公开(公告)号：US20050008162A1

公开(公告)日：2005-01-13

申请号：US10464891

申请日：2003-06-19

申请人： Daniel Brokenshire ,  David Craft ,  Harm Hofstee ,  Mohammad Peyravian

发明人： Daniel Brokenshire ,  David Craft ,  Harm Hofstee ,  Mohammad Peyravian

IPC分类号： H04L9/06 ,  H04L9/00

CPC分类号： H04L9/0618 ,  H04L2209/08 ,  H04L2209/12

摘要： A method and system for encrypting and verifying the integrity of a message using a three-phase encryption process is provided. A source having a secret master key that is shared with a target receives the message and generates a random number. The source then generates: a first set of intermediate values from the message and the random number; a second set of intermediate values from the first set of values; and a cipher text from the second set of values. At the three phases, the values are generated using the encryption function of a block cipher encryption/decryption algorithm. The random number and the cipher text are transmitted to the target, which decrypts the cipher text by reversing the encryption process. The target verifies the integrity of the message by comparing the received random number with the random number extracted from the decrypted cipher text.

摘要翻译： 提供了使用三相加密处理来加密和验证消息的完整性的方法和系统。 具有与目标共享的秘密主密钥的源接收消息并生成随机数。 然后，源产生：来自消息和随机数的第一组中间值; 来自第一组值的第二组中间值; 和来自第二组值的密文。 在三个阶段，使用块密码加密/解密算法的加密功能生成这些值。 随机数和密文被发送到目标，通过反转加密过程来解密密文。 目标通过将接收到的随机数与从解密的密文提取的随机数进行比较来验证消息的完整性。

公开(公告)号：US20050132190A1

公开(公告)日：2005-06-16

申请号：US10733935

申请日：2003-12-10

申请人： Daniel Brokenshire ,  Harm Hofstee ,  Mohammad Peyravian

发明人： Daniel Brokenshire ,  Harm Hofstee ,  Mohammad Peyravian

IPC分类号： H04L9/32 ,  H04L9/00

CPC分类号： H04L9/3242

摘要： The present invention provides for authenticating a message. A security function is performed upon the message. The message is sent to a target. The output of the security function is sent to the target. At least one publicly known constant is sent to the target. The received message is authenticated as a function of at least a shared key, the received publicly known constants, the security function, the received message, and the output of the security function. If the output of the security function received by the target is the same as the output generated as a function of at least the received message, the received publicly known constants, the security function, and the shared key, neither the message nor the constants have been altered.

摘要翻译： 本发明提供用于认证消息。 对消息执行安全功能。 该消息被发送到目标。 安全功能的输出被发送到目标。 至少有一个公认的常数被发送到目标。 接收到的消息被认证为至少共享密钥，接收的公知常数，安全功能，接收到的消息和安全功能的输出的功能。 如果目标接收到的安全功能的输出与至少作为接收到的消息的函数产生的输出相同，则所接收的公知常数，安全功能和共享密钥，消息和常数都不具有 被改变了

公开(公告)号：US20050166058A1

公开(公告)日：2005-07-28

申请号：US10763079

申请日：2004-01-22

申请人： Daniel Brokenshire ,  Harm Hofstee ,  Mohammad Peyravian

发明人： Daniel Brokenshire ,  Harm Hofstee ,  Mohammad Peyravian

IPC分类号： H04L9/00 ,  H04L9/22

CPC分类号： H04L9/0662 ,  H04L2209/04

摘要： A system for secure communication. A random value generator is configured to generate a random value. A message validation code generator is coupled to the random value generator and configured to generate a message validation code based on a predetermined key, a message, and the random value. A one-time pad generator is coupled to the random number generator and configured to generate a one-time pad based on the random value and the predetermined key. And a masked message generator is coupled to the one-time pad generator and configured to generate a masked message based on the one-time pad and the message. In a particular aspect, a protected message envelope generator is coupled to the random value generator, the message validation code generator, and the masked message generator, and is configured to generate a protected message envelope based on the random value, the message validation code, and the masked message. In another aspect, a protected message envelope reader is configured to receive a protected message envelope and generate a random value, a masked message, and a first message validation code based on the received protected message envelope. A one-time pad generator is coupled to the protected message envelope reader and is configured to generate a one-time pad based on the random value and a predetermined key. A message unmasker is coupled to the one-time pad generator and protected message envelope reader, and is configured to generate an unmasked message based on the one-time pad and the masked message.

