Cryptographic key generation using a stored input value and a stored count value

US 10,341,099 B2
Filed: 02/24/2016
Issued: 07/02/2019
Est. Priority Date: 06/24/2009
Status: Active Grant

First Claim

Patent Images

1. An article of manufacture comprising at least one non-transitory machine-readable medium having stored thereon instructions, which if executed by a machine cause the machine to:

determine at least one seed value;

generate a first pseudo-random number using a pseudo-random number generator of a processor using the at least one seed value as an input;

update a counter of the processor;

in response to the first pseudo-random number not being prime, iteratively test the first pseudo-random number for primality in a primality tester of the processor, generate the first pseudo-random number in the pseudo-random number generator, and update the counter until a first prime number is obtained;

store the first prime number and a first value of the counter;

generate a second pseudo-random number using the pseudo-random number generator using the at least one seed value as an input;

update the counter;

in response to the second pseudo-random number not being prime, iteratively test the second pseudo-random number for primality in the primality tester, generate the second pseudo-random number in the pseudo-random number generator, and update the counter until a second prime number is obtained;

store the second prime number and a second value of the counter; and

generate at least a portion of a RSA key pair in a key generation circuit of the processor using the first and second prime numbers, wherein the processor is to encrypt a value using the at least the portion of the RSA key pair and to transmit a public key of the at least the portion of the RSA key pair to a second machine to cause the second machine to encrypt information using the public key of the at least the portion of the RSA key pair.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of an invention for cryptographic key generation using a stored input value and a stored count value have been described. In one embodiment, a processor includes non-volatile storage storing an input value and a count value, and logic to generate a cryptographic key based on the stored input value and the stored count value.

Citations

20 Claims

1. An article of manufacture comprising at least one non-transitory machine-readable medium having stored thereon instructions, which if executed by a machine cause the machine to:
- determine at least one seed value;
  
  generate a first pseudo-random number using a pseudo-random number generator of a processor using the at least one seed value as an input;
  
  update a counter of the processor;
  
  in response to the first pseudo-random number not being prime, iteratively test the first pseudo-random number for primality in a primality tester of the processor, generate the first pseudo-random number in the pseudo-random number generator, and update the counter until a first prime number is obtained;
  
  store the first prime number and a first value of the counter;
  
  generate a second pseudo-random number using the pseudo-random number generator using the at least one seed value as an input;
  
  update the counter;
  
  in response to the second pseudo-random number not being prime, iteratively test the second pseudo-random number for primality in the primality tester, generate the second pseudo-random number in the pseudo-random number generator, and update the counter until a second prime number is obtained;
  
  store the second prime number and a second value of the counter; and
  
  generate at least a portion of a RSA key pair in a key generation circuit of the processor using the first and second prime numbers, wherein the processor is to encrypt a value using the at least the portion of the RSA key pair and to transmit a public key of the at least the portion of the RSA key pair to a second machine to cause the second machine to encrypt information using the public key of the at least the portion of the RSA key pair.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The article of claim 1, further comprising instructions, which if executed by the machine cause the machine to store the first value of the counter in a non-volatile memory.
  - 3. The article of claim 1, wherein the instructions to determine the at least one seed value comprise instructions, which if executed by the machine cause the machine to generate a first seed value and a second seed value from an input value.
  - 4. The article of claim 3, further comprising instructions, which if executed by the machine cause the machine to generate a random number comprising the input value.
  - 5. The article of claim 3, wherein to iteratively generate the first pseudo-random number comprises to feed an output of the pseudo-random number generator back to an input of the pseudo-random number generator a number of times.
  - 6. The article of claim 5, further comprising instructions, which if executed by the machine cause the machine to feed the output of the pseudo-random number generator back to the input of the pseudo-random number generator until the output is a prime number.
  - 7. The article of claim 3, further comprising instructions, which if executed by the machine cause the machine to send the input value, the first seed value and the second seed value to a second system.
  - 8. The article of claim 7, further comprising instructions, which if executed by the machine cause the machine to send the input value, the first seed value and the second seed value to enable the second system to re-generate the RSA key pair.

