Encryption key management system for an integrated circuit
First Claim
1. An improved integrated circuit for selectively processing data by encrypting or decrypting said data having:
- a data bus,a controller in bus communication with said integrated circuit via said data bus for providing data to said integrated circuit and reading data from said integrated circuit,a data register for receiving data from said controller via said data bus and storing said data,a DES key register for receiving and storing first key data (Ks) from said controller via said data bus,a DES control register for receiving and storing control signal from said controller via said data bus,an encryption engine module for reading said data from said data register and said DES key register in response to a specific control signal stored in as DES control register and for processing said data utilizing said first key data (Ks) and outputting said processed data,wherein the improvement comprises;
said integrated circuit further having,a second DES key register (Kv) isolated from said data bus and having stored therein a second key data (Kv),first selection means for selecting a selected key data from said first key data (Ks) in said DES Key register or said second key data (Kv) in said second DES Key register in response to said data in said DES control register and directing said selected key data to said encryption engine module.
1 Assignment
0 Petitions
Accused Products
Abstract
A microcontroller is in bus communication with an improved integrated circuit for providing data to the integrated circuit and reading data from the integrated circuit. The integrated circuit selectively processes data by encrypting or decrypting the data. The integrated circuit includes a data register for receiving data from the microcontroller via the data bus and storing the data. A DES key register is also provided for receiving and storing a key (Ks) from the controller via the data bus and a DES control register is provided for receiving and storing control signal from the controller via the data bus. The integrated circuit has a digital encryption engine module for reading the data from the data register and the DES key register in response to specific control signal stored in as DES control register and for processing the data utilizing the key (Ks) and outputting the encrypted data. A second DES key register (Kv) isolated from the data bus stores second key(Kv). A multiplexer is used for selectively enabling the first DES key (Ks) from the DES Key register or the second DES key (Kv) from the second DES Key register in response to the data in the DES control register. In addition, a internal key register stories an internal key (Ki) and a results register is provided for storing the processed data and directing the processed data to the data bus. A demultiplexer is for receiving the processed data from the DES engine and directing the processed data to the internal key register or the results register allow as a further alternative use of the internal key to encrypt or decrypt data.
68 Citations
5 Claims
-
1. An improved integrated circuit for selectively processing data by encrypting or decrypting said data having:
-
a data bus, a controller in bus communication with said integrated circuit via said data bus for providing data to said integrated circuit and reading data from said integrated circuit, a data register for receiving data from said controller via said data bus and storing said data, a DES key register for receiving and storing first key data (Ks) from said controller via said data bus, a DES control register for receiving and storing control signal from said controller via said data bus, an encryption engine module for reading said data from said data register and said DES key register in response to a specific control signal stored in as DES control register and for processing said data utilizing said first key data (Ks) and outputting said processed data, wherein the improvement comprises; said integrated circuit further having, a second DES key register (Kv) isolated from said data bus and having stored therein a second key data (Kv), first selection means for selecting a selected key data from said first key data (Ks) in said DES Key register or said second key data (Kv) in said second DES Key register in response to said data in said DES control register and directing said selected key data to said encryption engine module. - View Dependent Claims (2, 3, 4, 5)
-
Specification