-
公开(公告)号:US11777711B1
公开(公告)日:2023-10-03
申请号:US17663995
申请日:2022-05-18
CPC分类号: H04L9/0631 , G06F21/602 , H04L9/088 , G06F1/32 , H04L2209/122 , H04L2209/24
摘要: A system on a chip (SoC) includes a security processor configured to determine that a first channel ID describing a {source, destination} tuple for a crypto packet matches a second channel ID describing a corresponding {source, destination} tuple for a preceding crypto packet received immediately prior to the crypto packet. The SoC also includes a decryption engine configured to, responsive to the determination that the first channel ID matches the second channel ID: obtain a set of round keys applied to perform an add round key computational stage of a previous decryption datapath used to decrypt a preceding cipher text block obtained from the preceding crypto packet, and to reuse the set of round keys to perform a corresponding add round key computational stage of a current decryption datapath used to decrypt a cipher text block obtained from the crypto packet.
-
公开(公告)号:US11941131B1
公开(公告)日:2024-03-26
申请号:US17248883
申请日:2021-02-11
CPC分类号: G06F21/602 , G06F1/163 , G06F3/012 , G06F15/7807 , G06F21/64 , G06F21/79 , G06T19/006 , G06F21/107
摘要: An example method for execution on a system on a chip (SoC) having a plurality of subsystems includes receiving, by a storage controller from a subsystem of the plurality of subsystems, a command to fetch, from a local memory, task descriptor data comprising access parameters for accessing a storage device, the access parameters including a storage device address; obtaining, by an encryption engine of the SoC, the command to fetch the task descriptor data; determining, by the encryption engine based on an access rule, whether the subsystem has sufficient privilege to access the storage device address; in response to determining that the subsystem has sufficient privilege to access the storage device, encrypting, source data in the local memory according to an encryption key associated with the subsystem; and providing the encrypted source data to the storage controller for writing to the storage device at the storage device address.
-
公开(公告)号:US11755747B2
公开(公告)日:2023-09-12
申请号:US17248886
申请日:2021-02-11
CPC分类号: G06F21/602 , G06F3/012 , G06F13/28 , G06F15/7807 , G06F21/64 , G06F21/79 , G06F2221/0751
摘要: An example system on a chip (SoC) includes a security processor configured to store a plurality of key-pairs associated with subsystems of the SoC to a key vault; and an encryption engine configured to: determine a first tweak value based on a first sector address of a storage device; encrypt the first tweak value according to the second key of the key-pair associated with a subsystem; encrypt a first portion of the source data according to a first key of the key-pair and the encrypted first tweak value; determine a second tweak value based on a second sector address of the storage device and encrypt the second tweak value according to the second key prior to completing the encryption of the first portion of the source data; and encrypt a second portion of the source data according to the first key and the encrypted second tweak value.
-
公开(公告)号:US11775448B2
公开(公告)日:2023-10-03
申请号:US18048302
申请日:2022-10-20
CPC分类号: G06F12/1408 , G02B27/017 , G06F12/1081 , G06F15/7807 , G06T19/006 , H04L63/0435
摘要: This disclosure describes system on a chip (SOC) communications that prevent direct memory access (DMA) attacks. An example SoC includes an encryption engine and a security processor. The encryption engine is configured to encrypt raw input data using a cipher key to form an encrypted payload. The security processor is configured to select the cipher key from a key store holding a plurality of cipher keys based on a channel ID describing a {source subsystem, destination subsystem} tuple for the encrypted payload, to form an encryption header that includes the channel ID, to encapsulate the encrypted payload with the encryption header that includes the channel ID to form a crypto packet, and to transmit the crypto packet to a destination SoC that is external to the SoC.
-
公开(公告)号:US11637916B2
公开(公告)日:2023-04-25
申请号:US17457599
申请日:2021-12-03
IPC分类号: G06F3/00 , H04L69/22 , H04L9/40 , H04B7/26 , H04L45/745 , G06F13/28 , G06F13/40 , G06F21/60 , G06F21/79 , H04W28/14
摘要: The disclosure describes wireless communication systems. The wireless communication system includes first memory, second memory, a direct memory access (DMA) controller, an encryption engine in-line between the DMA controller and the second memory, a first microprocessor, and a second microprocessor. The first microprocessor communicates with other systems that generate application data to be wirelessly transmitted. The application data to be wirelessly transmitted is stored in the second memory and programs the DMA controller to transfer packets of the application data to the first memory from the second memory. The encryption engine receives the packets of the application data from the DMA controller, encrypts the packets to generate encrypted application data packets, and outputs the encrypted application data packets for storage to the first memory.
