Cryptographic key generation using a stored input value and a stored count value
First Claim
Patent Images
1. An article of manufacture comprising at least one non-transitory machine-readable medium having stored thereon instructions, which if executed by a machine cause the machine to:
- determine at least one seed value;
generate a first pseudo-random number using a pseudo-random number generator of a processor using the at least one seed value as an input;
update a counter of the processor;
in response to the first pseudo-random number not being prime, iteratively test the first pseudo-random number for primality in a primality tester of the processor, generate the first pseudo-random number in the pseudo-random number generator, and update the counter until a first prime number is obtained;
store the first prime number and a first value of the counter;
generate a second pseudo-random number using the pseudo-random number generator using the at least one seed value as an input;
update the counter;
in response to the second pseudo-random number not being prime, iteratively test the second pseudo-random number for primality in the primality tester, generate the second pseudo-random number in the pseudo-random number generator, and update the counter until a second prime number is obtained;
store the second prime number and a second value of the counter; and
generate at least a portion of a RSA key pair in a key generation circuit of the processor using the first and second prime numbers, wherein the processor is to encrypt a value using the at least the portion of the RSA key pair and to transmit a public key of the at least the portion of the RSA key pair to a second machine to cause the second machine to encrypt information using the public key of the at least the portion of the RSA key pair.
0 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of an invention for cryptographic key generation using a stored input value and a stored count value have been described. In one embodiment, a processor includes non-volatile storage storing an input value and a count value, and logic to generate a cryptographic key based on the stored input value and the stored count value.
-
Citations
20 Claims
-
1. An article of manufacture comprising at least one non-transitory machine-readable medium having stored thereon instructions, which if executed by a machine cause the machine to:
-
determine at least one seed value; generate a first pseudo-random number using a pseudo-random number generator of a processor using the at least one seed value as an input; update a counter of the processor; in response to the first pseudo-random number not being prime, iteratively test the first pseudo-random number for primality in a primality tester of the processor, generate the first pseudo-random number in the pseudo-random number generator, and update the counter until a first prime number is obtained; store the first prime number and a first value of the counter; generate a second pseudo-random number using the pseudo-random number generator using the at least one seed value as an input; update the counter; in response to the second pseudo-random number not being prime, iteratively test the second pseudo-random number for primality in the primality tester, generate the second pseudo-random number in the pseudo-random number generator, and update the counter until a second prime number is obtained; store the second prime number and a second value of the counter; and generate at least a portion of a RSA key pair in a key generation circuit of the processor using the first and second prime numbers, wherein the processor is to encrypt a value using the at least the portion of the RSA key pair and to transmit a public key of the at least the portion of the RSA key pair to a second machine to cause the second machine to encrypt information using the public key of the at least the portion of the RSA key pair. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A processor comprising:
-
hardware non-volatile storage to store a first count value and a second count value; and a hardware key generation circuit to; determine at least one seed value; generate a first pseudo-random number using a pseudo-random number generator using the at least one seed value as an input; update a hardware counter; in response to the first pseudo-random number not being prime, iteratively test the first pseudo-random number for primality in a primality tester, generate the first pseudo-random number in the pseudo-random number generator, and update the hardware counter until a first prime number is obtained; store the first count value in the hardware non-volatile storage; generate a second pseudo-random number using the pseudo-random number generator using the at least one seed value as an input; update the hardware counter; in response to the second pseudo-random number not being prime, iteratively test the second pseudo-random number for primality in a primality tester, generate the second pseudo-random number in the pseudo-random number generator, and update the hardware counter until a second prime number is obtained; store the second count value in the hardware non-volatile storage; and generate at least a portion of a cryptographic key pair in the hardware key generation circuit using the first and second prime numbers, wherein the processor is to encrypt a value using the at least the portion of the cryptographic key pair and to transmit a public key of the at least the portion of cryptographic key pair to a second computer system coupled to a first computer system to cause the second computer system to encrypt information using the public key of the at least the portion of cryptographic key pair, the first computer system including the processor. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system comprising:
-
a processor comprising a hardware key generation circuit to; determine at least one seed value; generate a first pseudo-random number using a pseudo-random number generator using the at least one seed value as an input; update a hardware counter; in response to the first pseudo-random number not being prime, iteratively test the first pseudo-random number for primality in a primality tester, generate the first pseudo-random number in the pseudo-random number generator, and update the hardware counter until a first prime number is obtained; store a first count value from the hardware counter; generate a second pseudo-random number using the pseudo-random number generator using the at least one seed value as an input; update the hardware counter; in response to the second pseudo-random number not being prime, iteratively test the second pseudo-random number for primality in the primality tester, generate the second pseudo-random number in the pseudo-random number generator, and update the hardware counter until a second prime number is obtained; store a second count value from the hardware counter; and generate at least a portion of a cryptographic key pair in the hardware key generation circuit using the first and second prime numbers, wherein the processor is to encrypt a value using the at least the portion of the cryptographic key pair and to transmit a public key of the at least the portion of the cryptographic key pair to a second system to cause the second system to encrypt information using the public key of the at least the portion of the cryptographic key pair; a non-volatile storage to store the first count value and the second count value; and a system memory coupled to the processor. - View Dependent Claims (18, 19, 20)
-
Specification