公开(公告)号：US20230385427A1

公开(公告)日：2023-11-30

申请号：US18301860

申请日：2023-04-17

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Mitchell D. Adler ,  Conrad Sauerwald ,  Fabrice L. Gautier ,  Shu-Yi Yu

IPC: G06F21/60 ,  G06F21/71 ,  H04L9/30 ,  H04L9/08 ,  G09C1/00 ,  H04L9/32 ,  G06F21/62

CPC classification number: G06F21/602 ,  G06F21/71 ,  H04L9/30 ,  H04L9/0877 ,  G09C1/00 ,  H04L9/3231 ,  H04L9/0866 ,  G06F21/6218 ,  G06F21/32

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

公开(公告)号：US20180107240A1

公开(公告)日：2018-04-19

申请号：US15831732

申请日：2017-12-05

Applicant: Apple Inc.

Inventor： Shu-Yi Yu ,  Erik P. Machnicki ,  Gilbert H. Herbeck ,  Kiran B. Kattel ,  Manu Gulati

IPC: G06F1/12

CPC classification number: G06F1/12 ,  G06F1/14

Abstract: In an embodiment, an integrated circuit such as an SOC (or even a discrete chip system) includes one or more local timebases in various locations. The timebases may be incremented based on a high frequency local clock that may be subject to variation during use due. Periodically, based on a lower frequency clock that is subject to less variation, the local timebases may be synchronized to the correct time, using hardware circuitry. In particular, the correct timebase value for the next synchronization may be transmitted to each local timebase, and the control circuit for the local timebase may be configured to saturate the local timebase at the correct value if the local timebase reaches the correct value before the synchronization occurs. Similarly, if the synchronization occurs and the local timebase has not reached the correct value, the control circuit may be configured to load the correct timebase value.

公开(公告)号：US09892267B1

公开(公告)日：2018-02-13

申请号：US15372697

申请日：2016-12-08

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Mitchell D. Adler ,  Conrad Sauerwald ,  Fabrice L. Gautier ,  Shu-Yi Yu

IPC: G06F11/30 ,  G06F21/60 ,  G06F21/62

CPC classification number: G06F21/602 ,  G06F21/32 ,  G06F21/6218 ,  G06F21/71 ,  G09C1/00 ,  H04L9/0866 ,  H04L9/0877 ,  H04L9/30 ,  H04L9/3231 ,  H04L2209/125

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

公开(公告)号：US20160048191A1

公开(公告)日：2016-02-18

申请号：US14459482

申请日：2014-08-14

Applicant: Apple Inc.

Inventor： Erik P. Machnicki ,  Gilbert H. Herbeck ,  Shu-Yi Yu ,  Sebastian Skalberg

IPC: G06F1/32

CPC classification number: G06F1/3237 ,  G06F1/3228 ,  G06F1/324 ,  G06F1/3287 ,  Y02D10/128 ,  Y02D10/171 ,  Y02D50/20

Abstract: A system and method for managing idleness of functional units in an IC is disclosed. An IC includes a subsystem having a number of functional units and an idle aggregation unit. When a particular functional unit determines that it is idle, it may assert an idle indication to the idle aggregation unit. When the respective idle indications are concurrently asserted for all of the functional units, the idle aggregation unit may assert and provide respective idle request signals to each of the functional units. Responsive to receiving an idle request unit, a given functional unit may provide an acknowledgement signal to the idle aggregation unit if no transactions are incoming. If all functional units have concurrently asserted their respective acknowledgement signals, the idle aggregation unit may provide an indication of the same to a clock gating unit, which may then gate the clock signal(s) received by the functional units.

