Data transfer efficiency in a cryptography accelerator system
First Claim
Patent Images
1. A method for transferring data in a cryptography accelerator system, the method comprising:
- reading an input message at a cryptography accelerator from a host coupled to the cryptography accelerator and a network device, the input message comprising data and application descriptor information, wherein the cryptography accelerator, the network device, and the host are operable to access a plurality of types of shared memory and wherein the application descriptor information identifies an address within a type of shared memory of the plurality of types of shared memory and a format for writing processed data to the type of shared memory associated with the identified address;
performing cryptographic operations on the data to derive processed data;
separating the processed data into a plurality of segments;
directly writing the plurality of segments to the identified address and in the format identified by the application descriptor information in the input message.
7 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus are provided for performing authentication and decryption operations in a cryptography accelerator system. Input data passed to a cryptography accelerator from a host such a CPU includes information for a cryptography accelerator to determine where to write the processed data. In one example, processed data is formatted as packet payloads in a network buffer. Checksum information is precalculated and an offset for a header is maintained.
-
Citations
39 Claims
-
1. A method for transferring data in a cryptography accelerator system, the method comprising:
-
reading an input message at a cryptography accelerator from a host coupled to the cryptography accelerator and a network device, the input message comprising data and application descriptor information, wherein the cryptography accelerator, the network device, and the host are operable to access a plurality of types of shared memory and wherein the application descriptor information identifies an address within a type of shared memory of the plurality of types of shared memory and a format for writing processed data to the type of shared memory associated with the identified address; performing cryptographic operations on the data to derive processed data; separating the processed data into a plurality of segments; directly writing the plurality of segments to the identified address and in the format identified by the application descriptor information in the input message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system for performing cryptographic operations in a network, the system comprising:
-
a network device operable to transmit a packet including cryptographically processed data onto the network; a plurality of types of memory shared among the host, the network device, and a cryptography accelerator; a host coupled to system memory, the host configured to provide application descriptor information and data for cryptography processing, wherein the application descriptor information provided by the host identifies an address within a type of shared memory of the plurality of types of shared memory and a format for writing processed data to the type of shared memory associated with the identified address; a cryptography accelerator configured to directly write cryptographically processed data into one of the plurality of types of memory at the identified address and in the format identified by the application descriptor information; wherein the packet comprises a payload substantially written by the cryptography accelerator and header substantially written by the host. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
-
24. A cryptography accelerator configured to receive application descriptor information and data from a central processing unit over a system bus, the application descriptor information identifying an address within a type of shared memory of the plurality of types of shared memory and a format for writing processed data to the identified type of shared memory associated with the identified address;
- wherein the cryptography accelerator is operable to perform cryptographic processing to derive processed data and is further operable to directly write segments of the processed data to the identified address and in a format identified by the received application descriptor information.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31)
-
32. An apparatus for transferring data in a cryptography accelerator system, the method comprising:
-
means for reading an input message at a cryptography accelerator from a host coupled to the cryptography accelerator and a network device, the input message comprising data and application descriptor information, wherein the cryptography accelerator, the network device, and the host are operable to access a plurality of types of shared memory and wherein the application descriptor information identifies an address within a type of shared memory of the plurality of types of shared memory and a format for writing processed data to the type of shared memory associated with the identified address; means for performing cryptographic operations on the data to derive processed data; means for separating the processed data into a plurality of segments; means for directly writing the plurality of segments to the identified address and in a format identified by the application descriptor information. - View Dependent Claims (33, 34, 35, 36, 37, 38, 39)
-
Specification