Reconfiguring A Secure System
    1.
    发明申请
    Reconfiguring A Secure System 有权
    重新配置安全系统

    公开(公告)号:US20130103938A1

    公开(公告)日:2013-04-25

    申请号:US13664930

    申请日:2012-10-31

    IPC分类号: G06F21/00

    CPC分类号: G06F21/57

    摘要: Apparatuses, methods, and systems for reconfiguring a secure system are disclosed. In one embodiment, an apparatus includes a configuration storage location, a lock, and lock override logic. The configuration storage location is to store information to configure the apparatus. The lock is to prevent writes to the configuration storage location. The lock override logic is to allow instructions executed from sub-operating mode code to override the lock.

    摘要翻译: 公开了用于重新配置安全系统的装置,方法和系统。 在一个实施例中,装置包括配置存储位置,锁定和锁定超驰逻辑。 配置存储位置是存储信息以配置设备。 该锁是为了防止写入配置存储位置。 锁定覆盖逻辑是允许从子操作模式代码执行的指令覆盖锁定。

    Reconfiguring a secure system
    2.
    发明授权
    Reconfiguring a secure system 有权
    重新配置安全系统

    公开(公告)号:US08316414B2

    公开(公告)日:2012-11-20

    申请号:US11618649

    申请日:2006-12-29

    IPC分类号: G06F21/00

    CPC分类号: G06F21/57

    摘要: Apparatuses, methods, and systems for reconfiguring a secure system are disclosed. In one embodiment, an apparatus includes a configuration storage location, a lock, and lock override logic. The configuration storage location is to store information to configure the apparatus. The lock is to prevent writes to the configuration storage location. The lock override logic is to allow instructions executed from sub-operating mode code to override the lock.

    摘要翻译: 公开了用于重新配置安全系统的装置,方法和系统。 在一个实施例中,装置包括配置存储位置,锁定和锁定超驰逻辑。 配置存储位置是存储信息以配置设备。 该锁是为了防止写入配置存储位置。 锁定覆盖逻辑是允许从子操作模式代码执行的指令覆盖锁定。

    RECONFIGURING A SECURE SYSTEM
    3.
    发明申请
    RECONFIGURING A SECURE SYSTEM 有权
    重新建立安全系统

    公开(公告)号:US20080163331A1

    公开(公告)日:2008-07-03

    申请号:US11618649

    申请日:2006-12-29

    IPC分类号: G06F21/00 G06F17/00

    CPC分类号: G06F21/57

    摘要: Apparatuses, methods, and systems for reconfiguring a secure system are disclosed. In one embodiment, an apparatus includes a configuration storage location, a lock, and lock override logic. The configuration storage location is to store information to configure the apparatus. The lock is to prevent writes to the configuration storage location. The lock override logic is to allow instructions executed from sub-operating mode code to override the lock.

    摘要翻译: 公开了用于重新配置安全系统的装置,方法和系统。 在一个实施例中,装置包括配置存储位置,锁定和锁定超驰逻辑。 配置存储位置是存储信息以配置设备。 该锁是为了防止写入配置存储位置。 锁定覆盖逻辑是允许从子操作模式代码执行的指令覆盖锁定。

    Secure key storage using physically unclonable functions
    4.
    发明授权
    Secure key storage using physically unclonable functions 有权
    使用物理不可克隆功能保护密钥存储

    公开(公告)号:US09544141B2

    公开(公告)日:2017-01-10

    申请号:US13996544

    申请日:2011-12-29

    IPC分类号: H04L29/06 H04L9/08

    摘要: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processors. A processor may include physically unclonable functions component, which may generate a unique hardware key based at least on at least one physical characteristic of the processor. The hardware key may be employed in encrypting a key such as a secret key. The encrypted key may be stored in a memory of the processor. The encrypted key may be validated. The integrity of the key may be protected by communicatively isolating at least one component of the processor.

    摘要翻译: 本文公开的一些实施例提供了用于向集成电路/处理器供应密钥的技术和布置。 处理器可以包括物理上不可克隆的功能组件,其可以至少基于处理器的至少一个物理特性来生成唯一的硬件密钥。 硬件密钥可用于加密诸如秘密密钥的密钥。 加密密钥可以存储在处理器的存储器中。 可以验证加密的密钥。 可以通过通信地隔离处理器的至少一个组件来保护密钥的完整性。

    FIRMWARE INTEGRITY VERIFICATION
    7.
    发明申请
    FIRMWARE INTEGRITY VERIFICATION 审中-公开
    固件完整性验证

    公开(公告)号:US20090172639A1

    公开(公告)日:2009-07-02

    申请号:US11965295

    申请日:2007-12-27

    IPC分类号: G06F9/44

    CPC分类号: G06F21/57

    摘要: In some embodiments, the integrity of firmware stored in a non-volatile memory is verified prior to initiation of a firmware reset vector. Other embodiments are described and claimed.

