公开(公告)号：US20110296204A1

公开(公告)日：2011-12-01

申请号：US13091698

申请日：2011-04-21

申请人： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

发明人： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

IPC分类号： G06F21/00

CPC分类号： H04L9/0827 ,  G06F9/30003 ,  G06F9/30079 ,  G06F9/30178 ,  G06F9/30189 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/54 ,  G06F21/602 ,  G06F21/71 ,  G06F21/72 ,  G06F2212/402 ,  G06F2212/452 ,  G06F2221/2107 ,  H04L9/0618 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/0894 ,  H04L2209/12 ,  H04L2209/20

摘要： A microprocessor includes an architected register having a bit (may be x86 EFLAGS register reserved bit) set by the microprocessor. A fetch unit fetches encrypted instructions from an instruction cache and decrypts them (via XOR) prior to executing them, in response to the microprocessor setting the bit. The microprocessor saves the bit value to a stack in memory and then clears the bit in response to receiving an interrupt. The fetch unit fetches unencrypted instructions from the instruction cache and executes them without decrypting them after the microprocessor clears the bit. The microprocessor restores the saved value from the stack in memory to the bit in the architected register (and in one embodiment, also restores decryption key values) in response to executing a return from interrupt instruction. The fetch unit resumes fetching and decrypting the encrypted instructions in response to determining that the restored value of the bit is set.

摘要翻译： 微处理器包括由微处理器设置的位（可以是x86 EFLAGS寄存器保留位）的架构化寄存器。 读取单元从指令高速缓存中获取加密指令，并在执行它们之前对其进行解密（通过XOR），以响应微处理器设置该位。 微处理器将位值保存到存储器中的堆栈，然后响应于接收到中断而清除该位。 提取单元从指令高速缓存中提取未加密的指令，并在微处理器清零位之后执行它们而不对其进行解密。 响应于执行中断指令的返回，微处理器将存储器中的保存值从存储器中的位恢复到构造寄存器中的位（并且在一个实施例中，还恢复解密密钥值）。 响应于确定该位的恢复值被设置，获取单元恢复取出和解密加密指令。

公开(公告)号：US20110296202A1

公开(公告)日：2011-12-01

申请号：US13091547

申请日：2011-04-21

申请人： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

发明人： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

IPC分类号： G06F21/22

CPC分类号： H04L9/0827 ,  G06F9/30003 ,  G06F9/30079 ,  G06F9/30178 ,  G06F9/30189 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/54 ,  G06F21/602 ,  G06F21/71 ,  G06F21/72 ,  G06F2212/402 ,  G06F2212/452 ,  G06F2221/2107 ,  H04L9/0618 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/0894 ,  H04L2209/12 ,  H04L2209/20

摘要： A fetch unit fetches a sequence of blocks of encrypted instructions of an encrypted program from an instruction cache at a corresponding sequence of fetch address values. While fetching each block of the sequence, the fetch unit generates a decryption key as a function of key values and the corresponding fetch address value, and decrypts the encrypted instructions using the generated decryption key by XORing them together. A switch key instruction instructs the microprocessor to update the key values in the fetch unit while the fetch unit is fetching the sequence of blocks. The fetch unit inherently provides an effective decryption key length that depends upon the function and amount of key values used. Including one or more switch key instructions within the encrypted program increases the effective decryption key length up to the encrypted program length.

摘要翻译： 取出单元以相应的获取地址值序列从指令高速缓存中提取加密程序的加密指令的一系列块。 在提取序列的每个块时，提取单元根据密钥值和相应的获取地址值产生解密密钥，并且通过将它们一起进行异或来解密加密的指令。 切换键指令指示微处理器在获取单元获取块序列时更新提取单元中的键值。 提取单元固有地提供了一个有效的解密密钥长度，这取决于所使用的密钥值的功能和数量。 在加密程序中包括一个或多个切换密钥指令将有效的解密密钥长度增加到加密的程序长度。

