-
1.发明申请System for securely configuring a field programmable gate array or other programmable hardware 审中-公开用于安全配置现场可编程门阵列或其他可编程硬件的系统公开(公告)号:US20060059574A1
公开(公告)日:2006-03-16
申请号:US10938775
申请日:2004-09-10
申请人: Camil Fayad , John Li , Siegfried Sutter
发明人: Camil Fayad , John Li , Siegfried Sutter
IPC分类号: G06F11/00
CPC分类号: H03K19/17768 , G06F21/76
摘要: A system and method are provided for securely providing configuration information, that is, programming, to programmable hardware such as a Field Programmable Gate Array (FPGA) or a Programmable Logic Device (PLD). Security is provided by first verifying authority to enter configuration information via the decryption of an encrypted certificate of authority. The decryption is carried out using a cryptography engine disposed on the chip containing the programmable hardware. Additionally, the configuration information is itself provided in an encrypted form which requires recognition of the certificate of authority in order to decrypt it and to place it in storage locations within the programmable hardware. In this manner, the flexibility advantages of programmable hardware are fully met without the disadvantage of the programmable hardware being compromised by other users.
摘要翻译: 提供了一种系统和方法,用于将诸如现场可编程门阵列(FPGA)或可编程逻辑器件(PLD)等可编程硬件的配置信息即编程安全地提供。 安全性由第一验证机构通过解密加密的授权证书来输入配置信息。 使用设置在包含可编程硬件的芯片上的密码引擎进行解密。 此外,配置信息本身以加密形式提供,其需要识别权限证书以便将其解密并将其放置在可编程硬件内的存储位置中。 以这种方式,可完全满足可编程硬件的灵活性优势,而没有可编程硬件被其他用户损害的缺点。
-
2.发明申请System and method for processing by distinct entities securely configurable circuit chips 审中-公开通过不同实体处理的系统和方法安全可配置的电路芯片公开(公告)号:US20060059368A1
公开(公告)日:2006-03-16
申请号:US10938834
申请日:2004-09-10
申请人: Camil Fayad , John Li , Siegfried Sutter
发明人: Camil Fayad , John Li , Siegfried Sutter
CPC分类号: G06F21/72 , G06F21/76 , G06F21/87 , G06F2221/2115 , G06F2221/2143 , H04L9/3247 , H04L9/3263 , H04L9/3297 , H04L2209/56
摘要: A system and method are provided in which a third party chip vendor is enabled to securely program an electronic circuit chip supplied from a chip manufacturer. The chip vendor supplies a vendor's public cryptography key to the chip manufacturer who hard codes it on the chip along with a chip private key and a chip public key. One or more cryptographic engines on the chip, which preferably has a tamper resistant/detecting boundary, are used to decrypt program instructions supplied to the chip after having been encrypted with the vendor's private key and the chip public key. The chip includes a processor and an associated memory which receives a version of the instructions decrypted with the chip private key and the vendor's public key. The chip also preferably includes programmable hardware which is also securely programmable by the downstream chip vendor. The chip, as processed by the chip vendor is shipped with a battery in place to provide power for maintaining data held in volatile memory portions of the chip.
摘要翻译: 提供了一种系统和方法,其中第三方芯片供应商能够安全地编程从芯片制造商提供的电子电路芯片。 芯片供应商向芯片制造商提供供应商的公共密码密钥,芯片制造商将其与芯片私钥和芯片公钥一起在芯片上进行硬编码。 优选地具有防篡改/检测边界的芯片上的一个或多个密码引擎被用于在用供应商的私钥和芯片公开密钥加密之后解密提供给芯片的程序指令。 芯片包括处理器和相关联的存储器,其接收用芯片私钥和供应商的公钥解密的指令的版本。 该芯片还优选地包括也可由下游芯片供应商可编程的可编程硬件。 由芯片供应商处理的芯片随机提供电池,以提供用于维持保持在芯片的易失性存储器部分中的数据的电力。
-
3.发明申请System and method for providing dynamically authorized access to functionality present on an integrated circuit chip 有权用于提供对集成电路芯片上存在的功能的动态授权访问的系统和方法公开(公告)号:US20060059345A1
公开(公告)日:2006-03-16
申请号:US10938808
申请日:2004-09-10
申请人: Camil Fayad , John Li , Siegfried Sutter
发明人: Camil Fayad , John Li , Siegfried Sutter
IPC分类号: H04L9/00
CPC分类号: G06F21/72 , G06F2221/2115 , H04L9/3263 , H04L2209/56
摘要: A mechanism is provided in which access to the functionality present on an integrated circuit chip is controllable via an encrypted certificate of authority which includes time information indicating allowable periods of operation or allowable duration of operation. The chip includes at least one cryptographic engine and at least one processor. The chip also contains hard coded cryptographic keys including a chip private key, a chip public key and a third party's public key. The chip is also provided with a battery backed up volatile memory which contains information which is used to verify authority for operation. The certificate of authority is also used to control not only the temporal aspects of operation but is also usable to control access to certain functionality that may be present on the chip, such as access to some or all of the cryptographic features provided in conjunction with the presence of the cryptographic engine, such as key size.