    摘要翻译: 在一些实施例中,在启动固件复位向量之前验证存储在非易失性存储器中的固件的完整性。 描述和要求保护其他实施例。

    System and Method for Establishing Trust Without Revealing Identity
    8.
    发明申请
    System and Method for Establishing Trust Without Revealing Identity 有权
    建立信任而不揭示身份的制度与方法

    公开(公告)号:US20070113077A1

    公开(公告)日:2007-05-17

    申请号:US11622391

    申请日:2007-01-11

    申请人: Ernie Brickell

    发明人: Ernie Brickell

    IPC分类号: H04L9/00

    摘要: One aspect of an embodiment of the invention provides a method, system, and device to prove to a challenger that a prover device has a signature from a device manufacturer without revealing the signature to the challenger. According to one implementation, a challenger is provided with the result of a one-way function of a secret held by a prover device. An interactive proof is employed, between the prover device and the challenger, to prove to the challenger that the secret used in the one-way function has been signed by a device signature without revealing the secret or the device signature or the prover device's identity to the challenger.

    摘要翻译: 本发明的实施例的一个方面提供了一种方法,系统和设备,用于向挑战者证明证明者设备具有来自设备制造商的签名,而不向挑战者显示签名。 根据一个实施方案,挑战者被提供了由证明者设备保存的秘密的单向功能的结果。 在证明者设备和挑战者之间采用交互式证明,向挑战者证明,单向功能中使用的秘密已经通过设备签名签名,而不会泄露秘密或设备签名或证明者设备的身份 挑战者。

    Method and system for creating random cryptographic keys in hardware
    9.
    发明申请
    Method and system for creating random cryptographic keys in hardware 有权
    用于在硬件中创建随机加密密钥的方法和系统

    公开(公告)号:US20060239461A1

    公开(公告)日:2006-10-26

    申请号:US11112817

    申请日:2005-04-21

    IPC分类号: H04L9/00

    CPC分类号: H04L9/0662 H04L9/0869

    摘要: A method and system for creating random cryptographic keys in hardware is described. One or more bits are generated via one or more random bit circuits. Each random bit circuit includes a sensing device coupled to a first device and a second device to compare the first device against the second device and to generate a random bit from a random state value. The generated bits from the random bit circuits are read, and a cryptographic key may then be computed based on the generated bits.

    摘要翻译: 描述了一种用于在硬件中创建随机加密密钥的方法和系统。 经由一个或多个随机位电路产生一个或多个位。 每个随机位电路包括耦合到第一设备的感测设备和用于将第一设备与第二设备进行比较并从随机状态值生成随机位的第二设备。 读取来自随机位电路的生成位,然后可以基于所生成的位来计算加密密钥。

    Method for conditional disclosure of identity information
    10.
    发明申请
    Method for conditional disclosure of identity information 审中-公开
    有条件披露身份信息的方法

    公开(公告)号:US20060218649A1

    公开(公告)日:2006-09-28

    申请号:US11088548

    申请日:2005-03-22

    IPC分类号: H04L9/32

    摘要: Providing conditional access to a unique device identifier (ID) stored in a device in a processing system may be accomplished by determining if a platform state (such as firmware and/or data) is present in a non-volatile storage of the processing system; when the platform state is not present, loading the device ID into a volatile storage of the processing system, receiving a request from an external entity to obtain the device ID, sending the device ID to the external entity, and rejecting all subsequent requests to obtain the device ID; and when the platform state is present, rejecting all requests to obtain the device ID.

    摘要翻译: 对存储在处理系统中的设备中的唯一设备标识符(ID)提供条件访问可以通过确定处理系统的非易失性存储器中是否存在平台状态(诸如固件和/或数据)来实现; 当不存在平台状态时,将设备ID加载到处理系统的易失性存储器中,接收来自外部实体的请求以获得设备ID,将设备ID发送到外部实体,并拒绝所有后续请求以获得 设备ID; 并且当平台状态存在时,拒绝获得设备ID的所有请求。