Methods and apparatus for secure data processing and transmission

US 20060112213A1
Filed: 11/12/2004
Published: 05/25/2006
Est. Priority Date: 11/12/2004
Status: Active Grant

First Claim

Patent Images

1. An apparatus, comprising:

a local memory;

a bus operable to carry information to and from the local memory;

one or more arithmetic processing units operable to process data and operatively coupled to the local memory; and

a security circuit operable to place the apparatus into at least one of two operational modes, wherein the two operational modes include one of;

(i) a first mode whereby the apparatus and an external device may initiate a transfer of information into or out of the local memory over the bus, and a third mode whereby the apparatus may initiate a transfer of information into or out of the local memory over the bus, but the external device may not initiate a transfer of information into or out of the local memory over the bus; and

(ii) a second mode whereby neither the apparatus nor the external device may initiate a transfer of information into or out of the memory over the bus, and the third mode.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatus for placing a processing unit into one or more of a plurality of operational modes are disclosed wherein: the apparatus includes a local memory, a bus operable to carry information to and from the local memory, one or more arithmetic processing units operable to process data and operatively coupled to the local memory, and a security circuit operable to place the apparatus into the operational modes; and the plurality of operational modes includes a first mode whereby the apparatus and an external device may initiate a transfer of information into or out of the memory over the bus, a second mode whereby neither the apparatus nor the external device may initiate a transfer of information into or out of the memory over the bus, and a third mode whereby the apparatus may initiate a transfer of information into or out of the memory over the bus, but the external device may not initiate a transfer of information into or out of the memory over the bus.

47 Citations

View as Search Results

60 Claims

1. An apparatus, comprising:
- a local memory;
  
  a bus operable to carry information to and from the local memory;
  
  one or more arithmetic processing units operable to process data and operatively coupled to the local memory; and
  
  a security circuit operable to place the apparatus into at least one of two operational modes, wherein the two operational modes include one of;
  
  (i) a first mode whereby the apparatus and an external device may initiate a transfer of information into or out of the local memory over the bus, and a third mode whereby the apparatus may initiate a transfer of information into or out of the local memory over the bus, but the external device may not initiate a transfer of information into or out of the local memory over the bus; and
  
  (ii) a second mode whereby neither the apparatus nor the external device may initiate a transfer of information into or out of the memory over the bus, and the third mode.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The apparatus of claim 1, wherein the security circuit places the apparatus into the second mode when the apparatus runs an authentication routine.
  - 3. The apparatus of claim 1, wherein:
    - the security circuit includes a secret data area that is not accessible by devices outside the security circuit, the secret data area containing a first key and a second key;
      
      the security circuit includes an accessible data area that is accessible by devices outside the security circuit; and
      
      the security circuit includes logic circuitry operable to place a copy of the first key in the accessible data area when the apparatus is in the second mode.
  - 4. The apparatus of claim 3, wherein the first key and the second key are stored in the secret data area in a controlled process whereby security is maintained prior to use of the apparatus.
  - 5. The apparatus of claim 3, wherein:
    - the security circuit places the apparatus into the second mode when the apparatus runs an authentication routine, which includes executing a decryption program and executing an authentication program, the authentication program including a copy of the second key, and the authentication program having been encrypted in accordance with the first key; and
      
      the apparatus executes the decryption program such that the copy of the first key contained in the accessible data area is used to decrypt the authentication program.
  - 6. The apparatus of claim 5, wherein:
    - the logic circuitry of the security circuit places a copy of the second key into the accessible data area in response to the execution of the authentication program; and
      
      the logic circuitry makes a determination as to whether the copy of the second key contained within the authentication program matches the copy of the second key contained in the accessible data area.
  - 7. The apparatus of claim 6, wherein the security circuit is operable to place the apparatus into the three modes of operation, the third mode being entered when the copy of the second key contained within the authentication program matches the copy of the second key contained in the accessible data area.
  - 8. The apparatus of claim 7, wherein the copies of the first and second keys contained in the accessible data area are cleared prior to the placement of the apparatus into the third mode.

