Systems, methods and apparatuses for secure storage of data using a security-enhancing chip
First Claim
1. A computer processor of one computing device, the processor comprising:
- a storage of the processor for storing one or more encryption keys;
a central processing unit (CPU) of the processor, the CPU being configured to run one or more software programs; and
a circuit of the processor configured to;
calculate a hash function to generate a hash value for first data loaded into the computer processor, the first data comprising executable code for at least one of the one or more software programs; and
generate an authentication token, using at least one encryption key stored in the storage, for a request for a chip to perform an operation initiated by a software program running on the CPU, wherein to generate the authentication token includes to generate a message authentication code (MAC) of the request using a secret key in the at least one encryption key corresponding to a second secret key of the chip, and wherein the request contains the hash value for the first data loaded into the computer processor.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer processor and a security enhancing chip may be provided. In one aspect, the computer processor may comprise a storage for storing an encryption key, a central processing unit (CPU) configured to execute one or more software programs, and a circuit configured to calculate a hash function to generate a hash value for data loaded into the computer processor and generate an authentication token for a request initiated by a software program running on the CPU. In another aspect, the security enhancing chip may comprise a first storage for storing an encryption key, a second storage for storing a certificate, a hash storage and circuit components configured to validate, using the first certificate, command(s) adding the encryption key to the first storage and storing a first hash to the hash storage, and to process a request if a second hash in the request is equal to the first hash.
11 Citations
24 Claims
-
1. A computer processor of one computing device, the processor comprising:
-
a storage of the processor for storing one or more encryption keys; a central processing unit (CPU) of the processor, the CPU being configured to run one or more software programs; and a circuit of the processor configured to; calculate a hash function to generate a hash value for first data loaded into the computer processor, the first data comprising executable code for at least one of the one or more software programs; and generate an authentication token, using at least one encryption key stored in the storage, for a request for a chip to perform an operation initiated by a software program running on the CPU, wherein to generate the authentication token includes to generate a message authentication code (MAC) of the request using a secret key in the at least one encryption key corresponding to a second secret key of the chip, and wherein the request contains the hash value for the first data loaded into the computer processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 21, 22)
-
-
11. A method for operating a computer processor of one computing device, the method comprising:
-
calculating a hash function using a circuit in the computer processor to generate a hash value for first data loaded into the computer processor, the first data comprising executable code to be executed on a central processing unit (CPU) of the computer processor; initiating a request for a chip to perform an operation by a software program executing on the CPU, the request comprising the hash value; and generating an authentication token for the request using the circuit and at least one encryption key stored in a storage of the computer processor, wherein generating the authentication token includes generating a message authentication code (MAC) of the request using a secret key in the at least one encryption key corresponding to a second secret key of the chip, and wherein the request contains the hash value for the first data loaded into the computer processor. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 23, 24)
-
Specification