Abstract translation: 公开了一种用于管理IC中的功能单元的空闲的系统和方法。 IC包括具有多个功能单元和空闲聚合单元的子系统。 当特定功能单元确定它是空闲时，它可以向空闲聚合单元断言空闲指示。 当对于所有功能单元同时断言相应的空闲指示时，空闲汇聚单元可以向每个功能单元断言并提供相应的空闲请求信号。 响应于接收空闲请求单元，如果没有事务进入，则给定功能单元可以向空闲聚合单元提供确认信号。 如果所有功能单元已经同时确定其各自的确认信号，则空闲聚合单元可以向时钟选通单元提供相同的指示，时钟门控单元然后可以对由功能单元接收的时钟信号进行门控。

公开(公告)号：US20240330432A1

公开(公告)日：2024-10-03

申请号：US18593243

申请日：2024-03-01

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Weihua Mao ,  Shu-Yi Yu

IPC: G06F21/46 ,  G06F21/44 ,  G06F21/60 ,  G06F21/85 ,  H04L9/08

CPC classification number: G06F21/46 ,  G06F21/44 ,  G06F21/602 ,  G06F21/606 ,  G06F21/85 ,  H04L9/088 ,  G06F2221/2137

Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

公开(公告)号：US20200342091A1

公开(公告)日：2020-10-29

申请号：US16927934

申请日：2020-07-13

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Weihua Mao ,  Shu-Yi Yu

IPC: G06F21/46 ,  G06F21/60 ,  G06F21/44 ,  G06F21/85 ,  H04L9/08

Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

公开(公告)号：US10521596B1

公开(公告)日：2019-12-31

申请号：US16138670

申请日：2018-09-21

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Mitchell D. Adler ,  Conrad Sauerwald ,  Fabrice L. Gautier ,  Shu-Yi Yu

IPC: G06F21/60 ,  G06F21/62

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

公开(公告)号：US10114956B1

公开(公告)日：2018-10-30

申请号：US15860314

申请日：2018-01-02

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Mitchell D. Adler ,  Conrad Sauerwald ,  Fabrice L. Gautier ,  Shu-Yi Yu

IPC: G06F21/60 ,  G06F21/62

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

公开(公告)号：US20170168520A1

公开(公告)日：2017-06-15

申请号：US14965073

申请日：2015-12-10

Applicant: Apple Inc.

Inventor： Shu-Yi Yu ,  Erik P. Machnicki ,  Gilbert H. Herbeck ,  Kiran B. Kattel ,  Manu Gulati

IPC: G06F1/12

CPC classification number: G06F1/12 ,  G06F1/14

Abstract: In an embodiment, an integrated circuit such as an SOC (or even a discrete chip system) includes one or more local timebases in various locations. The timebases may be incremented based on a high frequency local clock that may be subject to variation during use due. Periodically, based on a lower frequency clock that is subject to less variation, the local timebases may be synchronized to the correct time, using hardware circuitry. In particular, the correct timebase value for the next synchronization may be transmitted to each local timebase, and the control circuit for the local timebase may be configured to saturate the local timebase at the correct value if the local timebase reaches the correct value before the synchronization occurs. Similarly, if the synchronization occurs and the local timebase has not reached the correct value, the control circuit may be configured to load the correct timebase value.

公开(公告)号：US09547778B1

公开(公告)日：2017-01-17

申请号：US14498820

申请日：2014-09-26

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Mitchell D. Adler ,  Conrad Sauerwald ,  Fabrice L. Gautier ,  Shu-Yi Yu

IPC: G06F21/00 ,  G06F21/71 ,  G06F21/32 ,  H04L9/30

CPC classification number: G06F21/602 ,  G06F21/32 ,  G06F21/6218 ,  G06F21/71 ,  G09C1/00 ,  H04L9/0866 ,  H04L9/0877 ,  H04L9/30 ,  H04L9/3231 ,  H04L2209/125

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

Abstract translation: 在一个实施例中，提供一种系统，其中私钥是以硬件管理的，并且对于软件是不可见的。 该系统可以为公开密钥生成，数字签名生成，加密/解密以及大量随机素数生成提供硬件支持，而不会向软件揭示私有密钥。 因此，私钥比基于软件的版本更安全。 在一个实施例中，可以访问专用密钥的私有密钥和硬件可以集成到与集成电路（例如芯片上的系统（SOC））相同的半导体衬底上。 私钥在集成电路之外可能不可用，因此，恶意的第三方在尝试获取私钥时面临着很大障碍。