Methods and apparatus for accelerating secure session processing
First Claim
Patent Images
1. A method for deriving key information in a cryptography accelerator, the method comprising:
- receiving random information and protocol information associated with an initialize session input message;
generating master secret information using the random information and the protocol information from the initialize session input message;
generating a plurality of sessions keys using processed protocol information and the master secret information;
sending an initialize session output message corresponding to the input message, wherein a plurality of session keys are associated with the initialize session output message.
6 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus are provided for an entity such as a CPU to efficiently call a cryptography accelerator to perform cryptographic operations. A function call causes the cryptography accelerator to execute multiple cryptographic operations in a manner tailored for specific processing steps, such as steps during a handshake phase of a secured session. The techniques provide efficient use of hardware processing resources, data interfaces, and memory interfaces.
-
Citations
45 Claims
-
1. A method for deriving key information in a cryptography accelerator, the method comprising:
-
receiving random information and protocol information associated with an initialize session input message;
generating master secret information using the random information and the protocol information from the initialize session input message;
generating a plurality of sessions keys using processed protocol information and the master secret information;
sending an initialize session output message corresponding to the input message, wherein a plurality of session keys are associated with the initialize session output message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A cryptography accelerator for deriving key information, the cryptography accelerator comprising:
-
an interface operable to receive random information and protocol information associated with an initialize session input message;
a cryptographic core configured to generate master secret information using the random information and the protocol information from the initialize session input message and generate a plurality of sessions keys using processed protocol information and the master secret information;
wherein the interface is further operable to send an initialize session output message corresponding to the input message, wherein a plurality of session keys are associated with the initialize session output message. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A cryptography accelerator for deriving key information, the cryptography accelerator comprising:
-
means for receiving random information and protocol information associated with an initialize session input message;
means for generating master secret information using the random information and the protocol information from the initialize session input message;
means for generating a plurality of sessions keys using processed protocol information and the master secret information;
means for sending an initialize session output message corresponding to the input message, wherein a plurality of session keys are associated with the initialize session output message.
-
-
23. A method for performing cryptography processing in a cryptography accelerator during a secured session between a client and a server, the method comprising:
-
receiving handshake information from a first entity associated with the cryptography accelerator;
performing a first set of authentication operations to generate client verification information using the handshake information from the client;
performing a second set of authentication operations to generate server verification information; and
providing the client verification information and the server verification information in a response corresponding to the handshake information received from the first entity associated with the cryptography accelerator. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
-
34. A cryptography accelerator for performing cryptography processing during a secured session between a client and a server, the cryptography accelerator comprising:
-
an interface operable to receive handshake information from a first entity associated with the cryptography accelerator;
a cryptographic core configured to perform a first set of authentication operations to generate client verification information using the handshake information from the client and perform a second set of authentication operations to generate server verification information;
wherein the interface is further operable to provide the client verification information and the server verification information in a response corresponding to the handshake information received from the first entity. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
-
-
45. A cryptography accelerator for performing cryptography processing, the cryptography accelerator comprising:
-
means for receiving handshake information from a first entity associated with the cryptography accelerator;
means for performing a first set of authentication operations to generate client verification information using the handshake information from the client;
means for performing a second set of authentication operations to generate server verification information; and
means for providing the client verification information and the server verification information in a response corresponding to the handshake information received from the first entity associated with the cryptography accelerator.
-
Specification