-
公开(公告)号:US07707638B2
公开(公告)日:2010-04-27
申请号:US10354891
申请日:2003-01-30
Applicant: Andrew Dellow
Inventor: Andrew Dellow
CPC classification number: G06F21/575 , G06F21/64
Abstract: A semiconductor integrated circuit includes a processor for executing application code from a memory and a verifier processor arranged to receive the application code via the same internal bus as the processor. The verifier processor performs a verification function to check that the application code is authentic. The verifier processor runs autonomously and cannot be spoofed as it receives the application code via the same internal bus as the main processor.
Abstract translation: 半导体集成电路包括用于从存储器执行应用代码的处理器和被布置为经由与处理器相同的内部总线接收应用代码的验证器处理器。 验证者处理器执行验证功能以检查应用代码是否可信。 验证者处理器自动运行,并且不能通过与主处理器相同的内部总线接收应用代码而被欺骗。
-
公开(公告)号:US20090080649A1
公开(公告)日:2009-03-26
申请号:US11858530
申请日:2007-09-20
Applicant: Andrew Dellow
Inventor: Andrew Dellow
CPC classification number: H04L9/00 , H04L9/0637 , H04L9/0897 , H04L9/14 , H04L2209/60
Abstract: Methods and systems for protecting data may include controlling encryption and/or decryption and identifying a destination of corresponding encrypted and/or decrypted data, utilizing rules based on a source location of the data prior to the encryption or decryption and an algorithm that may have been previously utilized for encrypting and/or decrypting the data prior to the data being stored in the source location. The source location and/or destination of the data may comprise protected or unprotected memory. One or more of a plurality of algorithms may be utilized for the encryption and/or decryption. The rules may be stored in a key table, which may be stored on-chip, and may be reprogrammable. One or more keys for the encryption and/or decryption may be generated within the chip.
Abstract translation: 用于保护数据的方法和系统可以包括使用基于加密或解密之前的数据的源位置的规则来控制加密和/或解密以及识别对应的加密和/或解密数据的目的地以及可能已经被 先前用于在数据存储在源位置之前加密和/或解密数据。 数据的源位置和/或目的地可以包括受保护或不受保护的存储器。 多个算法中的一个或多个可以用于加密和/或解密。 该规则可以存储在键表中,其可以被存储在芯片上,并且可以被重新编程。 可以在芯片内生成用于加密和/或解密的一个或多个密钥。
-
63.发明申请公开(公告)号:US20080222428A1
公开(公告)日:2008-09-11
申请号:US12043697
申请日:2008-03-06
Applicant: Andrew Dellow
Inventor: Andrew Dellow
CPC classification number: H04L9/3236
Abstract: The invention describes a method and a corresponding digital processing system for ensuring that data is unmodified while reducing the amount of one-time programmable memory in the system. The data is stored in modifiable memory and an authentication value of the data is stored in unmodifiable memory. Before the data is used according to its purpose the digital processing system authenticates that the data is unmodified, for example by using a cryptographic hash algorithm.
Abstract translation: 本发明描述了一种方法和相应的数字处理系统,用于在减少系统中的一次可编程存储器的量的同时确保数据未被修改。 数据存储在可修改的存储器中,数据的认证值存储在不可修改的存储器中。 在根据其目的使用数据之前,数字处理系统例如通过使用加密散列算法来认证数据未被修改。
-
公开(公告)号:US20080209106A1
公开(公告)日:2008-08-28
申请号:US11592735
申请日:2006-11-03
Applicant: Peter Bennett , Andrew Dellow , Jonathan Smailes
Inventor: Peter Bennett , Andrew Dellow , Jonathan Smailes
IPC: G06F12/02 , G06F15/177 , G06F12/00
CPC classification number: G06F13/1631 , G11C16/08
Abstract: A memory access system including a memory in which data is organized in pages, each page holding a sequence of data elements; means for receiving a requested address including a requested page address and a requested data element address; logic for accessing a current page from the memory using a current page address; logic for reading out data elements of the current page in the sequence in which they are held in memory; logic for comparing the requested page address with the current page address and for issuing a memory access request with the requested page address when they are not the same; and logic operable when the requested page address is the same as the current page address for comparing a requested data element address with the current address of a data element being read out and returning the data element when the requested data element address matches the current data element address.
