System and Method for Efficient Security Domain Translation and Data Transfer

US 20090259857A1
Filed: 04/10/2008
Published: 10/15/2009
Est. Priority Date: 04/10/2008
Status: Active Grant

First Claim

Patent Images

1. A method of transferring encrypted data from an external source to an external destination, by a processor selectively operated in either a secure mode or a non-secure mode comprising:

in a secure mode,managing cryptographic keys for first and second security domains; and

initializing a first secure Direct Memory Access (DMA) transfer into secure memory and a second secure DMA transfer from secure memory; and

in a non-secure mode,receiving data encrypted in a first security domain from the external source;

executing the first secure DMA transfer to move the encrypted data to a secure cryptographic module and clear text data to the secure memory;

executing the second secure DMA transfer to move clear text data from the secure memory to the secure cryptographic module; and

transferring data encrypted in the second security domain to the external destination.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile UE includes a CPU, a secure DMA module, a secure cryptographic module, secure memory, and non-secure memory. The secure cryptographic module and secure memory allow access only by secure processes, including the secure DMA module. The CPU manages cryptographic keys and initializes DMA transfers in secure mode. The CPU executes the DMA transfers in non-secure mode. A first DMA transfer moves data encrypted in a first security domain to the secure cryptographic module, and moves clear text data to the secure memory. A second DMA transfer moves the clear text data to the secure cryptographic module, and data encrypted in a second security domain out of the secure cryptographic module. The data encrypted in the second security domain are transmitted to an external device. The secure memory protects the clear text data from being copied; only encrypted data is accessible by non-secure processes.

94 Citations

View as Search Results

21 Claims

1. A method of transferring encrypted data from an external source to an external destination, by a processor selectively operated in either a secure mode or a non-secure mode comprising:
- in a secure mode,managing cryptographic keys for first and second security domains; and
  
  initializing a first secure Direct Memory Access (DMA) transfer into secure memory and a second secure DMA transfer from secure memory; and
  
  in a non-secure mode,receiving data encrypted in a first security domain from the external source;
  
  executing the first secure DMA transfer to move the encrypted data to a secure cryptographic module and clear text data to the secure memory;
  
  executing the second secure DMA transfer to move clear text data from the secure memory to the secure cryptographic module; and
  
  transferring data encrypted in the second security domain to the external destination.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein the non-secure mode steps are repeated for each of a plurality of successive packets of data.
  - 3. The method of claim 1 further comprising, in non-secure mode, storing the received data encrypted in a first security domain in non-secure memory prior to executing the first secure DMA transfer.
  - 4. The method of claim 3 wherein the first DMA transfer moves the encrypted data from non-secure memory to a secure cryptographic module and clear text data to the secure memory.
  - 5. The method of claim 1 further comprising, in non-secure mode, storing data encrypted in the second security domain in non-secure memory prior to executing the first secure DMA transfer.
  - 6. The method of claim 5 wherein the second secure DMA transfer moves clear text data from the secure memory to the secure cryptographic module and data encrypted in the second security domain from the secure cryptographic module to non-secure memory.
  - 7. The method of claim 1 wherein managing cryptographic keys for first and second security domains comprises retrieving one of the cryptographic keys from a secure source.
  - 8. The method of claim 1 wherein managing cryptographic keys for first and second security domains comprises deriving one of the cryptographic keys.
  - 9. The method of claim 1 wherein the step of receiving data encrypted in a first security domain from the external source is performed prior to the processor entering secure mode.

10. A method of efficiently translating encrypted data from a first security domain to a second security domain by a processor selectively operated in either a secure mode or a non-secure mode, while minimizing the required switching between modes, comprising:
- in a secure mode,providing a decryption key operative in the first security domain;
  
  providing an encryption key operative in the second security domainloading the first domain decryption key and second domain encryption key into a secure cryptographic module;
  
  initializing a first secure Direct Memory Access (DMA) transfer from non-secure memory to the secure cryptographic module and from the secure cryptographic module to secure memory; and
  
  initializing a second secure DMA transfer from secure memory to the secure cryptographic module and from the secure cryptographic module to non-secure memory; and
  
  in a non-secure mode,receiving data encrypted in a first security domain and storing it in non-secure memory;
  
  executing the first secure DMA transfer to decrypt the data from the first security domain;
  
  executing the second secure DMA transfer to encrypt the data into the second security domain; and
  
  transferring data in the second security domain.
- View Dependent Claims (11, 12)
- - 11. The method of claim 10 wherein the non-secure mode steps are repeated for each of a plurality of successive packets of data.
  - 12. The method of claim 10 wherein the step of receiving data encrypted in a first security domain and storing it in non-secure memory is performed prior to the processor entering secure mode.

13. A mobile User Equipment (UE) operative to receive data encrypted in a first security domain, translate the data to a second security domain, and transmit the data encrypted in the second security domain, comprising:
- a data transfer bus;
  
  secure memory connected to the bus and accessible only by secure processes;
  
  a secure cryptographic module connected to the bus and accessible only by secure processes, the secure cryptographic module operative to at least decrypt data in the first security domain and encrypt data in the second security domain; and
  
  a secure DMA module connected to the bus and recognized by the secure memory and secure cryptographic module as a secure process, the DMA module operative to transfer data in at least a first DMA transfer operative to move data encrypted in a first security domain into the secure cryptographic module and clear text from the secure cryptographic module to the secure memory, and a second DMA transfer operative to move clear text data into the secure cryptographic module and data encrypted in the second security domain from the secure cryptographic module.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
- - 14. The UE of claim 13 further comprising a CPU connected to the bus and operative to initialize the first and second DMA transfers in a secure mode and to execute the first and second DMA transfers in a non-secure mode.
  - 15. The UE of claim 14 wherein the CPU is further operative to re-execute the first and second DMA transfers in non-secure mode.
  - 16. The UE of claim 14 wherein the CPU is further operative to manage at least a decryption key for the first security domain and an encryption key for the second security domain, and to load the keys into the secure cryptographic module, in secure mode.
  - 17. The UE of claim 13 further comprising non-secure memory connected to the bus.
  - 18. The UE of claim 16 wherein the first DMA transfer reads data encrypted in the first security domain from the non-secure memory.
  - 19. The UE of claim 16 wherein the second DMA transfer rights data encrypted in the second security domain to the non-secure memory.
  - 20. The UE of claim 13 further comprising a receiver operative to receive at least data encrypted in the first security domain.
  - 21. The UE of claim 13 further comprising a communication interface operative to transmit at least data encrypted in the second security domain.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Gehrmann, Christian

Granted Patent

US 8,127,131 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/72   in cryptographic circuits

G06F 21/74   operating in dual or compar...

System and Method for Efficient Security Domain Translation and Data Transfer

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

94 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method for Efficient Security Domain Translation and Data Transfer

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

94 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links