Data transfer efficiency in a cryptography accelerator system
First Claim
Patent Images
1. A method for transferring data in a cryptography accelerator system, the method comprising:
- reading an input message at a cryptography accelerator from a host coupled to the cryptography accelerator and a network device, the input message comprising data and application descriptor information, wherein the cryptography accelerator, the network device, and the host are operable to access a shared system memory;
performing cryptographic operations on the data to derive processed data;
separating the processed data into a plurality of segments;
writing the plurality of segments into a buffer pool associated with the network device, wherein the cryptography accelerator uses the application descriptor information to determine where to write each of the plurality of segments in the buffer pool associated with the network device.
7 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus are provided for performing authentication and decryption operations in a cryptography accelerator system. Input data passed to a cryptography accelerator from a host such a CPU includes information for a cryptography accelerator to determine where to write the processed data. In one example, processed data is formatted as packet payloads in a network buffer. Checksum information is precalculated and an offset for a header is maintained.
-
Citations
39 Claims
-
1. A method for transferring data in a cryptography accelerator system, the method comprising:
-
reading an input message at a cryptography accelerator from a host coupled to the cryptography accelerator and a network device, the input message comprising data and application descriptor information, wherein the cryptography accelerator, the network device, and the host are operable to access a shared system memory;
performing cryptographic operations on the data to derive processed data;
separating the processed data into a plurality of segments;
writing the plurality of segments into a buffer pool associated with the network device, wherein the cryptography accelerator uses the application descriptor information to determine where to write each of the plurality of segments in the buffer pool associated with the network device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system for performing cryptographic operations in a network, the system comprising:
-
a system memory including a plurality of buffer pools;
a host coupled to system memory, the host configured to provide data for cryptography processing;
a network device operable to transmit a packet including cryptographically processed data onto the network;
a cryptography accelerator configured to perform cryptography processing to provide processed data, wherein the processed data is written into a buffer pool associated with a network device;
wherein the packet comprises a payload substantially written by the cryptography accelerator and header substantially written by the host. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
-
24. A cryptography accelerator configured to receive data from a central processing unit over a system bus, the data including information for determining a plurality of memory locations associated with a network device buffer pool;
- wherein the cryptography accelerator is operable to perform cryptographic processing to derive processed data and is further operable to write segments of the processed data to the plurality of memory locations.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31)
-
32. An apparatus for transferring data in a cryptography accelerator system, the method comprising:
-
means for reading an input message at a cryptography accelerator from a host coupled to the cryptography accelerator and a network device, the input message comprising data and application descriptor information, wherein the cryptography accelerator, the network device, and the host are operable to access a shared system memory;
means for performing cryptographic operations on the data to derive processed data;
means for separating the processed data into a plurality of segments;
means for writing the plurality of segments into a buffer pool associated with the network device, wherein the cryptography accelerator uses the application descriptor information to determine where to write each of the plurality of segments in the buffer pool associated with the network device. - View Dependent Claims (33, 34, 35, 36, 37, 38, 39)
-
Specification