专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

51. 发明授权

US08341356B2 Protected cache architecture and secure programming paradigm to protect applications 有权
标题翻译：保护缓存架构和安全编程范例来保护应用程序
公开(公告)号：US08341356B2
公开(公告)日：2012-12-25
申请号：US13099479
申请日：2011-05-03
申请人： Shlomo Raikin , Shay Gueron , Gad Sheaffer
发明人： Shlomo Raikin , Shay Gueron , Gad Sheaffer
IPC分类号： G06F12/06
CPC分类号： G06F12/0802 , G06F12/0804 , G06F12/1491 , G06F21/10
摘要： Embodiments of the present invention provide a secure programming paradigm, and a protected cache that enable a processor to handle secret/private information while preventing, at the hardware level, malicious applications from accessing this information by circumventing the other protection mechanisms. A protected cache may be used as a building block to enhance the security of applications trying to create, manage and protect secure data. Other embodiments are described and claimed.
摘要翻译：本发明的实施例提供了一种安全编程范例和受保护的高速缓存，其使得处理器能够处理秘密/专用信息，同时防止恶意应用程序通过规避其他保护机制来访问该信息。受保护的缓存可以用作构建块，以增强试图创建，管理和保护安全数据的应用程序的安全性。描述和要求保护其他实施例。

52. 发明申请

US20120265998A1 Methods And Apparatus For Authenticating Components Of Processing Systems 有权
标题翻译：用于认证加工系统部件的方法和装置
公开(公告)号：US20120265998A1
公开(公告)日：2012-10-18
申请号：US13532334
申请日：2012-06-25
申请人： Mohan J. Kumar , Shay Gueron
发明人： Mohan J. Kumar , Shay Gueron
IPC分类号： G06F21/00
CPC分类号： G06F21/57 , G06F21/575 , G06F2221/2129
摘要： When a processing system boots, it may retrieve an encrypted version of a cryptographic key from nonvolatile memory to a processing unit, which may decrypt the cryptographic key. The processing system may also retrieve a predetermined authentication code for software of the processing system, and the processing system may use the cryptographic key to compute a current authentication code for the software. The processing system may then determine whether the software should be trusted, by comparing the predetermined authentication code with the current authentication code. In various embodiments, the processing unit may use a key stored in nonvolatile storage of the processing unit to decrypt the encrypted version of the cryptographic key, a hashed message authentication code (HMAC) may be used as the authentication code, and/or the software to be authenticated may be boot firmware, a virtual machine monitor (VMM), or other software. Other embodiments are described and claimed.
摘要翻译：当处理系统引导时，它可以从非易失性存储器检索加密密钥的加密版本到处理单元，该处理单元可以解密密码密钥。处理系统还可以检索用于处理系统的软件的预定认证码，并且处理系统可以使用密码密钥来计算软件的当前认证码。然后，处理系统可以通过将预定认证码与当前认证码进行比较来确定软件是否应该被信任。在各种实施例中，处理单元可以使用存储在处理单元的非易失性存储器中的密钥对加密密钥的加密版本进行解密，散列消息认证码（HMAC）可以用作认证码，和/或软件被认证可以是启动固件，虚拟机监视器（VMM）或其他软件。描述和要求保护其他实施例。

