公开(公告)号：US09525555B2

公开(公告)日：2016-12-20

申请号：US14574969

申请日：2014-12-18

Applicant: Intel Corporation

Inventor： Prashant Dewan ,  Kapil Sood ,  Kumar N. Dwarakanath ,  Ioannis T. Schoinas ,  William A. Stevens, Jr. ,  Ned M. Smith

IPC: H04L29/06 ,  H04L9/32 ,  G06F12/14

CPC classification number: H04L9/3263 ,  G06F21/572 ,  G06F21/74 ,  G09C1/00 ,  H04L9/321 ,  H04L9/3234 ,  H04L9/3242 ,  H04L2209/12 ,  H04L2209/68

Abstract: In one embodiment, a processor has at least one core to execute instructions, a security engine coupled to the at least one core, a first storage to store a first immutable key associated with a vendor of the processor, and a second storage to store a second immutable key associated with an original equipment manufacturer (OEM) of the system. A first portion of firmware is to be verified based at least in part on the first immutable key and a second portion of firmware is to be verified based at least in part on the second immutable key, the first portion of firmware associated with the vendor and the second portion of firmware associated with the OEM. Other embodiments are described and claimed.

Abstract translation: 在一个实施例中，处理器具有执行指令的至少一个核心，耦合到所述至少一个核心的安全引擎，用于存储与所述处理器的供应商相关联的第一不可变密钥的第一存储器，以及存储 与系统的原始设备制造商（OEM）相关联的第二个不可变的密钥。 至少部分地基于第一不可变密钥验证固件的第一部分，并且至少部分地基于第二不可变密钥，与供应商相关联的固件的第一部分和 与OEM相关联的固件的第二部分。 描述和要求保护其他实施例。

公开(公告)号：US09411748B2

公开(公告)日：2016-08-09

申请号：US13631556

申请日：2012-09-28

Applicant: Intel Corporation

Inventor： Nitin V. Sarangdhar ,  William A. Stevens, Jr. ,  John J. Vranich

IPC: H04L9/32 ,  G06F12/14 ,  G06F21/44 ,  G06F21/79

CPC classification number: G06F12/1408 ,  G06F21/445 ,  G06F21/79

Abstract: Embodiments of the invention create an underlying infrastructure in a flash memory device (e.g., a serial peripheral interface (SPI) flash memory device) such that it may be protected against user attacks—e.g., replacing the SPI flash memory device or a man-in-the-middle (MITM) attack to modify the SPI flash memory contents on the fly. In the prior art, monotonic counters cannot be stored in SPI flash memory devices because said devices do not provide replay protection for the counters. A user may also remove the flash memory device and reprogram it. Host platforms alone cannot protect against such hardware attacks.Embodiments of the invention enable secure standard storage flash memory devices such as SPI flash memory devices to achieve replay protection for securely stored data. Embodiments of the invention utilize flash memory controllers, flash memory devices, unique device keys and HMAC key logic to create secure execution environments for various components.

公开(公告)号：US10534935B2

公开(公告)日：2020-01-14

申请号：US15200935

申请日：2016-07-01

Applicant: Intel Corporation

Inventor： Jose S. Niell ,  Gautham N. Chinya ,  Khee Wooi Lee ,  William A. Stevens, Jr. ,  Josh Triplett

IPC: G06F21/70

Abstract: A system-on-chip (SoC) includes a host CPU on a CPU fabric, the host CPU including multiple processor cores, each associated with multiple security attributes. The SoC includes a secure asset on a network-on-chip and a security co-processor. The security co-processor includes circuitry to detect requests from the processor cores targeting the secure asset and security function processing requests, to determine, based on associated security attributes, whether the core or function is authorized to access the secure asset, to allow the request to be issued, if the core or function is so authorized, and to prevent its issuance, if not. The determination may be dependent on a signal from the CPU fabric indicating whether the host CPU can modify its security attributes or they are locked down. The security co-processor may have the highest security level and may be the only master on the SoC that can access the secure asset.

公开(公告)号：US10853472B2

公开(公告)日：2020-12-01

申请号：US16021275

申请日：2018-06-28

Applicant: Intel Corporation

Inventor： Xiaoyu Ruan ,  William A. Stevens, Jr.

IPC: G06F21/44 ,  H04L9/08 ,  G06F21/60 ,  G06F21/57 ,  H04L9/32 ,  G06F8/654 ,  G06F8/65

Abstract: In one embodiment, an apparatus includes a non-volatile storage to store a seed value and a signature that is based on an iterative execution of a function for a predetermined number of intervals. The apparatus may further include the security processor coupled to the non-volatile storage, where the security processor is to independently recover a credential for an updated version of the firmware based at least in part on the seed value and a security version number for the updated version of the firmware. Other embodiments are described and claimed.

