公开(公告)号：US20170126405A1

公开(公告)日：2017-05-04

申请号：US15399568

申请日：2017-01-05

Applicant: Intel Corporation

Inventor： Jiangtao Li ,  Anand Rajan ,  Roel Maes ,  Sanu K Mathew ,  Ram Krishnamurthy ,  Ernie Brickell

IPC: H04L9/08

CPC classification number: H04L9/0891 ,  G09C1/00 ,  H04L9/0822 ,  H04L9/0861 ,  H04L9/0866 ,  H04L9/0894 ,  H04L2209/12

Abstract: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processor. In one embodiments, a key provisioner/tester apparatus may include a memory device to receive a unique hardware key generated by a first logic of a processor. The key provisioner/tester apparatus may further include a cipher device to permanently store an encrypted first key in nonvolatile memory of the processor, detect whether the stored encrypted first key is valid, and to isolate at least one of the first logic and the nonvolatile memory of the processor from all sources that are exterior to the processor in response to detecting that the stored encrypted first key is valid.

公开(公告)号：US08928347B2

公开(公告)日：2015-01-06

申请号：US13631634

申请日：2012-09-28

Applicant: Intel Corporation

Inventor： Kevin C. Gotze ,  Gregory M. Iovino ,  Jiangtao Li ,  David Johnston ,  Sanu K. Mathew ,  George W. Cox ,  Anand Rajan

IPC: H03K19/00 ,  H03K19/003

CPC classification number: H03K19/003 ,  G09C1/00 ,  H04L9/0866 ,  H04L2209/12

Abstract: An integrated circuit substrate of an aspect includes a plurality of exposed electrical contacts. The integrated circuit substrate also includes an inaccessible set of Physically Unclonable Function (PUF) cells to generate an inaccessible set of PUF bits that are not accessible through the exposed electrical contacts. The integrated circuit substrate also includes an accessible set of PUF cells to generate an accessible set of PUF bits that are accessible through the exposed electrical contacts. Other apparatus, methods, and systems are also disclosed.

Abstract translation: 一方面的集成电路基板包括多个暴露的电触点。 集成电路基板还包括不可接近的物理不可克隆功能（PUF）单元组，以生成不能通过暴露的电触点访问的不可访问的PUF位集合。 集成电路基板还包括可访问的PUF单元组，以产生可通过暴露的电触点访问的可访问的PUF位组。 还公开了其他装置，方法和系统。

公开(公告)号：US20220182365A1

公开(公告)日：2022-06-09

申请号：US17677584

申请日：2022-02-22

Applicant: Intel Corporation

Inventor： Mic Bowman ,  Andrea Miele ,  James P. Held ,  Anand Rajan

IPC: H04L9/40 ,  H04L9/32 ,  G06F21/57 ,  H04L9/08 ,  G06F21/62

Abstract: Techniques for sharing private data objects in a trusted execution environment using a distributed ledger are described. The techniques described herein may enable sharing of data objects, referred to herein as private data objects (PDOs), between individuals and organizations with access and update policies mediated by execution of code (referred to herein as a “smart contract”) carried with the PDO in a secure enclave. A distributed ledger may serve as a “public commit log” to ensure that there is a single, authoritative instance of the object and provide a means of guaranteeing atomicity of updates across interacting objects.

公开(公告)号：US20200320206A1

公开(公告)日：2020-10-08

申请号：US16910958

申请日：2020-06-24

Applicant: Intel Corporation

Inventor： Rosario Cammarota ,  Fabian Boemer ,  Casimir M. Wierzynski ,  Anand Rajan ,  Rafael Misoczki

IPC: G06F21/60 ,  G06N20/00 ,  H04L9/00 ,  G06F21/53 ,  G06F21/57 ,  H04L29/06

Abstract: Systems, methods, apparatus, and articles of manufacture to prevent unauthorized release of information associated with a function as a service are disclosed. A system disclosed herein operates on in-use information. The system includes a function as a service of a service provider that operates on encrypted data. The encrypted data includes encrypted in-use data. The system also includes a trusted execution environment (TEE) to operate within a cloud-based environment of a cloud provider. The function as a service operates on the encrypted data within the TEE, and the TEE protects service provider information from access by the cloud provider. The encrypted in-use data and the service provider information form at least a portion of the in-use information.