摘要翻译： 一种安全通信系统。 随机值生成器被配置为生成随机值。 消息验证码发生器耦合到随机值生成器并且被配置为基于预定密钥，消息和随机值生成消息验证码。 一次性垫发生器耦合到随机数发生器并且被配置为基于随机值和预定密钥生成一次性焊盘。 并且屏蔽的消息发生器耦合到一次性衬垫发生器并且被配置为基于一次性焊盘和消息来生成屏蔽消息。 在特定方面，受保护的消息包络生成器耦合到随机值生成器，消息验证码生成器和掩蔽消息生成器，并且被配置为基于随机值生成受保护的消息包络，消息验证码， 和屏蔽消息。 在另一方面，受保护的消息包络读取器被配置为基于所接收的受保护的消息包络来接收受保护的消息包络并生成随机值，掩蔽消息和第一消息验证码。 一次性垫发生器耦合到受保护的消息包络读取器，并且被配置为基于随机值和预定密钥生成一次性焊盘。 消息取消掩码器耦合到一次性衬垫生成器和受保护的消息包络读取器，并且被配置为基于一次性衬垫和屏蔽的消息来生成未屏蔽的消息。

公开(公告)号：US20060080661A1

公开(公告)日：2006-04-13

申请号：US10960609

申请日：2004-10-07

申请人： Daniel Brokenshire ,  Harm Hofstee ,  Barry Minor ,  Mark Nutter

发明人： Daniel Brokenshire ,  Harm Hofstee ,  Barry Minor ,  Mark Nutter

IPC分类号： G06F9/46

CPC分类号： G06F9/322 ,  G06F8/41 ,  G06F9/3851

摘要： A System and method for hiding memory latency in a multi-thread environment is presented. Branch Indirect and Set Link (BISL) and/or Branch Indirect and Set Link if External Data (BISLED) instructions are placed in thread code during compilation at instances that correspond to a prolonged instruction. A prolonged instruction is an instruction that instigates latency in a computer system, such as a DMA instruction. When a first thread encounters a BISL or a BISLED instruction, the first thread passes control to a second thread while the first thread's prolonged instruction executes. In turn, the computer system masks the latency of the first thread's prolonged instruction. The system can be optimized based on the memory latency by creating more threads and further dividing a register pool amongst the threads to further hide memory latency in operations that are highly memory bound.

摘要翻译： 提出了一种在多线程环境中隐藏内存延迟的系统和方法。 分支间接和设置链接（BISL）和/或分支间接和设置链接，如果外部数据（BISLED）指令在对应于延长的指令的实例的编译期间被放置在线程代码中。 延长的指令是指示计算机系统中的延迟，例如DMA指令。 当第一个线程遇到BISL或BISLED指令时，第一个线程在第一个线程的延长指令执行时将控制传递给第二个线程。 反过来，计算机系统掩盖了第一个线程延长的指令的延迟。 可以通过创建更多线程并在线程之间进一步划分寄存器池来进一步隐藏高度内存限制的操作中的内存延迟，从而基于内存延迟来优化系统。

公开(公告)号：US20050021944A1

公开(公告)日：2005-01-27

申请号：US10601374

申请日：2003-06-23

申请人： David Craft ,  Michael Day ,  Harm Hofstee ,  Charles Johns ,  John Liberty

发明人： David Craft ,  Michael Day ,  Harm Hofstee ,  Charles Johns ,  John Liberty

IPC分类号： G06F12/14 ,  G06F21/22 ,  G06F21/24 ,  G09C1/00 ,  H04L9/08 ,  H04L9/00

CPC分类号： G06F21/53 ,  H04L9/3226 ,  H04L2209/56

摘要： The present invention provides for authenticating code and/or data and providing a protected environment for execution. The present invention provides for dynamically partitioning and un-partitioning a local store for the authentication of code or data. The local store is partitioned into an isolated and non-isolated section. Code or data is loaded into the isolated section. The code or data is authenticated in the isolated section of the local store. After authentication, the code is executed. After execution, the memory within the isolated region of the attached processor unit is erased, and the attached processor unit de-partitions the isolated section within the local store.

