System and method for context switching of a cryptographic engine

US 7,606,363 B1
Filed: 07/26/2005
Issued: 10/20/2009
Est. Priority Date: 07/26/2005
Status: Active Grant

First Claim

Patent Images

1. A cryptographic system, the cryptographic system implementing cryptographic functions designed to protect data, the cryptographic system comprising:

a memory, the memory storing a first cryptographic datum;

a processing unit, the processing unit including instructions to;

(a) execute a cryptographic algorithm using a second cryptographic datum to form output data;

(b) determine if a context switch command is received, the context switch command including a request to change a processing state of the processing unit;

(c) receive the first cryptographic datum from the memory if the context switch command is received;

(d) send the second cryptographic datum to the memory if the context switch command is received before replacing the second cryptographic datum with the first cryptographic datum;

(e) replace the second cryptographic datum with the first cryptographic datum if the context switch command is received; and

(f) repeat (a)-(e); and

an RF controller configured to receive communications from a plurality of communications channels and to generate the context switch command based on the communications of the plurality of communications channels, the RF controller is further configured to send the context switch command to the processing unit.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cryptographic system, method, and device for implementing cryptographic functions designed to protect data is provided. The method includes (a) providing an algorithm processing unit, (b) executing a cryptographic algorithm at the algorithm processing unit using a first cryptographic datum and input data to form output data, (c) determining if a context switch command is received from a controller, (d) receiving a second cryptographic datum from a memory if the context switch command is received, (e) replacing the second cryptographic datum with the first cryptographic datum if the context switch command is received, and (f) repeating (b)-(e). The controller switches the processing state of the algorithm processing unit from one channel to another channel without leaking data between channels through execution of the operations each time a channel switch is selected. As a result, a single algorithm processing unit used with a controller can provide multiple independent levels of security.

Citations

19 Claims

1. A cryptographic system, the cryptographic system implementing cryptographic functions designed to protect data, the cryptographic system comprising:
- a memory, the memory storing a first cryptographic datum;
  
  a processing unit, the processing unit including instructions to;
  
  (a) execute a cryptographic algorithm using a second cryptographic datum to form output data;
  
  (b) determine if a context switch command is received, the context switch command including a request to change a processing state of the processing unit;
  
  (c) receive the first cryptographic datum from the memory if the context switch command is received;
  
  (d) send the second cryptographic datum to the memory if the context switch command is received before replacing the second cryptographic datum with the first cryptographic datum;
  
  (e) replace the second cryptographic datum with the first cryptographic datum if the context switch command is received; and
  
  (f) repeat (a)-(e); and
  
  an RF controller configured to receive communications from a plurality of communications channels and to generate the context switch command based on the communications of the plurality of communications channels, the RF controller is further configured to send the context switch command to the processing unit.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The cryptographic system of claim 1, wherein the processing unit is programmable.
  - 3. The cryptographic system of claim 1, wherein the first cryptographic datum includes at least one of a key, a key schedule, an initialization vector, cipher output, cipher text, and plain text.
  - 4. The cryptographic system of claim 1, wherein the cryptographic algorithm is selected from a group consisting of a data encryption standard algorithm, a triple data encryption algorithm, and an advanced encryption standard algorithm.
  - 5. The cryptographic system of claim 4, wherein the data encryption standard algorithm includes a mode, and wherein the mode is selected from the group consisting of an electronic codebook mode, a cipher block chaining mode, a cipher feedback mode, and an output feedback mode.
  - 6. The cryptographic system of claim 1, wherein the processing state is selected from a group consisting of an initialize state, an execute state, and a reset state.
  - 7. The cryptographic system of claim 1, wherein the output data is selected from a group consisting of cipher output, cipher text, and plain text.
  - 8. The cryptographic system of claim 1, further comprising a feedback switch, the feedback switch being configured to send the output data to the cryptographic algorithm, the output data used as an input for the next execution of the cryptographic algorithm.
  - 9. The cryptographic system of claim 1, further comprising a feedback switch, the feedback switch being configured to send the output data to the memory.
  - 10. The cryptographic system of claim 1, further comprising a feedback switch, wherein the feedback switch being configured to send the output data to the memory if the processing state is a first value, and wherein the feedback switch being configured to send the output data to the cryptographic algorithm if the processing state is a second value.
  - 11. The cryptographic system of claim 1, further comprising a stream mixer, the stream mixer being configured to mix the output data with the input data to form mixed output data wherein, the input data is received from a component.
  - 12. The cryptographic system of claim 11, wherein the mixed output data is selected from a group consisting of cipher output, cipher text, and plain text.
  - 13. The cryptographic system of claim 11, wherein the component is selected from a group consisting of a modem, a platform interface, a telecommunications application, and a computer application.
  - 14. The cryptographic system of claim 1, further comprising receiving input data from a component before executing the cryptographic algorithm, wherein executing the cryptographic algorithm further uses the received input data to form the output data.
  - 15. The cryptographic system of claim 14, wherein the processing unit includes a plurality of cryptographic algorithms, and wherein the cryptographic algorithm executed is selected based on the context switch command.
  - 16. The cryptographic system of claim 15, wherein the component is selected from a group consisting of a modem, a platform interface, a telecommunications application, and a computer application.

