公开(公告)号：US07475257B2

公开(公告)日：2009-01-06

申请号：US10670825

申请日：2003-09-25

Applicant: Maximino Aguilar, Jr. ,  David Craft ,  Michael Norman Day ,  Akiyuki Hatakeyama ,  Harm Peter Hofstee ,  Masakazu Suzuoki

Inventor： Maximino Aguilar, Jr. ,  David Craft ,  Michael Norman Day ,  Akiyuki Hatakeyama ,  Harm Peter Hofstee ,  Masakazu Suzuoki

IPC: H04L9/32

CPC classification number: G06F21/6236 ,  G06F21/602 ,  H04L9/0894 ,  H04L2209/125

Abstract: A system and method are provided to dedicate one or more processors in a multiprocessing system to performing encryption functions. When the system initializes, one of the synergistic processing unit (SPU) processors is configured to run in a secure mode wherein the local memory included with the dedicated SPU is not shared with the other processors. One or more encryption keys are stored in the local memory during initialization. During initialization, the SPUs receive nonvolatile data, such as the encryption keys, from nonvolatile register space. This information is made available to the SPU during initialization before the SPUs local storage might be mapped to a common memory map. In one embodiment, the mapping is performed by another processing unit (PU) that maps the shared SPUs' local storage to a common memory map.

Abstract translation: 提供了一种系统和方法来将多处理系统中的一个或多个处理器专用于执行加密功能。 当系统初始化时，协同处理单元（SPU）中的一个处理器被配置为以安全模式运行，其中包括在专用SPU中的本地存储器不与其他处理器共享。 在初始化期间，一个或多个加密密钥存储在本地存储器中。 在初始化期间，SPU从非易失性寄存器空间接收非易失性数据，例如加密密钥。 在SPU本地存储可能映射到公共存储器映射之前，该信息在初始化期间可用于SPU。 在一个实施例中，映射由将共享的SPU本地存储映射到公共存储器映射的另一个处理单元（PU）执行。

公开(公告)号：US06996233B2

公开(公告)日：2006-02-07

申请号：US10464891

申请日：2003-06-19

Applicant: Daniel Alan Brokenshire ,  David Craft ,  Harm Peter Hofstee ,  Mohammad Peyravian

Inventor： Daniel Alan Brokenshire ,  David Craft ,  Harm Peter Hofstee ,  Mohammad Peyravian

IPC: H04L9/00 ,  H04K1/00

CPC classification number: H04L9/0618 ,  H04L2209/08 ,  H04L2209/12

Abstract: A method and system for encrypting and verifying the integrity of a message using a three-phase encryption process is provided. A source having a secret master key that is shared with a target receives the message and generates a random number. The source then generates: a first set of intermediate values from the message and the random number; a second set of intermediate values from the first set of values; and a cipher text from the second set of values. At the three phases, the values are generated using the encryption function of a block cipher encryption/decryption algorithm. The random number and the cipher text are transmitted to the target, which decrypts the cipher text by reversing the encryption process. The target verifies the integrity of the message by comparing the received random number with the random number extracted from the decrypted cipher text.

Abstract translation: 提供了使用三相加密处理来加密和验证消息的完整性的方法和系统。 具有与目标共享的秘密主密钥的源接收消息并生成随机数。 然后，源产生：来自消息和随机数的第一组中间值; 来自第一组值的第二组中间值; 和来自第二组值的密文。 在三个阶段，使用块密码加密/解密算法的加密功能生成这些值。 随机数和密文被发送到目标，通过反转加密过程来解密密文。 目标通过将接收到的随机数与从解密的密文提取的随机数进行比较来验证消息的完整性。

公开(公告)号：US20050010788A1

公开(公告)日：2005-01-13

申请号：US10464897

申请日：2003-06-19

Applicant: David Craft

Inventor： David Craft

IPC: G06F21/00 ,  H04L9/32

CPC classification number: G06F21/123

Abstract: A processing unit includes a read-only encryption key. Software is loaded into a system memory area from a non-volatile storage device. Software code image that resides in the system storage area includes a prefix value and a suffix value. The prefix value is combined with the master key from the processing unit to create a random value that is the seed for a hashing algorithm. The hashing algorithm uses the seed value with a signature formed from the blocks of code to form a result. Finally, after the last block has been processed, a final result remains. The suffix value is combined with the master key, this hash result is compared with the result that was created using the hashing algorithm on the code. If the two results match, the code is authenticated and is executed. If the results do not match, the code is not loaded.

Abstract translation: 处理单元包括只读加密密钥。 软件从非易失性存储设备加载到系统内存区域。 驻留在系统存储区域中的软件代码映像包括前缀值和后缀值。 前缀值与来自处理单元的主密钥组合以创建作为散列算法的种子的随机值。 散列算法使用具有由代码块形成的签名的种子值来形成结果。 最后，在处理最后一个块之后，最终的结果仍然存在。 后缀值与主键组合，将该哈希结果与使用代码上的散列算法创建的结果进行比较。 如果两个结果匹配，则代码被认证并被执行。 如果结果不匹配，则代码未加载。

公开(公告)号：USD435779S

公开(公告)日：2001-01-02

申请号：US29104109

申请日：1999-04-28

Applicant: Ricci L. Marzolf ,  Julie Houdek ,  Andrew Bools ,  David Craft

Designer： Ricci L. Marzolf ,  Julie Houdek ,  Andrew Bools ,  David Craft