Abstract translation: 一种存储器访问系统,包括其中以页面组织数据的存储器,每个页面保存数据元素序列; 用于接收包括请求的页面地址和所请求的数据元素地址的所请求的地址的装置; 使用当前页面地址从存储器访问当前页面的逻辑; 用于以它们被保存在存储器中的顺序读出当前页面的数据元素的逻辑; 用于将请求的页面地址与当前页面地址进行比较并用于当它们不相同时发出具有所请求的页面地址的存储器访问请求的逻辑; 以及当所请求的页面地址与当前页面地址相同时可操作的逻辑,用于将所请求的数据元素地址与正被读出的数据元素的当前地址进行比较,并且当所请求的数据元素地址与当前数据元素匹配时返回数据元素 地址。
-
公开(公告)号:US20080086629A1
公开(公告)日:2008-04-10
申请号:US11746764
申请日:2007-05-10
Applicant: Andrew Dellow
Inventor: Andrew Dellow
IPC: G06F15/177
CPC classification number: G06F21/575 , G06F8/60 , G06F9/4401
Abstract: A secondary boot code may be copied to memory during execution of a primary boot code, and executing the copied secondary boot code after completion of execution of said primary boot code. Access to the primary and said secondary boot code may be restricted during execution of the primary boot code and the copied secondary boot code. The copied secondary boot code may be verified after the secondary boot code is copied to the memory. Access to the primary boot code may be blocked or barred during execution of the copied secondary boot code. Access to the secondary boot code may also be blocked or barred after completion of execution of the copied secondary boot code. The memory may comprise double-data-rate synchronous dynamic random access memory (DDR). The primary and/or the secondary boot code may reside or be stored in FLASH memory.
Abstract translation: 在执行主引导代码期间可以将辅助引导代码复制到存储器,并且在完成所述主引导代码的执行之后执行复制的次级引导代码。 在主引导代码和复制的辅助引导代码的执行期间,对主引导代码和所述次引导代码的访问可能受到限制。 复制的辅助引导代码可以在将辅助引导代码复制到存储器之后进行验证。 在执行复制的辅助引导代码期间,可能会阻止或禁止访问主引导代码。 完成执行复制的辅助引导代码之后,还可能阻止或禁止对次要引导代码的访问。 存储器可以包括双数据速率同步动态随机存取存储器(DDR)。 主引导代码和/或辅助引导代码可以驻留或存储在FLASH存储器中。
-
Patent Agency Ranking
公开(公告)号:US20070124811A1
公开(公告)日:2007-05-31
申请号:US11523775
申请日:2006-09-18
Applicant: Andrew Dellow , Peter Bennett , Rodrigo Cordero
Inventor: Andrew Dellow , Peter Bennett , Rodrigo Cordero
IPC: G06K9/00
CPC classification number: H04N7/162 , G06F12/1408 , H04H60/23 , H04N7/1675
Abstract: A memory stores data in an encrypted form. A modifiable register stores a memory address, a0, defining a boundary separating the memory into two regions. The lower region stores data encrypted using a key B, and the upper region stores data encrypted using a different key A. Data stored on the boundary address is encrypted using key A. Accordingly, when data is read from a memory address a, key A is used to decrypt the data if a≧a0, and key B is used if a
Abstract translation: 内存以加密形式存储数据。 可修改的寄存器存储一个存储器地址,即定义将存储器分隔成两个区域的边界的<0> 。 下部区域存储使用密钥B加密的数据,上部区域存储使用不同的密钥A加密的数据。使用密钥A对存储在边界地址上的数据进行加密。因此,当从存储器地址a读取数据时,密钥A 用于解密数据,如果> = a> 0 ,并且如果 0 使用键B。 然而,当数据被写入存储器地址a时,如果a> = a <0> +1,则使用密钥A来加密数据,如果A / SUB> +1。 当数据被写入边界地址时,<0> ,使边界的位置增加一个单位。
-
公开(公告)号:US20070067621A1
公开(公告)日:2007-03-22
申请号:US11522118
申请日:2006-09-15
Applicant: Andrew Dellow
Inventor: Andrew Dellow
IPC: H04L9/00
CPC classification number: H04N21/462 , H04N5/76 , H04N5/913 , H04N21/4334 , H04N21/434 , H04N21/4408 , H04N2005/91364
Abstract: A device for locating a DES key value that corresponds to a packet identification (PID) contained at a variable possible location which comprises part only of a 32-bit packet header. A table stored in memory contains for each DES key: (i) a packet header having 32 bits with a PID of either 12, 9 or 8 bits contained at a defined location and with zero values elsewhere, and (ii) a mask value also having 32 bits with ones contained at the said defined location of the PID and zeros elsewhere. The table is divided into regions for respective packet format types. An incoming packet header at an input is combined with a first one of the mask values from the table to provide a combined value that consists of the value held in the input packet header at the defined location and zeros elsewhere. This combined value is compared with the corresponding packet header stored in the table. When they are not equal, the combining and comparison is repeated for the next row of the table. When they are equal, the corresponding DES key value is read from the table and provided as an output. The system can cope with variable PID formats within the packet header without alteration to the hardware but merely with re-programming of the table contents.
