Method and apparatus for secure processing of cryptographic keys
First Claim
1. A method for secure processing of cryptographic keys, comprising:
- loading, by a system processor, a cryptographic program and any associated data into a secure memory, said secure memory only being accessible by the system processor in a secure mode;
loading, by the system processor, a cryptographic key into the secure memory;
detecting a request for security operation by an application program;
the system processor, entering the secure mode;
performing the security operation in the secure memory using the cryptographic program and cryptographic key;
the system processor, exiting the secure mode; and
passing any cryptographic information to the application program;
the system processor, performing other operations in a system memory, including executing an operating system, when the processor is not in the secure mode.
6 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for secure processing of cryptographic keys, wherein a cryptographic key stored on a token is processed in a secure processor mode using a secure memory. A main system processor is initialized into a secure processing mode, which cannot be interrupted by other interrupts, during a power-on sequence. A user enters a Personal Identification Number (PIN) to unlock the cryptographic key stored on the token. The cryptographic key and associated cryptographic program are then loaded into the secure memory. The secure memory is locked to prevent access to the stored data from any other processes. The user is then prompted to remove the token and the processor exits the secure mode and the system continues normal boot-up operations. When an application requests security processing, the cryptographic program is executed by the processor in the secure mode such that no other programs or processes can observe the execution of the program. Two-factor authentication is thus obtained without the need for any additional hardware.
422 Citations
8 Claims
-
1. A method for secure processing of cryptographic keys, comprising:
-
loading, by a system processor, a cryptographic program and any associated data into a secure memory, said secure memory only being accessible by the system processor in a secure mode;
loading, by the system processor, a cryptographic key into the secure memory;
detecting a request for security operation by an application program;
the system processor, entering the secure mode;
performing the security operation in the secure memory using the cryptographic program and cryptographic key;
the system processor, exiting the secure mode; and
passing any cryptographic information to the application program;
the system processor, performing other operations in a system memory, including executing an operating system, when the processor is not in the secure mode. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification