公开(公告)号：US20060059373A1

公开(公告)日：2006-03-16

申请号：US10938774

申请日：2004-09-10

Applicant: Camil Fayad ,  John Li ,  Siegfried Sutter

Inventor： Camil Fayad ,  John Li ,  Siegfried Sutter

IPC: G06F12/14

CPC classification number: G06F21/82 ,  G06F12/1408 ,  G06F21/72

Abstract: An integrated circuit chip is provided which contains one or more processors and one or more cryptographic engines. A flow control circuit having a command processor accepts requests and data via a secure external interface through which only encrypted information is passed. The flow control circuit mediates decryption of this information using one or more cryptographic keys passed to the command processor. The decrypted information is stored in a preferably volatile, on-chip memory in unencrypted form. The flow control circuit is then able to accept requests which invoke the stored, decrypted instructions. More specifically, the invoked instructions are usable to control the cryptographic engines present on the chip in ways knowable only to the one who provides the encrypted instructions. In this way, many different encryption algorithms are employable in a secure fashion.

Abstract translation: 提供一种集成电路芯片，其包含一个或多个处理器和一个或多个加密引擎。 具有命令处理器的流控制电路经由安全的外部接口接收请求和数据，通过该外部接口仅传递加密的信息。 流控制电路使用传递给命令处理器的一个或多个加密密钥介入该信息的解密。 解密的信息以未加密的形式存储在优选易失性的片上存储器中。 流控制电路然后能够接受调用存储的解密指令的请求。 更具体地，被调用的指令可用于以仅以提供加密指令的方式可知的方式来控制存在于芯片上的加密引擎。 以这种方式，可以以安全的方式使用许多不同的加密算法。