Method and apparatus for dual hardware and software cryptography
First Claim
1. A method in a data processing system for executing cryptographic operations, the method comprising:
- responsive to a request to perform a cryptographic operation, dynamically selecting between one of a software process and a hardware process within the data processing system in a single architecture for performing the cryptographic operation based on a policy, to form a selected process; and
performing the cryptographic operation using the selected process, wherein the cryptographic operation is an encryption of data using a key, and wherein the step of performing the cryptographic operation includes converting the key to a form useable by the selected process if the key is in an unusable form by the selected process, wherein the key is a software key and the selected process is the hardware process and the step of converting the key comprises converting the software key into a hardware form useable by the hardware process for performing the cryptographic operation.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides a method, apparatus, and computer implemented instructions for executing cryptographic operations. Responsive to a request to perform a cryptographic operation, one (or more) of a software process and a hardware process is selected for performing the cryptographic operation based on a policy which process results with available resources to perform the cryptographic operation to form a selected process. The cryptographic operation is performed using the selected process. Necessary object conversions, which is transparent to the application, is carried out in order to convert objects to usable forms of the selected process(es).
24 Citations
23 Claims
-
1. A method in a data processing system for executing cryptographic operations, the method comprising:
-
responsive to a request to perform a cryptographic operation, dynamically selecting between one of a software process and a hardware process within the data processing system in a single architecture for performing the cryptographic operation based on a policy, to form a selected process; and performing the cryptographic operation using the selected process, wherein the cryptographic operation is an encryption of data using a key, and wherein the step of performing the cryptographic operation includes converting the key to a form useable by the selected process if the key is in an unusable form by the selected process, wherein the key is a software key and the selected process is the hardware process and the step of converting the key comprises converting the software key into a hardware form useable by the hardware process for performing the cryptographic operation. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method in a data processing system for executing cryptographic operations, the method comprising:
-
responsive to a request to perform a cryptographic operation, dynamically selecting between one of a software process and a hardware process within the data processing system in a single architecture for performing the cryptographic operation based on a policy, to form a selected process; and performing the cryptographic operation using the selected process, wherein the cryptographic operation is an encryption of data using a key, wherein the key is a hardware key and the selected process is the software process and further comprising; converting the hardware key into a software form useable by the software process for performing the cryptographic operation. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A data processing system for executing cryptographic operations, the data processing system comprising:
-
selecting means for dynamically selecting between one of a software process and a hardware process within the data processing system in a single architecture for performing a cryptographic operation based on a policy, to form a selected process in response to a request to perform the cryptographic operation; and performing means for performing the cryptographic operation using the selected process, wherein the cryptographic operation is an encryption of data using a key, and wherein the performing means includes converting means for converting the key to a form useable by the selected process if the key is in an unusable form by the selected process, wherein the key is a software key and the selected process is the hardware process and the converting means comprises means for converting the software key into a hardware form useable by the hardware process for performing the cryptographic operation. - View Dependent Claims (13, 14, 15)
-
-
16. A data processing system for executing cryptographic operations, the data processing system comprising:
-
selecting means for dynamically selecting between one of a software process and a hardware process within the data processing system for performing a cryptographic operation based on a policy, to form a selected process in response to a request to perform the cryptographic operation; and performing means for performing the cryptographic operation using the selected process, wherein the cryptographic operation is an encryption of data using a key, and wherein the performing means includes converting means for converting the key to a form useable by the selected process if the key is in an unusable form by the selected process, wherein the key is a hardware key and the selected process is the software process and the converting means comprises means for converting the hardware key into a software form useable by the software process for performing the cryptographic operation. - View Dependent Claims (17, 18, 19, 20, 21)
-
-
22. A data processing system comprising:
-
a bus system; a communications unit connected to the bus, wherein data is sent and received using the communications unit; a memory connected to the bus system, wherein a set of instructions are located in the memory; and a processor unit connected to the bus system, wherein the processor unit executes the set of instructions to (i) dynamically select between one of a software process and a hardware process within the data processing system in a single architecture for performing a cryptographic operation based on a policy, to form a selected process;
(ii) perform the cryptographic operation using the selected process, wherein the cryptographic operation is an encryption of data using a key, wherein the key is a hardware key and the selected process is the software process; and
(iii) convert the hardware key into a software form useable by the software process for performing the cryptographic operation.
-
-
23. A data processing system comprising:
-
a bus system; a communications unit connected to the bus, wherein data is sent and received using the communications unit; a memory connected to the bus system, wherein a set of instructions are located in the memory; and a processor unit connected to the bus system, wherein the processor unit executes the set of instructions to (i) dynamically select between one of a software process and a hardware process within the data processing system in a single architecture for performing a cryptographic operation based on a policy, to form a selected process;
(ii) perform the cryptographic operation using the selected process, wherein the cryptographic operation is an encryption of data using a key, wherein the key is a software key and the selected process is the hardware process; and
(iii) convert the software key into a hardware form useable by the hardware process for performing the cryptographic operation.
-
Specification