Decryption of encrypted instructions using keys selected on basis of instruction fetch address

US 9,892,283 B2
Filed: 10/15/2015
Issued: 02/13/2018
Est. Priority Date: 05/25/2010
Status: Active Grant

First Claim

Patent Images

1. A microprocessor for executing encrypted instructions and non encrypted (plain text) instructions comprising:

an instruction cache for storing both the encrypted instructions and the non encrypted instructions;

fetch logic configured to fetch both the encrypted instructions and the non encrypted instructions from the instruction cache, the fetch logic further comprising;

a key expander;

a secure memory configured to store a plurality of master keys;

key selection logic configured to select a set of one or more master keys from the secure memory based upon an instruction fetch address for an encrypted instruction, wherein the selected master keys are used by the key expander, along with the instruction fetch address, to decrypt the encrypted instructions fetched from the instruction cache;

decryption logic configured to use the selected set of one or more master keys, or a decryption key provided by the key expander derived from the selected set of one or more master keys, to decrypt the encrypted instructions fetched from the instruction cache; and

decryption key generation logic configured to derive a decryption key from the selected set of one or more master keys;

wherein the encrypted instructions are grouped into blocks of instructions having a length not greater than the decryption key'"'"'s length, and the decryption key generation logic is configured to derive a new decryption key for each block of instructions based upon a fetch address of an encrypted instruction in the block of instructions; and

wherein the microprocessor executes the decrypted instructions.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A microprocessor and method are provided for securely decrypting and executing encrypted instructions within a microprocessor. A plurality of master keys are stored in a secure memory. Encrypted instructions are fetched from an instruction cache. A set of one or more master keys are selected from the secure memory based upon an encrypted instruction fetch address. The selected set of master keys or a decryption key derived therefrom is used to decrypt the encrypted instructions fetched from the instruction cache. The decrypted instructions are then securely executed within the microprocessor. In one implementation, the master keys are intervolved with each other to produce a new decryption key with every fetch quantum. Moreover, a new set of master keys is selected with every new block of instructions.

Citations

20 Claims

1. A microprocessor for executing encrypted instructions and non encrypted (plain text) instructions comprising:
- an instruction cache for storing both the encrypted instructions and the non encrypted instructions;
  
  fetch logic configured to fetch both the encrypted instructions and the non encrypted instructions from the instruction cache, the fetch logic further comprising;
  
  a key expander;
  
  a secure memory configured to store a plurality of master keys;
  
  key selection logic configured to select a set of one or more master keys from the secure memory based upon an instruction fetch address for an encrypted instruction, wherein the selected master keys are used by the key expander, along with the instruction fetch address, to decrypt the encrypted instructions fetched from the instruction cache;
  
  decryption logic configured to use the selected set of one or more master keys, or a decryption key provided by the key expander derived from the selected set of one or more master keys, to decrypt the encrypted instructions fetched from the instruction cache; and
  
  decryption key generation logic configured to derive a decryption key from the selected set of one or more master keys;
  
  wherein the encrypted instructions are grouped into blocks of instructions having a length not greater than the decryption key'"'"'s length, and the decryption key generation logic is configured to derive a new decryption key for each block of instructions based upon a fetch address of an encrypted instruction in the block of instructions; and
  
  wherein the microprocessor executes the decrypted instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The microprocessor of claim 1, wherein the decryption key generation logic is configured to derive a new decryption key with each fetch quantum.
  - 3. The microprocessor of claim 2, wherein each decryption key has a byte length of t=2^s, where s is the number of bytes of a fetch quantum.
  - 4. The microprocessor of claim 1, wherein the decryption key generation logic is configured to derive a new decryption key by rotating one of the selected set of one or more master keys by an amount based upon the encrypted instruction fetch address.
  - 5. The microprocessor of claim 4, wherein a [b:
    - 0] subset of the encrypted instruction fetch address does not affect the amount by which the master key is rotated, wherein 0 and b represent the least significant bit and the b^thleast significant bit, respectively, of the encrypted instruction fetch address.
  - 6. The microprocessor of claim 4, wherein a [d:
    - c] subset of the fetch address determines an extent to which the master key is rotated, wherein c and d represent the c^thleast significant bit and the d^thleast significant bit, respectively, of the encrypted instruction fetch address.
  - 7. The microprocessor of claim 6, wherein the decryption key generation logic is configured to rotate the master key by one of n possible rotation amounts, where n=2^m, where m is a number of bits in the [d:
    - c] subset of the encrypted instruction fetch address.
  - 8. The microprocessor of claim 7, wherein the decryption key generation logic is configured to derive a new decryption key by selecting a new set of one or more master keys based upon a new encrypted instruction fetch address.
  - 9. The microprocessor of claim 8, wherein a [f:
    - e] subset of the new encrypted instruction fetch address determines a makeup of the new set of one or more master keys, wherein e and f represent the e^thleast significant bit and the f^thleast significant bit, respectively, of the encrypted instruction fetch address.
  - 10. The microprocessor of claim 9, wherein the decryption key logic is configured to select any one of q available sets of one or more master keys, where p=2^q, where q is a number of possible values in the [f:
    - e] subset of the new encrypted instruction fetch address.

