公开(公告)号：US10282210B2

公开(公告)日：2019-05-07

申请号：US15180568

申请日：2016-06-13

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yin Tan ,  Dong Jin Kim

IPC: G06F9/44 ,  G06F9/4401 ,  G06F9/54 ,  G06F9/455

Abstract: A system and method for virtual hardware control includes accessing, by a controller, a first driver message from at least one hardware device driver for at least one hardware resource on a user device, the at least one hardware device driver located in a kernel space on an operating system of the user device, sending, by the controller, the first driver message to a first virtual device driver, the first virtual device driver located in the kernel space, and forwarding, by the first virtual device driver, the first driver message to a first virtual container, the first virtual container being a first user space that is outside the kernel space of the operating system.

公开(公告)号：US20170357516A1

公开(公告)日：2017-12-14

申请号：US15180568

申请日：2016-06-13

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yin Tan ,  Dong Jin Kim

IPC: G06F9/44 ,  G06F9/54

CPC classification number: G06F9/4411 ,  G06F9/455 ,  G06F9/545

Abstract: A system and method for virtual hardware control includes accessing, by a controller, a first driver message from at least one hardware device driver for at least one hardware resource on a user device, the at least one hardware device driver located in a kernel space on an operating system of the user device, sending, by the controller, the first driver message to a first virtual device driver, the first virtual device driver located in the kernel space, and forwarding, by the first virtual device driver, the first driver message to a first virtual container, the first virtual container being a first user space that is outside the kernel space of the operating system.

公开(公告)号：US11902414B2

公开(公告)日：2024-02-13

申请号：US17566783

申请日：2021-12-31

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Haohao Liao ,  Zhiwei Shang ,  Yin Tan

IPC: H04L29/06 ,  H04L9/00 ,  G06F17/16 ,  G06F7/72 ,  H04L9/30

CPC classification number: H04L9/008 ,  G06F7/728 ,  G06F17/16 ,  H04L9/3093

Abstract: A low latency relinearization process can be performed in an FPGA cluster for accelerating homomorphic encryption. The low-latency process performs an early calculation of matrix rows to make the summation result available earlier in the relinearization to reduce waiting of subsequent operations.

公开(公告)号：US20230216655A1

公开(公告)日：2023-07-06

申请号：US17566337

申请日：2021-12-30

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Haohao Liao ,  Zhiwei Shang ,  Yin Tan

IPC: H04L9/00

CPC classification number: H04L9/008 ,  H04L2209/125

Abstract: A field-programmable gate array (FPGA) cluster, comprising a plurality of FPGA devices, can be used to accelerate homomorphic encryption functionality. In particular, the FPGA cluster can accelerate the relinearization process used in homomorphic encryption by using multiple FPGA devices to perform portions of the relinearization process in parallel. Further, the use of the FPGA cluster provides sufficient memory resources to allow data used by the relinearization process, namely the keyswitch keys, to be stored on-chip.

公开(公告)号：US11223485B2

公开(公告)日：2022-01-11

申请号：US16037789

申请日：2018-07-17

Applicant: Huawei Technologies Co., Ltd.

Inventor： Teng Wu ,  Yin Tan

IPC: H04L9/32 ,  G06F21/57 ,  H04L9/08 ,  H04L9/30 ,  G09C5/00 ,  H04L9/14 ,  H04L9/00

Abstract: A method for verifying a property of plaintext using ciphertext is disclosed. In an embodiment, a computing device may receive the ciphertext at a trusted execution environment (TEE) of the computing device. The TEE may decrypt the ciphertext to generate the plaintext using a private encryption key of an encryption key pair. The encryption key pair comprises a public encryption key and the private encryption key. The TEE may generate a digitally signed validation result by encrypting the validation result using a private signing key of a signing key pair. The signing key pair comprises a public signing key and the private signing key. The private key is retrieved from secure memory of the computing device, and the secure memory may only be accessible by the TEE. The computing device may then transmit the digitally signed validation result.

公开(公告)号：US20200280559A1

公开(公告)日：2020-09-03

申请号：US16830857

申请日：2020-03-26

Applicant: Huawei Technologies Co., Ltd.

Inventor： Teng Wu ,  Yin Tan ,  Stephen Sui Luen LI ,  Wei Xiong ,  Zhongyuan Zheng ,  Tao HU

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  H04L9/00

Abstract: The present disclosure is drawn to systems and methods for implementing authentication protocols based on trusted execution environments. Each of a principal device, an identity provider server and a service provider server are associated with a respective trusted execution environment. Authentication protocols are provided for registering the principal device to the identity provider server; authenticating the principal device to the identity provider server; and authenticating the principal device to a service provider server.

公开(公告)号：US10511575B2

公开(公告)日：2019-12-17

申请号：US15707528

申请日：2017-09-18

Applicant: Huawei Technologies Co., Ltd.

Inventor： Nikolay Gigov ,  Yin Tan ,  Robert Lambert

IPC: H04L29/06

Abstract: Methods and systems for providing an endpoint device with access to a remote resource are disclosed. A first secure tunnel with the endpoint device is established from an intermediate device, the first tunnel terminating within a trusted execution environment (TEE) in the intermediate device. At least one credential is received within the TEE and via the first secure tunnel from the endpoint device. The at least one credential is transmitted from the intermediate device to the remote resource via a second secure tunnel, the second tunnel located between the remote resource and the intermediate device and originating within the TEE. In response to the at least one credential being accepted by the remote resource, communications between the endpoint device and the remote resource via the TEE in the intermediate device through the first and second secure tunnels are enabled.

公开(公告)号：US20170344408A1

公开(公告)日：2017-11-30

申请号：US15167676

申请日：2016-05-27

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yin Tan ,  Dong Jin Kim ,  Alan Pak-Lun Ho

IPC: G06F9/54 ,  G06F21/62 ,  G06F21/44

CPC classification number: G06F9/546 ,  G06F9/544 ,  G06F9/545 ,  G06F21/44 ,  G06F21/6281 ,  G06F2221/2129

Abstract: A computer-implemented method of performing inter-process communication includes a first process in a first operating system (OS) level container in a user space sending a message to a buffer process. The message is addressed to a second process in a second OS-level container in the user space. The buffer process communicates the message to the second process. A device for performing the computer-implemented method is also provided.