Apparatus for providing a secure processing environment

US 20020129245A1
Filed: 01/18/2002
Published: 09/12/2002
Est. Priority Date: 09/25/1998
Status: Abandoned Application

First Claim

Patent Images

1. An apparatus for providing a secure processing environment comprising:

a read/write memory for storing information;

a first processor cooperating with the read/write memory for reading information therefrom and writing information thereto;

a cipherer in communication with the read/write memory, the cipherer being configured to selectively decrypt encrypted information into decrypted information and to deliver the decrypted information to the read/write memory for subsequent use by the first processor; and

an authenticator for authenticating the decrypted information prior to use by the first processor.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus for providing a secure processing environment is disclosed. In one embodiment, the apparatus includes a read/write memory for storing encrypted information. It also includes a processor, a cipherer and an authenticator. The cipherer is in communication with the read/write memory for receiving encrypted information therefrom and is configured to decrypt the encrypted information into decrypted information to be returned to the memory for subsequent use by the processor. The authenticator authenticates the decrypted information prior to use by the processor and re-authenticates the information prior to re-encryption by the cipherer.

Citations

42 Claims

1. An apparatus for providing a secure processing environment comprising:
- a read/write memory for storing information;
  
  a first processor cooperating with the read/write memory for reading information therefrom and writing information thereto;
  
  a cipherer in communication with the read/write memory, the cipherer being configured to selectively decrypt encrypted information into decrypted information and to deliver the decrypted information to the read/write memory for subsequent use by the first processor; and
  
  an authenticator for authenticating the decrypted information prior to use by the first processor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 2. An apparatus as defined in claim 1 wherein the authenticator re-authenticates decrypted information received from the read/write memory, and the cipherer is configured to selectively encrypt the decrypted, re-authenticated information into re-encrypted information.
  - 3. An apparatus as defined in claim 2 wherein the cipherer returns the re-encrypted information to the read/write memory for subsequent exportation to a storage device
  - 4. An apparatus as defined in claim 2 wherein the cipherer re-encrypts the decrypted, re-authenticated information such that it differs from its original encrypted form to mask modification information.
  - 5. An apparatus as defined in claim 4 wherein the cipherer employs key-cycling to mask the modification information.
  - 6. An apparatus as defined in claim 4 wherein the cipherer employs a whitening process to mask the modification information, wherein the whitening process employs a whitening key, and wherein the whitening key is cycled.
  - 7. An apparatus as defined in claim 2 wherein authentication data employed to re-authenticate the decrypted information prior to re-encryption is stored in the read/write memory for subsequent use in authenticating the decrypted information.
  - 8. An apparatus as defined in claim 2 further comprising an external memory for selectively storing re-encrypted information.
  - 9. An apparatus as defined in claim 1 wherein the first processor has a kernel mode of operation and a user mode of operation, the kernel mode and the user mode defining separate security cells.
  - 10. An apparatus as defmed in claim 9 wherein the first processor executes non-secure software in the user mode of operation and secure software in the kernel mode of operation.
  - 11. An apparatus as defmed in claim 1 further comprising a second processor, the second processor being in communication with the cipherer and with the read/write memory to thereby selectively initiate decryption and re-encryption of information stored in the read/write memory.
  - 12. An apparatus as defmed in claim 11 wherein the cipherer comprise the authenticator.
  - 13. An apparatus as defmed in claim 1 wherein the encrypted information comprises encrypted processor instructions.
  - 14. An apparatus as defmed in claim 1 wherein the encrypted information comprises encrypted data.
  - 15. An apparatus as defined in claim 1 wherein the encrypted information is segmented into sections.
  - 16. An apparatus as defined in claim 15 wherein each of the sections is independently encrypted and authenticated.
  - 17. An apparatus as defined in claim 1 further comprising a non-volatile memory and a logic circuit for controlling access to the data contained in the non-volatile memory, the logic circuit selectively accessing the non-volatile memory to determine whether the data contained in the non-volatile memory comprises confidential data by analyzing a property inherent in the accessed data.
  - 18. An apparatus as defined in claim 17 wherein the logic circuit determines whether the data contained in the non-volatile memory comprises confidential data by identifying data blocks in the accessed data having a predetermined characteristic, by counting the identified data blocks, and by comparing the count to a threshold value.
  - 19. An apparatus as defmed in claim 18 wherein each of the data blocks comprises a bit, and the predetermined characteristic comprises a predefined logic state.
  - 20. An apparatus as defmed in claim 18 wherein each of the data blocks comprises a plurality of bits, and the predetermined characteristic comprises a binary value falling within a range of binary values.
  - 22. An apparatus as defined in claim 17 further comprising a key isolation circuit directly connecting the logic circuit to the cipherer.
  - 23. An apparatus as defined in claim 22 wherein the non-volatile memory stores a key, and the key isolation circuit delivers the key to the cipherer.
  - 24. An apparatus as defined in claim 22 wherein the logic circuit, the key isolation circuit and the cipherer define a closed system.
  - 25. An apparatus as defined in claim 1 wherein the first processor, the read/write memory, and the cipherer are embedded on an integrated circuit.
  - 26. An apparatus as defined in claim 25 wherein the integrated circuit includes pins for connecting the apparatus to external devices, and further comprising a silencing circuit for selectively disabling the pins to avoid disclosure of sensitive information outside the secure environment.
  - 27. An apparatus as defined in claim 25 further comprising a watchdog circuit adapted to monitor the integrated circuit for tampering.
  - 28. An apparatus as defined in claim 25 further comprising an input for selectively receiving encrypted information from an external source.
  - 29. An apparatus as defined in claim 1 further comprising a memory management unit cooperating with the first processor for maintaining a plurality of security cells.
  - 30. An apparatus as defined in claim 1 wherein the cipherer comprises a crypto-module.
  - 31. An apparatus as defmed in claim 1 wherein the authentication of the decrypted information is performed by authenticating the corresponding encrypted information.

