CMOS-based stateless hardware security module
First Claim
1. A security processing system comprising:
- at least one key generator for generating an identity cipher key within a MOS integrated circuit;
at least one one-time-programmable memory for storing the identity cipher key in the integrated circuit, the at least one one-time-programmable memory comprising thin gate-oxide fuses and configured to be capable of being implemented in the integrated circuit using any MOS process; and
at least one processor for processing data using the identity cipher key within the integrated circuit and for enforcing policy associated with key usage.
4 Assignments
0 Petitions
Accused Products
Abstract
Stateless hardware security modules facilitate securing data transfers between devices in a data communication system. The stateless hardware security module may communicate with other devices via a secure communication channel to securely transfer information between the client device and another device. As a result, sensitive information such as cryptographic keys and data may be securely routed between the client device and another device. The stateless hardware security module may support a limited set of key management operations to facilitate routing of information between the client device and another device. However, the stateless hardware security module does not need to maintain state information for the keys it maintains and/or uses. As a result, the stateless hardware security module may be advantageously integrated into a variety of client devices. A stateless hardware security module may support receiving keys in a secure manner from another device and storing and using these keys within a secure boundary. A stateless hardware security module may support generating a private/public key pair within a secure boundary, maintaining the private key within the secure boundary, and exporting the public key to an authenticating entity.
138 Citations
27 Claims
-
1. A security processing system comprising:
-
at least one key generator for generating an identity cipher key within a MOS integrated circuit;
at least one one-time-programmable memory for storing the identity cipher key in the integrated circuit, the at least one one-time-programmable memory comprising thin gate-oxide fuses and configured to be capable of being implemented in the integrated circuit using any MOS process; and
at least one processor for processing data using the identity cipher key within the integrated circuit and for enforcing policy associated with key usage. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A secure data processing method comprising:
-
storing at least one cipher key in at least one one-time-programmable memory in an integrated circuit, the at least one one-time-programmable memory comprising thin gate-oxide fuses and configured to be capable of being implemented in the integrated circuit using any MOS process;
maintaining the at least one cipher key within a security boundary associated with the integrated circuit;
using the at least one cipher key within the security boundary; and
enforcing policy associated with the at least one cipher key. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A secure data processing method comprising:
-
storing at least one cipher key in at least one one-time-programmable memory in an integrated circuit, the at least one one-time-programmable memory configured to be implemented in the integrated circuit using a single poly process;
maintaining the at least one cipher key within a security boundary associated with the integrated circuit;
using the at least one cipher key within the security boundary; and
enforcing policy associated with the at least one cipher key. - View Dependent Claims (19, 20, 21)
-
-
22. A security processing system comprising:
-
at least one data interface for receiving an identity cipher key within a CMOS integrated circuit from at least one device external to the integrated circuit;
at least one one-time-programmable memory for storing the identity cipher key in the integrated circuit, the at least one one-time-programmable memory comprising thin gate-oxide fuses and configured to be capable of being implemented in the integrated circuit using any MOS process; and
at least one processor for processing data using the identity cipher key within the integrated circuit and for enforcing policy associated with key usage. - View Dependent Claims (23, 24, 25, 26, 27)
-
Specification