公开(公告)号：US08132022B2

公开(公告)日：2012-03-06

申请号：US12977803

申请日：2010-12-23

申请人： Thomas A. Crispin ,  G. Glenn Henry ,  Terry Parks

发明人： Thomas A. Crispin ,  G. Glenn Henry ,  Terry Parks

IPC分类号： G06F12/14 ,  G06F9/30 ,  H04L9/32 ,  H04K1/00

CPC分类号： H04L9/3239 ,  G06F9/30007 ,  G06F9/30065 ,  G06F9/30185 ,  G06F9/3895 ,  G06F21/64 ,  G06F21/72 ,  H04L9/0643 ,  H04L2209/125 ,  H04L2209/60

摘要： A method for performing hash operations including: receiving a hash instruction that is part of an application program, where the hash instruction prescribes one of the hash operations and one of a plurality of hash algorithms; translating the hash instruction into a first plurality of micro instructions and a second plurality of micro instructions; and via a hash unit disposed within execution logic, executing the one of the hash operations. The executing includes first executing the first plurality of micro instructions within the hash unit to produce output data; second executing the second plurality of micro instructions within an x86 integer unit in parallel with the first executing to test a bit in a flags register, to update text pointer registers, and to process interrupts during execution of the hash operation; and storing a corresponding intermediate hash value to memory prior to allowing a pending interrupt to proceed.

摘要翻译： 一种用于执行散列操作的方法，包括：接收作为应用程序的一部分的散列指令，其中所述散列指令规定所述散列操作之一和多个散列算法之一; 将所述散列指令转换成第一多个微指令和第二多个微指令; 并且经由布置在执行逻辑内的哈希单元，执行所述散列操作之一。 所述执行包括首先执行所述散列单元内的所述第一多个微指令以产生输出数据; 第二执行x86整数单元内的第二多个微指令，与第一次执行一起执行以测试标志寄存器中的位，更新文本指针寄存器，以及在执行散列操作期间处理中断; 以及在允许待决中断进行之前将相应的中间散列值存储到存储器。

公开(公告)号：US07844053B2

公开(公告)日：2010-11-30

申请号：US10730167

申请日：2003-12-05

申请人： Thomas A. Crispin ,  G. Glenn Henry ,  Terry Parks

发明人： Thomas A. Crispin ,  G. Glenn Henry ,  Terry Parks

IPC分类号： G06F15/76

CPC分类号： G06F9/30003 ,  G06F9/30007 ,  G06F9/30047 ,  G06F9/30065 ,  G06F9/30087 ,  G06F9/3017 ,  G06F9/30178 ,  G06F9/3885 ,  G06F21/602 ,  G06F21/6245 ,  G06F21/72 ,  H04L9/06

摘要： A microprocessor apparatus is provided, for performing a cryptographic operation. The microprocessor apparatus includes an x86-compatible microprocessor that has fetch logic, a cryptography unit, and an integer unit. The fetch logic is configured to fetch an application program from memory for execution by the x86-compatible microprocessor. The application program includes an atomic instruction that directs the x86-compatible microprocessor to perform the cryptographic operation. The atomic instruction has and opcode field and a repeat prefix field. The opcode field prescribes that the device accomplish the cryptographic operation as further specified within a control word stored in a memory. The repeat prefix field is coupled to the opcode field. The repeat prefix field indicates that the cryptographic operation prescribed by the atomic instruction is to be accomplished on a plurality of blocks of input data.

摘要翻译： 提供了一种用于执行密码操作的微处理器装置。 微处理器装置包括具有取指逻辑的x86兼容微处理器，加密单元和整数单元。 提取逻辑被配置为从存储器获取应用程序以由x86兼容的微处理器执行。 应用程序包括指导x86兼容微处理器执行加密操作的原子指令。 原子指令具有和操作码字段和重复前缀字段。 操作码字段规定设备完成在存储在存储器中的控制字中进一步指定的加密操作。 重复前缀字段耦合到操作码字段。 重复前缀字段指示由原子指令规定的加密操作将在多个输入数据块上完成。

