SECURE KEY ACCESS WITH ONE-TIME PROGRAMMABLE MEMORY AND APPLICATIONS THEREOF

US 20100189262A1
Filed: 01/04/2010
Published: 07/29/2010
Est. Priority Date: 09/05/2008
Status: Active Grant

First Claim

Patent Images

1. A device for use in conjunction with a key ladder, the device comprises:

a key store memory operable to store at least one cryptographic key of the key ladder;

a rule set memory operable to store a set of rules for accessing the at least one cryptographic key in conjunction with the key ladder;

a key store arbitration module operable to;

interpret the request for access to the at least one cryptographic key to produce an interpreted request;

access the rule set memory based on the interpreted request to retrieve a rule of the set of rules; and

grant access to the at least one cryptographic key in accordance with the rule.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device includes a key store memory that stores one or more cryptographic keys. A rule set memory stores a set of rules for accessing the cryptographic keys. A key store arbitration module grants access to the cryptographic keys in accordance with the set of rules. The device can be used in conjunction with a key ladder. The device can include a one-time programmable memory and a load module that transfers the cryptographic keys from the one one-time programmable memory to the key store memory and the set of rules to the rule set memory. A validation module can validate the cryptographic keys and the set of rules stored in the key store and rule set memories, based on a signature defined by a signature rule.

88 Citations

View as Search Results

14 Claims

1. A device for use in conjunction with a key ladder, the device comprises:
- a key store memory operable to store at least one cryptographic key of the key ladder;
  
  a rule set memory operable to store a set of rules for accessing the at least one cryptographic key in conjunction with the key ladder;
  
  a key store arbitration module operable to;
  
  interpret the request for access to the at least one cryptographic key to produce an interpreted request;
  
  access the rule set memory based on the interpreted request to retrieve a rule of the set of rules; and
  
  grant access to the at least one cryptographic key in accordance with the rule.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The device of claim 1, wherein the request to access the cryptographic key comprises:
    - a read/write indication;
      
      an address of the at least one cryptographic key;
      
      a destination in the key ladder for the cryptographic result; and
      
      identification of a cryptographic algorithm corresponding to the cryptographic function.
  - 3. The device of claim 1 wherein the set of rules includes a signature rule that defines at signature corresponding to at least one of:
    - the set of rules and the at least one cryptographic key.
  - 4. The device of claim 3 further comprising:
    - at least one one-time programmable memory; and
      
      a load module, coupled to the at least one one-time programmable memory and the key store memory, that transfers the at least one cryptographic key from the at least one one-time programmable memory to the key store memory.
  - 5. The device of claim 4 further comprising:
    - a validation module, coupled to the key store memory, that validates the at least one cryptographic key stored in the key store memory, based on the signature.
  - 6. The device of claim 3 further comprising:
    - at least one one-time programmable memory; and
      
      a load module, coupled to the at least one one-time programmable memory and the rule set memory, that transfers the set of rules from the at least one one-time programmable memory to the rule set memory.
  - 7. The device of claim 6 further comprising:
    - a validation module, coupled to the rule set memory, that validates the set of rules stored in the rule set memory, based on the signature.
  - 8. The device of claim 1 wherein the set of rules includes at least one of:
    - a null rule; and
      
      an end of rules rule.
  - 9. The device of claim 1 wherein the key store memory is accessed in accordance with a plurality of constraints that include at least one of:
    - a type constraint;
      
      an adjacency constraint;
      
      a skip constraint; and
      
      a repeat constraint.

10. A device comprises:
- a key store memory operable to store at least one cryptographic key;
  
  a rule set memory operable to store a set of rules for accessing the at least one cryptographic key, wherein the set of rules includes a signature rule that defines at signature corresponding to at least one of;
  
  the set of rules and the at least one cryptographic key;
  
  a key store arbitration module operable to grant access to the cryptographic key in accordance with the set of rules;
  
  at least one one-time programmable memory;
  
  a load module, coupled to the at least one one-time programmable memory and the key store memory, that transfers the at least one cryptographic key from the at least one one-time programmable memory to the key store memory; and
  
  a validation module, coupled to the key store memory, that validates the at least one cryptographic key stored in the key store memory, based on the signature.
- View Dependent Claims (11, 12)
- - 11. The device of claim 10 wherein the load module further transfers the set of rules from the at least one one-time programmable memory to the rule set memory.
  - 12. The device of claim 11 wherein the validation module, is further coupled to the rule set memory, and the validation module further validates the set of rules stored in the rule set memory, based on the signature.

13. A method comprising:
- storing at least one cryptographic key from the at least one one-time programmable memory to a key store memory;
  
  storing a set of rules from the at least one one-time programmable memory to a rule set memory, wherein the set of rules includes a signature rule that defines a first signature;
  
  retrieving the first signature;
  
  determining the validity of;
  
  the set of rules stored in the rule set memory; and
  
  the at least one cryptographic key stored in the key store memory;
  
  erasing the key store memory and rule set memory, based on a failed validation of at least one of;
  
  the set of rules stored in the rule set memory; and
  
  the at least one cryptographic key stored in the key store memory.
- View Dependent Claims (14)
- - 14. The method of claim 13 wherein determining the validity includes:
    - determining a second signature based on the set of rules stored in the rule set memory, and the at least one cryptographic key stored in the key store memory;
      
      comparing the first signature to the second signature; and
      
      determining the failed validation when the second signature does not match the first signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pixelworks Incorporated
Original Assignee
VIXS Systems Incorporated (Pixelworks Incorporated)
Inventors
Huang, Shijun, Cheung, Wendy Wai Yin, Wong, Albert Yunsang, Stewart, Norman V.D., Ducharme, Paul D.

Granted Patent

US 8,594,333 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/277
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/602   Providing cryptographic fac...

G06F 21/6209   to a single file or object,...

G06F 21/72   in cryptographic circuits

G06F 21/79   in semiconductor storage me...

G06F 2221/2123   Dummy operation

G06F 2221/2127   Bluffing

H04L 2209/12   Details relating to cryptog...

H04L 2209/60   Digital content management,...

H04L 9/0822   using key encryption key

H04L 9/088   Usage controlling of secret...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/3247   involving digital signatures

H04N 21/4181   for conditional access

H04N 21/4183   providing its own processin...

H04N 21/42623   involving specific decrypti...

H04N 21/42692   for reading from or writing...

H04N 21/4431   characterized by the use of...

H04N 21/4435   Memory management allocatio...

H04N 7/1675   Providing digital key or au...

SECURE KEY ACCESS WITH ONE-TIME PROGRAMMABLE MEMORY AND APPLICATIONS THEREOF

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

88 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE KEY ACCESS WITH ONE-TIME PROGRAMMABLE MEMORY AND APPLICATIONS THEREOF

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

88 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links