摘要翻译: 提供了一种机制,其中通过加密的授权证书来控制存在于集成电路芯片上的功能,其包括指示允许的操作周期或允许的操作持续时间的时间信息。 该芯片包括至少一个加密引擎和至少一个处理器。 该芯片还包含硬编码密码密钥,包括芯片私钥,芯片公钥和第三方的公钥。 该芯片还配有电池备份的易失性存储器,其中包含用于验证操作权限的信息。 授权证书也不仅用于控制操作的时间方面,而且还可用于控制对可能存在于芯片上的某些功能的访问,诸如访问与结合在一起提供的一些或全部密码特征 加密引擎的存在,如密钥大小。
-
4.发明申请Methods for coordinating access to memory from at least two cryptography secure processing units 失效用于协调从至少两个加密安全处理单元访问存储器的方法公开(公告)号:US20070168676A1
公开(公告)日:2007-07-19
申请号:US11331918
申请日:2006-01-13
申请人: Camil Fayad , John Li , Siegfried Sutter
发明人: Camil Fayad , John Li , Siegfried Sutter
IPC分类号: H04L9/00
摘要: Electronic circuit chips which include cryptography functions are arranged in multichip configurations through the utilization of a shared external memory. Security of the chips is preserved via a handshaking protocol which permits each chip to access limited portions of the memory as defined in a way that preserves the same high security level as the tamper proof chips themselves. The chips may be operated to work on different tasks or to work on the same task thus providing a mechanism for trading off speed versus redundancy where desired.
摘要翻译: 包括加密功能的电子电路芯片通过利用共享的外部存储器而被布置成多芯片配置。 通过握手协议来保护芯片的安全性,该握手协议允许每个芯片访问存储器的有限部分,其以与防篡改芯片本身保持相同的高安全级别的方式定义。 芯片可以被操作以在不同的任务上工作或者在相同的任务上工作,从而提供了一种用于在需要时对速度与冗余进行交换的机制。
-
5.发明申请Circuit chip for cryptographic processing having a secure interface to an external memory 审中-公开用于密码处理的电路芯片具有与外部存储器的安全接口公开(公告)号:US20060059369A1
公开(公告)日:2006-03-16
申请号:US10938835
申请日:2004-09-10
申请人: Camil Fayad , John Li , Siegfried Sutter
发明人: Camil Fayad , John Li , Siegfried Sutter
CPC分类号: G06F21/72 , G06F21/6218 , G06F21/79
摘要: A mechanism is provided in which a secure chip for performing cryptographic and/or other functions is able to securely access a separate random access memory externally disposed with respect to a secure chip boundary. Addressing of the external memory is controlled so as to define certain regions therein which receive and store only encrypted information from the chip. Other regions of the external memory are set aside for the receipt and storage of unencrypted information. Access to the external memory is provided through a controlled interface which communicates with internal chip hardware which operates to control the flow of communication between various internal components such as cryptographic engines, data processors, internal memory of both the volatile and the nonvolatile variety and an external interface which provides the only other access to the chip. The internal chip hardware with which the external memory interface communicates is implemented as a combined ASIC and programmable hardware circuit, wherein the programmable hardware circuit is also securely configurable.
