Methods and apparatus for accelerating secure session processing
First Claim
Patent Images
1. A method for deriving key information in a cryptography accelerator, the method comprising:
- receiving random information and protocol information associated with an initialize session input message;
generating master secret information using the random information and the protocol information from the initialize session input message;
generating a plurality of sessions keys using processed protocol information and the master secret information; and
sending an initialize session output message corresponding to the input message, wherein a plurality of session keys are associated with the initialize session output message.
6 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus are provided for an entity such as a CPU to efficiently call a cryptography accelerator to perform cryptographic operations. A function call causes the cryptography accelerator to execute multiple cryptographic operations in a manner tailored for specific processing steps, such as steps during a handshake phase of a secured session. The techniques provide efficient use of hardware processing resources, data interfaces, and memory interfaces.
49 Citations
45 Claims
-
1. A method for deriving key information in a cryptography accelerator, the method comprising:
-
receiving random information and protocol information associated with an initialize session input message; generating master secret information using the random information and the protocol information from the initialize session input message; generating a plurality of sessions keys using processed protocol information and the master secret information; and sending an initialize session output message corresponding to the input message, wherein a plurality of session keys are associated with the initialize session output message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A cryptography accelerator for deriving key information, the cryptography accelerator comprising:
-
an interface operable to receive random information and protocol information associated with an initialize session input message; and a cryptographic core configured to generate master secret information using the random information and the protocol information from the initialize session input message and generate a plurality of sessions keys using processed protocol information and the master secret information, wherein the interface is further operable to send an initialize session output message corresponding to the input message, and wherein a plurality of session keys are associated with the initialize session output message. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A cryptography accelerator for deriving key information, the cryptography accelerator comprising:
-
means for receiving random information and protocol information associated with an initialize session input message; means for generating master secret information using the random information and the protocol information from the initialize session input message; means for generating a plurality of sessions keys using processed protocol information and the master secret information; and means for sending an initialize session output message corresponding to the input message, wherein a plurality of session keys are associated with the initialize session output message.
-
-
23. A method for performing cryptography processing in a cryptography accelerator during a secured session between a client and a server, the method comprising:
-
receiving handshake information from a first entity associated with the cryptography accelerator; performing a first set of authentication operations to generate client verification information using the handshake information from the client; performing a second set of authentication operations to generate server verification information; and providing the client verification information and the server verification information in a response corresponding to the handshake information received from the first entity associated with the cryptography accelerator. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
-
34. A cryptography accelerator for performing cryptography processing during a secured session between a client and a server, the cryptography accelerator comprising:
-
an interface operable to receive handshake information from a first entity associated with the cryptography accelerator; and a cryptographic core configured to perform a first set of authentication operations to generate client verification information using the handshake information from the client and perform a second set of authentication operations to generate server verification information, wherein the interface is further operable to provide the client verification information and the server verification information in a response corresponding to the handshake information received from the first entity. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
-
-
45. A cryptography accelerator for performing cryptography processing, the cryptography accelerator comprising:
-
means for receiving handshake information from a first entity associated with the cryptography accelerator; means for performing a first set of authentication operations to generate client verification information using the handshake information from the client; means for performing a second set of authentication operations to generate server verification information; and means for providing the client verification information and the server verification information in a response corresponding to the handshake information received from the first entity associated with the cryptography accelerator.
-
Specification