摘要翻译： 本发明提供了验证代码和/或数据并提供受保护的环境以供执行。 本发明提供了用于对代码或数据的认证的动态分区和分区本地存储。 本地商店被划分成一个隔离和非隔离的部分。 代码或数据被加载到隔离的部分。 代码或数据在本地存储的隔离部分进行身份验证。 认证后，执行代码。 在执行之后，附着的处理器单元的隔离区域内的存储器被擦除，并且附加的处理器单元对本地存储器内的隔离部分进行分区。

公开(公告)号：US20080016348A1

公开(公告)日：2008-01-17

申请号：US11779757

申请日：2007-07-18

申请人： David Craft ,  Pradeep Dubey ,  Harm Hofstee ,  James Kahle

发明人： David Craft ,  Pradeep Dubey ,  Harm Hofstee ,  James Kahle

IPC分类号： H04L9/00

CPC分类号： H04L63/0823 ,  H04L63/126 ,  H04L63/145 ,  H04L2463/102

摘要： A secure communication methodology is presented. The client device is configured to download application code and/or content data from a server operated by a service provider. Embedded within the client is a client private key, a client serial number, and a copy of a server public key. The client forms a request, which includes the client serial number, encrypts the request with the server public key, and sends the download request to the server. The server decrypts the request with the server's private key and authenticates the client. The received client serial number is used to search for a client public key that corresponds to the embedded client private key. The server encrypts its response, which includes the requested information, with the client public key of the requesting client, and only the private key in the requesting client can be used to decrypt the information downloaded from the server.

摘要翻译： 提出了一种安全的通信方法。 客户端设备被配置为从由服务提供商操作的服务器下载应用代码和/或内容数据。 嵌入在客户端中的是客户端私钥，客户端序列号和服务器公钥的副本。 客户端形成请求，其中包括客户端序列号，使用服务器公钥加密请求，并将下载请求发送到服务器。 服务器使用服务器的私钥对请求进行解密，并对客户端进行身份验证。 接收到的客户端序列号用于搜索与嵌入式客户端私钥对应的客户端公钥。 服务器将其响应（包括所请求的信息）与请求客户端的客户端公钥加密，并且只有请求客户端中的私钥可以用于解密从服务器下载的信息。

公开(公告)号：US20050071651A1

公开(公告)日：2005-03-31

申请号：US10670825

申请日：2003-09-25

申请人： Maximino Aguilar ,  David Craft ,  Michael Day ,  Harm Hofstee

发明人： Maximino Aguilar ,  David Craft ,  Michael Day ,  Harm Hofstee

IPC分类号： G06F21/00 ,  H04L9/00 ,  H04L9/08

CPC分类号： G06F21/6236 ,  G06F21/602 ,  H04L9/0894 ,  H04L2209/125

摘要： A system and method are provided to dedicate one or more processors in a multiprocessing system to performing encryption functions. When the system initializes, one of the synergistic processing unit (SPU) processors is configured to run in a secure mode wherein the local memory included with the dedicated SPU is not shared with the other processors. One or more encryption keys are stored in the local memory during initialization. During initialization, the SPUs receive nonvolatile data, such as the encryption keys, from nonvolatile register space. This information is made available to the SPU during initialization before the SPUs local storage might be mapped to a common memory map. In one embodiment, the mapping is performed by another processing unit (PU) that maps the shared SPUs' local storage to a common memory map.

摘要翻译： 提供了一种系统和方法来将多处理系统中的一个或多个处理器专用于执行加密功能。 当系统初始化时，协同处理单元（SPU）中的一个处理器被配置为以安全模式运行，其中包括在专用SPU中的本地存储器不与其他处理器共享。 在初始化期间，一个或多个加密密钥存储在本地存储器中。 在初始化期间，SPU从非易失性寄存器空间接收非易失性数据，例如加密密钥。 在SPU本地存储可能映射到公共存储器映射之前，该信息在初始化期间可用于SPU。 在一个实施例中，映射由将共享的SPU本地存储映射到公共存储器映射的另一个处理单元（PU）执行。

公开(公告)号：US20070040620A1

公开(公告)日：2007-02-22

申请号：US11204408

申请日：2005-08-16

申请人： David Boerstler ,  Eskinder Hailu ,  Harm Hofstee ,  John Liberty

发明人： David Boerstler ,  Eskinder Hailu ,  Harm Hofstee ,  John Liberty

IPC分类号： H03K3/03

CPC分类号： H03K3/0315 ,  H03K5/133

摘要： A method and apparatus is provided for testing the logic functionality and electrical continuity of a ring oscillator comprising an odd number of inverters connected to form a closed loop. In the method and apparatus, a known value is forced through the ring oscillator, to test the complete circuit path thereof. Thus, a low overhead deterministic test of the functionality of the ring oscillator is provided. In a useful embodiment of the invention, a method is provided for testing functionality and electrical continuity in a ring oscillator, wherein a first test device is inserted between the input of a first inverter and the output of an adjacent second inverter. The first test device is then operated to apply first and second test bits as input test signals to the first inverter input. The embodiment further comprises detecting the response to the applied first and second test bit signals at the output of the second inverter, and using the detected responses in providing an evaluation of functionality of the ring oscillator.

