Methods and systems for authentication of components in a graphics system
First Claim
1. A method for providing authentication in connection with the use of a trusted graphics platform having a graphics card, comprising:
- requesting by one of an application and device of a graphics card to verify that the graphics card is a secure graphics card;
in response to said requesting, generating a session key by a cryptographic processor communicatively and securely coupled to the graphics card; and
transmitting said session key to the one of an application and device,wherein the cryptographic processor includes (1) a multi-bit volatile register S for the session key and (2) an array of a plurality of index keys,wherein each of said plurality of index keys (1) is associated with a particular window of a host system that includes said one of an application and device, and (2) is used by the graphics card to decrypt the contents of the window, andwherein each of said plurality of index keys is used only once in accordance with a purpose parameter associated with the index key, wherein when an index key has been filled with a new value, a corresponding former value is irretrievably discarded.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are provided for authenticating component(s) in connection with the use of a trusted graphics system. Techniques are provided for authenticating a graphics card in connection with a system that cryptographically secures content routed through a graphics pipeline, such that an application or device can indicate to the trusted graphics platform that the application or device is a trusted user of the trusted graphics platform, and such that the graphics platform can communicate to the trusted application or device that the graphics platform may be trusted by the application or device.
39 Citations
54 Claims
-
1. A method for providing authentication in connection with the use of a trusted graphics platform having a graphics card, comprising:
-
requesting by one of an application and device of a graphics card to verify that the graphics card is a secure graphics card; in response to said requesting, generating a session key by a cryptographic processor communicatively and securely coupled to the graphics card; and transmitting said session key to the one of an application and device, wherein the cryptographic processor includes (1) a multi-bit volatile register S for the session key and (2) an array of a plurality of index keys, wherein each of said plurality of index keys (1) is associated with a particular window of a host system that includes said one of an application and device, and (2) is used by the graphics card to decrypt the contents of the window, and wherein each of said plurality of index keys is used only once in accordance with a purpose parameter associated with the index key, wherein when an index key has been filled with a new value, a corresponding former value is irretrievably discarded. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computing device, comprising:
-
one of an application and device; and a graphics card having at least one GPU and a cryptographic processor communicatively and securely coupled to said at least one GPU, wherein said one of an application and device requests that the graphics card verify that the graphics card is a secure graphics card and whereby in response to said requesting, the cryptographic processor generates a session key and transmits said session key to the one of an application and device wherein the lifetime of the session key is the running time of the one of an application and device and the lifetime of each key of the plurality of keys is governed by instructions from the one of an application and device, wherein the cryptographic processor includes (1) a multi-bit volatile register S for the session key and (2) an array of a plurality of index keys, wherein each of said plurality of index keys (1) is associated with a particular window of a host system that includes said one of an application and device, and (2) is used by the graphics card to decrypt the contents of the window, and wherein each of said plurality of index keys is used only once in accordance with a purpose parameter associated with the index key, wherein when an index key has been filled with a new value, a corresponding former value is irretrievably discarded. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. At least one computer readable medium that is tangible storage medium having stored thereon a plurality of computer-executable instructions, said plurality of computer-executable instructions including:
-
means for requesting by one of an application and device of a graphics card to verify that the graphics card is a secure graphics card; means for generating a session key by a cryptographic processor communicatively and securely coupled to the graphics card in response to requesting by said means for requesting; and means for transmitting said session key to the one of an application and device, wherein the cryptographic processor includes (1) a multi-bit volatile register S for the session key and (2) an array of a plurality of index keys, wherein each of said plurality of index keys (1) is associated with a particular window of a host system that includes said one of an application and device, and (2) is used by the graphics card to decrypt the contents of the window, and wherein each of said plurality of index keys is used only once in accordance with a purpose parameter associated with the index key, wherein when an index key has been filled with a new value, a corresponding former value is irretrievably discarded. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
-
-
42. An operating system of a computing device, comprising:
-
means for requesting by one of an application and device of a graphics card to verify that the graphics card is a secure graphics card; means for generating a session key by a cryptographic processor communicatively and securely coupled to the graphics card in response to requesting by said means for requesting; and means for transmitting said session key to the one of an application and device, wherein the cryptographic processor includes (1) a multi-bit volatile register S for the session key and (2) an array of a plurality of index keys, wherein each of said plurality of index keys (1) is associated with a particular window of a host system that includes said one of an application and device, and (2) is used by the graphics card to decrypt the contents of the window, and wherein each of said plurality of index keys is used only once in accordance with a purpose parameter associated with the index key, wherein when an index key has been filled with a new value, a corresponding former value is irretrievably discarded. - View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54)
-
Specification