53. 发明授权

US08214414B2 Combined set bit count and detector logic 有权
标题翻译：组合位计数和检测器逻辑
公开(公告)号：US08214414B2
公开(公告)日：2012-07-03
申请号：US12242727
申请日：2008-09-30
申请人： Rajaraman Ramanarayanan , Sanu K. Mathew , Ram K. Krishnamurthy , Shay Gueron , Vasantha K. Erraguntla
发明人： Rajaraman Ramanarayanan , Sanu K. Mathew , Ram K. Krishnamurthy , Shay Gueron , Vasantha K. Erraguntla
IPC分类号： G06F15/00
CPC分类号： G06F7/74 , G06F7/607
摘要： A merged datapath for PopCount and BitScan is described. A hardware circuit includes a compressor tree utilized for a PopCount function, which is reused by a BitScan function (e.g., bit scan forward (BSF) or bit scan reverse (BSR)). Selector logic enables the compressor tree to operate on an input word for the PopCount or BitScan operation, based on a microprocessor instruction. The input word is encoded if a BitScan operation is selected. The compressor tree receives the input word, operates on the bits as though all bits have same level of significance (e.g., for an N-bit input word, the input word is treated as N one-bit inputs). The result of the compressor tree circuit is a binary value representing a number related to the operation performed (the number of set bits for PopCount, or the bit position of the first set bit encountered by scanning the input word).
摘要翻译：描述了PopCount和BitScan的合并数据路径。硬件电路包括用于PopCount功能的压缩器树，其由BitScan功能（例如，位扫描前向（BSF）或位扫描反向（BSR））重用。选择器逻辑使压缩器树能够基于微处理器指令对PopCount或BitScan操作的输入字进行操作。如果选择了BitScan操作，则输入字被编码。压缩器树接收输入字，对位进行操作，好像所有位具有相同的重要程度（例如，对于N位输入字，输入字被视为N个一位输入）。压缩器树电路的结果是表示与执行的操作有关的数字的二进制值（PopCount的设置位数，或通过扫描输入字所遇到的第一组位的位位置）。

54. 发明授权

US08127363B2 Method and apparatus for booting a processing system 有权
标题翻译：用于引导处理系统的方法和装置
公开(公告)号：US08127363B2
公开(公告)日：2012-02-28
申请号：US11964644
申请日：2007-12-26
申请人： Shay Gueron , Konstantin Levit-Gurevich , Boaz Ouriel , Israel Hirsh
发明人： Shay Gueron , Konstantin Levit-Gurevich , Boaz Ouriel , Israel Hirsh
IPC分类号： G06F7/04
CPC分类号： G06F9/4406 , G06F21/575 , G06F2221/2105
摘要： Machine-readable media, methods, apparatus and system for booting a processing system are described. In an embodiment, whether to launch an open operating system or a closed operating system to boot a processing system may be determined. A key may be retrieved from a processor register of the processing system and used to decrypt an encrypted version of the closed operating system based at least in part on a determination of booting the processing system with the closed operating system. In another embodiment, the processor register stored with the key may be flushed based at least in part on a determination of booting the processing system with the open operating system.
摘要翻译：描述了用于引导处理系统的机器可读介质，方法，装置和系统。在一个实施例中，可以确定是否启动打开的操作系统或封闭的操作系统以引导处理系统。密钥可以从处理系统的处理器寄存器检索，并且用于至少部分地基于使用封闭操作系统引导处理系统的确定来解密封闭操作系统的加密版本。在另一个实施例中，可以至少部分地基于使用打开的操作系统引导处理系统的确定来刷新存储有密钥的处理器寄存器。

55. 发明授权

US08068614B2 Methods and apparatus for batch bound authentication 有权
标题翻译：批量绑定认证的方法和装置
公开(公告)号：US08068614B2
公开(公告)日：2011-11-29
申请号：US11864887
申请日：2007-09-28
申请人： Mohan J. Kumar , Shay Gueron
发明人： Mohan J. Kumar , Shay Gueron
IPC分类号： H04L9/08 , G06F3/00 , H04L9/32
CPC分类号： G06F21/572 , G06F21/575
摘要： A processing system may include a processing unit and nonvolatile storage responsive to the processing unit. The nonvolatile storage may include a candidate boot code module and an authentication code module. The processing unit may be configured to execute code from the authentication code module before executing code from the candidate boot code module. The authentication code module may have instructions which, when executed by the processing unit, cause the processing unit to read a processor identifier from the processing unit and determine whether the processor belongs to a predetermined set of processors associated with a specific vendor, based at least in part on the identifier, before executing any instructions from the candidate boot code module. The processing system may also test authenticity of the candidate boot code module before executing any instructions from the candidate boot code module. Other embodiments are described and claimed.
摘要翻译：处理系统可以包括响应于处理单元的处理单元和非易失性存储器。非易失性存储器可以包括候选引导代码模块和认证代码模块。处理单元可以被配置为在从候选引导代码模块执行代码之前从认证代码模块执行代码。认证代码模块可以具有指令，当由处理单元执行时，处理单元至少从处理单元读取处理器标识符并且确定处理器是否属于与特定供应商相关联的预定处理器集合部分地在标识符上，在执行来自候选引导代码模块的任何指令之前。在执行来自候选引导代码模块的任何指令之前，处理系统还可以测试候选引导代码模块的真实性。描述和要求保护其他实施例。

