公开(公告)号：US20240427921A1

公开(公告)日：2024-12-26

申请号：US18739831

申请日：2024-06-11

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Matthew E. Orzen ,  Joel Wittenauer

IPC: G06F21/62 ,  G06F21/44

Abstract: A system receives, from a first provisioning entity, a request for first secure device data related to a semiconductor device. The first secure device data is associated with one or more provisioning operations performed, on the semiconductor device, by a second provisioning entity. Based on determining that the first provisioning entity has permission to access the first secure device data, the first secure device data is provided to the first provisioning entity. Second secure device data associated with one or more provisioning operations performed by the first provisioning entity on the semiconductor device is received from the first provisioning entity.

公开(公告)号：US11996167B2

公开(公告)日：2024-05-28

申请号：US17636982

申请日：2020-08-14

Applicant: Cryptography Research, Inc.

Inventor： Scott C. Best ,  Mark Evan Marson ,  Joel Wittenauer

IPC: G11C8/16 ,  G06F7/58 ,  G11C8/12 ,  G11C8/20 ,  G11C13/00

CPC classification number: G11C8/16 ,  G06F7/58 ,  G11C8/12 ,  G11C8/20 ,  G11C13/0035

Abstract: A random number generator selects addresses while a ‘scoreboard’ bank of registers (or bits) tracks which addresses have already been output (e.g., for storing or retrieval of a portion of the data.) When the scoreboard detects an address has already been output, a second address which has not been used yet is output rather than the randomly selected one. The second address may be selected from nearby addresses that have not already been output.

公开(公告)号：US11861374B2

公开(公告)日：2024-01-02

申请号：US18063984

申请日：2022-12-09

Applicant: Cryptography Research, Inc.

Inventor： Ashish Raj ,  Joel Wittenauer ,  Winthrop John Wu ,  Qinglai Xiao ,  Samatha Gummalla ,  Bryan Jason Wang

IPC: G06F9/445

CPC classification number: G06F9/445

Abstract: A computing system includes a host device and a root of trust (RoT) device for performing batch encryption and decryption operations facilitated by a direct memory access (DMA) engine. The host device generates a command table for batch processing of a set of address tables that each describe a set of data blocks of a file to be encrypted or decrypted. The DMA engine facilitates a DMA transfer of the command table from the host memory to an RoT memory of the RoT device. The RoT device then performs batch processing of the address tables referenced in the command table. For each address table, the DMA engine copies a set of data blocks from the host memory to the RoT memory, a cryptographic engine encrypts or decrypts the data blocks, and the DMA engine copies the transformed data blocks back to the host memory.

公开(公告)号：US20240364536A1

公开(公告)日：2024-10-31

申请号：US18641965

申请日：2024-04-22

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Joel Wittenauer ,  Matthew E. Orzen

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3247 ,  H04L9/0825 ,  H04L9/0894

Abstract: A first device receives, from a second device, a request to provision a security context for the second device. The first device transmits a nonce value to the second device and receives, from the second device, a data structure encoding the security context and a cryptographically signed digest of a combination of the data structure, the nonce value, and a public key. The first device determines a first digest using the nonce value and cryptographically signed digest, and a second digest using the data structure, the nonce value, and the public key. Responsive to determining that the first digest matches the second digest, the first device provisions the security context for the second device by storing the security context on the volatile memory.

公开(公告)号：US20230195477A1

公开(公告)日：2023-06-22

申请号：US18063984

申请日：2022-12-09

Applicant: Cryptography Research, Inc.

Inventor： Ashish Raj ,  Joel Wittenauer ,  Winthrop John Wu ,  Qinglai Xiao ,  Samatha Gummalla ,  Bryan Jason Wang

IPC: G06F9/445

CPC classification number: G06F9/445

Abstract: A computing system includes a host device and a root of trust (RoT) device for performing batch encryption and decryption operations facilitated by a direct memory access (DMA) engine. The host device generates a command table for batch processing of a set of address tables that each describe a set of data blocks of a file to be encrypted or decrypted. The DMA engine facilitates a DMA transfer of the command table from the host memory to an RoT memory of the RoT device. The RoT device then performs batch processing of the address tables referenced in the command table. For each address table, the DMA engine copies a set of data blocks from the host memory to the RoT memory, a cryptographic engine encrypts or decrypts the data blocks, and the DMA engine copies the transformed data blocks back to the host memory.