公开(公告)号：US07536560B2

公开(公告)日：2009-05-19

申请号：US10826475

申请日：2004-04-16

申请人： G. Glenn Henry ,  Thomas A. Crispin ,  Terry Parks

发明人： G. Glenn Henry ,  Thomas A. Crispin ,  Terry Parks

IPC分类号： H04L9/06

CPC分类号： G06F9/30181 ,  G06F9/30003 ,  G06F9/30007 ,  G06F9/30174 ,  G06F9/3877 ,  G06F21/72 ,  H04L9/0631 ,  H04L9/0637 ,  H04L2209/125 ,  H04L2209/24

摘要： The present invention provides an apparatus and method for performing cryptographic operations on a plurality of input data blocks within a microprocessor, where the size cryptographic key that is employed is programmable. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes fetch logic and execution logic. The fetch logic is disposed within a microprocessor, and receives a cryptographic instructionsingle atomic cryptographic instruction as part of an instruction flow executing on the microprocessor. The cryptographic instructionsingle atomic cryptographic instruction prescribes one of the cryptographic operations, and also one of a plurality of cryptographic key sizes. The execution logic disposed within the microprocessor and is operatively coupled to the single atomic cryptographic instruction. The execution logic executes the one of the cryptographic operations. The execution logic has a cryptographic key size controller that employs the one of a plurality of cryptographic key sizes during execution of the one of the cryptographic operations.

摘要翻译： 本发明提供一种用于对微处理器内的多个输入数据块执行密码操作的装置和方法，其中使用的大小密码密钥是可编程的。 在一个实施例中，提供了一种用于执行密码操作的装置。 该装置包括提取逻辑和执行逻辑。 提取逻辑设置在微处理器内，并且接收作为在微处理器上执行的指令流的一部分的加密指令单原子加密指令。 加密指令单原子加密指令规定了密码操作之一以及多个加密密钥大小之一。 执行逻辑设置在微处理器内，并且可操作地耦合到单原子加密指令。 执行逻辑执行加密操作之一。 执行逻辑具有加密密钥大小控制器，该加密密钥大小控制器在执行所述密码操作之一期间采用多个密码密钥大小中的一个。

公开(公告)号：US07529368B2

公开(公告)日：2009-05-05

申请号：US10826745

申请日：2004-04-16

申请人： G. Glenn Henry ,  Thomas A. Crispin ,  Terry Parks

发明人： G. Glenn Henry ,  Thomas A. Crispin ,  Terry Parks

IPC分类号： H04J1/06

CPC分类号： G06F9/3017 ,  G06F9/30003 ,  G06F9/30007 ,  G06F9/30178 ,  G06F9/3877 ,  G06F21/72 ,  H04L9/0631 ,  H04L9/0637 ,  H04L2209/125 ,  H04L2209/24

摘要： An apparatus and method for performing cryptographic operations on a plurality of input data blocks. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes a cryptographic instruction, OFB mode logic, and execution logic. The cryptographic instruction is received by a pipeline microprocessor as part of an application program executing on the pipeline microprocessor. The cryptographic instruction prescribes one of the cryptographic operations. The one of the cryptographic operations includes a plurality of OFB block cryptographic operations performed on a corresponding plurality of input text blocks. The OFB mode logic is operatively coupled to the cryptographic instruction. The OFB mode logic directs the pipeline microprocessor to update pointer registers and an initialization vector location for each of the plurality of CFB block cryptographic operations. The execution logic is operatively coupled to the OFB mode logic. The execution logic executes the one of the cryptographic operations.