56. 发明授权

US08042025B2 Determining a message residue 有权
标题翻译：确定消息残差
公开(公告)号：US08042025B2
公开(公告)日：2011-10-18
申请号：US12291621
申请日：2008-11-12
申请人： Vinodh Gopal , Gilbert Wolrich , Wajdi Feghali , Erdinc Ozturk , Shay Gueron
发明人： Vinodh Gopal , Gilbert Wolrich , Wajdi Feghali , Erdinc Ozturk , Shay Gueron
IPC分类号： H03M13/03
CPC分类号： G06F7/724 , H03M13/091
摘要： In one aspect, circuitry to determine a modular remainder with respect to a polynomial of a message comprised of a series of segment. In another aspect, circuitry to access at least a portion of a first number having a first endian format, determine a second number based on a bit reflection and shift of a third number having an endian format opposite to that of the first endian format, and perform a polynomial multiplication of the first number and the at least a portion of the first number.
摘要翻译：在一个方面，用于确定相对于包括一系列段的消息的多项式的模块余数的电路。在另一方面，访问具有第一末端格式的第一号码的至少一部分的电路基于具有与第一末端格式相反的端格式的第三号码的位反射和位移来确定第二号码，以及执行第一数字和第一数字的至少一部分的多项式相乘。

57. 发明授权

US07760873B2 Method and a system for a quick verification rabin signature scheme 失效
标题翻译：用于快速验证rabin签名方案的方法和系统
公开(公告)号：US07760873B2
公开(公告)日：2010-07-20
申请号：US11479100
申请日：2006-06-30
申请人： Shay Gueron , Vinodh Gopal
发明人： Shay Gueron , Vinodh Gopal
IPC分类号： H04L9/30
CPC分类号： H04L9/302 , H04L9/3249
摘要： A method and a system to perform a Quick Verification of a Rabin Signature (QVRS) is provided. In one embodiment, the signing party generates a Rabin signature S of an original message M using a public key N in the Rabin signature generating formula M=S2 mod N. In one embodiment, the signing party also generates a value q according to the formula q=floor(S2/N). In one embodiment, the signing party sends the original message M, the signature S, the public key N and the value q to the verifying party. In one embodiment, the verifying party verifies the integrity of the message M using the signature S, the public key N and the value q and the test equation M=S2−qN.
摘要翻译：提供了一种执行拉宾签名快速验证（QVRS）的方法和系统。在一个实施例中，签名方使用Rabin签名生成公式M = S2 mod N中的公共密钥N来生成原始消息M的Rabin签名S.在一个实施例中，签约方还根据公式生成值q q = floor（S2 / N）。在一个实施例中，签名方向验证方发送原始消息M，签名S，公钥N和值q。在一个实施例中，验证方使用签名S，公钥N和值q以及测试方程M = S2-qN验证消息M的完整性。

58. 发明申请

US20090214026A1 METHOD AND APPARATUS FOR OPTIMIZING ADVANCED ENCRYPTION STANDARD (AES) ENCRYPTION AND DECRYPTION IN PARALLEL MODES OF OPERATION 有权
标题翻译：用于优化并行运行模式的高级加密标准（AES）加密和分解的方法和装置
公开(公告)号：US20090214026A1
公开(公告)日：2009-08-27
申请号：US12038071
申请日：2008-02-27
申请人： Shay Gueron , Amit Gradstein , Zeev Sperber
发明人： Shay Gueron , Amit Gradstein , Zeev Sperber
IPC分类号： H04L9/06
CPC分类号： H04L9/0631 , G06F9/30007 , H04L2209/125
摘要： The throughput of an encryption/decryption operation is increased in a system having a pipelined execution unit. Different independent encryptions (decryptions) of different data blocks may be performed in parallel by dispatching an AES round instruction in every cycle.
摘要翻译：在具有流水线执行单元的系统中，加密/解密操作的吞吐量增加。可以通过在每个周期中调度AES循环指令来并行地执行不同数据块的不同的独立加密（解密）。