摘要翻译： 提供了一种用于测试环形振荡器的逻辑功能和电连续性的方法和装置，该环形振荡器包括连接形成闭环的奇数个反相器。 在该方法和装置中，通过环形振荡器强制已知的值，以测试其完整的电路路径。 因此，提供了环形振荡器的功能的低开销确定性测试。 在本发明的有用实施例中，提供了一种用于测试环形振荡器中的功能和电连续性的方法，其中第一测试装置插入在第一反相器的输入端和相邻的第二反相器的输出之间。 然后操作第一测试装置以将第一和第二测试位作为输入测试信号施加到第一反相器输入。 该实施例还包括检测在第二反相器的输出处对所施加的第一和第二测试位信号的响应，并且使用检测到的响应来提供环形振荡器的功能性的评估。

公开(公告)号：US20060101107A1

公开(公告)日：2006-05-11

申请号：US10982110

申请日：2004-11-05

申请人： Sang Dhong ,  Harm Hofstee ,  Christian Jacobi ,  Silvia Mueller ,  Hwa-Joon Oh

发明人： Sang Dhong ,  Harm Hofstee ,  Christian Jacobi ,  Silvia Mueller ,  Hwa-Joon Oh

IPC分类号： G06F7/38

CPC分类号： G06F7/49947 ,  G06F7/483 ,  G06F7/49968 ,  G06F7/49973 ,  G06F7/49989 ,  G06F2207/3828

摘要： An apparatus for controlling rounding modes in a single instruction multiple data (SIMD) floating-point unit is disclosed. The SIMD floating-point unit includes a floating-point status-and-control register (FPSCR) having a first rounding mode bit field and a second rounding mode bit field. The SIMD floating-point unit also includes means for generating a first slice and a second slice. During a floating-point operation, the SIMD floating-point unit concurrently performs a first rounding operation on the first slice and a second rounding operation on the second slice according to a bit in the first rounding mode bit field and a bit in the second rounding mode bit field within the FPSCR, respectively.

摘要翻译： 公开了一种用于在单指令多数据（SIMD）浮点单元中控制舍入模式的装置。 SIMD浮点单元包括具有第一舍入模式位字段和第二舍入模式位字段的浮点状态和控制寄存器（FPSCR）。 SIMD浮点单元还包括用于生成第一切片和第二切片的装置。 在浮点运算期间，SIMD浮点单元根据第一舍入模式位字段中的位并且在第二舍入中的位同时对第一切片进行第一舍入运算，并对第二切片进行第二舍入运算 FPSCR中的模式位字段。

公开(公告)号：US20060031836A1

公开(公告)日：2006-02-09

申请号：US10912481

申请日：2004-08-05

申请人： Jeffrey Brown ,  Michael Day ,  Harm Hofstee ,  Charles Johns ,  James Kahle ,  Michael Wang

发明人： Jeffrey Brown ,  Michael Day ,  Harm Hofstee ,  Charles Johns ,  James Kahle ,  Michael Wang

IPC分类号： G06F9/46

CPC分类号： G06F1/3203

摘要： The present invention provides for controlling the power consumption of an element. A first power control command is issued by software for the element. It is determined if the power control command corresponds to an allowable power control state for that element as defined by the hardware. If the power control command is not an allowable power control state for that element, the hardware sets the power control at a higher level than the power control state issued by the software. The software is real time software, and the software also sets minimally acceptable activity control states. A hierarchy of power consumption is defined for different elements of a chip by software, which provides the minimum level of power consumption by any element or sub-element on a chip.

摘要翻译： 本发明提供用于控制元件的功耗。 第一个功率控制命令由该元件的软件发出。 确定功率控制命令是否对应于由硬件定义的该元件的容许功率控制状态。 如果功率控制命令不是该元件的允许功率控制状态，则硬件将功率控制设置在比由软件发出的功率控制状态更高的水平。 该软件是实时软件，软件还设置了最低限度可接受的活动控制状态。 通过软件为芯片的不同元件定义功耗层级，其通过芯片上的任何元件或子元件提供最低功耗水平。