9. A plurality of processing units disposed in a single device, at least two if the processing units comprising:
- a local memory;
  
  a bus operable to carry information to and from the local memory;
  
  one or more arithmetic processing units operable to process data and operatively coupled to the local memory; and
  
  a security circuit operable to place the apparatus into at least one of two operational modes, wherein the two operational modes include one of;
  
  (i) a first mode whereby the apparatus and an external device may initiate a transfer of information into or out of the memory over the bus, and a third mode whereby the apparatus may initiate a transfer of information into or out of the memory over the bus, but the external device may not initiate a transfer of information into or out of the memory over the bus; and
  
  (ii) a second mode whereby neither the apparatus nor the external device may initiate a transfer of information into or out of the memory over the bus, and the third mode.

10. A method, comprising:
- placing an apparatus into at least one of a plurality of operational modes, wherein;
  
  the apparatus includes a local memory, a bus operable to carry information to and from the local memory, one or more arithmetic processing units operable to process data and operatively coupled to the local memory, and a security circuit operable to place the apparatus into the operational modes; and
  
  the plurality of operational modes includes one of;
  
  (i) a first mode whereby the apparatus and an external device may initiate a transfer of information into or out of the memory over the bus, and a third mode whereby the apparatus may initiate a transfer of information into or out of the memory over the bus, but the external device may not initiate a transfer of information into or out of the memory over the bus; and
  
  (ii) a second mode whereby neither the apparatus nor the external device may initiate a transfer of information into or out of the memory over the bus, and the third mode.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10, further comprising placing the apparatus into the second mode when the apparatus runs an authentication routine.
  - 12. The method of claim 10, wherein:
    - the security circuit includes a secret data area that is not accessible by devices outside the security circuit, the secret data area containing a first key and a second key, and the security circuit includes an accessible data area that is accessible by devices outside the security circuit; and
      
      the method further comprises placing a copy of the first key in the accessible data area when the apparatus is in the second mode.
  - 13. The method of claim 12, further comprising storing the first key and the second key in the secret data area in a controlled process whereby security is maintained prior to use of the apparatus.
  - 14. The method of claim 12, further comprising:
    - placing the apparatus into the second mode when the apparatus runs an authentication routine, wherein the routine includes executing a decryption program and executing an authentication program, the authentication program includes a copy of the second key, and the authentication program has been encrypted in accordance with the first key; and
      
      executing the decryption program such that the copy of the first key contained in the accessible data area is used to decrypt the authentication program.
  - 15. The method of claim 14, further comprising:
    - placing a copy of the second key into the accessible data area in response to the execution of the authentication program; and
      
      determining whether the copy of the second key contained within the authentication program matches the copy of the second key contained in the accessible data area.
  - 16. The method of claim 15, wherein any of the three modes may be entered, and the method further comprises placing the apparatus into the third mode when the copy of the second key contained within the authentication program matches the copy of the second key contained in the accessible data area.
  - 17. The method of claim 16, further comprising clearing the copies of the first and second keys contained in the accessible data area prior to the placement of the apparatus into the third mode.

18. An apparatus, comprising:
- a main processing unit;
  
  a plurality of attached processing units, each including a local memory and a decryption unit, and each being operable to enter a normal mode of operation or a secure mode of operation; and
  
  a shared memory, wherein;
  
  the main processing unit is capable of initiating data transfers between the shared memory and a given one of the attached processing units that bypass the decryption unit when the given attached processing unit is in the normal mode, and the main processing unit is not capable of;
  
  (i) initiating data transfers from the given attached processing unit to the shared memory;
  
