System and method for cryptographic control of system configurations

US 20040019789A1
Filed: 07/29/2002
Published: 01/29/2004
Est. Priority Date: 07/29/2002
Status: Active Grant

First Claim

Patent Images

1. A method of configuring a system, comprising the steps of:

authenticating data associated with configuration information;

storing the configuration information; and

configuring the system according to the configuration information.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are disclosed for using cryptographic techniques to configure data processing systems. A configuration manager cryptographically controls the configuration of a system by ensuring that only authorized users or applications can change the configuration. For example, requests to change configuration information may include authenticated and/or encrypted data. These cryptographic techniques are employed to enable and/or disable functions, features and capabilities of a system. For example, a system may be reconfigured to provide strong or weak encryption based on parameters in the configuration information.

75 Citations

View as Search Results

23 Claims

1. A method of configuring a system, comprising the steps of:
- authenticating data associated with configuration information;
  
  storing the configuration information; and
  
  configuring the system according to the configuration information.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 wherein the step of configuring the system comprises the step of configuring the system to employ either a strong encryption or a weak encryption.
  - 3. The method of claim 1 wherein the step of configuring the system comprises the step of enabling a processing component in the system.
  - 4. The method of claim 1 further comprising the step of decrypting the configuration information.

5. A method of configuring a system, comprising the steps of:
- authenticating configuration information;
  
  storing the authenticated configuration information; and
  
  configuring the system according to the configuration information.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The method of claim 5 wherein the step of configuring the system comprises the step of configuring the system to employ either a strong encryption or a weak encryption.
  - 7. The method of claim 5 further comprising the step of decrypting the configuration information.
  - 8. The method of claim 5 wherein the step of configuring the system comprises the step modifying a processing power of the system.
  - 9. The method of claim 5 wherein the step of configuring the system comprises the step modifying a processing speed of the system.
  - 10. The method of claim 5 wherein the step of configuring the system comprises the step of disabling modification of the configuration information.

11. A method of configuring cryptographic capabilities of a system, comprising the steps of:
- authenticating data associated with export configuration information;
  
  storing the export configuration information; and
  
  configuring the system to employ either a strong encryption or a weak encryption according to the export configuration information.
- View Dependent Claims (12, 13, 14)
- - 12. The method of claim 11 wherein the strong encryption is one of the group consisting of triple Data Encryption Standard and Advanced Encryption Standard.
  - 13. The method of claim 11 wherein the strong encryption is associated with at least one key comprising at least 65 bits.
  - 14. The method of claim 11 further comprising the step of encrypting data using at least one key comprising at least 65 bits.

15. A method of configuring cryptographic capabilities of a system, comprising the steps of:
- defining an upgrade utility for generating at least one message comprising export configuration information;
  
  receiving registration information from at least one requester;
  
  sending the registration information to an export compliance authority;
  
  verifying the registration information; and
  
  sending the upgrade utility to the at least one requester.

16. A method of configuring cryptographic capabilities of a system, comprising the steps of:
- authenticating data associated with export configuration information;
  
  storing the export configuration information;
  
  configuring the system to employ either a strong encryption or a weak encryption according to the export configuration information.

17. A method of configuring a system, comprising the steps of:
- defining at least one cipher key;
  
  encrypting, using the at least one cipher key, data associated with configuration information;
  
  decrypting, using the at least one cipher key, the data associated with configuration information;
  
  storing the configuration information; and
  
  configuring the system according to the configuration information.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17 wherein the step of defining at least one cipher key comprises the step of defining at least one symmetric key.
  - 19. The method of claim 17 wherein the step of defining at least one cipher key comprises the step of defining at least one asymmetric key.
  - 20. The method of claim 17 further comprising the step of storing the at least one cipher key in a non-volatile data memory.

21. A cryptographic accelerator, comprising:
- at least one data memory for storing at least one cipher key and configuration information;
  
  at least one configuration manager for using the at least one cipher key to control at least one modification of the configuration information; and
  
  at least one cipher engine, connected to receive the configuration information, for encrypting data according to the configuration information.
- View Dependent Claims (22, 23)
- - 22. The cryptographic accelerator of claim 21 wherein the at least one data memory comprises a non-volatile data memory.
  - 23. The cryptographic accelerator of claim 21 wherein the configuration information comprises at least one message authentication code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avago Technologies International Sales Pte Limited (Broadcom, Inc.)
Original Assignee
Broadcom Corporation (Broadcom, Inc.)
Inventors
Buer, Mark L.

Granted Patent

US 7,469,338 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/170
CPC Class Codes

G06F 21/57 Certifying or maintaining t...

System and method for cryptographic control of system configurations

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

75 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for cryptographic control of system configurations

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

75 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links