摘要翻译: 提供了一种机制,其中用于执行加密和/或其他功能的安全芯片能够安全地访问相对于安全芯片边界而外部设置的单独的随机存取存储器。 控制外部存储器的寻址以便限定其中接收并存储来自芯片的加密信息的某些区域。 留出外部存储器的其他区域用于接收和存储未加密的信息。 通过与内部芯片硬件进行通信的受控接口提供对外部存储器的访问,该内部芯片硬件用于控制各种内部组件(例如密码引擎,数据处理器,易失性和非易失性品种的内部存储器)之间的通信流和外部 接口,只提供对芯片的唯一访问。 外部存储器接口通信的内部芯片硬件被实现为组合ASIC和可编程硬件电路,其中可编程硬件电路也可以可靠地配置。
-
6.发明申请公开(公告)号:US20070220369A1
公开(公告)日:2007-09-20
申请号:US11358174
申请日:2006-02-21
申请人: Camil Fayad , John Li , Siegfried Sutter
发明人: Camil Fayad , John Li , Siegfried Sutter
IPC分类号: G06F11/00
CPC分类号: G06F11/181 , G06F11/1004 , G06F11/184 , G06F11/2236
摘要: A method and apparatus are provided for identifying a defective processor of a plurality of processors of a multi-processor system. In such method, a first command is submitted to a first processor and to a second processor within the multi-processor system. The first command is executed by each of the first and second processors. A first result of executing the first command by the first processor is compared with a second result of executing the second command by the second processor. A hard error is indicated when the first result does not match the second result. To further isolate a fault within the system, commands are submitted to different pairings of processors and the results are compared to isolate a faulty processor from among them.
摘要翻译: 提供了一种用于识别多处理器系统的多个处理器的有缺陷的处理器的方法和装置。 在这种方法中,将第一命令提交给多处理器系统内的第一处理器和第二处理器。 第一命令由第一和第二处理器中的每一个执行。 将由第一处理器执行第一命令的第一结果与由第二处理器执行第二命令的第二结果进行比较。 当第一个结果与第二个结果不匹配时,会显示硬错误。 为了进一步隔离系统中的故障,将命令提交给不同的处理器配对,并将结果与其中的故障处理器进行比较。
-
7.发明申请Integrated circuit chip for encryption and decryption using instructions supplied through a secure interface 审中-公开使用通过安全接口提供的指令进行加密和解密的集成电路芯片公开(公告)号:US20060059373A1
公开(公告)日:2006-03-16
申请号:US10938774
申请日:2004-09-10
申请人: Camil Fayad , John Li , Siegfried Sutter
发明人: Camil Fayad , John Li , Siegfried Sutter
IPC分类号: G06F12/14
CPC分类号: G06F21/82 , G06F12/1408 , G06F21/72
摘要: An integrated circuit chip is provided which contains one or more processors and one or more cryptographic engines. A flow control circuit having a command processor accepts requests and data via a secure external interface through which only encrypted information is passed. The flow control circuit mediates decryption of this information using one or more cryptographic keys passed to the command processor. The decrypted information is stored in a preferably volatile, on-chip memory in unencrypted form. The flow control circuit is then able to accept requests which invoke the stored, decrypted instructions. More specifically, the invoked instructions are usable to control the cryptographic engines present on the chip in ways knowable only to the one who provides the encrypted instructions. In this way, many different encryption algorithms are employable in a secure fashion.