摘要翻译： 一种用于对多个输入数据块执行密码操作的装置和方法。 在一个实施例中，提供了一种用于执行密码操作的装置。 该装置包括密码指令，OFB模式逻辑和执行逻辑。 密码指令由流水线微处理器接收，作为在流水线微处理器上执行的应用程序的一部分。 加密指令规定了一种加密操作。 密码操作之一包括对相应的多个输入文本块执行的多个OFB块密码操作。 OFB模式逻辑可操作地耦合到密码指令。 OFB模式逻辑指示流水线微处理器更新多个CFB块加密操作中的每一个的指针寄存器和初始化向量位置。 执行逻辑可操作地耦合到OFB模式逻辑。 执行逻辑执行加密操作之一。

公开(公告)号：US07529367B2

公开(公告)日：2009-05-05

申请号：US10826428

申请日：2004-04-16

申请人： G. Glenn Henry ,  Thomas A. Crispin ,  Terry Parks

发明人： G. Glenn Henry ,  Thomas A. Crispin ,  Terry Parks

IPC分类号： H04K1/06

CPC分类号： H04L9/0631 ,  G06F9/30007 ,  H04L9/0637 ,  H04L2209/125 ,  H04L2209/24

摘要： An apparatus and method for performing cryptographic operations on a plurality of input data blocks within a processor. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes a cryptographic instruction, CFB mode logic, and execution logic. The cryptographic instruction is received by a pipeline microprocessor as part of an application program executing on the pipeline microprocessor. The cryptographic instruction prescribes one of the cryptographic operations. The one of the cryptographic operations includes a plurality of CFB block cryptographic operations performed on a corresponding plurality of input text blocks. The CFB mode logic is operatively coupled to the cryptographic instruction. The CFB mode logic directs the pipeline microprocessor to update pointer registers and intermediate results for each of the plurality of CFB block cryptographic operations. The execution logic is operatively coupled to the CFB mode logic. The execution logic executes the one of the cryptographic operations.

摘要翻译： 一种用于对处理器内的多个输入数据块执行加密操作的装置和方法。 在一个实施例中，提供了一种用于执行密码操作的装置。 该装置包括密码指令，CFB模式逻辑和执行逻辑。 密码指令由流水线微处理器接收，作为在流水线微处理器上执行的应用程序的一部分。 加密指令规定了一种加密操作。 密码操作之一包括对相应的多个输入文本块执行的多个CFB块加密操作。 CFB模式逻辑可操作地耦合到密码指令。 CFB模式逻辑指示流水线微处理器为多个CFB块加密操作中的每一个更新指针寄存器和中间结果。 执行逻辑可操作地耦合到CFB模式逻辑。 执行逻辑执行加密操作之一。

公开(公告)号：US07392400B2

公开(公告)日：2008-06-24

申请号：US10800768

申请日：2004-03-15

申请人： G. Glenn Henry ,  Thomas A. Crispin ,  Terry Parks

发明人： G. Glenn Henry ,  Thomas A. Crispin ,  Terry Parks

IPC分类号： G06F11/30

CPC分类号： G06F9/3017 ,  G06F9/30003 ,  G06F9/30007 ,  G06F9/30178 ,  G06F9/3877 ,  G06F21/72 ,  H04L9/0631 ,  H04L2209/125 ,  H04L2209/24

摘要： The present invention provides an apparatus and method for performing cryptographic operations on a plurality of input data blocks within a processor. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes a cryptographic instruction and translation logic. The cryptographic instruction is received by fetch logic in a microprocessor as part of an instruction flow. The cryptographic instruction prescribes one of the cryptographic operations. The translation logic translates the cryptographic instruction into micro instructions. The micro instructions are ordered to direct the microprocessor to load a second input text block and to execute the one of the cryptographic operations on the second input text block prior to directing the microprocessor to store an output text block corresponding to a first input text block. Consequently, the output text block is stored during execution of the one of the cryptographic operations on the second input text block.

