Architecture of an encryption circuit implementing various types of encryption algorithms simultaneously without a loss of performance
First Claim
1. An encryption circuit for simultaneously processing various encryption algorithms, the encryption circuit adapted to be coupled to a host computer system, the encryption circuit comprising:
- an input/output module coupled to the host computer system through a dedicated bus,the input/output module handling data exchanges between the host system and the encryption circuit,the input/output module comprising a microcontroller and a microcontroller control memory, the microcontroller control memory providing storage for program control of the microcontroller;
an encryption module performing data encryption and decryption operations, as well as storage of all sensitive information of the encryption circuit; and
isolation means comprising a dual port memory connected between the input/output module and the encryption module, the isolation means ensuring that the sensitive information stored in the encryption module is inaccessible to the host computer system,the dual port memory enabling parallelism between
1) the data exchanges performed by the input/output module and
2) the data encryption and decryption operations performed by the encryption module.
1 Assignment
0 Petitions
Accused Products
Abstract
An encryption circuit for simultaneously processing various encryption algorithms, the circuit being capable of being coupled with a host system hosted by a computing machine. The circuit comprises an input/output module responsible for the data exchanges between the host system and the circuit via a dedicated bus. An encryption module coupled with the input/output module is in charge of the encryption and decryption operations. Isolation means between the input/output module and the encryption module makes the sensitive information stored in the encryption module inaccessible to the host system and ensures the parallelism of the operations performed by the input/output module and the encryption module. The circuit is supported on a peripheral component interconnect card. The circuit is specifically adapted to provide “hardware” protection of computer servers or stations.
-
Citations
17 Claims
-
1. An encryption circuit for simultaneously processing various encryption algorithms, the encryption circuit adapted to be coupled to a host computer system, the encryption circuit comprising:
-
an input/output module coupled to the host computer system through a dedicated bus, the input/output module handling data exchanges between the host system and the encryption circuit, the input/output module comprising a microcontroller and a microcontroller control memory, the microcontroller control memory providing storage for program control of the microcontroller; an encryption module performing data encryption and decryption operations, as well as storage of all sensitive information of the encryption circuit; and isolation means comprising a dual port memory connected between the input/output module and the encryption module, the isolation means ensuring that the sensitive information stored in the encryption module is inaccessible to the host computer system, the dual port memory enabling parallelism between
1) the data exchanges performed by the input/output module and
2) the data encryption and decryption operations performed by the encryption module. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. An encryption circuit for simultaneously processing various encryption algorithms, the encryption circuit adapted to be coupled to a host computer system, the encryption circuit comprising:
-
an input/output module coupled to the host computer system through a dedicated bus which provides direct access by the encryption circuit to the host system, the input/output module handling data exchanges between the host system bus and the encryption circuit the input/output module comprising a microcontroller and a microcontroller control memory, the microcontroller control memory providing storage for program control of the microcontroller; an encryption module performing data encryption and decryption operations, as well as storage of all sensitive information of the encryption circuit, the encryption module comprising; a first encryption sub-module, dedicated to the processing of symmetric encryption algorithms; a second encryption sub-module, dedicated to the processing of asymmetric encryption algorithms; and a CMOS memory containing the encryption keys accessible during execution of encryption algorithms by the first and second encryption sub-modules and the CMOS memory connected to be reset upon detection of an alarm condition protecting the encryption keys from unauthorized access and use; and isolation means comprising a dual port memory connected between the input/output module and the encryption module, the dual port memory being coupled to a first bus which couples to the first encryption sub-module, said second encryption sub-module and a second bus which couples to the input/output module, the isolation means ensuring that the sensitive information stored in the encryption module is inaccessible to the host computer system and is protected from unauthorized access and use, and the dual port memory enabling a first level of parallelism between
1) the data exchanges performed by the input/output module and
2) the data encryption and decryption operations performed by the encryption module; anda second level of parallelism by providing access to data of the dual port memory during parallel operation of both first and second encryption sub-modules.
-
Specification