  or (ii) initiating data transfers from the shared memory to the given attached processing unit that bypass the decryption unit, when the given attached processing unit is in the secure mode.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 19. The apparatus of claim 18, wherein the attached processing units are capable of initiating data transfers with the shared memory irrespective of whether they are in the normal mode of operation or the secure mode of operation.
  - 20. The apparatus of claim 18, wherein the attached processing units are operable to enter the secure mode of operation upon at least one of a hardware reset condition and a power-up condition.
  - 21. The apparatus of claim 18, wherein the data may include at least part of a software program.
  - 22. The apparatus of claim 18, wherein each attached processing unit includes a secure store containing a substantially unique key that is accessible only by at least one of the decryption unit of the given attached processing unit, and authorized entities.
  - 23. The apparatus of claim 22, wherein the decryption unit of each attached processing unit uses the key to decrypt data transfers from the shared memory to the local memory that are initiated by the main processing unit when the given attached processing unit is in the secure mode of operation.
  - 24. The apparatus of claim 23, wherein the shared memory may contain encrypted data that has been encrypted using one of the substantially unique keys of the attached processing units.
  - 25. The apparatus of claim 24, wherein each attached processing unit is associated with a substantially unique ID that may be known to entities external to at least one of the given attached processing unit, and the apparatus.
  - 26. The apparatus of claim 25, wherein the encrypted data is encrypted by a secure entity external to the apparatus, the secure entity being authorized to use the key of the given attached processing unit.
  - 27. The apparatus of claim 26, wherein the secure entity includes a database containing the IDs and keys of participating attached processing units, each ID and key for a given attached processing unit being associated with one another.
  - 28. The apparatus of claim 27, wherein the secure entity encrypts data received from an un-secure entity, not authorized to use the key of a given attached processing unit, with the key of the given attached processing unit after the un-secure entity provides an ID associated with that key to the secure entity.
  - 29. The apparatus of claim 28, wherein:
    - the secure entity is operable to provide the encrypted data to the un-secure entity;
      
      the un-secure entity is operable to provide the encrypted data to the apparatus for storage in the shared memory;
      
      the main processing unit is operable to initiate a transfer of the encrypted data from the shared memory to the given attached processing unit such that the encrypted data is input into the decryption unit; and
      
      the decryption unit of the given attached processing unit is operable to decrypt the encrypted data using the key of the given attached processing unit such that the data is stored in the local memory of the given attached processing unit.
  - 30. The apparatus of claim 27, wherein:
    - an un-secure entity, not authorized to use the key of a given attached processing unit, encrypts the data using a first symmetric key, provides the encrypted data to the secure entity, and provides an ID associated with a given attached processing unit to the secure entity;
      
      the secure entity decrypts the encrypted data provided by the un-secure entity using a second symmetric key, and encrypts the data using the key of the given attached processing unit that is associated with the ID received from the un-secure entity.
  - 31. The apparatus of claim 30, wherein the un-secure entity encrypts the data and the ID of the given attached processor unit using the first symmetric key and provides the encrypted data/ID to the secure entity.
  - 32. The apparatus of claim 30, wherein:
    - the secure entity is operable to encrypt the encrypted data using the second symmetric key and provide the encrypted-encrypted data to the un-secure entity;
      
      the un-secure entity is operable to decrypt the encrypted-encrypted data using the first symmetric key to obtain the encrypted data produced using the key of the given attached processing unit, and to provide the encrypted data to the apparatus for storage in the shared memory;
      
      the main processing unit is operable to initiate a transfer of the encrypted data from the shared memory to the given attached processing unit such that the encrypted data is input into the decryption unit; and
      
      the decryption unit of the given attached processing unit is operable to decrypt the encrypted data using the key of the given attached processing unit such that the data is stored in the local memory of the given attached processing unit.
  - 33. The apparatus of claim 27, wherein:
    - the data is a decryption program;
      
      an un-secure entity, not authorized to use the key of a given attached processing unit, encrypts the decryption program using a first symmetric key, provides the encrypted decryption program to the secure entity, and provides an ID associated with a given attached processing unit to the secure entity; and
      
      the secure entity decrypts the encrypted decryption program provided by the un-secure entity using a second symmetric key, and encrypts the decryption program and the second symmetric key using the key of the given attached processing unit that is associated with the ID received from the un-secure entity.
  - 34. The apparatus of claim 33, wherein the un-secure entity encrypts the decryption program and the ID of the given attached processor unit using the first symmetric key and provides the encrypted decryption program/ID to the secure entity.
  - 35. The apparatus of claim 33, wherein the un-secure entity encrypts the decryption program, the ID of the given attached processor unit, and the second symmetric key using the first symmetric key and provides the encrypted decryption program/ID/second symmetric key to the secure entity.
  - 36. The apparatus of claim 33, wherein:
    - the secure entity is operable to encrypt the encrypted decryption program and the second symmetric key using the second symmetric key and provide the encrypted-encrypted decryption program/second symmetric key to the un-secure entity;
      
