Cryptographically protected paging subsystem
First Claim
1. A method comprising the steps of:
- generating an integrity check value for an outgoing page within a physically secure environment, the physically secure environment containing a processor and a memory;
nstoring the integrity check value for the outgoing page;
encrypting the outgoing page resulting in an encrypted page; and
exporting the encrypted page to a storage unit outside the secure execution environment.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for maintaining integrity and confidentiality of pages paged to an external storage unit from a physically secure environment. An outgoing page is selected to be exported from a physically secure environment to an insecure environment. An integrity check value is generated and stored for the outgoing page. In one embodiment, this takes the form of taking a one-way hash of the page using a well-known one-way hash function. The outgoing page is then encrypted using a cryptographically strong encryption algorithm. Among the algorithms that might be used in one embodiment of the invention are IDEA and DES. The encrypted outgoing page is then exported to the external storage. By virtue of the encryption and integrity check, the security of the data on the outgoing page is maintained in the insecure environment.
426 Citations
24 Claims
-
1. A method comprising the steps of:
-
generating an integrity check value for an outgoing page within a physically secure environment, the physically secure environment containing a processor and a memory; nstoring the integrity check value for the outgoing page; encrypting the outgoing page resulting in an encrypted page; and exporting the encrypted page to a storage unit outside the secure execution environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for maintaining security in a paging subsystem comprising:
-
a bus; a secure processor coupled to a secure memory within a physically secure environment; an insecure storage unit in an insecure environment outside the physically secure environment and coupled to the physically secure environment by the bus; an interface within the physically secure environment and coupled between the bus and the secure processor, the interface encrypting and generating an integrity check value for a page exported to the insecure storaged unit, the interface decrypting and integrity checking the page when the page is imported back into the physically secure environment; and a page table exportable from the secure memory, the page table storing one of the integrity check value and a pointer to the integrity check value. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method of introducing a software for use in a secure environment comprising the steps of:
-
generating an encryption key; reading into the secure environment a page from the software to be introduced; hashing the page to generate an integrity check value; encrypting the page using the encryption key; and exporting the page as encrypted to an external storage unit in an insecure environment. - View Dependent Claims (22, 23)
-
-
24. A method of insuring integrity of a page paging between a physically secure environment and an insecure environment comprising the steps of:
-
generating an outgoing integrity check value for an outgoing page; storing an outgoing integrity check value for the outgoing page generating an incoming integrity check value when the page is paged in; and comparing the outgoing integrity check value with the incoming integrity check value.
-
Specification