摘要翻译： 本发明提供一种用于对处理器内的多个输入数据块执行密码操作的装置和方法。 在一个实施例中，提供了一种用于执行密码操作的装置。 该装置包括加密指令和翻译逻辑。 作为指令流的一部分，加密指令由微处理器中的提取逻辑接收。 加密指令规定了一种加密操作。 翻译逻辑将加密指令转换为微指令。 命令微指令指导微处理器加载第二输入文本块，并且在指示微处理器存储对应于第一输入文本块的输出文本块之前对第二输入文本块执行加密操作之一。 因此，输出文本块在对第二输入文本块的密码操作之一的执行期间被存储。

公开(公告)号：US08132023B2

公开(公告)日：2012-03-06

申请号：US12977809

申请日：2010-12-23

申请人： Thomas A. Crispin ,  G. Glenn Henry ,  Terry Parks

发明人： Thomas A. Crispin ,  G. Glenn Henry ,  Terry Parks

IPC分类号： G06F12/14 ,  G06F9/30 ,  H04L9/32 ,  H04K1/00

CPC分类号： H04L9/3239 ,  G06F9/30007 ,  G06F9/30065 ,  G06F9/30185 ,  G06F9/3895 ,  G06F21/64 ,  G06F21/72 ,  H04L9/0643 ,  H04L2209/125 ,  H04L2209/60

摘要： A method for performing hash operations including: receiving a hash instruction that prescribes one of the hash operations and one of a plurality of hash algorithms; translating the hash instruction into a first plurality of micro instructions and a second plurality of micro instructions; and via a hash unit, executing the one of the hash operations. The executing includes indicating whether the one of the hash operations has been interrupted by an interrupting event; first executing the first plurality of micro instructions within the hash unit to produce output data; second executing the second plurality of micro instructions within an x86 integer unit in parallel with the first executing to test a bit in a flags register, to update text pointer registers, and to process interrupts during execution of the hash operation; and storing a corresponding intermediate hash value to memory prior to allowing a pending interrupt to proceed.

摘要翻译： 一种用于执行散列操作的方法，包括：接收规定所述散列操作之一和多个散列算法之一的哈希指令; 将所述散列指令转换成第一多个微指令和第二多个微指令; 并且经由哈希单元执行所述散列操作之一。 所述执行包括指示所述散列操作中的一个是否已被中断事件中断; 首先在所述散列单元内执行所述第一多个微指令以产生输出数据; 第二执行x86整数单元内的第二多个微指令，与第一次执行一起执行以测试标志寄存器中的位，更新文本指针寄存器，以及在执行散列操作期间处理中断; 以及在允许待决中断进行之前将相应的中间散列值存储到存储器。

公开(公告)号：US08060755B2

公开(公告)日：2011-11-15

申请号：US10800983

申请日：2004-03-15

申请人： G. Glenn Henry ,  Thomas A. Crispin ,  Terry Parks

发明人： G. Glenn Henry ,  Thomas A. Crispin ,  Terry Parks

IPC分类号： G06F12/14 ,  G06F9/30 ,  H04L9/00 ,  H04L9/32 ,  H04K1/00

CPC分类号： H04L9/0631 ,  G06F9/30007 ,  H04L2209/125 ,  H04L2209/24

摘要： An apparatus and method for performing cryptographic operations within microprocessor. The apparatus includes an instruction register having a cryptographic instruction disposed therein, a keygen unit, and an execution unit. The cryptographic instruction is received by a microprocessor as part of an instruction flow executing on the microprocessor. The cryptographic instruction prescribes one of the cryptographic operations, and also prescribes that a user-generated key schedule be employed when executing the one of the cryptographic operations. The keygen unit is operatively coupled to the instruction register. The keygen unit directs the microprocessor to load the user-generated key schedule. The execution unit is operatively coupled to the keygen unit. The execution unit employs the user-generated key schedule to execute the one of the cryptographic operations. The execution unit includes a cryptography unit.

摘要翻译： 一种用于在微处理器内执行加密操作的装置和方法。 该装置包括其中设置有密码指令的指令寄存器，密钥单元和执行单元。 加密指令由微处理器接收，作为在微处理器上执行的指令流的一部分。 密码指令规定了一个加密操作，并且还规定了当执行一个加密操作时采用用户生成的密钥调度。 密钥单元可操作地耦合到指令寄存器。 keygen单元指示微处理器加载用户生成的密钥计划。 执行单元可操作地耦合到密钥发生单元。 执行单元使用用户生成的密钥调度来执行密码操作之一。 执行单元包括密码单元。