17. A device, the device comprising:
- a component forming input data;
  
  a cryptographic system, the cryptographic system receiving the formed input data from the component, the cryptographic system comprisinga memory, the memory storing a first cryptographic datum;
  
  a processing unit, the processing unit(a) executing a cryptographic algorithm using a second cryptographic datum and the received input data to form output data;
  
  (b) determining if a context switch command is received, the context switch command including a request to change a processing state of the processing unit;
  
  (c) receiving the first cryptographic datum from the memory if the context switch command is received;
  
  (d) sending the second cryptographic datum to the memory if the context switch command is received before replacing the second cryptographic datum with the first cryptographic datum;
  
  (e) replacing the second cryptographic datum with the first cryptographic datum if the context switch command is received; and
  
  (f) repeating (a)-(e); and
  
  a context switch controller, the context switch controller sending the context switch command to the processing unit; and
  
  an RF controller configured to receive communications from a plurality of communications channels, the RF controller identifying an event based on the received communications, the RF controller further configured to determine that the event caused a context change for the cryptographic system, the RF controller further configured to send a command to the context switch controller including a context switch.
- View Dependent Claims (18)
- - 18. The device of claim 17, wherein the component is selected from the group consisting of a modem, a platform interface, a telecommunications application, and a computer application.

19. A method of implementing cryptographic functions designed to protect data, the method comprising:
- providing a processing unit and an RF controller configured to receive communications from a plurality of communications channels;
  
  using the RF controller to process the communications to determine to send a context switch command to the processing unit;
  
  executing a cryptographic algorithm at the processing unit using a second cryptographic datum and input data to form output data, the input data received from a component;
  
  determining if the context switch command is received from the RF controller, the context switch command including a request to change a processing state of the cryptographic algorithm;
  
  receiving a first cryptographic datum from a memory if the context switch command is received;
  
  (d) sending the second cryptographic datum to the memory if the context switch command is received before replacing the second cryptographic datum with the first cryptographic datum; and
  
  replacing the second cryptographic datum with the first cryptographic datum if the context switch command is received.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Rockwell Collins, Inc. (Rtx Corporation)
Original Assignee
Rockwell Collins, Inc. (Rtx Corporation)
Inventors
MacDonald, Timothy I., Silcox, Jason A.
Primary Examiner(s)
Arani; Taghi T.
Assistant Examiner(s)
Rahman; Mahfuzur

Application Number

US11/189,251
Time in Patent Office

1,547 Days
Field of Search

718/107, 718/108, 380/29
US Class Current

380/29
CPC Class Codes

H04K 1/00   Secret communication

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/0618   Block ciphers, i.e. encrypt...

System and method for context switching of a cryptographic engine

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for context switching of a cryptographic engine

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links