09-30

申请人： Cryptography Research, Inc.

发明人： Paul Carl Kocher ,  Benjamin Che-Ming Jun ,  Andrew John Leiserson

IPC分类号： H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  G06F21/54 ,  G06F21/71 ,  H04L9/14

CPC分类号： H04L63/0823 ,  G06F21/54 ,  G06F21/71 ,  G06F2221/2101 ,  H04L9/083 ,  H04L9/0897 ,  H04L9/14 ,  H04L9/3247 ,  H04L63/061 ,  H04L63/083

摘要： A mechanism for providing secure feature and key management in integrated circuits is described. An example method includes receiving, by a root authority system, data identifying a command that affects operation of an integrated circuit, singing, by the root authority system, the command using a root authority key to create a root signed block (RSB), and providing the RSB to a security manager of the integrated circuit.

公开(公告)号：US20230388290A1

公开(公告)日：2023-11-30

申请号：US18216093

申请日：2023-06-29

申请人： Cryptography Research Inc

发明人： Paul Carl Kocher ,  Benjamin Chen-Min Jun ,  Andrew John Leiserson

IPC分类号： H04L9/40 ,  H04L9/08 ,  H04L9/14 ,  H04L9/32 ,  G06F21/54 ,  G06F21/71 ,  H04W12/04 ,  H04W12/041 ,  G06F21/64 ,  G06F21/57

CPC分类号： H04L63/0823 ,  H04L9/083 ,  H04L9/0897 ,  H04L9/14 ,  H04L9/3247 ,  G06F21/54 ,  G06F21/71 ,  H04W12/04 ,  H04W12/041 ,  G06F21/64 ,  G06F21/57 ,  H04L63/061 ,  H04L63/083 ,  G06F2221/2101

摘要： A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.

公开(公告)号：US10666641B2

公开(公告)日：2020-05-26

申请号：US16138105

申请日：2018-09-21

申请人： Cryptography Research Inc.

发明人： Paul Carl Kocher ,  Benjamin Che-Ming Jun ,  Andrew John Leiserson

IPC分类号： H04L29/06 ,  H04L9/08 ,  H04L9/14 ,  H04L9/32 ,  G06F21/54 ,  G06F21/71

摘要： A mechanism for providing secure feature and key management in integrated circuits is described. An example method includes receiving, by a root authority system, data identifying a command that affects operation of an integrated circuit, singing, by the root authority system, the command using a root authority key to create a root signed block (RSB), and providing the RSB to a security manager of the integrated circuit.

公开(公告)号：US09436848B2

公开(公告)日：2016-09-06

申请号：US14289274

申请日：2014-05-28

申请人： Cryptography Research, Inc.

发明人： Daniel Beitel ,  Lauren Gao ,  Christopher Gori ,  Paul Carl Kocher ,  Ambuj Kumar ,  Andrew John Leiserson

IPC分类号： G06F11/30 ,  G06F21/76 ,  G06F21/57

CPC分类号： G06F21/76 ,  G06F21/572

摘要： A computing device receives a feature name or key name for an integrated circuit comprising a security manager core and an additional component. At least one of a) the additional component is associated with the key name or b) a feature provided by the additional component is associated with the feature name. The computing device receives a specified number of bits associated with the feature name or the key name, and maps the feature name to a feature address space or the key name to a key interface of the security manager core based at on the specified number of bits. The computing device generates at least one hardware description logic (HDL) module based on the mapping, wherein the at least one HDL module is usable to configure the security manager core for delivery of payloads associated with the feature name or the key name to the additional component.

摘要翻译： 计算设备接收包括安全管理器核心和附加组件的集成电路的功能名称或密钥名称。 a）附加组件中的至少一个与密钥名称相关联，或者b）由附加组件提供的特征与特征名称相关联。 计算设备接收与特征名称或密钥名称相关联的指定数量的位，并且基于指定的位数将特征名称映射到特征地址空间或密钥名称到安全管理器核心的密钥接口 。 所述计算设备基于所述映射生成至少一个硬件描述逻辑（HDL）模块，其中所述至少一个HDL模块可用于配置所述安全管理器核心，用于将与所述特征名称或所述密钥名称相关联的有效载荷传递到所述附加 零件。

公开(公告)号：US12113786B2

公开(公告)日：2024-10-08

申请号：US18216093

申请日：2023-06-29

申请人： Cryptography Research Inc

发明人： Paul Carl Kocher ,  Benjamin Chen-Min Jun ,  Andrew John Leiserson

IPC分类号： G06F21/71 ,  G06F21/54 ,  G06F21/57 ,  G06F21/64 ,  H04L9/08 ,  H04L9/14 ,  H04L9/32 ,  H04L9/40 ,  H04W12/04 ,  H04W12/041

CPC分类号： H04L63/0823 ,  G06F21/54 ,  G06F21/57 ,  G06F21/64 ,  G06F21/71 ,  H04L9/083 ,  H04L9/0897 ,  H04L9/14 ,  H04L9/3247 ,  H04L63/061 ,  H04L63/083 ,  H04W12/04 ,  H04W12/041 ,  G06F2221/2101

摘要： A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.

