Cryptographic Device with Detachable Data Planes
First Claim
1. A system for performing one or more of encryption and/or decryption, the system comprising:
- a parent cryptographic device configured to receive a first cryptographic key, determine one or more session keys based on the first cryptographic key, and insert the one or more session keys onto one or more child cryptographic devices that are operably connected to the parent cryptographic device; and
the one or more child cryptographic devices, wherein at least one of the one or more child cryptographic devices is configured to receive the one or more session keys from the parent cryptographic device, and perform one or more of encryption or decryption of communications exchanged with another child cryptographic device of the one or more child cryptographic devices.
2 Assignments
0 Petitions
Accused Products
Abstract
A system for performing encryption and/or decryption may include a parent cryptographic device. The parent cryptographic device may be configured to receive a first cryptographic key. The parent cryptographic device may be configured to determine one or more session keys based on the first cryptographic key and/or internally generated random data bits. The parent cryptographic device may be configured to insert the one or more session keys onto one or more child cryptographic devices that are operably connected to the parent cryptographic device. The one or more child cryptographic devices may be configured to receive the one or more session keys from the parent cryptographic device, and perform one or more of encryption or decryption of communications exchanged with another child cryptographic device of the one or more child cryptographic devices. The one or more child cryptographic devices may perform encryption/decryption after separation from the parent cryptographic device.
-
Citations
20 Claims
-
1. A system for performing one or more of encryption and/or decryption, the system comprising:
-
a parent cryptographic device configured to receive a first cryptographic key, determine one or more session keys based on the first cryptographic key, and insert the one or more session keys onto one or more child cryptographic devices that are operably connected to the parent cryptographic device; and the one or more child cryptographic devices, wherein at least one of the one or more child cryptographic devices is configured to receive the one or more session keys from the parent cryptographic device, and perform one or more of encryption or decryption of communications exchanged with another child cryptographic device of the one or more child cryptographic devices. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A cryptographic configuration device configured to load one or more cryptographic keys onto one or more configurable encryption/decryption (E/D) devices, the cryptographic configuration device comprising:
-
one or more child interfaces, wherein each child interface is configured to interface with a respective configurable E/D device; secure tamper memory, wherein the secure tamper memory is configured to store one or more secret keys, and clear memory contents based on operating without power for more than a configured amount of time; and a microprocessor configured to; perform fail-safe key management for the one or more secret keys, derive one or more session keys based on the one or more secrets keys using a one-way function or by using internally generated random data bits, and load the one or more session keys onto at least one of the one or more configurable E/D devices using the one or more child interfaces. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A configurable encryption/decryption (E/D) device comprising:
-
an interface connector configured to interface with a cryptographic configuration device and a host communication system bus; and a programmable logic device comprising one or more logical processing cores and volatile memory, wherein the one or more logical processing cores are configured to; communicate with the cryptographic configuration device via the interface connector, wherein communicating with the cryptographic configuration device comprises receiving one or more session keys to be used for at least one of encryption or decryption from the cryptographic configuration device, communicate with a host communication system via the interface connector, wherein communicating with the host communication system comprises at least one of transmitting or receiving data over the host communication system bus using the interface connector, encrypt data that is received from a processing unit of the host communication system via a plaintext traffic interface of the interface connector using the one or more session keys, and send encrypted data to a radio of the host communication system for transmission via a ciphertext traffic interface of the interface connector. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification