BINDING OF CRYPTOGRAPHIC OPERATIONS TO CONTEXT OR SPECULATIVE EXECUTION RESTRICTIONS
First Claim
Patent Images
1. A processor comprising:
- a first register to store a wrapping key;
a second register to store a pointer to a handle stored in a memory coupled to the processor, the handle comprising a cryptographic key encrypted using the wrapping key; and
a core to execute a decryption instruction, wherein the core comprises circuitry to, responsive to the decryption instruction;
identify, in the decryption instruction, a pointer to ciphertext stored in the memory;
retrieve the ciphertext and the handle from the memory;
decrypt the cryptographic key of the handle based on the wrapping key; and
decrypt the ciphertext based on the decrypted cryptographic key.
1 Assignment
0 Petitions
Accused Products
Abstract
A processor comprising a first register to store a wrapping key, a second register to store a pointer to a handle stored in a memory coupled to the processor, the handle comprising a cryptographic key encrypted using the wrapping key, and a core to execute a decryption instruction. The core is to, responsive to the decryption instruction, identify, in the decryption instruction, a pointer to ciphertext stored in the memory, retrieve the ciphertext and the handle from the memory, decrypt the cryptographic key of the handle based on the wrapping key, and decrypt the ciphertext based on the decrypted cryptographic key.
19 Citations
20 Claims
-
1. A processor comprising:
-
a first register to store a wrapping key; a second register to store a pointer to a handle stored in a memory coupled to the processor, the handle comprising a cryptographic key encrypted using the wrapping key; and a core to execute a decryption instruction, wherein the core comprises circuitry to, responsive to the decryption instruction; identify, in the decryption instruction, a pointer to ciphertext stored in the memory; retrieve the ciphertext and the handle from the memory; decrypt the cryptographic key of the handle based on the wrapping key; and decrypt the ciphertext based on the decrypted cryptographic key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method comprising:
-
storing a wrapping key in a first register of a processor; storing, in a second register of the processor, a pointer to a handle stored in a memory coupled to the processor, the handle comprising a cryptographic key encrypted using the wrapping key; and executing, by a core of the processor, a decryption instruction, the execution comprising; identifying, in the decryption instruction, a pointer to ciphertext stored in the memory; retrieving the ciphertext and the handle from the memory; decrypting the cryptographic key of the handle based on the wrapping key; and decrypting the ciphertext based on the decrypted cryptographic key. - View Dependent Claims (17, 18)
-
-
19. One or more non-transitory computer-readable media with code stored thereon, wherein the code is executable to cause a machine to:
-
store a wrapping key in a first register; store, in a second register, a pointer to a handle stored in a memory, the handle comprising a cryptographic key encrypted using the wrapping key; and execute a decryption instruction, the execution comprising; identifying, in the decryption instruction, a pointer to ciphertext stored in the memory; retrieving the ciphertext and the handle from the memory; decrypting the cryptographic key of the handle based on the wrapping key; and decrypting the ciphertext based on the decrypted cryptographic key. - View Dependent Claims (20)
-
Specification