Data encryption interface for reducing encrypt latency impact on standard traffic
First Claim
Patent Images
1. A method of reducing the impact of latency associated with encrypting secure data on storing non-secure data in memory, comprising:
- receiving first data to be stored in memory;
if the first data is secure, routing the first data to an encryption engine for encryption prior to storing the first data in memory; and
if the first data is not secure, routing the first data to memory bypassing the encryption engine, regardless of whether the encryption engine is encrypting data received prior to the first data.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and apparatus that may be utilized in systems to reduce the impact of latency associated with encrypting data on non-encrypted data are provided. Secure and non-secure data may be routed independently. Thus, non-secure data may be forwarded on (e.g., to targeted write buffers), without waiting for previously sent secure data to be encrypted. As a result, non-secure data may be made available for subsequent processing much earlier than in conventional systems utilizing a common data path for both secure and non-secure data.
31 Citations
20 Claims
-
1. A method of reducing the impact of latency associated with encrypting secure data on storing non-secure data in memory, comprising:
-
receiving first data to be stored in memory;
if the first data is secure, routing the first data to an encryption engine for encryption prior to storing the first data in memory; and
if the first data is not secure, routing the first data to memory bypassing the encryption engine, regardless of whether the encryption engine is encrypting data received prior to the first data. - View Dependent Claims (2, 3, 4)
-
-
5. A method of reducing the impact of latency associated with encrypting secure data on storing non-secure data in memory, comprising:
-
receiving secure data contained in a first one or more instructions to be stored in memory;
routing the secure data to an encryption engine for encryption;
subsequent to receiving the secure data, receiving non-secure data contained in a second one or more instructions to be stored in memory; and
prior to receiving the secure data back from the encryption engine in encrypted form, routing the non-secure data to memory, bypassing the encryption engine. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A system for decrypting packets of encrypted data, comprising:
-
a buffer device;
an encryption engine;
a first data path through the encryption engine for secure data to be encrypted prior to storage in memory;
a second data path around the encryption engine for non-secure data to be stored in memory unencrypted; and
data flow control circuitry configured to receive first data to be stored in memory, route the first data to the first data path if the first data is secure, and route the first data to the second data path if the first data is not secure. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A system on a chip (SOC), comprising:
-
one or more processor cores;
an encryption engine;
one or more write buffers; and
data flow control circuitry configured to route secure data involved in a first store instruction to the one or more write buffers through a first data path through the encryption engine, and to route non-secure data involved in a second store instruction issued subsequent to the first store instruction to the one or more write buffers through a second data path bypassing the encryption engine, wherein the non-secure data arrives at the one or more write buffers prior to the secure data. - View Dependent Claims (17, 18, 19, 20)
-
Specification