-
公开(公告)号:US20170235930A1
公开(公告)日:2017-08-17
申请号:US15346574
申请日:2016-11-08
Applicant: Nvidia Corporation
Inventor: Anthony Michael Tamasi , Timothy Paul Lottes , Bojan Skaljak , Fedor Fomichev , Andrew Leighton Edelsten , Jay Huang , Ashutosh Gajanan Rege , Keith Brian Galocy
CPC classification number: G06F21/125 , G06F21/10 , G06F21/126 , G06F21/53 , G06F21/602 , G06F21/74 , G06F2221/0735 , G06F2221/2105 , G06F2221/2149
Abstract: A computer system comprising a processor and a memory for storing instructions, that when executed by the processor performs a copy protection method. The copy protection method comprises executing a software loop of a first software application in a first operating system. A first call is executed in the software loop to a code portion. A decrypted code portion of the first software application is executed in a second operating system in response to the first call. The code portion is decrypted in response to a successful validation of the first software application.
-
公开(公告)号:US09823869B2
公开(公告)日:2017-11-21
申请号:US14544468
申请日:2015-01-08
Applicant: NVIDIA Corporation
Inventor: Franciscus Sijstermans , Steven Molnar , Gilberto Contreras , Jay Huang , Jay Gupta , Michael Wasserman , James Deming
IPC: G06F12/14 , G06F3/06 , G06F12/109 , G06F21/60
CPC classification number: G06F3/0623 , G06F3/0644 , G06F3/0659 , G06F3/0673 , G06F12/109 , G06F12/1408 , G06F12/1441 , G06F12/1458 , G06F21/60 , G06F2212/1052 , G06F2212/152
Abstract: Embodiments of the claimed subject matter provide systems and methods for protecting data in dynamically allocated regions of memory. The method can include receiving the read request where the read request comprises a virtual address associated with a memory and determining a physical address associated with the virtual address. The further includes determining whether the physical address associated with the virtual address is read protected and determining whether the read request is from a component allowed to access read protected memory. The read protected memory was dynamically allocated on a per page basis. The method further includes in response to determining that the read request is to a read protected physical address and determining that the component is allowed to access read protected memory, sending the data from the physical address in the memory.
-
Patent Agency Ranking
3.发明授权Secure provisioning of semiconductor chips in untrusted manufacturing factories 有权在不信任的制造工厂安全地提供半导体芯片公开(公告)号:US09590806B2
公开(公告)日:2017-03-07
申请号:US14723411
申请日:2015-05-27
Applicant: NVIDIA CORPORATION
Inventor: Jay Huang , Paul Chou , Anthony Woo
CPC classification number: G06F21/575 , G06F21/602 , G06F21/71 , G06F21/73 , G06F21/74 , G06F2221/2107 , G09C1/00 , H04L9/0822 , H04L2209/12
Abstract: One embodiment of the present invention includes a boot read only memory (ROM) with an embedded, private key provision key (KPK) set that enables secure provisioning of chips. As part of taping-out a chip, the chip provider establishes the KPK set and provides the boot ROM exclusive access to the KPK. For each Original Equipment Manufacturer (OEM), the chip provider assigns and discloses an OEM-specific KPK that is included in the KPK set at a particular KPK index. Upon receiving a secured provisioning image and the associated KPK index, the boot ROM accesses the KPK set to reconstruct the KPK and then decrypts and executes the secured provisioning image. Advantageously, this enables the manufacturing factory to provision the chip without the security risks attributable to conventional provisioning approaches that require disclosing security keys to the manufacturing factory.
