Secure processor

US 8,468,364 B2
Filed: 07/10/2006
Issued: 06/18/2013
Est. Priority Date: 02/22/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A secure processor, which decrypts an encrypted instruction code and executes the instruction code, comprising:

a processor core configured to execute the instruction code obtained by decrypting the encrypted instruction code;

a secure bus that is not recognized by a program executed by the processor core; and

a secure hardware connected to the secure bus, configured to perform authentication of the encrypted instruction code executed using the processor core and performing encryption and decryption of the encrypted instruction code and data that the processor core inputs from and outputs to the outside, whereinthe secure hardware comprises;

a secure pipe connected to the secure bus, for performing encryption and decryption of the encrypted instruction code and data that the processor core inputs from and outputs to the outside;

a secure assist connected to the secure bus configured to transmit and receive a command and information to and from a program executed in the processor core via a public interface and to execute a public key system encryption process and a public key system authentication process; and

a secure DMA comprising a DMA transfer function and connected to the secure bus configured to perform page verification of an instruction code or data transferred by the DMA transfer function,the secure assist performs setting and control of the secure pipe and the secure DMA via the secure bus,the secure hardware, further comprising a storage unit configured to store a built-in key, is initiated by a secure boot program encrypted by the built-in key,the secure boot program serves as a starting point of an instruction code authentication executed by the secure processor, by authenticating a first program which is a user application'"'"'s core program,the first program further authenticates a second program which is different from the first program, by setting an encrypted second program key to the secure hardware, by reading a second program key authentication'"'"'s status information from the secure hardware when receiving a notification indicating that a key authentication process by the secure hardware to authenticate the encrypted second program key is terminated from the secure hardware, and by determining whether the encrypted second program key is decrypted and authenticated on the basis of the key authentication'"'"'s status information,the first program obtains license information of a decrypted second program key from the secure hardware and sets the license information to the secure hardware, andthe secure hardware decrypts the second program by using the decrypted second program key and provides a decrypted second program to the processor core.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure hardware comprises a secure pipe, a secure DMA, a secure assist and a secure bus, which connects between those blocks. The secure pipe stores a common encryption key in an encryption key table so as not to be able to access from software. The secure DMA comprises a data common key system process function and a hashing process function. The secure assist comprises a common key system process function and an authentication process function, receives an issued command from a program executed by the processor core via a public IF, and performs setting/control of the secure pipe and the secure DMA via the secure bus.

46 Citations

View as Search Results

16 Claims

1. A secure processor, which decrypts an encrypted instruction code and executes the instruction code, comprising:
- a processor core configured to execute the instruction code obtained by decrypting the encrypted instruction code;
  
  a secure bus that is not recognized by a program executed by the processor core; and
  
  a secure hardware connected to the secure bus, configured to perform authentication of the encrypted instruction code executed using the processor core and performing encryption and decryption of the encrypted instruction code and data that the processor core inputs from and outputs to the outside, whereinthe secure hardware comprises;
  
  a secure pipe connected to the secure bus, for performing encryption and decryption of the encrypted instruction code and data that the processor core inputs from and outputs to the outside;
  
  a secure assist connected to the secure bus configured to transmit and receive a command and information to and from a program executed in the processor core via a public interface and to execute a public key system encryption process and a public key system authentication process; and
  
  a secure DMA comprising a DMA transfer function and connected to the secure bus configured to perform page verification of an instruction code or data transferred by the DMA transfer function,the secure assist performs setting and control of the secure pipe and the secure DMA via the secure bus,the secure hardware, further comprising a storage unit configured to store a built-in key, is initiated by a secure boot program encrypted by the built-in key,the secure boot program serves as a starting point of an instruction code authentication executed by the secure processor, by authenticating a first program which is a user application'"'"'s core program,the first program further authenticates a second program which is different from the first program, by setting an encrypted second program key to the secure hardware, by reading a second program key authentication'"'"'s status information from the secure hardware when receiving a notification indicating that a key authentication process by the secure hardware to authenticate the encrypted second program key is terminated from the secure hardware, and by determining whether the encrypted second program key is decrypted and authenticated on the basis of the key authentication'"'"'s status information,the first program obtains license information of a decrypted second program key from the secure hardware and sets the license information to the secure hardware, andthe secure hardware decrypts the second program by using the decrypted second program key and provides a decrypted second program to the processor core.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The secure processor according to claim 1, whereinthe secure pipe permits access to an authenticated data space only to an authenticated program executed in the processor core.
  - 3. The secure processor according to claim 1, wherein the secure DMA comprises:
    - an encryption process unit configured to perform a common key cryptography encryption process; and
      
      a hashing process unit configured to apply hashing process to data in the DMA transfer region.
  - 4. The secure processor according to claim 1, wherein the secure pipe comprises:
    - an encryption key table with an encryption key, license information of the encryption key, and an entry for to register a first flag, which indicates whether the encryption key is reliable or not;
      