公开(公告)号：US09626119B2

公开(公告)日：2017-04-18

申请号：US14542510

申请日：2014-11-14

Applicant: INTEL CORPORATION

Inventor： William A. Stevens, Jr. ,  Nitin V. Sarangdhar

IPC: G06F12/00 ,  G06F13/00 ,  G06F13/28 ,  G06F3/06 ,  G06F21/62

CPC classification number: G06F3/062 ,  G06F3/0622 ,  G06F3/0637 ,  G06F3/0673 ,  G06F3/0689 ,  G06F21/6227

Abstract: Provided are a system, memory controller, and method for using counters and a table to protect data in a storage device. Upon initiating operations to modify a file in the storage device, a storage write counter is incremented in response to initiating the operations to modify the file. In response to incrementing the storage write counter, write table operations are initiated including setting a table write counter to a storage write counter and setting a table commit counter to the storage commit counter plus a value. The operation to modify the file in response to completing the write table operations. The system commit counter is incremented by the value in response to completing the operation to modify the file.

公开(公告)号：US11144387B2

公开(公告)日：2021-10-12

申请号：US16398076

申请日：2019-04-29

Applicant: Intel Corporation

Inventor： Zhenyu Zhu ,  William A. Stevens, Jr. ,  Michael T. Klinglesmith ,  Mikal Hunsaker

IPC: G06F11/10 ,  G06F13/16 ,  G06F13/42

Abstract: Embodiments include a serial bus controller that may be coupled to an in band serial peripheral interface (SPI) link, to request a write of data and a subsequent read of the data from a memory device and in response to the request to read the data, receive a bit error report and optionally correct the bit error over the in band SPI link. Embodiments include a memory device, e.g., a flash memory device, to detect and report the bit error over the in band SPI link, where the flash memory device, in response to a request to write and/or erase data, calculates or determines an error correction code (ECC) and stores corresponding parity data. In embodiments, after receiving a subsequent request to read the data, the flash memory device accesses the stored parity data to check the ECC for a bit error and if a bit error is detected, reports the detected bit error over the in band SPI link. Other embodiments may be described and claimed.

公开(公告)号：US11030317B2

公开(公告)日：2021-06-08

申请号：US16368647

申请日：2019-03-28

Applicant: Intel Corporation

Inventor： Xiaoyu Ruan ,  William A. Stevens, Jr. ,  David Novick

IPC: G06F21/73 ,  G06F21/64 ,  G06F21/57 ,  G06F8/654 ,  G06F9/44 ,  G06F8/60

Abstract: Embodiments described herein enable independently recoverable security for processor and peripheral communication, enabling a processor without native non-volatile memory to generate and recover credentials in response to a firmware update. The processor and peripheral can each have credentials burned into secure fuses. The processor can derive a shared secret from the secure fuses using security attributes that are based on the security version number of firmware within the processor and the peripherals to which the processor is to security communicate. The processor and peripherals can generate ephemeral session keys from the shared secret and nonces. The ephemeral session keys can be used to secure communications between the processor and the peripherals.

公开(公告)号：US10339327B2

公开(公告)日：2019-07-02

申请号：US15628012

申请日：2017-06-20

Applicant: Intel Corporation

Inventor： Pradeep M. Pappachan ,  Reshma Lal ,  Siddhartha Chhabra ,  Gideon Gerzon ,  Baruch Chaikin ,  Bin Xing ,  William A. Stevens, Jr.

IPC: G06F21/76 ,  G06F21/60 ,  H04L29/06 ,  G06F21/57 ,  G06F13/28 ,  H04L9/32 ,  G06F13/20 ,  G06F21/62 ,  G06F21/85 ,  G09C1/00 ,  G06F21/70 ,  G06F21/51 ,  H04L9/06

Abstract: Technologies for securely binding a manifest to a platform include a computing device having a security engine and a field-programmable fuse. The computing device receives a platform manifest indicative of a hardware configuration of the computing device and a manifest hash. The security engine of the computing device blows a bit of a field programmable fuse and then stores the manifest hash and a counter value of the field-programmable fuse in integrity-protected non-volatile storage. In response to a platform reset, the security engine verifies the stored manifest hash and counter value and then determines whether the stored counter value matches the field-programmable fuse. If verified and current, trusted software may calculate a hash of the platform manifest and compare the calculated hash to the stored manifest hash. If matching, the platform manifest may be used to discover platform hardware. Other embodiments are described and claimed.