公开(公告)号：US20210124818A1

公开(公告)日：2021-04-29

申请号：US16661856

申请日：2019-10-23

Applicant: QUALCOMM Incorporated

Inventor： Baranidharan MUTHUKUMARAN ,  Satish ANAND ,  Mahadevamurty NEMANI ,  Ivan MCLEAN ,  Miguel BALLESTEROS

IPC: G06F21/45 ,  H04L9/08 ,  H04L9/14

Abstract: In illustrative examples described herein, a hardware-based mechanism is provided to prevent brute force attacks on user credentials. In some examples, a throttling policy is added to a hardware key manager to provide timer-based throttling using a secure hardware timer. A register or slot in hardware is used to maintain throttling policy attributes or parameters for tracking a throttle count and a timeout value to be enforced. During a cryptographic wrap operation, a user key is associated with, or bound to, the slot or register. During a subsequent unwrap operation, the hardware key manager then enforces any needed timeouts by throttling user access in response to any incorrect entries based on the throttling policy attributes or parameters maintained in the slot or register. Examples exploiting an always-on battery-backed processing island are also provided. In some examples, throttling is implemented without the use of any secure storage.

公开(公告)号：US20170329995A1

公开(公告)日：2017-11-16

申请号：US15230091

申请日：2016-08-05

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Satish ANAND ,  David TAMAGNO

IPC: G06F21/64 ,  G06F21/70 ,  H04L9/08 ,  H04L9/32

CPC classification number: G06F21/64 ,  G06F21/70 ,  H04L9/0861 ,  H04L9/0866 ,  H04L9/0869 ,  H04L9/12 ,  H04L9/3242 ,  H04L9/3271

Abstract: Techniques for providing data protection in an integrated circuit are provided. A method according to these techniques includes exchanging messages with an off-chip, non-volatile memory to securely initialize an anti-replay counter (ARC) value in the integrated circuit based on an ARC value stored in the off-chip, non-volatile memory, and maintaining the ARC value stored in the integrated circuit such that the ARC value stored in the integrated circuit remains synchronized with the ARC value stored in the off-chip, non-volatile memory.

公开(公告)号：US20210174047A1

公开(公告)日：2021-06-10

申请号：US16703616

申请日：2019-12-04

Applicant: QUALCOMM Incorporated

Inventor： Wesley James HOLLAND ,  Rashmi KULKARNI ,  Ling Feng HUANG ,  Huang HUANG ,  Jeffrey SHABEL ,  Chih-Chi CHENG ,  Satish ANAND ,  Songhe CAI ,  Simon Peter William BOOTH ,  Bohuslav RYCHLIK

IPC: G06K9/00 ,  G06F21/32 ,  H04L9/32 ,  G01N21/31

Abstract: In some aspects, the present disclosure provides a method for managing a command queue in a universal flash storage (UFS) host device. The method includes determining to power on a first subsystem of a system-on-a-chip (SoC), wherein the determination to power on the first subsystem is made by a second subsystem of the SoC based on detection of user identity data contained in a first image frame during an initial biometric detection process. In certain aspects, the second subsystem is configured to operate independent of the first subsystem and control power to the first subsystem. In certain aspects, the second subsystem includes a second optical sensor, a set of ambient sensors, and a second processor configured to detect, via a set of ambient sensors, an event comprising one or more of an environmental event outside of the device or a motion event of the device.

公开(公告)号：US20160299854A1

公开(公告)日：2016-10-13

申请号：US15043294

申请日：2016-02-12

Applicant: QUALCOMM Incorporated

Inventor： Vinoth Kumar DEIVASIGAMANI ,  Laurence Geoffrey LUNDBLADE ,  Satish ANAND ,  Billy B. BRUMLEY

IPC: G06F12/14 ,  G06F21/64 ,  G06F21/78

CPC classification number: G06F12/1408 ,  G06F21/6245 ,  G06F21/79 ,  G06F2212/402

Abstract: Techniques for providing countermeasures against physical attacks on the contents of off-chip memory are provided in which a pseudo-internal memory resistant to physical attack is used. The pseudo-internal memory is mapped to an address space such that the pseudo-internal memory appears to be on-chip memory to a processor or a system on a chip (SoC). A method for protecting sensitive data according to these techniques includes presenting, by a pseudo-internal memory module of a SoC, an address space as internal memory of the SoC, where the address space comprises memory located off-chip from the system on a chip, receiving a data write request at the pseudo-internal memory module from a component of the SoC, encrypting data associated with the data write request using the pseudo-internal memory module to generate encrypted data, and writing the encrypted data to the memory located off-chip from the SoC.

Abstract translation: 提供了针对物理攻击对芯片内存内容提供对策的技术，其中使用了抵抗物理攻击的伪内部存储器。 伪内部存储器被映射到地址空间，使得伪内部存储器看起来是片上存储器到处理器或芯片上的系统（SoC）。 根据这些技术的用于保护敏感数据的方法包括：通过SoC的伪内部存储器模块来呈现作为SoC的内部存储器的地址空间，其中地址空间包括位于芯片上的系统外部的存储器 从所述SoC的组件在所述伪内部存储器模块处接收数据写入请求，使用所述伪内部存储器模块对与所述数据写入请求相关联的数据进行加密，以生成加密数据，以及将所述加密数据写入所述存储器 芯片来自SoC。