摘要翻译: 提供一种集成电路芯片,其包含一个或多个处理器和一个或多个加密引擎。 具有命令处理器的流控制电路经由安全的外部接口接收请求和数据,通过该外部接口仅传递加密的信息。 流控制电路使用传递给命令处理器的一个或多个加密密钥介入该信息的解密。 解密的信息以未加密的形式存储在优选易失性的片上存储器中。 流控制电路然后能够接受调用存储的解密指令的请求。 更具体地,被调用的指令可用于以仅以提供加密指令的方式可知的方式来控制存在于芯片上的加密引擎。 以这种方式,可以以安全的方式使用许多不同的加密算法。
-
8.发明申请Integrated circuit chip for encryption and decryption having a secure mechanism for programming on-chip hardware 审中-公开用于加密和解密的集成电路芯片具有用于对片上硬件进行编程的安全机制公开(公告)号:US20060059372A1
公开(公告)日:2006-03-16
申请号:US10938773
申请日:2004-09-10
申请人: Camil Fayar , John Li , Siegfried Sutter
发明人: Camil Fayar , John Li , Siegfried Sutter
IPC分类号: G06F12/14
摘要: An integrated circuit chip is provided which contains one or more processors and one or more cryptographic engines. A flow control circuit having a command processor accepts requests and data via a secure external interface through which only encrypted information is passed. The flow control circuit mediates decryption of this information using cryptographic keys that are present in hard coded form on the chip. In particular the flow control circuit includes a programmable hardware portion which is configurable in a secure manner to create a flexible internal chip architecture. The chip also includes a volatile memory disposed on a voltage island on which is maintained either through a battery backup or from a fixed power source (mains). The chip is thus enabled to securely perform cryptographic operations with the processors controlling the cryptographic engines through the flow control circuit.
摘要翻译: 提供一种集成电路芯片,其包含一个或多个处理器和一个或多个加密引擎。 具有命令处理器的流控制电路经由安全的外部接口接收请求和数据,通过该外部接口仅传递加密的信息。 流控制电路使用以硬编码形式存在于芯片上的加密密钥介入该信息的解密。 特别地,流控制电路包括可编程硬件部分,其可以以安全的方式配置以创建灵活的内部芯片架构。 该芯片还包括布置在电压岛上的易失性存储器,其上通过电池备份或从固定电源(电源)保持。 因此,芯片能够通过流量控制电路与控制密码引擎的处理器进行安全地执行加密操作。
-
9.发明授权Methods of inhibiting cell death or inflammation in a mammal by administering a BCL protein 有权通过施用BCL蛋白来抑制哺乳动物细胞死亡或炎症的方法公开(公告)号:US08304389B2
公开(公告)日:2012-11-06
申请号:US13107866
申请日:2011-05-13
申请人: John M. Harlan , Robert K. Winn , Akiko Iwata , Joan Tupper , John Li
发明人: John M. Harlan , Robert K. Winn , Akiko Iwata , Joan Tupper , John Li
IPC分类号: A61K38/16
CPC分类号: A61K38/1709 , G01N33/5088
摘要: In one aspect the present invention provides methods for inhibiting cell death or inflammation in a mammal, wherein the methods each include the step of administering to a mammal a Bcl protein in an amount sufficient to inhibit cell death or inflammation in the mammal. The invention also provides methods for identifying a Bcl protein that inhibits cell death or inflammation when administered to a mammal.
摘要翻译: 一方面,本发明提供了用于抑制哺乳动物细胞死亡或炎症的方法,其中所述方法各自包括以足以抑制哺乳动物细胞死亡或炎症的量向哺乳动物施用Bcl蛋白的步骤。 本发明还提供了当给予哺乳动物时鉴定抑制细胞死亡或炎症的Bcl蛋白的方法。
-
公开(公告)号:US20110082072A1
公开(公告)日:2011-04-07
申请号:US11576591
申请日:2005-10-04
申请人: John M. Harlan , Robert K. Winn , Akiko Iwata , Joan Tupper , John Li
发明人: John M. Harlan , Robert K. Winn , Akiko Iwata , Joan Tupper , John Li
CPC分类号: A61K38/1709 , G01N33/5088
摘要: In one aspect the present invention provides methods for inhibiting cell death or inflammation in a mammal, wherein the methods each include the step of administering to a mammal a Bcl protein in an amount sufficient to inhibit cell death or inflammation in the mammal. The invention also provides methods for identifying a Bcl protein that inhibits cell death or inflammation when administered to a mammal.
摘要翻译: 一方面,本发明提供了用于抑制哺乳动物细胞死亡或炎症的方法,其中所述方法各自包括以足以抑制哺乳动物细胞死亡或炎症的量向哺乳动物施用Bcl蛋白的步骤。 本发明还提供了当给予哺乳动物时鉴定抑制细胞死亡或炎症的Bcl蛋白的方法。
-
-
-
-
-
-
-
-
-
搜索结果
38 条记录 (耗时 0.025 秒)