Microprocessor that securely decrypts and executes encrypted instructions
First Claim
1. A microprocessor that is operable to decrypt encrypted instruction data into plain text instruction data and securely execute the same, preventing observation of the encrypted instruction data outside the microprocessor, the microprocessor comprising:
- a master key register file comprising a plurality of master keys;
selection logic circuitry that selects a combination of at least two of the plurality of master keys;
key expansion circuitry that performs at least one mathematical operation on the selected master keys to generate the decryption key;
instruction decryption circuitry that performs at least one mathematical operation on the encrypted instruction data and the decryption key to decrypt the encrypted instruction data into plain text instruction data; and
a fetch unit that fetches chunks of encrypted instruction data, wherein each chunk comprises a plurality of fetch quanta of encrypted instruction data, and each fetch quantum comprises a plurality of instruction data bytes, wherein each master key is at least as long as a fetch quantum of the fetch unit.
1 Assignment
0 Petitions
Accused Products
Abstract
A microprocessor is provided with a method for decrypting encrypted instruction data into plain text instruction data and securely executing the same. The microprocessor includes a master key register file comprising a plurality of master keys. Selection logic circuitry in the microprocessor selects a combination of at least two of the plurality of master keys. Key expansion circuitry in the microprocessor performs mathematical operations on the selected master keys to generate a decryption key having a long effective key length. Instruction decryption circuitry performs an efficient mathematical operation on the encrypted instruction data and the decryption key to decrypt the encrypted instruction data into plain text instruction data.
-
Citations
24 Claims
-
1. A microprocessor that is operable to decrypt encrypted instruction data into plain text instruction data and securely execute the same, preventing observation of the encrypted instruction data outside the microprocessor, the microprocessor comprising:
-
a master key register file comprising a plurality of master keys; selection logic circuitry that selects a combination of at least two of the plurality of master keys; key expansion circuitry that performs at least one mathematical operation on the selected master keys to generate the decryption key; instruction decryption circuitry that performs at least one mathematical operation on the encrypted instruction data and the decryption key to decrypt the encrypted instruction data into plain text instruction data; and a fetch unit that fetches chunks of encrypted instruction data, wherein each chunk comprises a plurality of fetch quanta of encrypted instruction data, and each fetch quantum comprises a plurality of instruction data bytes, wherein each master key is at least as long as a fetch quantum of the fetch unit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of securely executing encrypted instruction data within a microprocessor, the method comprising:
-
selecting a combination of at least two master keys from a master key register file stored within the microprocessor; within the microprocessor, performing at least one mathematical operation on the selected master keys to generate the decryption key; within the microprocessor, decrypting the encrypted instruction data into plain text instruction data; securely executing the plain text instruction data within the microprocessor while preventing observation of the encrypted instruction data outside the microprocessor; and fetching chunks of encrypted instruction data, wherein each chunk comprises a plurality of fetch quanta of encrypted instruction data, and each fetch quantum comprises a plurality of instruction data bytes, wherein each master key is equal in length to a fetch quantum of the fetch unit. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method of securely executing encrypted instruction data within a microprocessor, the method comprising:
-
fetching chunks of encrypted instruction data into the microprocessor, wherein each chunk comprises a plurality of fetch quanta; for each fetched chunk, receiving a plurality of keys securely within the microprocessor, wherein each key has a length at least as long as a length of a fetch quantum; for each fetch quantum, performing at least one key-expanding mathematical operation on the selected keys to generate a decryption key, wherein the key-expanding mathematical operation yields an effective decryption key length at least as long as the chunk; within the microprocessor, using the decryption key to decrypt the chunk of encrypted instruction data into plain text instruction data; and securely executing the plain text instruction data within the microprocessor while preventing observation of the encrypted instruction data outside the microprocessor; and wherein the key-expanding mathematical operation is a function of the fetch address of the fetch quantum. - View Dependent Claims (24)
-
Specification