Processors Including Key Management Circuits and Methods of Operating Key Management Circuits

US 20140219445A1
Filed: 04/11/2014
Published: 08/07/2014
Est. Priority Date: 08/06/2012
Status: Active Grant

First Claim

Patent Images

1. A system on chip, comprising:

a central processing unit; and

a key manager coupled to the central processing unit, wherein the key manager includes;

a random number generator configured to generate a key; and

a key memory configured to store the key and a user setting value associated with the key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system on chip includes a central processing unit and a key manager coupled to the central processing unit. The key manager includes a random number generator configured to generate a key and a key memory configured to store the key and a user setting value associated with the key.

14 Citations

View as Search Results

33 Claims

1. A system on chip, comprising:
- a central processing unit; and
  
  a key manager coupled to the central processing unit, wherein the key manager includes;
  
  a random number generator configured to generate a key; and
  
  a key memory configured to store the key and a user setting value associated with the key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system on chip of claim 1, wherein the user setting value comprises a first user setting value, the key manager further comprising:
    - a user setting value register configured to store a second user setting value; and
      
      a controller configured to control use of the key in response to a comparison of the first user setting value and the second user setting value.
  - 3. The system on chip of claim 2, wherein the key memory comprises a decrypted key memory;
    - andwherein the key manager is configured to generate a hash value based on the key, and the first user setting value, to generate an encrypted key by encrypting the hash value and the key using a fixed value, and to store the encrypted key in an encrypted key memory.
  - 4. The system on chip of claim 3, wherein the key manager further comprises a unique value storage configured to provide the fixed value, wherein the fixed value is unique to the system on chip.
  - 5. The system on chip of claim 4, wherein the fixed value is provided to a key manager core without traversing a host interface.
  - 6. The system on chip of claim 3, wherein the key manager is further configured to generate the hash value based on a random salt value in addition to the key and the first user setting value, and to generate the encrypted key by encrypting the hash value, the key and the random salt value using the fixed value.
  - 7. The system on chip of claim 6, wherein the key manager further comprises a cipher block configured to receive the hash value, the key, the random salt value, and the fixed value, and to generate the encrypted key by performing an encryption operation on the hash value, the key and the random salt value using the fixed value.
  - 8. The system on chip of claim 6, wherein the key manager further comprises a hash generator configured to receive the random salt value, the first user setting value and the key to the hash generator, and to generate the hash value by performing a hash operation on the random salt value, the first user setting value and the key.
  - 9. The system on chip of claim 1, wherein the key manager further comprises a random number generator that is configured to generate the key.
  - 10. The system on chip of claim 9, wherein the key manager comprises a key manager core, and wherein the random number generator is configured to provide the key to the key manager core without the key traversing a host interface.
  - 11. The system on chip of claim 2, wherein the key manager further comprises a user check block that compares the first user setting value and the second user setting value.

12. A method of operating a key manager, comprising:
- generating and storing a key in a key memory; and
  
  storing a user setting value in the key memory, wherein the user setting value is associated with the key.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The method of claim 12, wherein the user setting value comprises a first user setting value, the method further comprising:
    - receiving a second user setting value from a host;
      
      comparing the first user setting value with a second user setting value; and
      
      controlling use of the key based on a result of the comparison of the first user setting value and the second user setting value.
  - 14. The method of claim 13, wherein the key memory comprises a decrypted key memory, the method further comprising:
    - generating a hash value based on the key and the first user setting value;
      
      generating an encrypted key by encrypting the hash value and the key using a fixed value; and
      
      storing the encrypted key in an encrypted key memory.
  - 15. The method of claim 14, further comprising obtaining the fixed value from a unique value storage.
  - 16. The method of claim 15, wherein the fixed value does not traverse a host interface.
  - 17. The method of claim 14, further comprising:
    - generating the hash value based on a random salt value in addition to the key and the first user setting value; and
      
      generating the encrypted key by encrypting the hash value, the key and the random salt value using the fixed value.