21. An apparatus as defined in clam 17 wherein the logic circuit comprises the first processor.

32. For use with an external memory for storing encrypted information, the external memory having a first storage capacity, an integrated circuit for providing a secure processing environment comprising:
- a volatile memory having a second storage capacity, the second storage capacity being less than the first storage capacity;
  
  import/export means for selectively importing and exporting encrypted information between the external memory and the volatile memory;
  
  cipher means for decrypting encrypted information received from the volatile memory into decrypted information within the secure environment and for encrypting the decrypted information back into encrypted information within the secure environment; and
  
  a processor for processing the decrypted information within the secure environment, the processor cooperating with the import/export means to selectively import and export decrypted information between the external memory and the volatile memory to avoid exceeding the second storage capacity.
- View Dependent Claims (33, 34, 35, 36, 37, 39, 40, 41, 42)
- - 33. An integrated circuit as defined in claim 32 wherein the cipher means encrypts information such that encrypted information corresponding to decrypted information has a first form when imported from the external memory and a second form different from the first form when exported to the external memory even when the corresponding decrypted information is unchanged.
  - 34. An integrated circuit as defined in claim 33 wherein the decrypting means decrypts encrypted information using a first whitening key and encrypts decrypted information using a second whitening key different from the first whitening key.
  - 35. An integrated circuit as defined in claim 34 further comprising a cryptographically strong pseudo random number generator that generates the second whitening key.
  - 36. An integrated circuit as defined in claim 32 further comprising means for authenticating the decrypted information within the secure environment.
  - 37. An integrated circuit as defined in claim 36 wherein the authenticating means authenticates the decrypted information after importation from the external memory and re-authenticates the decrypted information prior to exportation to the external memory.
  - 39. A method as defined in claim 38 further comprising the steps of:
    - holding a processor associated with the integrated circuit in a reset state such that a predefined memory storing key material cannot be accessed;
      
      if the at least one element passes the built in self test, releasing the processor from the reset state; and
      
      if the at least one element fails the built in self test, holding the processor in the reset state.
  - 40. A method as defmed in claim 38 wherein the at least one element comprises a memory.
  - 41. A method as defmed in claim 38 wherein the at least one element comprises a logic circuit.
  - 42. A method as defmed in claim 38 wherein the event comprises a reset event.

38. For use in an integrated circuit for performing secure operations, a method for tamper checking the integrated circuit comprising the steps of:
- detecting an event;
  
  executing a built in self test on at least one element of the integrated circuit to determine if a tamper has occurred; and
  
  if the built in self test indicates a tamper has occurred, placing a restriction on at least one operation of the integrated circuit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Brandon E. Bautz, David S. Kloper, Douglas M. Dillon, Robert D. Cassagnol, Sandra J. Weber
Original Assignee
Brandon E. Bautz, David S. Kloper, Douglas M. Dillon, Robert D. Cassagnol, Sandra J. Weber
Inventors
Cassagnol, Robert D., Bautz, Brandon E., Weber, Sandra J., Dillon, Douglas M., Kloper, David S.

Application Number

US10/053,060
Publication Number

US 20020129245A1
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/109   by using specially-adapted ...

G06F 21/57   Certifying or maintaining t...

G06F 21/78   to assure secure storage of...

G06F 2221/2105   Dual mode as a secondary as...

G06F 2221/2135   Metering

Apparatus for providing a secure processing environment

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus for providing a secure processing environment

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links