Abstract translation: 本发明的一个实施例包括具有嵌入式私钥提供密钥(KPK)集合的启动只读存储器(ROM),其启用芯片的安全提供。 作为开发芯片的一部分,芯片提供商建立KPK集,并提供对KPK的引导ROM专用访问。 对于每个原始设备制造商(OEM),芯片提供商分配并公开了KPK集合中包含的特定KPK索引的OEM专用KPK。 在接收到安全配置映像和相关联的KPK索引后,引导ROM访问KPK集合以重构KPK,然后解密并执行安全配置映像。 有利的是,这使得制造工厂能够提供芯片,而没有需要向制造工厂公开安全密钥的常规供应方法所带来的安全隐患。
-
公开(公告)号:US11163859B2
公开(公告)日:2021-11-02
申请号:US15346574
申请日:2016-11-08
Applicant: Nvidia Corporation
Inventor: Anthony Michael Tamasi , Timothy Paul Lottes , Bojan Skaljak , Fedor Fomichev , Andrew Leighton Edelsten , Jay Huang , Ashutosh Gajanan Rege , Keith Brian Galocy
Abstract: A computer system comprising a processor and a memory for storing instructions, that when executed by the processor performs a copy protection method. The copy protection method comprises executing a software loop of a first software application in a first operating system. A first call is executed in the software loop to a code portion. A decrypted code portion of the first software application is executed in a second operating system in response to the first call. The code portion is decrypted in response to a successful validation of the first software application.
-
5.发明授权公开(公告)号:US09177121B2
公开(公告)日:2015-11-03
申请号:US13691613
申请日:2012-11-30
Applicant: NVIDIA Corporation
Inventor: Andrew Edelsten , Fedor Fomichev , Jay Huang , Timothy Paul Lottes
CPC classification number: G06F21/10 , G06F21/121 , G06F21/53
Abstract: Methods for code protection are disclosed. A method includes using a security processing component to access an encrypted portion of an application program that is encrypted by an on-line server, after a license for use of the application program is authenticated by the on-line server. The security processing component is used to decrypt the encrypted portion of the application program using an encryption key that is stored in the security processing component. The decrypted portion of the application program is executed based on stored state data. Results are provided to the application program that is executing on a second processing component.
Abstract translation: 公开了代码保护的方法。 在由在线服务器认证应用程序的使用许可之后,使用安全处理部件访问由在线服务器加密的应用程序的加密部分。 安全处理部件用于使用存储在安全处理部件中的加密密钥对应用程序的加密部分进行解密。 基于存储的状态数据执行应用程序的解密部分。 结果被提供给在第二处理组件上执行的应用程序。
-
6.发明申请公开(公告)号:US20140157423A1
公开(公告)日:2014-06-05
申请号:US13691613
申请日:2012-11-30
Applicant: NVIDIA CORPORATION
Inventor: Andrew Edelsten , Fedor Fomichev , Jay Huang , Timothy Paul Lottes
IPC: G06F21/10
CPC classification number: G06F21/10 , G06F21/121 , G06F21/53
Abstract: Methods for code protection are disclosed. A method includes using a security processing component to access an encrypted portion of an application program that is encrypted by an on-line server, after a license for use of the application program is authenticated by the on-line server. The security processing component is used to decrypt the encrypted portion of the application program using an encryption key that is stored in the security processing component. The decrypted portion of the application program is executed based on stored state data. Results are provided to the application program that is executing on a second processing component.
Abstract translation: 公开了代码保护的方法。 在由在线服务器认证应用程序的使用许可之后,使用安全处理部件访问由在线服务器加密的应用程序的加密部分。 安全处理部件用于使用存储在安全处理部件中的加密密钥对应用程序的加密部分进行解密。 基于存储的状态数据执行应用程序的解密部分。 结果被提供给在第二处理组件上执行的应用程序。
-
公开(公告)号:US10387653B2
公开(公告)日:2019-08-20
申请号:US15452441
申请日:2017-03-07
Applicant: NVIDIA Corporation
Inventor: Jay Huang , Paul Chou , Anthony Woo
Abstract: One embodiment of the present invention includes a boot read only memory (ROM) with an embedded, private key provision key (KPK) set that enables secure provisioning of chips. As part of taping-out a chip, the chip provider establishes the KPK set and provides the boot ROM exclusive access to the KPK. For each Original Equipment Manufacturer (OEM), the chip provider assigns and discloses an OEM-specific KPK that is included in the KPK set at a particular KPK index. Upon receiving a secured provisioning image and the associated KPK index, the boot ROM accesses the KPK set to reconstruct the KPK and then decrypts and executes the secured provisioning image. Advantageously, this enables the manufacturing factory to provision the chip without the security risks attributable to conventional provisioning approaches that require disclosing security keys to the manufacturing factory.
-
-
-
-
-
-
Search Results
7
records
(took 0.013 seconds)