      a TLB/AMR expansion unit with an entry corresponding one-to-one with TLB/AMR of the processor core the TLB/AMR expansion unit configured to register in the entry, identification information of the encryption key registered in the encryption key table, a second flag, which is a copy of the first flag registered in the entry of the encryption key table designated by the encryption key identification information, and license information;
      
      a license check unit to examine whether or not the license information registered in the entry of the TLB/AMR expansion unit matches the license information registered in the entry of the encryption key table designated by the encryption key identification information registered in the entry of the TLB/AMR expansion unit.
  - 5. The secure processor according to claim 4, wherein the entry of TLB/AMR of the processor core comprises a third flag having the same function as the second flag of the TLB/AMR expansion unit.
  - 6. The secure processor according to claim 5, whereinthe value of the third flag, when it is determined by the license check unit that the license information match each other, is updated to the value of the second flag.
  - 7. The secure processor according to claim 4, whereinan empty entry of the encryption key table is managed by a program executed in the processor core.
  - 8. The secure processor according to claim 4, whereinthe secure assist comprises:
    - a first register, where a command can be set by a program executed in the processor core; and
      
      a second register, where license information can be set by the program.
  - 9. The secure processor according to claim 8, wherein the secure assist comprises:
    - an encryption key generation unit configured to generate an encryption key to generate a key to be registered in the empty entry of the encryption key table when a key generating command is set to the first register;
      
      a license information generation unit configured to generate license information of the encryption key generated by the encryption key generation unit; and
      
      a third register, which can be accessed by the program, configured to store the license information generated by the license information generation unit.
  - 10. The secure processor according to claim 8, wherein the secure assist comprises:
    - a public key operation unit configured to public-key encrypt an encryption key corresponding to the license information set to the second register registered in the encryption key table when a key storage command is set to the first register; and
      
      a third register, which can be accessed by the program, for storing the encryption key public-key encrypted by the public key operation unit.
  - 11. The secure processor according to claim 1, wherein the secure hardware comprises:
    - a key authentication unit configured to authenticate a public-key encrypted key of an instruction code;
      
      a license information generation unit configured to generate license information of the public-key encrypted key when the public-key encrypted key is authenticated by the key authentication unit; and
      
      a key decryption unit configured to decrypt the public-key encrypted key when the public-key encrypted key is authenticated by the key authentication unit,wherein license information generated by the license information generation unit is stored by a program in execution in the processor core, which requested authentication to the authentication unit, and the key decrypted by the key decryption unit is registered to the encryption key table.
  - 12. The secure processor according to claim 11, whereinthe key authentication unit performs authentication of the public-key encryption key based on an attribute of the public-key encrypted key, a key signature of the public-key encrypted key, a signature verification key of the key signature, and a signature verification key signature of the signature verification key.
  - 13. The secure processor according to claim 1, whereinthe secure hardware comprises:
    - a key authentication unit configured to generate a public-key encrypted key of an instruction code;
      
      a page verification unit configured to verify the instruction code in units of pages;
      
      a license information generation unit configured to generate license information of the public-key encrypted key when the public-key encrypted key is authenticated by the key authentication unit and a page of the instruction code is verified by the page verification unit; and
      
      a key decryption unit configured to decrypt the public-key encrypted key, when the public-key encrypted key is authenticated by the key authentication unit and a page of the instruction code is verified by the page verification unit,wherein license information generated by the license information generation unit is stored by an executing program in the processor core, which requested authentication to the authentication unit, and the key decrypted by the key decryption unit is registered to the encryption key table.
  - 14. The secure processor according to claim 13, whereinthe key authentication unit performs authentication of the public-key encryption key based on an attribute of the public-key encrypted key, a key signature of the public-key encrypted key, a signature verification key of the key signature, and a signature verification key signature of the signature verification key, andthe page verification unit performs page verification based on the page signature of the instruction code.
  - 15. The secure processor according to claim 14, whereinthe processor core executes only instruction code that is verified by the page verification unit.
  - 16. The secure processor according to claim 1, whereinthe second program is a secure application program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Socionext Inc.
Original Assignee
Fujitsu Semiconductor Limited (Fujitsu Limited)
Inventors
Goto, Seiji
Primary Examiner(s)
Arani, Taghi
Assistant Examiner(s)
LEE, JASON T

Application Number

US11/456,437
Publication Number

US 20070198851A1
Time in Patent Office

2,535 Days
Field of Search

713/187, 713/193, 713/164
US Class Current

713/187
CPC Class Codes

G06F 12/145   the protection being virtua...

G06F 21/12   Protecting executable software

G06F 21/54   by adding security routines...

G06F 21/72   in cryptographic circuits

Secure processor

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

46 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Secure processor

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

46 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others