公开(公告)号：US10554634B2

公开(公告)日：2020-02-04

申请号：US15721723

申请日：2017-09-29

Applicant: INTEL CORPORATION

Inventor： Mic Bowman ,  Andrea Miele ,  James P. Held ,  Anand Rajan

IPC: H04L29/06 ,  H04L9/32 ,  G06F21/57 ,  H04L9/08

Abstract: Techniques for sharing private data objects in a trusted execution environment using a distributed ledger are described. The techniques described herein may enable sharing of data objects, referred to herein as private data objects (PDOs), between individuals and organizations with access and update policies mediated by execution of code (referred to herein as a “smart contract”) carried with the PDO in a secure enclave. A distributed ledger may serve as a “public commit log” to ensure that there is a single, authoritative instance of the object and provide a means of guaranteeing atomicity of updates across interacting objects.

公开(公告)号：US20160379207A1

公开(公告)日：2016-12-29

申请号：US14750992

申请日：2015-06-25

Applicant: INTEL CORPORATION

Inventor： Patrick Koeberl ,  Nikhil M. Deshpande ,  Anand Rajan

IPC: G06Q20/34 ,  G06Q20/22 ,  G06Q20/40

CPC classification number: G06Q20/3572 ,  G06Q20/227 ,  G06Q20/341 ,  G06Q20/3576 ,  G06Q20/40145 ,  G06Q20/409

Abstract: An apparatus for aggregating secured credentials is described herein. The apparatus includes a processor and a memory. The memory includes code causing the processor to provision a plurality of secured credentials on the apparatus. The code causes the processor to isolate the secured credentials from each other in the memory. The code also causes the processor to emulate a selected secured credential from the secured credentials for a transaction.

Abstract translation: 本文描述了用于聚合安全凭证的装置。 该装置包括处理器和存储器。 存储器包括使处理器在设备上提供多个安全凭证的代码。 该代码使处理器将存储器中的安全证书彼此隔离开。 该代码还使得处理器从事务的安全凭证中模拟选定的安全凭证。

公开(公告)号：US09390291B2

公开(公告)日：2016-07-12

申请号：US13730829

申请日：2012-12-29

Applicant: Intel Corporation

Inventor： George W. Cox ,  David Johnston ,  Jiangtao Li ,  Anand Rajan

IPC: G06F21/72 ,  G06F21/73 ,  H04L9/08 ,  G09C1/00

CPC classification number: G06F21/72 ,  G06F21/52 ,  G06F21/73 ,  G09C1/00 ,  H04L9/0866 ,  H04L2209/12

Abstract: A processor of an aspect includes root key generation logic to generate a root key. The root key generation logic includes a source of static and entropic bits. The processor also includes key derivation logic coupled with the root key generation logic. The key derivation logic is to derive one or more keys from the root key. The processor also includes cryptographic primitive logic coupled with the root key generation logic. The cryptographic primitive logic is to perform cryptographic operations. The processor also includes a security boundary containing the root key generation logic, the key derivation logic, and the cryptographic primitive logic. Other processors, methods, and systems are also disclosed.

Abstract translation: 一方面的处理器包括生成根密钥的根密钥生成逻辑。 根密钥生成逻辑包括静态和熵位的源。 处理器还包括与根密钥生成逻辑耦合的密钥导出逻辑。 密钥推导逻辑是从根密钥导出一个或多个密钥。 处理器还包括与根密钥生成逻辑耦合的加密原语逻辑。 加密原语逻辑是执行加密操作。 处理器还包括包含根密钥生成逻辑，密钥导出逻辑和密码原语逻辑的安全边界。 还公开了其他处理器，方法和系统。