公开(公告)号：US20170169254A1

公开(公告)日：2017-06-15

申请号：US15372307

申请日：2016-12-07

申请人： Cryptography Research, Inc.

发明人： Ambuj Kumar ,  William Craig Rawlings ,  Ronald Perez ,  Denis Alexandrovich Pochuev ,  Michael A. Hamburg ,  Paul Carl Kocher

IPC分类号： G06F21/62 ,  G06F21/60 ,  G06F21/45

CPC分类号： G06F21/6281 ,  G06F9/4418 ,  G06F21/45 ,  G06F21/52 ,  G06F21/602

摘要： A container corresponding to executable code may be received. The container may be executed in a secure computation environment by performing one or more operations specified by the executable code of the container. An instruction to terminate the executing of the container may be received from a high level operating system (HLOS) that is external to the secure computation environment. A determination may be made as to whether the container is associated with a preemption privilege and the executing of the container may be terminated after receiving the instruction from the HLOS based on the determination of whether the container is associated with the preemption privilege.

公开(公告)号：US20160028722A1

公开(公告)日：2016-01-28

申请号：US14871951

申请日：2015-09-30

申请人： Cryptography Research, Inc.

发明人： Paul Carl Kocher ,  Benjamin Che-Ming Jun ,  Andrew John Leiserson

IPC分类号： H04L29/06

CPC分类号： H04L63/0823 ,  G06F21/54 ,  G06F21/71 ,  G06F2221/2101 ,  H04L9/083 ,  H04L9/0897 ,  H04L9/14 ,  H04L9/3247 ,  H04L63/061 ,  H04L63/083

摘要： A mechanism for providing secure feature and key management in integrated circuits is described. An example method includes receiving, by a root authority system, data identifying a command that affects operation of an integrated circuit, singing, by the root authority system, the command using a root authority key to create a root signed block (RSB), and providing the RSB to a security manager of the integrated circuit.

摘要翻译： 描述了在集成电路中提供安全特征和密钥管理的机制。 一种示例性方法包括：通过根管理系统接收识别影响集成电路的操作的命令的数据，由根授权系统使用根权限密钥来创建命令以创建根签名块（RSB），以及 将RSB提供给集成电路的安全管理器。

公开(公告)号：US20140359755A1

公开(公告)日：2014-12-04

申请号：US14289274

申请日：2014-05-28

申请人： Cryptography Research, Inc.

发明人： Daniel Beitel ,  Lauren Gao ,  Christopher Gori ,  Paul Carl Kocher ,  Ambuj Kumar ,  Andrew John Leiserson

IPC分类号： G06F21/45

CPC分类号： G06F21/76 ,  G06F21/572

摘要： A computing device receives a feature name or key name for an integrated circuit comprising a security manager core and an additional component. At least one of a) the additional component is associated with the key name or b) a feature provided by the additional component is associated with the feature name. The computing device receives a specified number of bits associated with the feature name or the key name, and maps the feature name to a feature address space or the key name to a key interface of the security manager core based at on the specified number of bits. The computing device generates at least one hardware description logic (HDL) module based on the mapping, wherein the at least one HDL module is usable to configure the security manager core for delivery of payloads associated with the feature name or the key name to the additional component.

摘要翻译： 计算设备接收包括安全管理器核心和附加组件的集成电路的功能名称或密钥名称。 a）附加组件中的至少一个与密钥名称相关联，或者b）由附加组件提供的特征与特征名称相关联。 计算设备接收与特征名称或密钥名称相关联的指定数量的位，并且基于指定的位数将特征名称映射到特征地址空间或密钥名称到安全管理器核心的密钥接口 。 所述计算设备基于所述映射生成至少一个硬件描述逻辑（HDL）模块，其中所述至少一个HDL模块可用于配置所述安全管理器核心，用于将与所述特征名称或所述密钥名称相关联的有效载荷传递到所述附加 零件。

公开(公告)号：US11695749B2

公开(公告)日：2023-07-04

申请号：US17012886

申请日：2020-09-04

申请人： Cryptography Research Inc.

发明人： Paul Carl Kocher ,  Benjamin Chen-Min Jun ,  Andrew John Leiserson

IPC分类号： G06F21/71 ,  H04L9/40 ,  H04L9/08 ,  H04L9/14 ,  H04L9/32 ,  G06F21/54 ,  H04W12/04 ,  H04W12/041 ,  G06F21/64 ,  G06F21/57

CPC分类号： H04L63/0823 ,  G06F21/54 ,  G06F21/57 ,  G06F21/64 ,  G06F21/71 ,  H04L9/083 ,  H04L9/0897 ,  H04L9/14 ,  H04L9/3247 ,  H04L63/061 ,  H04L63/083 ,  H04W12/04 ,  H04W12/041 ,  G06F2221/2101

摘要： A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.

公开(公告)号：US20210058387A1

公开(公告)日：2021-02-25

申请号：US17012886

申请日：2020-09-04

申请人： Cryptography Research Inc.

发明人： Paul Carl Kocher ,  Benjamin Chen-Min Jun ,  Andrew John Leiserson

IPC分类号： H04L29/06 ,  H04L9/08 ,  H04L9/14 ,  H04L9/32 ,  G06F21/54 ,  G06F21/71

摘要： A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.