公开(公告)号：US20190130120A1

公开(公告)日：2019-05-02

申请号：US16232146

申请日：2018-12-26

Applicant: Intel Corporation

Inventor： Reshma Lal ,  Alpa Narendra Trivedi ,  Luis Kida ,  Pradeep M. Pappachan ,  Soham Jayesh Desai ,  Nanda Kumar Unnikrishnan

IPC: G06F21/60 ,  H04L9/32 ,  G06F21/76

Abstract: Technologies for secure I/O data transfer with an accelerator device include a computing device having a processor and an accelerator. The processor establishes a trusted execution environment. The trusted execution environment may generate an authentication tag based on a memory-mapped I/O transaction, write the authentication tag to a register of the accelerator, and dispatch the transaction to the accelerator. The accelerator performs a cryptographic operation associated with the transaction, generates an authentication tag based on the transaction, and compares the generated authentication tag to the authentication tag received from the trusted execution environment. The accelerator device may initialize an authentication tag in response to a command from the trusted execution environment, transfer data between host memory and accelerator memory, perform a cryptographic operation in response to transferring the data, and update the authentication tag in response to transferrin the data. Other embodiments are described and claimed.

公开(公告)号：US20210390063A1

公开(公告)日：2021-12-16

申请号：US17446194

申请日：2021-08-27

Applicant: Intel Corporation

Inventor： Reshma Lal ,  Alpa Narendra Trivedi ,  Luis Kida ,  Pradeep M. Pappachan ,  Soham Jayesh Desai ,  Nanda Kumar Unnikrishnan

IPC: G06F12/14 ,  H04L9/32 ,  G06F21/76 ,  G06F21/60 ,  H04L9/08 ,  G06F9/455 ,  G06F21/57 ,  G06F21/64 ,  H04L12/24 ,  G06F21/79 ,  H04L9/06 ,  G06F9/38 ,  G06F12/0802

Abstract: Technologies for secure I/O data transfer with an accelerator device include a computing device having a processor and an accelerator. The processor establishes a trusted execution environment. The trusted execution environment may generate an authentication tag based on a memory-mapped I/O transaction, write the authentication tag to a register of the accelerator, and dispatch the transaction to the accelerator. The accelerator performs a cryptographic operation associated with the transaction, generates an authentication tag based on the transaction, and compares the generated authentication tag to the authentication tag received from the trusted execution environment. The accelerator device may initialize an authentication tag in response to a command from the trusted execution environment, transfer data between host memory and accelerator memory, perform a cryptographic operation in response to transferring the data, and update the authentication tag in response to transferrin the data. Other embodiments are described and claimed.

公开(公告)号：US11138132B2

公开(公告)日：2021-10-05

申请号：US16232146

申请日：2018-12-26

Applicant: Intel Corporation

Inventor： Reshma Lal ,  Alpa Narendra Trivedi ,  Luis Kida ,  Pradeep M. Pappachan ,  Soham Jayesh Desai ,  Nanda Kumar Unnikrishnan

IPC: G06F12/14 ,  H04L9/32 ,  G06F21/76 ,  G06F21/60 ,  H04L9/08 ,  G06F9/455 ,  G06F21/57 ,  G06F21/64 ,  H04L12/24 ,  G06F21/79 ,  H04L9/06 ,  G06F9/38 ,  G06F12/0802

Abstract: Technologies for secure I/O data transfer with an accelerator device include a computing device having a processor and an accelerator. The processor establishes a trusted execution environment. The trusted execution environment may generate an authentication tag based on a memory-mapped I/O transaction, write the authentication tag to a register of the accelerator, and dispatch the transaction to the accelerator. The accelerator performs a cryptographic operation associated with the transaction, generates an authentication tag based on the transaction, and compares the generated authentication tag to the authentication tag received from the trusted execution environment. The accelerator device may initialize an authentication tag in response to a command from the trusted execution environment, transfer data between host memory and accelerator memory, perform a cryptographic operation in response to transferring the data, and update the authentication tag in response to transferrin the data. Other embodiments are described and claimed.