公开(公告)号：US20150319146A1

公开(公告)日：2015-11-05

申请号：US14800242

申请日：2015-07-15

Applicant: Broadcom Corporation

Inventor： Iue-Shuenn CHEN ,  Kevin Patariu

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  H04L9/0822 ,  H04L9/0836 ,  H04L9/0897 ,  H04L63/061 ,  H04L2209/601 ,  H04N7/1675 ,  H04N21/2347 ,  H04N21/2541 ,  H04N21/25875 ,  H04N21/26606 ,  H04N21/26613 ,  H04N21/4181 ,  H04N21/4623 ,  H04N21/4627 ,  H04N21/63345 ,  H04N21/835

Abstract: Systems and methods for security key transmission with strong pairing to a destination client are disclosed. A security key may be generated by an on-chip key generator, an off-chip device, and/or software. A rule may then be paired with the security key and an address associated with the security key. The rule may define permissible usage by a destination module, which is defined by the associated address. The rule may comprise a command word, which may be implemented using a data structure associated with a permissible algorithm type, a security key size, and/or a security key source.

Abstract translation: 公开了具有与目的地客户端的强配对的安全密钥传输的系统和方法。 安全密钥可以由片上密钥生成器，片外设备和/或软件生成。 然后可以将规则与安全密钥和与安全密钥相关联的地址配对。 该规则可以定义由相关联的地址定义的目的地模块的允许使用。 该规则可以包括命令字，其可以使用与允许的算法类型，安全密钥大小和/或安全密钥源相关联的数据结构来实现。

公开(公告)号：US20130185550A1

公开(公告)日：2013-07-18

申请号：US13776998

申请日：2013-02-26

Applicant: Broadcom Corporation

Inventor： Stephane RODGERS ,  Andrew DELLOW ,  Xuemin CHEN ,  Iue-Shuenn CHEN ,  Qiang YE

IPC: G06F21/57

CPC classification number: G06F21/575 ,  G06F21/572

Abstract: A system and method that enables secure system boot up with a restricted central processing unit (CPU). The system includes a memory, a segmenting device, and a security sub-system. The memory is a NAND flash memory with a block structure that comprises a guaranteed block and non-guaranteed blocks. The guaranteed block is guaranteed to be useable. A boot code is segmented into boot code segments and the boot code segments are stored separately in the guaranteed and non-guaranteed blocks. The security sub-system is configured to locate the boot code segments stored in the non-guaranteed blocks and validate them independently based on data in the guaranteed block. The security sub-system is further configured to assemble the boot code segments into the boot code and execute the boot code.

Abstract translation: 一种使用受限制的中央处理单元（CPU）实现安全系统启动的系统和方法。 该系统包括存储器，分段设备和安全子系统。 存储器是具有块结构的NAND闪存，其包括保证块和非保证块。 保证的块被保证是可用的。 引导代码被分段为引导代码段，引导代码段分别存储在保证和无保证的块中。 安全子系统被配置为定位存储在非保证块中的引导代码段，并基于保证块中的数据独立地进行验证。 安全子系统还被配置为将引导代码段组合到引导代码中并执行引导代码。