System and method for context switching of a cryptographic engine
First Claim
1. A cryptographic system, the cryptographic system implementing cryptographic functions designed to protect data, the cryptographic system comprising:
- a memory, the memory storing a first cryptographic datum;
a processing unit, the processing unit including instructions to;
(a) execute a cryptographic algorithm using a second cryptographic datum to form output data;
(b) determine if a context switch command is received, the context switch command including a request to change a processing state of the processing unit;
(c) receive the first cryptographic datum from the memory if the context switch command is received;
(d) send the second cryptographic datum to the memory if the context switch command is received before replacing the second cryptographic datum with the first cryptographic datum;
(e) replace the second cryptographic datum with the first cryptographic datum if the context switch command is received; and
(f) repeat (a)-(e); and
an RF controller configured to receive communications from a plurality of communications channels and to generate the context switch command based on the communications of the plurality of communications channels, the RF controller is further configured to send the context switch command to the processing unit.
1 Assignment
0 Petitions
Accused Products
Abstract
A cryptographic system, method, and device for implementing cryptographic functions designed to protect data is provided. The method includes (a) providing an algorithm processing unit, (b) executing a cryptographic algorithm at the algorithm processing unit using a first cryptographic datum and input data to form output data, (c) determining if a context switch command is received from a controller, (d) receiving a second cryptographic datum from a memory if the context switch command is received, (e) replacing the second cryptographic datum with the first cryptographic datum if the context switch command is received, and (f) repeating (b)-(e). The controller switches the processing state of the algorithm processing unit from one channel to another channel without leaking data between channels through execution of the operations each time a channel switch is selected. As a result, a single algorithm processing unit used with a controller can provide multiple independent levels of security.
-
Citations
19 Claims
-
1. A cryptographic system, the cryptographic system implementing cryptographic functions designed to protect data, the cryptographic system comprising:
-
a memory, the memory storing a first cryptographic datum; a processing unit, the processing unit including instructions to; (a) execute a cryptographic algorithm using a second cryptographic datum to form output data; (b) determine if a context switch command is received, the context switch command including a request to change a processing state of the processing unit; (c) receive the first cryptographic datum from the memory if the context switch command is received; (d) send the second cryptographic datum to the memory if the context switch command is received before replacing the second cryptographic datum with the first cryptographic datum; (e) replace the second cryptographic datum with the first cryptographic datum if the context switch command is received; and (f) repeat (a)-(e); and an RF controller configured to receive communications from a plurality of communications channels and to generate the context switch command based on the communications of the plurality of communications channels, the RF controller is further configured to send the context switch command to the processing unit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A device, the device comprising:
-
a component forming input data; a cryptographic system, the cryptographic system receiving the formed input data from the component, the cryptographic system comprising a memory, the memory storing a first cryptographic datum; a processing unit, the processing unit (a) executing a cryptographic algorithm using a second cryptographic datum and the received input data to form output data; (b) determining if a context switch command is received, the context switch command including a request to change a processing state of the processing unit; (c) receiving the first cryptographic datum from the memory if the context switch command is received; (d) sending the second cryptographic datum to the memory if the context switch command is received before replacing the second cryptographic datum with the first cryptographic datum; (e) replacing the second cryptographic datum with the first cryptographic datum if the context switch command is received; and (f) repeating (a)-(e); and a context switch controller, the context switch controller sending the context switch command to the processing unit; and an RF controller configured to receive communications from a plurality of communications channels, the RF controller identifying an event based on the received communications, the RF controller further configured to determine that the event caused a context change for the cryptographic system, the RF controller further configured to send a command to the context switch controller including a context switch. - View Dependent Claims (18)
-
-
19. A method of implementing cryptographic functions designed to protect data, the method comprising:
-
providing a processing unit and an RF controller configured to receive communications from a plurality of communications channels; using the RF controller to process the communications to determine to send a context switch command to the processing unit; executing a cryptographic algorithm at the processing unit using a second cryptographic datum and input data to form output data, the input data received from a component; determining if the context switch command is received from the RF controller, the context switch command including a request to change a processing state of the cryptographic algorithm; receiving a first cryptographic datum from a memory if the context switch command is received; (d) sending the second cryptographic datum to the memory if the context switch command is received before replacing the second cryptographic datum with the first cryptographic datum; and replacing the second cryptographic datum with the first cryptographic datum if the context switch command is received.
-
Specification