公开(公告)号：US20210200880A1

公开(公告)日：2021-07-01

申请号：US16728712

申请日：2019-12-27

Applicant: Intel Corporation

Inventor： Hormuzd M. KHOSRAVI ,  Siddhartha CHHABRA ,  Vincent VON BOKERN ,  Barry E. HUNTLEY ,  Vedvyas SHANBHOGUE ,  Ramya Jayaram MASTI

IPC: G06F21/60 ,  G06F21/53 ,  G06F9/455 ,  H04L9/08

Abstract: Disclosed embodiments relate to Multi-Key Total Memory Encryption based on dynamic key derivation. In one example, a processor includes cryptographic circuitry, storage with multiple key splits and multiple full encryption keys, fetch and decode circuitry to fetch and decode an instruction specifying an opcode, an address, and a keyID, the opcode calling for the processor to use the address to determine whether to use an explicit key, in which case the keyID is used to select one of the multiple full encryption keys to use as a cryptographic key, and, otherwise, the processor is to dynamically derive the cryptographic key by using the keyID to select one of the multiple key splits, and provide the key split and a root key to a key derivation function to derive the cryptographic key, which is used by the encryption circuitry to perform a cryptographic operation on an the addressed memory location.