公开(公告)号：US10341116B2

公开(公告)日：2019-07-02

申请号：US15392266

申请日：2016-12-28

Applicant: Intel Corporation

Inventor： Xiruo Liu ,  Rafael Misoczki ,  Manoj R Sastry ,  Santosh Ghosh ,  Li Zhao

IPC: H04L9/06 ,  H04L9/14 ,  H04L9/30 ,  H04L9/32

Abstract: An attestation protocol between a prover device (P), a verifier device (V), and a trusted third-party device (TTP). P and TTP have a first trust relationship represented by a first cryptographic representation based on a one-or-few-times, hash-based, signature key. V sends an attestation request to P, with the attestation request including a second cryptographic representation of a second trust relationship between V and TTP. In response to the attestation request, P sends a validation request to TTP, with the validation request being based on a cryptographic association of the first trust relationship and the second trust relationship. TTP provides a validation response including a cryptographic representation of verification of validity of the first trust relationship and the second trust relationship. P sends an attestation response to V based on the validation response.

公开(公告)号：US10326587B2

公开(公告)日：2019-06-18

申请号：US15392252

申请日：2016-12-28

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Li Zhao ,  Rafael Misoczki ,  Manoj R Sastry

IPC: H04L9/06 ,  H04L9/32 ,  G06F13/28 ,  G06F21/72 ,  G06F1/3296

Abstract: A cryptography accelerator system includes a direct memory access (DMA) controller circuit to read and write data directly to and from memory circuits and an on-the-fly hashing circuit to hash data read from a first memory circuit on-the-fly before writing the read data to a second memory circuit. The hashing circuit performs at least one of integrity protection and firmware/software (FW/SW) verification of the data prior to writing the data to the second memory circuit. The on-the-fly hashing circuit includes a bit repositioning circuit to designate an order of bits of a binary word in a register from a most significant bit (MSB) to a least significant bit (LSB) for performing computations without rotating bits in the register, and an on-the-fly round constant generator circuit to generate a round constant from a counter.

公开(公告)号：US20190044728A1

公开(公告)日：2019-02-07

申请号：US15848785

申请日：2017-12-20

Applicant: INTEL CORPORATION

Inventor： Mohammed Karmoose ,  Rafael Misoczki ,  Liuyang Yang ,  Xiruo Liu ,  Moreno Ambrosin ,  Manoj R. Sastry

IPC: H04L9/32 ,  G08G1/00 ,  H04L9/06 ,  H04L9/14 ,  H04L9/30

CPC classification number: H04L9/3242 ,  G08G1/22 ,  H04L9/0637 ,  H04L9/0643 ,  H04L9/12 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3297 ,  H04L61/6022 ,  H04L2209/80 ,  H04L2209/84

Abstract: Logic may implement protocols and procedures for vehicle-to-vehicle communications for platooning. Logic may implement a communications topology to distinguish time-critical communications from non-time-critical communications. Logic may sign time-critical communications with a message authentication code (MAC) algorithm with a hash function such as Keccak MAC or a Cipher-based MAC. Logic may generate a MAC based on pairwise, symmetric keys to sign the time-critical communications. Logic may sign non-time-critical communications with a digital signature. Logic may encrypt non-time-critical communications. Logic may append a certificate to non-time-critical communications. Logic may append a header to messages to create data packets and may include a packet type to identify time-critical communications. Logic may decode and verify the time-critical messages with a pairwise symmetric key. And logic may prioritize time-critical communications to meet a specified latency.

公开(公告)号：US20180316508A1

公开(公告)日：2018-11-01

申请号：US16026657

申请日：2018-07-03

Applicant: Intel Corporation

Inventor： Steffen Schulz ,  Rafael Misoczki ,  Manoj R. Sastry ,  Jesse Walker

IPC: H04L9/32 ,  H04L29/08 ,  H04L29/06 ,  G06F8/65 ,  H04L9/30 ,  H04L9/14 ,  H04L9/08

CPC classification number: H04L9/3247 ,  G06F8/65 ,  H04L9/0891 ,  H04L9/14 ,  H04L9/304 ,  H04L9/3242 ,  H04L63/06 ,  H04L63/123 ,  H04L67/34

Abstract: In a method for validating software updates, a data processing system contains a current version of a software component. The data processing system saves at least first and second current advance keys (AKs). After saving the current AKs, the data processing system receives an update package for a new version of the software component. The data processing system extracts a digital signature and two or more new AKs from the update package. The data processing system uses at least one current AK to determine whether the digital signature is valid. In response to a determination that the digital signature is valid, the data processing system uses a software image from the update package to update the software component, and the data processing system saves the new AKs, for subsequent utilization as the current AKs.

公开(公告)号：US20180241554A1

公开(公告)日：2018-08-23

申请号：US15441030

申请日：2017-02-23

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Rafael Misoczki ,  Manoj R. Sastry ,  Li Zhao

IPC: H04L9/08 ,  H04L9/32 ,  H04L9/30

CPC classification number: H04L9/0861 ,  H04L9/002 ,  H04L9/0643 ,  H04L9/3236 ,  H04L9/3247 ,  H04L2209/12 ,  H04L2209/38

Abstract: Apparatuses and methods associated with configurable crypto hardware engine are disclosed herein. In embodiments, an apparatus for signing or verifying a message may comprise: a hardware hashing computation block to perform hashing computations; a hardware hash chain computation block to perform successive hash chain computations; a hardware private key generator to generate private keys; and a hardware public key generator to generate public keys, including signature generations and signature verifications. The hardware hashing computation block, the hardware hash chain computation block, the hardware private key generator, and the hardware public key generator may be coupled to each other and selectively cooperate with each other to perform private key generation, public key generation, signature generation or signature verification at different points in time. Other embodiments may be disclosed or claimed.

公开(公告)号：US20180183573A1

公开(公告)日：2018-06-28

申请号：US15392252

申请日：2016-12-28

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Li Zhao ,  Rafael Misoczki ,  Manoj R. Sastry

IPC: H04L9/06 ,  G06F21/72 ,  H04L9/32 ,  G06F1/32 ,  G06F13/28

CPC classification number: H04L9/0618 ,  G06F1/3296 ,  G06F13/28 ,  G06F21/72 ,  H04L9/0643 ,  H04L9/3242 ,  Y02D10/14

Abstract: A cryptography accelerator system includes a direct memory access (DMA) controller circuit to read and write data directly to and from memory circuits and an on-the-fly hashing circuit to hash data read from a first memory circuit on-the-fly before writing the read data to a second memory circuit. The hashing circuit performs at least one of integrity protection and firmware/software (FW/SW) verification of the data prior to writing the data to the second memory circuit. The on-the-fly hashing circuit includes a bit repositioning circuit to designate an order of bits of a binary word in a register from a most significant bit (MSB) to a least significant bit (LSB) for performing computations without rotating bits in the register, and an on-the-fly round constant generator circuit to generate a round constant from a counter.