Abstract translation: 用于定位对应于包含在可变可能位置的分组标识(PID)的DES密钥值的设备,该可变位置仅包括32位分组报头的一部分。 存储在存储器中的表包含每个DES密钥:(i)具有32位的分组报头,其中包含在定义的位置处的12,9或8位的PID,并且在其他地方具有零值,以及(ii)掩码值 具有32位,其中包含在PID的所述定义的位置处,并且其他地方具有零。 该表被分成用于相应分组格式类型的区域。 在输入处的输入分组报头与表中的第一个掩码值组合,以提供组合值,该组合值由保存在定义位置的输入分组报头中的值和其他地方的零组成。 将该组合值与存储在表中的相应分组报头进行比较。 当它们不相等时,对于表的下一行重复组合和比较。 当它们相等时,从表中读取相应的DES密钥值作为输出。 该系统可以处理数据包头中的可变PID格式,而不会改变硬件,但只能对表内容进行重新编程。
-
公开(公告)号:US20060092049A1
公开(公告)日:2006-05-04
申请号:US11236306
申请日:2005-09-27
Applicant: Andrew Dellow
Inventor: Andrew Dellow
IPC: H03M7/00
Abstract: A set-top-box has on-chip OTP memory emulated using an external flash memory and a series of on-chip fuses. The external memory is comprised of one or more regions, each having its own unique region identification. Each on-chip fuse corresponds to one of the memory regions and comprises a component which can be caused to change to a particular (blown) state irreversibly. When data first needs to be written to a region of the external memory, the identification of that region is appended to the data itself together with a parity field and a validity field. The resultant data packet is then encrypted by a cryptographic circuit using a secret key unique to the set-top-box and the encrypted data packet is written to the specified region of the external memory. Then, the on-chip fuse corresponding to the region that has been written to is irreversibly blown, effectively locking that region.
-
公开(公告)号:US06982573B2
公开(公告)日:2006-01-03
申请号:US10827675
申请日:2004-04-19
Applicant: Matt Hutson , Andrew Dellow , Tom Ryan , Paul Elliott
Inventor: Matt Hutson , Andrew Dellow , Tom Ryan , Paul Elliott
IPC: H03K17/00
CPC classification number: G06F1/08
Abstract: A clock source selector for selecting either a first clock signal A or a second clock signal B in accordance with a switch request signal includes three retiming circuits each consisting of two clocked flip-flops. The switch request signal is first retimed relative to clock A to give a signal P, is then retimed relative to clock B to give a signal Q, and finally is retimed relative to clock A to give a signal R. Selector circuitry operates such that when signal Q is asserted, the second clock signal B is output, when neither signal P nor signal R, as combined by a NOR gate, are asserted, the first clock signal A is output, and at other times a zero level is output. The clock source selector can be used in an integrated circuit to form a glitch-free multiplexer.
-
公开(公告)号:US20050182919A1
公开(公告)日:2005-08-18
申请号:US11020638
申请日:2004-12-22
Applicant: Andrew Dellow , Mark Homewood
Inventor: Andrew Dellow , Mark Homewood
Abstract: A system and method for verifying the authenticity of instructions retrieved from a memory for execution by a processor. In one embodiment, an instruction monitor monitors execution parameters associated with the retrieved instruction and resets the system in response to an indication that an instruction is not authentic.
Abstract translation: 一种用于验证从存储器检索以由处理器执行的指令的真实性的系统和方法。 在一个实施例中,指令监视器监视与检索到的指令相关联的执行参数,并且响应于指令不可信的指示来重置系统。
-
-
-
-
-
-
-
-
-
Search Results
73
records
(took 0.019 seconds)
