Method and system for performing asynchronous cryptographic operations
First Claim
Patent Images
1. A method of performing cryptographic operations, comprising:
- receiving, within a thread of execution, a first request for a first cryptographic operation that is at least part of a secure communication protocol handshake that is an SSL handshake;
initiating, within the thread of execution, the first cryptographic operation by communicating with a single cryptographic accelerator;
after initiating the first cryptographic operation, receiving, within the thread of execution, a second request for a second cryptographic operation;
initiating, within the thread of execution, the second cryptographic operation by communicating with the same single cryptographic accelerator; and
receiving an indication that the first cryptographic operation has completed, wherein, the initiation of the second cryptographic operation is performed prior to receiving the indication that the first cryptographic operation has completed, and wherein the second cryptographic operation completes prior to the completion of the first cryptographic operation.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for performing asynchronous cryptographic operations. A cryptographic toolkit receives requests for cryptographic operations, and initiates the cryptographic operations within a thread of execution. The toolkit detects when the cryptographic operations are complete, retrieves the results, and returns the results to a calling program. The cryptographic operations are performed in an asynchronous manner, without blocking a calling program. The calling program can specify whether the requested operations are to be performed without blocking.
67 Citations
19 Claims
-
1. A method of performing cryptographic operations, comprising:
-
receiving, within a thread of execution, a first request for a first cryptographic operation that is at least part of a secure communication protocol handshake that is an SSL handshake; initiating, within the thread of execution, the first cryptographic operation by communicating with a single cryptographic accelerator; after initiating the first cryptographic operation, receiving, within the thread of execution, a second request for a second cryptographic operation; initiating, within the thread of execution, the second cryptographic operation by communicating with the same single cryptographic accelerator; and receiving an indication that the first cryptographic operation has completed, wherein, the initiation of the second cryptographic operation is performed prior to receiving the indication that the first cryptographic operation has completed, and wherein the second cryptographic operation completes prior to the completion of the first cryptographic operation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of performing a plurality of cryptographic operations, comprising:
-
receiving, within a single thread of execution, a plurality of requests to perform cryptographic operations wherein at least one of the cryptographic operations is at least a part of a secure communication protocol handshake that is an SSL handshake; asynchronously initiating, within the thread of execution, each of the cryptographic operations within a same cryptographic accelerator, wherein at least two of the cryptographic operations receive different data upon which to perform at least a portion of the respective cryptographic operations; associating each of the plurality of requests with a corresponding cryptographic operation; after initiating each of the cryptographic operations, receiving a result corresponding to each of the plurality of requests; and passing each result corresponding to each of the plurality of requests, wherein at least one of the cryptographic operations corresponding to at least one of the plurality of requests is initiated within the thread of execution prior to receiving the result of at least one cryptographic operation corresponding to at least one prior received request. - View Dependent Claims (10, 11)
-
-
12. A device for performing cryptographic operations in a single thread of execution, comprising:
-
a cryptographic accelerator that is configured to perform a plurality of cryptographic operations; and a processor that is configured and arranged to perform actions, including; requesting that a first cryptographic operation be performed by a cryptographic accelerator configured to perform a plurality of concurrent cryptographic operations the first cryptographic operation is at least part of secure communication protocol handshake that is an SSL handshake; specifying that the first cryptographic operation is to be a non-blocking operation; performing processing operations after requesting that the first cryptographic operation be performed; requesting a second cryptographic operation after initiating the processing operations for the first cryptographic operation; and selectively receiving a result of the second cryptographic operation from the cryptographic accelerator prior to receiving a result of the first cryptographic operation. - View Dependent Claims (13, 14)
-
-
15. A hardware device for performing cryptographic operations, comprising:
a central processing unit (CPU) having thereon the following; a cryptographic application program interface (API) including an interface that receives requests for performing cryptographic operations; at least one cryptographic component that communicates with a cryptographic accelerator; and a component configured and arranged to perform a plurality of concurrent requested cryptographic operations using the same cryptographic accelerator within a single thread of execution such that at least a first cryptographic operation finishes before a second cryptographic operation and the second cryptographic operation is initiated before the first cryptographic operation, and wherein at least one of the cryptographic operations is at least a part of a secure communication protocol handshake that is an SSL handshake. - View Dependent Claims (16)
-
17. A device having at least one hardware component for performing cryptographic operations, comprising:
a central processing unit (CPU) having thereon the following; a cryptographic accelerator that is configured to perform a plurality of different cryptographic operations; a receiving mechanism that receives cryptographic requests from a controlling program to perform a plurality of cryptographic operations, each cryptographic request having a corresponding cryptographic operation and at least one of the cryptographic operations is at least a part of a secure communication protocol handshake that is an SSL handshake; an output mechanism that provides cryptographic results of the plurality of cryptographic operations to the controlling program, each result corresponding to one of the cryptographic requests; and a performance mechanism configured and arranged to perform the plurality of cryptographic operations by communicating with the same cryptographic accelerator, such that the requests are received asynchronously from a single thread, and the results are provided to the single thread, wherein at least one of the cryptographic results is provided in an order that does not correspond to the order in which the cryptographic requests are received. - View Dependent Claims (18, 19)
Specification