公开(公告)号：US11436343B2

公开(公告)日：2022-09-06

申请号：US16731123

申请日：2019-12-31

Applicant: Arm Limited

Inventor： Ehud Maor ,  Avi Shif ,  David Yellin ,  Ofir Drang

IPC: G06F21/60 ,  G06F16/2455 ,  H04L9/06 ,  G06F21/10

Abstract: Device, system, and method of policy enforcement for rich execution environment. An electronic device includes a Trusted Execution Environment (TEE), a Rich Execution Environment (REE), and a hardware-based secure sub-system which includes a cryptographic engine. The REE includes a cryptographic driver configured to initiate a request for TEE authorization to perform a particular cryptographic operation by the cryptographic engine on a data-item that is stored in a memory region that is accessible by the REE. The TEE includes a policies manager to determine whether the request from the REE is approved or rejected, and if approved, to inject data-items into the secure sub-system to enable performance of the requested cryptographic operation by the cryptographic engine.

公开(公告)号：US11461505B2

公开(公告)日：2022-10-04

申请号：US16656362

申请日：2019-10-17

Applicant: Arm Limited

Inventor： Michael Weiner ,  Oded Golombek ,  David Yellin

IPC: G06F21/62 ,  H04L9/06 ,  G06F15/16 ,  G06F21/36 ,  G06F21/75 ,  G06F9/448 ,  G06F21/60

Abstract: A method for obfuscation of operations using minimal additional hardware is presented herein. The method can begin by executing a first iteration of a set of computations, the execution of the set of computations resulting in a first iteration output. The method can continue by executing a second iteration of the set of computations, wherein the second execution is distinct from the first iteration but should satisfy a matching condition. The distinction can be a rearrangement of sub-operations, insertion of dummy sub-operations, or a combination of the two. After the iterations are complete, the iteration outputs can be compared. If the comparison of the first iteration output and the second iteration output satisfy the matching condition, the process result can be output. If the matching condition is not satisfied, an error detected signal can be output.

公开(公告)号：US20210200882A1

公开(公告)日：2021-07-01

申请号：US16731123

申请日：2019-12-31

Applicant: Arm Limited

Inventor： Ehud Maor ,  Avi Shif ,  David Yellin ,  Ofir Drang

IPC: G06F21/60 ,  G06F16/2455 ,  G06F21/10 ,  H04L9/06

Abstract: Device, system, and method of policy enforcement for rich execution environment. An electronic device includes a Trusted Execution Environment (TEE), a Rich Execution Environment (REE), and a hardware-based secure sub-system which includes a cryptographic engine. The REE includes a cryptographic driver configured to initiate a request for TEE authorization to perform a particular cryptographic operation by the cryptographic engine on a data-item that is stored in a memory region that is accessible by the REE. The TEE includes a policies manager to determine whether the request from the REE is approved or rejected, and if approved, to inject data-items into the secure sub-system to enable performance of the requested cryptographic operation by the cryptographic engine.