-
公开(公告)号:US11520707B2
公开(公告)日:2022-12-06
申请号:US16694744
申请日:2019-11-25
摘要: This disclosure describes system on a chip (SOC) communications that prevent direct memory access (DMA) attacks. An example SoC includes an encryption engine and a security processor. The encryption engine is configured to encrypt raw input data using a cipher key to form an encrypted payload. The security processor is configured to select the cipher key from a key store holding a plurality of cipher keys based on a channel ID describing a {source subsystem, destination subsystem} tuple for the encrypted payload, to form an encryption header that includes the channel ID, to encapsulate the encrypted payload with the encryption header that includes the channel ID to form a crypto packet, and to transmit the crypto packet to a destination SoC that is external to the SoC.
-
公开(公告)号:US11601532B2
公开(公告)日:2023-03-07
申请号:US16860991
申请日:2020-04-28
IPC分类号: H04L69/22 , H04L9/40 , H04B7/26 , H04L45/745 , G06F13/28 , G06F13/40 , G06F21/60 , G06F21/79 , H04W28/14
摘要: In an example of the described techniques, a wireless communication system includes first memory, second memory, a first microcontroller, and a second microcontroller. The first microcontroller manages drivers for a wireless transceiver and direct data movement between the wireless transceiver and the first memory. The second microcontroller communicates with other systems that generate application data to be wirelessly transmitted. The application data to be wirelessly transmitted is stored in the second memory. Additionally, the second microcontroller direct data movement between the second memory and the first memory.
-
公开(公告)号:US11474970B2
公开(公告)日:2022-10-18
申请号:US16726492
申请日:2019-12-24
发明人: Jun Wang , Neeraj Upasani , Wojciech Stefan Powiertowski , Drew Eric Wingard , Gregory Edward Ehmann , Marco Brambilla , Minli Lin , Miguel Angel Guerrero
IPC分类号: G06F15/163 , H04N13/344 , G06F15/173 , G06F15/167
摘要: The disclosure describes techniques for interrupt and inter-processor communication (IPC) mechanisms that are shared among computer processors. For example, an artificial reality system includes a plurality of processors; an inter-processor communication (IPC) unit comprising a register, wherein the IPC unit is configured to: receive a memory access request from a first processor of the processors, wherein the memory access request includes information indicative of a hardware identifier (HWID) associated with the first processor; determine whether the HWID associated with the first processor matches an HWID for the register of the IPC unit; and permit, based on determining that the HWID associated with the first processor matches the HWID for the register of the IPC unit, the memory access request to indicate a communication from the first processor to at least one other processor.
-
公开(公告)号:US20240289466A1
公开(公告)日:2024-08-29
申请号:US18175358
申请日:2023-02-27
发明人: Wojciech Stefan Powiertowski , Avdhesh Chhodavdia , Gregory Edward Ehmann , Nagendra Gupta Modadugu , Sudhir Satpathy
CPC分类号: G06F21/602 , G06F21/556 , G06F21/79
摘要: In one embodiment, a method by an Energy processing Unit (EPU) of a computing system includes detecting an event that triggers an integrity verification on a block of the local memory, determining that a hash for the block of the local memory is available, causing data corresponding to the block of the local memory to be read from a source location in response to the determination, performing an in-line hash operation on the data corresponding to the block of the local memory, and comparing an output of the in-line hash operation and a known hash for the block of the local memory.
-
公开(公告)号:US20230053821A1
公开(公告)日:2023-02-23
申请号:US18048302
申请日:2022-10-20
摘要: This disclosure describes system on a chip (SOC) communications that prevent direct memory access (DMA) attacks. An example SoC includes an encryption engine and a security processor. The encryption engine is configured to encrypt raw input data using a cipher key to form an encrypted payload. The security processor is configured to select the cipher key from a key store holding a plurality of cipher keys based on a channel ID describing a {source subsystem, destination subsystem} tuple for the encrypted payload, to form an encryption header that includes the channel ID, to encapsulate the encrypted payload with the encryption header that includes the channel ID to form a crypto packet, and to transmit the crypto packet to a destination SoC that is external to the SoC.
-
-
-
-
-
-
-
-
-
搜索结果
11 条记录 (耗时 0.019 秒)