9. A processor comprising:
- hardware non-volatile storage to store a first count value and a second count value; and
  
  a hardware key generation circuit to;
  
  determine at least one seed value;
  
  generate a first pseudo-random number using a pseudo-random number generator using the at least one seed value as an input;
  
  update a hardware counter;
  
  in response to the first pseudo-random number not being prime, iteratively test the first pseudo-random number for primality in a primality tester, generate the first pseudo-random number in the pseudo-random number generator, and update the hardware counter until a first prime number is obtained;
  
  store the first count value in the hardware non-volatile storage;
  
  generate a second pseudo-random number using the pseudo-random number generator using the at least one seed value as an input;
  
  update the hardware counter;
  
  in response to the second pseudo-random number not being prime, iteratively test the second pseudo-random number for primality in a primality tester, generate the second pseudo-random number in the pseudo-random number generator, and update the hardware counter until a second prime number is obtained;
  
  store the second count value in the hardware non-volatile storage; and
  
  generate at least a portion of a cryptographic key pair in the hardware key generation circuit using the first and second prime numbers, wherein the processor is to encrypt a value using the at least the portion of the cryptographic key pair and to transmit a public key of the at least the portion of cryptographic key pair to a second computer system coupled to a first computer system to cause the second computer system to encrypt information using the public key of the at least the portion of cryptographic key pair, the first computer system including the processor.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The processor of claim 9, wherein the processor comprises an instruction logic having circuitry to receive and decode instructions.
  - 11. The processor of claim 9, wherein the processor comprises an execution logic having circuitry to execute instructions.
  - 12. The processor of claim 11, wherein the execution logic comprises the hardware key generation circuit.
  - 13. The processor of claim 9, wherein the hardware key generation circuit comprises a seed generator to generate the at least one seed value.
  - 14. The processor of claim 9, wherein the hardware key generation circuit comprises the primality tester to test for the first prime number.
  - 15. The processor of claim 9, wherein the hardware key generation circuit comprises the hardware counter.
  - 16. The processor of claim 9, wherein the hardware key generation circuit is to re-generate the cryptographic key pair based at least in part on the first count value and the second count value, the cryptographic key pair not persistently stored in the processor.

17. A system comprising:
- a processor comprising a hardware key generation circuit to;
  
  determine at least one seed value;
  
  generate a first pseudo-random number using a pseudo-random number generator using the at least one seed value as an input;
  
  update a hardware counter;
  
  in response to the first pseudo-random number not being prime, iteratively test the first pseudo-random number for primality in a primality tester, generate the first pseudo-random number in the pseudo-random number generator, and update the hardware counter until a first prime number is obtained;
  
  store a first count value from the hardware counter;
  
  generate a second pseudo-random number using the pseudo-random number generator using the at least one seed value as an input;
  
  update the hardware counter;
  
  in response to the second pseudo-random number not being prime, iteratively test the second pseudo-random number for primality in the primality tester, generate the second pseudo-random number in the pseudo-random number generator, and update the hardware counter until a second prime number is obtained;
  
  store a second count value from the hardware counter; and
  
  generate at least a portion of a cryptographic key pair in the hardware key generation circuit using the first and second prime numbers, wherein the processor is to encrypt a value using the at least the portion of the cryptographic key pair and to transmit a public key of the at least the portion of the cryptographic key pair to a second system to cause the second system to encrypt information using the public key of the at least the portion of the cryptographic key pair;
  
  a non-volatile storage to store the first count value and the second count value; and
  
  a system memory coupled to the processor.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17, wherein the hardware key generation circuit is to generate a first seed value and a second seed value from an input value, and iteratively generate the first pseudo-random number by feedback of an output of the pseudo-random number generator to an input of the pseudo-random number generator a number of times.
  - 19. The system of claim 18, wherein the processor is to send the input value, the first seed value and the second seed value to the second system to enable the second system to re-generate the cryptographic key pair.
  - 20. The system of claim 17, wherein the hardware key generation circuit is to re-generate the cryptographic key pair based at least in part on the first count value and the second count value, the cryptographic key pair not persistently stored in the processor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Nemiroff, Daniel
Primary Examiner(s)
Doan, Trang T

Application Number

US15/052,173
Publication Number

US 20160197724A1
Time in Patent Office

1,224 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 7/582   Pseudo-random number genera...

G06F 7/588   Random number generators, i...

H04L 2209/24   Key scheduling, i.e. genera...

H04L 2209/72   Signcrypting, i.e. digital ...

H04L 9/0662   with particular pseudorando...

H04L 9/0861   Generation of secret inform...

H04L 9/0869   involving random numbers or...

H04L 9/3249   using RSA or related signat...

Cryptographic key generation using a stored input value and a stored count value

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Cryptographic key generation using a stored input value and a stored count value

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links