18. A key manager, comprising:
- a key manager core including a controller, wherein the key manager core is configured to receive a user setting value;
  
  a random number generator configured to generate a key; and
  
  a decrypted key memory configured to store the key and the user setting value, wherein the user setting value is associated with the key;
  
  wherein the key manager core is configured to generate a hash value based on the key and the user setting value, to generate an encrypted key by encrypting the hash value and the key using a fixed value, and to store the encrypted key in an encrypted key memory.
- View Dependent Claims (19, 20, 21, 22)
- - 19. The key manager of claim 18, wherein the random number generator is configured to provide the key to the key manager core without the key traversing a host interface.
  - 20. The key manager of claim 19, wherein the fixed value is unique to a system on chip that includes the key manager.
  - 21. The key manager of claim 19, wherein the key manager core is further configured to generate the hash value based on a random salt value in addition to the key and the user setting value, and to generate the encrypted key by encrypting the hash value, the key and the random salt value using the fixed value.
  - 22. The key manager of claim 18, wherein the user setting value comprises a first user setting value;
    - andwherein the key manager core is configured to receive a second user setting value, to compare the second user setting value to the first user setting value, and to control use of the key in response to the comparison of the first user setting value and the second user setting value.

23. A system on chip, comprising:
- a central processing unit; and
  
  a key manager coupled to the central processing unit, wherein the key manager includes;
  
  a key manager core comprising a controller and a user setting value register configured to store a user setting value received from the central processing unit; and
  
  a unique value storage coupled to the key manager core and configured to provide a unique value to the key manager core, wherein the unique value is unique to the system on chip;
  
  wherein the key manager core is configured to generate a data encryption key based on the user setting value and the unique value in response to a key generation command.
- View Dependent Claims (24, 25, 26, 27, 28)
- - 24. The system on chip of claim 23, further comprising a command register configured to store a key generation command received from the central processing unit and a user setting value register configured to store the user setting value, wherein the key manager is configured to generate the data encryption key in response to the key generation command.
  - 25. The system on chip of claim 23, wherein the unique value storage is accessible only by the key manager core.
  - 26. The system on chip of claim 23, wherein the unique value storage is configured to provide the unique value to the controller without the unique value traversing a host interface.
  - 27. The system on chip of claim 23, wherein the key manager core further comprises a cipher block, wherein the controller is configured to provide the unique value and the user setting value to the cipher block, and the cipher block is configured to generate the data encryption key by performing an operation on the unique value and the user setting value.
  - 28. The system on chip of claim 23, wherein the user setting value comprises a unique identifier of an application executed by the central processing unit and/or a unique data provided by a user of the application.

29. A method of operating a key manager including a key manager core having a controller, the method comprising:
- receiving a user setting value at the key manager core from a host;
  
  receiving a unique value from a unique value storage, wherein the unique value is unique to a system on chip that includes the key manager; and
  
  generating a data encryption key based on the user setting value and the unique value.
- View Dependent Claims (30, 31, 32)
- - 30. The method of claim 29, further comprising receiving a command from the host, wherein the data encryption key is generated in response to the command.
  - 31. The method of claim 29, wherein the unique value is provided directly to the key manager core from the unique value storage without traversing a host interface.
  - 32. The method of claim 29 further comprising providing the unique value and the user setting value to a cipher block, wherein the cipher block generates the encrypted key by performing an encryption operation on the unique value and the user setting value.

33. A system on chip, comprising:
- a central processing unit; and
  
  a key manager coupled to the central processing unit, wherein the key manager includes;
  
  a key manager core comprising a controller and a user setting value register configured to store a user setting value received from the central processing unit;
  
  a unique value storage coupled to the key manager core and configured to provide a unique value to the key manager core, wherein the unique value is unique to the system on chip;
  
  a random number generator; and
  
  a key memory;
  
  wherein the key manager core is configured to obtain a first data encryption key from the random number generator in response to a first key generation command, to store the first data encryption key and a user setting value associated with the first data encryption key in the key memory, to generate a hash value based on the first data encryption key and the user setting value, to generate an encrypted key by encrypting the hash value and the first data encryption key using the unique value, and to store the encrypted key in an encrypted key memory; and
  
  wherein the key manager core is configured to generate a second data encryption key based on the user setting value and the unique value in response to a second key generation command.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
LEE, Hyesoo, PARK, Jaechul, YOUM, Yun-Ho, KIM, Kyungae, HONG, TongPyo

Granted Patent

US 9,935,768 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/46
CPC Class Codes

H04L 9/0869 involving random numbers or...

H04L 9/0894 Escrow, recovery or storing...

Processors Including Key Management Circuits and Methods of Operating Key Management Circuits

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

14 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Processors Including Key Management Circuits and Methods of Operating Key Management Circuits

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links