会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • PROCESSOR STATE INTEGRITY PROTECTION USING HASH VERIFICATION
    • 处理器使用哈希验证来表示完整性保护
    • WO2017105706A1
    • 2017-06-22
    • PCT/US2016/061823
    • 2016-11-14
    • INTEL CORPORATION
    • BRANCO, Rodrigo R.
    • G06F21/50H04W12/10
    • G06F11/1469G06F11/1451G06F21/554G06F21/57G06F21/74G06F2201/805G06F2201/84
    • This disclosure is directed to processor state integrity protection using hash verification. A device may comprise processing circuitry and memory circuitry. The processing circuity may be triggered to enter a secure mode. Prior to entering the secure mode, the processing circuitry may determine a processor state of the processing circuitry and a hash of the processor state, and store them in secured memory within the memory circuitry. Prior to exiting the secure mode, the processing circuitry may compute an updated hash of the stored processor state and compare it to the previously stored hash. If the updated hash and stored hash are determined to be the same, then the processing circuitry may restore the processor state and normal operation resumes. If the updated hash and stored hash are determined to be different, then the stored processor state may be compromised and the processing circuitry may perform at least one protective action.
    • 本公开针对使用散列验证的处理器状态完整性保护。 设备可以包括处理电路和存储器电路。 处理电路可以被触发以进入安全模式。 在进入安全模式之前,处理电路可以确定处理电路的处理器状态和处理器状态的散列,并将它们存储在存储器电路内的安全存储器中。 在退出安全模式之前,处理电路可以计算所存储的处理器状态的更新散列,并将其与先前存储的散列进行比较。 如果更新的散列和存储的散列被确定为相同,则处理电路可以恢复处理器状态并恢复正常操作。 如果更新的散列和存储的散列被确定为不同,则所存储的处理器状态可能被破坏,并且处理电路可以执行至少一个保护动作。
    • 3. 发明申请
    • RETURN ADDRESS ENCRYPTION
    • 返回地址加密
    • WO2018063604A1
    • 2018-04-05
    • PCT/US2017/048355
    • 2017-08-24
    • INTEL CORPORATION
    • BRANCO, Rodrigo R.
    • G06F21/62G06F21/71H04L9/14
    • G06F21/52H04L9/002H04L9/0662H04L9/14
    • Disclosed in some examples are methods, systems, and machine readable media for encrypting return addresses with a cryptographic key. The call and return operations may be changed to incorporate an XOR operation on the return address with the cryptographic key. Upon calling a function, the return address may be XORed with the key which encrypts the return address. The encrypted return address may then be placed upon the stack. Upon returning from the function, the return address may be retrieved from the stack and XORed with the cryptographic key which then decrypts the return address. The processor may then return control to the address indicated by the unencrypted return address. This method makes modifications of the return address useless as an attack vector because the result of modifying the return address will be unpredictable to the attacker as a result of the XOR operation done on the return address.
    • 在一些示例中公开了用于使用密码密钥加密返回地址的方法,系统和机器可读介质。 调用和返回操作可能会改变,以便在加密密钥的返回地址中包含XOR操作。 在调用函数时,返回地址可能与加密返回地址的密钥异或。 加密的返回地址然后可以放置在堆栈上。 从函数返回后,返回地址可以从堆栈中取回,并与加密密钥异或,然后解密返回地址。 处理器然后可以将控制返回到由未加密的返回地址指示的地址。 这种方法将返回地址的修改用作攻击载体是没有用的,因为修改返回地址的结果对于攻击者来说是不可预知的,因为XOR操作是在返回地址上完成的。