      the un-secure entity is operable to decrypt the encrypted-encrypted decryption program/second symmetric key using the first symmetric key to obtain the encrypted decryption program/second symmetric key produced using the key of the given attached processing unit, and to provide the encrypted decryption program/second symmetric key to the apparatus for storage in the shared memory;
      
      the main processing unit is operable to initiate a transfer of the encrypted decryption program/second symmetric key from the shared memory to the given attached processing unit such that the encrypted decryption program/second symmetric key is input into the decryption unit; and
      
      the decryption unit of the given attached processing unit is operable to decrypt the encrypted decryption program/second symmetric key using the key of the given attached processing unit such that the decryption program and the second symmetric key are stored in the local memory of the given attached processing unit.
  - 37. The apparatus of claim 36, wherein the un-secure entity is operable to encrypt data using the first symmetric key and provide the encrypted data to the apparatus for storage in the shared memory.
  - 38. The apparatus of claim 37, wherein the given attached processing unit is capable of receiving the encrypted data from the shared memory into the local memory bypassing the decryption unit.
  - 39. The apparatus of claim 38, wherein the given attached processing unit may be in either of the normal mode or the secure mode when the encrypted data is received into the local memory from the shared memory.
  - 40. The apparatus of claim 38, wherein the given attached processing unit is operable to decrypt the encrypted data using the decryption program and the second symmetric key.
  - 41. The apparatus of claim 40, wherein the data may include a software program.
  - 42. The apparatus of claim 38, wherein the main processing unit is operable to initiate the transfer of the encrypted data from the shared memory into the local memory of the given attached processing unit bypassing the decryption unit.

43. A method, comprising:
- providing a main processing unit, a plurality of attached processing units, and a shared memory, each attached processing unit including a local memory and a decryption unit and being operable to enter a secure mode of operation; and
  
  prohibiting the main processing unit from initiating a data transfer from the shared memory to a given one of the attached processing units that bypasses the decryption unit, when the given attached processing unit is in the secure mode, such that any data transfer into the local memory thereof that is externally initiated must be decrypted by the decryption unit using a key that is substantially unique to the given attached processing unit and that is known by only authorized entities.
- View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
- - 44. The method of claim 43, further comprising:
    - permitting the attached processing units to initiate data transfers with the shared memory irrespective of whether they are in the secure mode of operation.
  - 45. The method of claim 43, further comprising:
    - causing the attached processing units to enter the secure mode of operation upon at least one of a hardware reset condition and a power-up condition.
  - 46. The method of claim 43, further comprising:
    - transmitting data and an ID associated with a given one of the attached processing units from an intermediate entity to a secure entity;
      
      searching a database of the secure entity containing IDs and associated keys of participating attached processing units and obtaining the key associated with the given attached processing unit for which the ID was received;
      
      encrypting the data transmitted to the secure entity using the key associated with the given attached processing unit for which the ID was received; and
      
      transmitting the encrypted data from the secure entity to the intermediate entity.
  - 47. The method of claim 46, further comprising:
    - transmitting the encrypted data from the intermediate entity to shared memory of the given attached processing unit;
      
      initiating a transfer of the encrypted data from the shared memory to the given attached processing unit when the given processing unit is in the secure mode such that the encrypted data are decrypted by the decryption unit using the key thereof; and
      
      storing the data in the local memory of the given attached processing unit.
  - 48. The method of claim 43, further comprising:
    - encrypting at least one of the data and an ID associated with a given one of the attached processing units at the intermediate entity using a first symmetric key;
      
      transmitting the encrypted data and the ID from the intermediate entity to a secure entity;
      
      decrypting the at least one of the encrypted data and the ID at the secure entity using a second symmetric key;
      
      searching a database of the secure entity containing IDs and associated keys of participating attached processing units and obtaining the key associated with the given attached processing unit for which the ID was received;
      
      encrypting the data at the secure entity using the key associated with the given attached processing unit, and encrypting the encrypted data using the second symmetric key; and
      
      transmitting the encrypted-encrypted data from the secure entity to the intermediate entity.
  - 49. The method of claim 48, further comprising:
    - decrypting the encrypted-encrypted data at the intermediate entity using the first symmetric key to obtain the data encrypted by the key associated with the given attached processing unit;
      
      transmitting the encrypted data from the intermediate entity to shared memory of the given attached processing unit;
      
