Data encryption in a symmetric multiprocessor electronic apparatus
First Claim
Patent Images
1. A method of encryption in a circuit of an electronic apparatus, of data to be stored in a memory external to the said circuit, comprising the steps of:
- selecting a secret key, from a list of secret keys respectively stored in a set of registers of the circuit each in association with a key identifier, one of the keys being a key shared with another circuit of the electronic apparatus;
segmenting the data into a stream of data words of determined size;
and, continuously for each data word, generating a pseudorandom number of determined size by means of a pseudorandom generator implementing a generating algorithm based on the said secret key and on an initialization vector changing value with each data word;
combining the data word and the corresponding pseudorandom number, so as to generate an encrypted data word;
then, storing in said external memory each data word encrypted in association with the initialization vector and the key identifier associated with the secret key that has served to encrypt same.
2 Assignments
0 Petitions
Accused Products
Abstract
For the encryption of data to be stored in a memory external to a circuit, provision is made to store in the external memory encrypted data words in association with an initialization vector and a key identifier associated with a secret key that has served to encrypt same.
-
Citations
14 Claims
-
1. A method of encryption in a circuit of an electronic apparatus, of data to be stored in a memory external to the said circuit, comprising the steps of:
-
selecting a secret key, from a list of secret keys respectively stored in a set of registers of the circuit each in association with a key identifier, one of the keys being a key shared with another circuit of the electronic apparatus;
segmenting the data into a stream of data words of determined size;
and, continuously for each data word, generating a pseudorandom number of determined size by means of a pseudorandom generator implementing a generating algorithm based on the said secret key and on an initialization vector changing value with each data word;
combining the data word and the corresponding pseudorandom number, so as to generate an encrypted data word;
then,storing in said external memory each data word encrypted in association with the initialization vector and the key identifier associated with the secret key that has served to encrypt same. - View Dependent Claims (2, 3)
-
-
4. A method of decryption, in a circuit of an electronic apparatus, of data stored in the form of data words encrypted in a memory external to the said circuit, comprising the steps of:
-
reading from said external memory an encrypted data word together with an initialization vector and with a secret-key identifier which are respectively associated with said encrypted data word;
selecting a secret key based on a list of secret keys respectively stored in a set of registers of the circuit, one is the secret keys being a key shared with another circuit of the electronic apparatus, and based on said identifier;
and, continuously for each encrypted data word, generating a pseudorandom number of determined size, by means of a pseudorandom generator implementing a generating algorithm based on said secret key and on said initialization vector; and
combining the data word and the corresponding pseudorandom number, to generate a decrypted data word. - View Dependent Claims (5, 6)
-
-
7. An encryption device, comprising:
-
a set of registers storing a list of secret keys, one of which is a key shared with another circuit of the device, each in association with a key identifier;
a unit for selecting secret keys that is suitable for selecting a secret key from the list of secret keys stored in the said set of registers;
a segmentation unit suitable for segmenting data in such a way as to form a stream of data words of determined size;
a generator of initialization vectors which is suitable for generating a stream of initialization vectors changing value with each data word;
a generator of pseudorandom numbers implementing a generating algorithm suitable for generating, for each data word, based on said secret key and on a determined one of the said initialization vectors, a pseudorandom number of determined size;
a combination unit suitable for continuously combining the data word and the corresponding pseudorandom number, so as to generate an encrypted data word; and
means for storing in an external memory each data word encrypted in association with the said determined initialization vector and the key identifier associated with the secret key that has served to encrypt same.
-
-
8. A decryption device, comprising:
-
a set of registers storing respective secret keys at least one of which is a shared key, each in association with a key identifier;
reading means for reading from an external memory a data word together with an initialization vector and with an identifier of a secret key which are respectively associated with said data word;
selection means for selecting, for each data word, a secret key based on a list of keys stored in said-registers and based on the key identifier;
a generator of pseudorandom numbers implementing a generating algorithm suitable for generating, for each data word, based on said secret key and on said initialization vector, a pseudorandom number of determined size; and
a combination unit suitable for combining the data word and the corresponding pseudorandom number, in such a way as to decrypt said data word.
-
-
9. An electronic apparatus, comprising a first encryption/decryption unit that includes:
-
a first set of registers storing a list of secret keys, one of which is a shared key, each in association with a key identifier;
a first unit for selecting secret keys that is suitable for selecting a secret key from the list of secret keys stored in the said set of registers;
a first segmentation unit suitable for segmenting data in such a way as to form a stream of data words of determined size;
a first generator of initialization vectors which is suitable for generating a stream of initialization vectors changing value with each data word;
a first generator of pseudorandom numbers implementing a generating algorithm suitable for generating, for each data word, based on said secret key and on a determined one of the said initialization vectors, a pseudorandom number of determined size;
a first combination unit suitable for continuously combining the data word and the corresponding pseudorandom number, so as to generate an encrypted data word;
first means for storing in an external memory each data word encrypted in association with the determined initialization vector and the key identifier associated with the secret key that has served to encrypt same;
first reading means for reading from the external memory one of the encrypted data words together with the determined initialization vector and with the key identifier of the secret key that has served to encrypt the encrypted data word being read; and
first selection means for selecting a secret key based on the list of keys stored in said registers and based on the key identifier read from the external memory, wherein the generator of pseudorandom numbers is structured to generate, for the encrypted data word read from the external memory, based on said secret key and on said initialization vector, a pseudorandom number of determined size; and
wherein the combination unit is structured to combine the data word and the corresponding pseudorandom number, in such a way as to decrypt said encrypted data word read from the external memory. - View Dependent Claims (10, 11, 12, 13, 14)
-
Specification