Secure processor with resistance to external monitoring attacks
First Claim
1. A secure processor comprising:
- a secure non-volatile storage to store a secret value;
a cache; and
a cryptographic hardware component operatively coupled to the secure non-volatile storage and the cache, wherein the cryptographic hardware component protects against leakage of sensitive data and against differential power analysis by performing the following for the sensitive data received from an unsecure memory, wherein the sensitive data comprises an encrypted data segment and a validator;
derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, wherein the initial key is derived using a path through a key tree that is based at least in part on the identifier and on the secret value;
verifies, using the validator, whether the encrypted data segment has been modified without re-using the secret value;
derives a first decryption key from the initial key;
responsive to verifying that the encrypted data segment has not been modified, decrypts the encrypted data segment using the first decryption key to produce a decrypted data segment;
applies an entropy distribution operation to the first decryption key to derive a second decryption key; and
decrypts an additional encrypted data segment of the sensitive data with the second decryption key.
1 Assignment
0 Petitions
Accused Products
Abstract
A computing device includes a secure storage hardware to store a secret value and processing hardware comprising at least one of a cache or a memory. During a secure boot process the processing hardware loads untrusted data into at least one of the cache or the memory of the processing hardware, the untrusted data comprising an encrypted data segment and a validator, retrieves the secret value from the secure storage hardware, derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, verifies, using the validator, whether the encrypted data segment has been modified, and decrypts the encrypted data segment using a first decryption key derived from the initial key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.
-
Citations
11 Claims
-
1. A secure processor comprising:
-
a secure non-volatile storage to store a secret value; a cache; and a cryptographic hardware component operatively coupled to the secure non-volatile storage and the cache, wherein the cryptographic hardware component protects against leakage of sensitive data and against differential power analysis by performing the following for the sensitive data received from an unsecure memory, wherein the sensitive data comprises an encrypted data segment and a validator; derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, wherein the initial key is derived using a path through a key tree that is based at least in part on the identifier and on the secret value; verifies, using the validator, whether the encrypted data segment has been modified without re-using the secret value; derives a first decryption key from the initial key; responsive to verifying that the encrypted data segment has not been modified, decrypts the encrypted data segment using the first decryption key to produce a decrypted data segment; applies an entropy distribution operation to the first decryption key to derive a second decryption key; and decrypts an additional encrypted data segment of the sensitive data with the second decryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system on a chip (SoC), comprising:
-
a secure non-volatile memory that stores a secret value; a volatile memory; a processor operatively coupled to the secure non-volatile memory and the volatile memory; and a cryptographic hardware component operatively coupled to the secure non-volatile memory and the volatile memory, wherein the cryptographic hardware component protects against leakage of sensitive data and against differential power analysis by performing the following for the sensitive data received from an unsecure memory, wherein the sensitive data comprises an encrypted data segment of a sensitive message and a validator; derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, wherein the initial key is derived using a path through a key tree that is based at least in part on the identifier and on the secret value; verifies, using the validator, whether the encrypted data segment has been modified without re-using the secret value; derives a first decryption key from the initial key; responsive to verifying that the encrypted data segment has not been modified, decrypts the encrypted data segment using the first decryption key to produce a decrypted data segment; applies an entropy distribution operation to the first decryption key to derive a second decryption key; and decrypts an additional encrypted data segment of the sensitive data with the second decryption key.
-
Specification