      initiating a transfer of the encrypted data from the shared memory to the given attached processing unit when the given processing unit is in the secure mode such that the encrypted data are decrypted by the decryption unit using the key thereof; and
      
      storing the data in the local memory of the given attached processing unit.
  - 50. The method of claim 49, wherein the data includes (i) a decryption program, and (ii) the second symmetric key, the method further comprising:
    - encrypting further data at the intermediate entity using the first symmetric key;
      
      transmitting the encrypted further data from the intermediate entity to the given attached processing unit for storage in the shared memory; and
      
      initiating the transfer of the encrypted further data from the shared memory to the local memory, while the given attached processing unit is not in the secure mode, such that the decryption unit is bypassed.
  - 51. The method of claim 50, further comprising:
    - using the given attached processing unit to decrypt the encrypted further data using the decryption program and the second symmetric key.
  - 52. The method of claim 49, wherein the data includes (i) an encryption/decryption program, and (ii) one of a pair of symmetric keys associated with the encryption/decryption program, such that same are stored in the local memory of the given attached processing unit, the method further comprising:
    - repeating the steps of the method using further data and a further attached processing unit, the further data including (i) a further encryption/decryption program, and (ii) another of the pair of symmetric keys associated with the further encryption/decryption program, such that same are stored in the local memory of the further attached processing unit.
  - 53. The method of claim 52, further comprising:
    - encrypting further data using the encryption/decryption program and the one symmetric key of the given attached processing unit;
      
      transmitting the encrypted further data from the given attached processing unit to the further attached processing unit for storage in a shared memory thereof; and
      
      initiating the transfer of the encrypted further data from the shared memory to the local memory of the further attached processing unit, while the further attached processing unit is not in the secure mode, such that the decryption unit thereof is bypassed.
  - 54. The method of claim 53, further comprising:
    - using the further attached processing unit to decrypt the encrypted further data using the further encryption/decryption program and the other symmetric key.
  - 55. The method of claim 52, further comprising:
    - encrypting further data using the encryption/decryption program and the other symmetric key of the further attached processing unit;
      
      transmitting the encrypted further data from the further attached processing unit to the given attached processing unit for storage in a shared memory thereof; and
      
      initiating the transfer of the encrypted further data from the shared memory to the local memory of the given attached processing unit, while the given attached processing unit is not in the secure mode, such that the decryption unit thereof is bypassed.
  - 56. The method of claim 55, further comprising:
    - using the given attached processing unit to decrypt the encrypted further data using the encryption/decryption program and the one symmetric key.
  - 57. The method of claim 55, wherein the shared memory of the given attached processing unit is the same memory as the shared memory of the further attached processing unit.
  - 58. The method of claim 49, wherein the data includes (i) a decryption program, and (ii) the second symmetric key associated with the decryption program, such that same are stored in the local memory of the given attached processing unit, the method further comprising:
    - repeating the steps of the method using further attached processing units, such that the decryption program and the second symmetric key are stored in each of the attached processing units.
  - 59. The method of claim 58, further comprising:
    - encrypting further data at the intermediate entity using the first symmetric key;
      
      transmitting the encrypted further data from the intermediate entity to each of the attached processing units for storage in the shared memory thereof; and
      
      initiating the transfer of the encrypted further data from the shared memory to the respective local memories of the attached processing units, while the attached processing units are not in the secure mode, such that the respective decryption units thereof are bypassed.
  - 60. The method of claim 59, further comprising:
    - using the attached processing units to decrypt the encrypted further data using the respective decryption programs and the second symmetric keys.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Computer Entertainment Incorporated (Sony Group Corp.)
Original Assignee
Sony Computer Entertainment Incorporated (Sony Group Corp.)
Inventors
Suzuoki, Masakazu, Hatakeyama, Akiyuki

Granted Patent

US 7,502,928 B2
Time in Patent Office

Days
Field of Search
US Class Current

711/100
CPC Class Codes

G06F 21/72 in cryptographic circuits

G06F 21/74 operating in dual or compar...

Methods and apparatus for secure data processing and transmission

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

47 Citations

60 Claims

Specification

Use Cases

Quick Links

Others

Methods and apparatus for secure data processing and transmission

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

60 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others