59. 发明申请

US20090070774A1 LIVE LOCK FREE PRIORITY SCHEME FOR MEMORY TRANSACTIONS IN TRANSACTIONAL MEMORY 有权
标题翻译：实时锁定用于存储器交易的优先存储器
公开(公告)号：US20090070774A1
公开(公告)日：2009-03-12
申请号：US11854175
申请日：2007-09-12
申请人： Shlomo Raikin , Shay Gueron , Gad Sheaffer
发明人： Shlomo Raikin , Shay Gueron , Gad Sheaffer
IPC分类号： G06F9/46
CPC分类号： G06F9/524 , G06F9/466
摘要： A method and apparatus for avoiding live-lock during transaction execution is herein described. Counting logic is utilized to track successfully committed transactions for each processing element. When a data conflict is detected between transactions on multiple processing elements, priority is provided to the processing element with the lower counting logic value. Furthermore, if the values are the same, then the processing element with the lower identification value is given priority, i.e. allowed to continue while the other transaction is aborted. To avoid live-lock between processing elements that both have predetermined counting logic values, such as maximum counting values, when one processing element reaches the predetermined counting value all counters are reset. In addition, a failure at maximum value (FMV) counter may be provided to count a number of aborts of a transaction when counting logic is at a maximum value. When the FMV counter is at a predetermined number of aborts the counting logic is reset to avoid live lock.
摘要翻译：这里描述了用于在事务执行期间避免实时锁定的方法和装置。计数逻辑用于跟踪每个处理元素的成功提交事务。当在多个处理元件之间的事务之间检测到数据冲突时，以较低的计数逻辑值提供给处理元件的优先级。此外，如果值相同，则具有较低识别值的处理元件被赋予优先级，即允许在其他事务被中止时继续。为了避免在具有预定的计数逻辑值（例如最大计数值）的处理元件之间的实时锁定，当一个处理元件达到预定计数值时，所有计数器都被重置。此外，当计数逻辑处于最大值时，可以提供在最大值（FMV）计数器上的故障来计数事务的中止次数。当FMV计数器处于预定数量的中止时，计数逻辑被复位以避免实时锁定。

60. 发明申请

US20080240426A1 Flexible architecture and instruction for advanced encryption standard (AES) 有权
标题翻译：高级加密标准（AES）的灵活架构和指令
公开(公告)号：US20080240426A1
公开(公告)日：2008-10-02
申请号：US11729199
申请日：2007-03-28
申请人： Shay Gueron , Wajdi K. Feghali , Vinodh Gopal , Makaram Raghunandan , Martin G. Dixon , Srinivas Chennupaty , Michael E. Kounavis
发明人： Shay Gueron , Wajdi K. Feghali , Vinodh Gopal , Makaram Raghunandan , Martin G. Dixon , Srinivas Chennupaty , Michael E. Kounavis
IPC分类号： H04L9/28 , H04L9/00
CPC分类号： H04L9/0631 , G06F3/0623 , G06F3/0665 , G06F3/0689 , G06F9/30007 , G06F9/30036 , G06F9/30047 , G06F9/30145 , G06F9/30178 , G06F9/3802 , G06F9/3818 , G06F9/3887 , G06F9/3895 , G06F12/0862 , G06F12/0875 , G06F12/1408 , G06F21/602 , G06F2212/1052 , G06F2212/402 , G06F2212/452 , G06F2212/454 , G06F2212/602 , G11C7/1072 , H04L9/0816 , H04L9/0861 , H04L2209/12 , H04L2209/24
摘要： A flexible aes instruction set for a general purpose processor is provided. The instruction set includes instructions to perform a “one round” pass for aes encryption or decryption and also includes instructions to perform key generation. An immediate may be used to indicate round number and key size for key generation for 128/192/256 bit keys. The flexible aes instruction set enables full use of pipelining capabilities because it does not require tracking of implicit registers.
摘要翻译：提供了一种用于通用处理器的灵活的指令集。指令集包括对aes加密或解密执行“一轮”通行的指令，还包括执行密钥生成的指令。立即可以用于指示128/192/256位键的密钥生成的循环数和密钥大小。灵活的aes指令集可以充分利用流水线功能，因为它不需要跟踪隐式寄存器。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式