Method and system for accelerating the conversion process between encryption schemes
First Claim
Patent Images
1. An apparatus comprising:
- a controller included in a security acceleration board in a gateway between a wireless network and a content provider, the controller coupled on a first side to a bus external to the security acceleration board to receive security parameters and data encrypted using a first transport layer security protocol from a first user, the controller to control transmission of the data and the security parameters;
a Field Programmable Gate Array (FPGA) device located on the security acceleration board and coupled to a second side of the controller to receive the data and security parameters from the controller, to convert the data from the first transport layer security protocol to a second transport layer security protocol and to send the converted data to the controller, the controller to receive the converted data from the FPGA and to transmit the converted data to a second user via the bus external to the security acceleration board; and
a memory coupled to the FPGA device and the controller, the memory to store the data during conversion from the first transport layer security protocol to the second transport layer security protocol, wherein the controller is coupled to prevent external access to data in the memory by the gateway and the FPGA during conversion of the data from the first transport layer security protocol to the second transport layer security protocol.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system is provided for accelerating the conversion process between encryption schemes. The system includes a board in a gateway. The board includes a controller to receive security parameters and data encrypted according to a first encryption scheme and control the transmission of the data. The system includes a hardware device coupled to the controller to decrypt the data and encrypt the data according to a second encryption scheme. The data is then transmitted to the controller to be forwarded out of the gateway.
31 Citations
19 Claims
-
1. An apparatus comprising:
-
a controller included in a security acceleration board in a gateway between a wireless network and a content provider, the controller coupled on a first side to a bus external to the security acceleration board to receive security parameters and data encrypted using a first transport layer security protocol from a first user, the controller to control transmission of the data and the security parameters; a Field Programmable Gate Array (FPGA) device located on the security acceleration board and coupled to a second side of the controller to receive the data and security parameters from the controller, to convert the data from the first transport layer security protocol to a second transport layer security protocol and to send the converted data to the controller, the controller to receive the converted data from the FPGA and to transmit the converted data to a second user via the bus external to the security acceleration board; and a memory coupled to the FPGA device and the controller, the memory to store the data during conversion from the first transport layer security protocol to the second transport layer security protocol, wherein the controller is coupled to prevent external access to data in the memory by the gateway and the FPGA during conversion of the data from the first transport layer security protocol to the second transport layer security protocol. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An apparatus, comprising:
-
a controller included in a security acceleration board in a gateway between a wireless network and a content provider, the controller coupled on a first side to a bus external to the security acceleration board to receive security parameters and data encrypted using a first transport layer security protocol from a first user, the controller to control transmission of the data and the security parameters; a first Field Programmable Gate Array (FPGA) located on the security acceleration board and coupled to a second side of the controller to receive the data and security parameters from the controller and to decrypt the data; a second FPGA coupled to the first FPGA to receive the decrypted data and to encrypt the data using a second transport layer security protocol and to send the converted data to the controller, the controller to receive the converted data from the second FPGA and to transmit the converted data to a second user via the bus external to the security acceleration board; and a memory coupled to the first and second FPGA'"'"'s and the controller, the memory to store the data during conversion from the first transport layer security protocol to the second transport layer security protocol, wherein the controller is coupled to prevent external access to data in the memory by the gateway and at least one of the first and second FPGA'"'"'s during conversion of the data from the first transport layer security protocol to the second transport layer security protocol. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A method comprising:
-
receiving encrypted data at a controller, the controller included in a security acceleration board in a gateway between a wireless network and a content provider, the controller coupled on a first side to a bus external to the security acceleration board to receive security parameters and data encrypted using a first transport layer security protocol from a first user, the controller to control transmission of the data and the security parameters; transmitting the encrypted data from the controller to a Field Programmable Gate Array (FPGA) located on the security acceleration board and coupled to a second side of the controller to receive the data and security parameters from the controller; decrypting the encrypted data at the FPGA; storing the decrypted data in a memory; and re-encrypting the decrypted data using a second transport layer security protocol, wherein the controller is coupled to prevent access to data from the gateway during conversion from the first transport layer security protocol to the second transport layer security protocol; sending the re-encrypted data to the controller; and transmitting the re-encrypted data from the controller to a second user via the bus external to the security acceleration board. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
Specification