11. A method of securely executing encrypted instructions within a microprocessor, the method comprising:
- providing an instruction cache for storing both the encrypted instructions and non encrypted instructions;
  
  storing a plurality of master keys in a secure memory;
  
  fetching encrypted instructions from the instruction cache, the fetching utilizing fetch logic having a key expander;
  
  selecting a set of one or more master keys from the secure memory based upon an instruction fetch address for an encrypted instruction;
  
  decrypting the encrypted instruction fetched from the instruction cache using the selected set of one or more master keys or a decryption key derived by the key expander from the selected set of one or more master keys to decrypt the encrypted instructions fetched from the instruction cache wherein the encrypted instructions are grouped into blocks of instructions having a length not greater than the decryption key'"'"'s length;
  
  deriving a new decryption key from the selected set of one or more master keys based upon an encrypted instruction fetch address for each block of instructions; and
  
  securely executing the decrypted instructions within the microprocessor.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method of claim 11, further comprising deriving a new decryption key based upon an encrypted instruction fetch address with each fetch quantum.
  - 13. The method of claim 12, wherein each decryption key has a byte length of t=2^s, where s is the number of bytes of a fetch quantum.
  - 14. The method of claim 11, further comprising deriving a new decryption key by rotating one of the selected one or more master keys based upon the encrypted instruction fetch address.
  - 15. The method of claim 14, wherein a [b:
    - 0] subset of the encrypted instruction fetch address does not affect the amount by which the master key is rotated, wherein 0 and b represent the least significant bit and the b^thleast significant bit, respectively, of the encrypted instruction fetch address.
  - 16. The method of claim 14, wherein the action of rotating comprises rotating the master key by an amount determined by a value represented by a [d:
    - c] subset of the fetch address, wherein c and d represent the c^thleast significant bit and the d^thleast significant bit, respectively, of the encrypted instruction fetch address.
  - 17. The method of claim 16, wherein the action of rotating rotates the master key by one of n possible rotation amounts, where n=2^m, where m is a number of bits in the [d:
    - c] subset of the encrypted instruction fetch address.
  - 18. The method of claim 11, further comprising deriving a new decryption key by selecting a new set of one or more master keys based upon a new encrypted instruction fetch address.
  - 19. The method of claim 18, wherein the action of selecting a new set of one or more master keys is determined by a value represented by a [f:
    - e] subset of the new encrypted instruction fetch address, wherein e and f represent the e^thleast significant bit and the f^thleast significant bit, respectively, of the encrypted instruction fetch address.
  - 20. The method of claim 19, wherein the action of selecting a new set of one or more master keys comprises selecting any one of q available sets of one or more master keys, where p=2^q, where q is a number of possible values in the [f:
    - e] subset of the new encrypted instruction fetch address.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
VIA Technologies Incorporated (VIA Technologies)
Original Assignee
VIA Technologies Incorporated (VIA Technologies)
Inventors
Henry, G. Glenn, Parks, Terry, Bean, Brent, Crispin, Thomas A.
Primary Examiner(s)
Rashid, Harunur

Application Number

US14/884,502
Publication Number

US 20160104009A1
Time in Patent Office

852 Days
Field of Search
US Class Current
CPC Class Codes

G06F 12/0875   with dedicated cache, e.g. ...

G06F 21/52   during program execution, e...

G06F 21/602   Providing cryptographic fac...

G06F 21/71   to assure secure computing ...

G06F 21/72   in cryptographic circuits

G06F 21/74   operating in dual or compar...

G06F 2212/402   Encrypted data

G06F 2212/452   Instruction code

G06F 2221/2107   File encryption

G06F 9/30003   Arrangements for executing ...

G06F 9/30079   Pipeline control instructio...

G06F 9/30178   of compressed or encrypted ...

G06F 9/30189   according to execution mode...

H04L 2209/12   Details relating to cryptog...

H04L 2209/20   Manipulating the length of ...

H04L 9/0618   Block ciphers, i.e. encrypt...

H04L 9/0861   Generation of secret inform...

H04L 9/0891   Revocation or update of sec...

H04L 9/0894   Escrow, recovery or storing...

Decryption of encrypted instructions using keys selected on basis of instruction fetch address

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Decryption of encrypted instructions using keys selected on basis of instruction fetch address

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links