公开(公告)号：US20240106644A1

公开(公告)日：2024-03-28

申请号：US17954157

申请日：2022-09-27

Applicant: Intel Corporation

Inventor： Aditya Katragada ,  Geoffrey Strongin ,  Prakash Iyer ,  Rajesh Banginwar ,  Poh Thiam Teoh ,  Gary Wallichs

IPC: H04L9/08

CPC classification number: H04L9/0891 ,  H04L9/0894

Abstract: A system and method of enhancing the mitigation of side channel attacks on platform interconnects using endpoint HW based detection, synchronization, and re-keying include generating a set of keys for link encryption based on a high entropy seed, storing the set of keys in a deterministic order in a register, detecting that a re-key programmable threshold is met during link encryption with a device, identifying a synchronization point associated with the device, where the synchronization point indicates the device is ready to switch a current key used for link encryption, and synchronizing a rekeying event with the device.

公开(公告)号：US11768941B2

公开(公告)日：2023-09-26

申请号：US16832489

申请日：2020-03-27

Applicant: Intel Corporation

Inventor： Vinupama Godavarthi ,  Andrzej Mialkowski ,  Kar Leong Wong ,  Aditya Katragada ,  Maciej Kusio ,  Prashant Dewan ,  Karunakara Kotary

IPC: G06F21/57 ,  G06F21/78 ,  G06F12/0804 ,  G06F12/08

CPC classification number: G06F21/572 ,  G06F12/0804 ,  G06F21/575 ,  G06F21/78

Abstract: An apparatus to implement an IP independent secure firmware load into an IP agent without a ROM to establish hardware root of trust is disclosed. The apparatus includes a plurality of agents, at least one agent including an isolated memory region accessible only to a trusted entity of the at least one agent and a main memory, and a processor to allocate a section of the isolated memory region of the at least one agent, verify a first stage firmware module, the first stage firmware module comprising instructions to enable the at least one agent to load and verify a second stage firmware module, place the first stage firmware module into memory of the at least one agent without a ROM to establish the hardware root of trust.

公开(公告)号：US20200226261A1

公开(公告)日：2020-07-16

申请号：US16832152

申请日：2020-03-27

Applicant: Intel Corporation

Inventor： Prashant Dewan ,  Chao Zhang ,  Nivedita Aggarwal ,  Aditya Katragada ,  Mohamed Haniffa ,  Kenji Chen

IPC: G06F21/57 ,  G06F21/64 ,  G06F8/65

Abstract: An apparatus to verify firmware in a computing system, comprising a non-volatile memory, including firmware memory to store agent firmware associated with each of a plurality of interconnect protocol (IP) agents and version memory to store security version numbers (SVNs) included in the agent firmware, a security controller comprising verifier logic to verify an integrity of the version memory by applying a hash algorithm to contents of the version memory to generate a SVN hash, and a trusted platform module (TPM) to store the SVN hash.

公开(公告)号：US12204463B2

公开(公告)日：2025-01-21

申请号：US17699320

申请日：2022-03-21

Applicant: Intel Corporation

Inventor： Aditya Katragada ,  Peter Munguia ,  Gregg Lahti

IPC: G06F12/14 ,  G06F13/40 ,  G06F21/62 ,  G06F21/79

Abstract: Techniques are described for providing consistent memory operations and security across electronic circuitry components having disparate memory and/or security architectures when integrating such disparately architected components within a single system, such as a system on chip. A programmable logical hierarchy of isolated memory region (IMR) enforcement circuits is provided to protect such IMRs, allowing or preventing memory access requests from one of multiple distinct circuitry components based on configuration registers for the IMR enforcement circuits. Integration of multiple trust domain architectures associated with the multiple distinct circuitry components is facilitated via trust domain conversion bridge circuitry that includes translation logic for generating information in accordance with a first trust domain architecture based on information provided in accordance with a distinct second trust domain architecture.

公开(公告)号：US20240378294A1

公开(公告)日：2024-11-14

申请号：US18426561

申请日：2024-01-30

Applicant: Intel Corporation

Inventor： Prashant Dewan ,  Chao Zhang ,  Nivedita Aggarwal ,  Aditya Katragada ,  Mohamed Haniffa ,  Kenji Chen

IPC: G06F21/57 ,  G06F8/65 ,  G06F21/64

Abstract: An apparatus to verify firmware in a computing system, comprising a non-volatile memory, including firmware memory to store agent firmware associated with each of a plurality of interconnect protocol (IP) agents and version memory to store security version numbers (SVNs) included in the agent firmware, a security controller comprising verifier logic to verify an integrity of the version memory by applying a hash algorithm to contents of the version memory to generate a SVN hash, and a trusted platform module (TPM) to store the SVN hash.

公开(公告)号：US11928215B2

公开(公告)日：2024-03-12

申请号：US17852814

申请日：2022-06-29

Applicant: Intel Corporation

Inventor： Prashant Dewan ,  Chao Zhang ,  Nivedita Aggarwal ,  Aditya Katragada ,  Mohamed Haniffa ,  Kenji Chen

IPC: G06F21/57 ,  G06F8/65 ,  G06F21/44 ,  G06F21/64

CPC classification number: G06F21/572 ,  G06F8/65 ,  G06F21/64 ,  G06F2221/033

Abstract: An apparatus to verify firmware in a computing system, comprising a non-volatile memory, including firmware memory to store agent firmware associated with each of a plurality of interconnect protocol (IP) agents and version memory to store security version numbers (SVNs) included in the agent firmware, a security controller comprising verifier logic to verify an integrity of the version memory by applying a hash algorithm to contents of the version memory to generate a SVN hash, and a trusted platform module (TPM) to store the SVN hash.

公开(公告)号：US20220253366A1

公开(公告)日：2022-08-11

申请号：US17733347

申请日：2022-04-29

Applicant: Intel Corporation

Inventor： Prashant Dewan ,  Uttam Sengupta ,  Aditya Katragada

IPC: G06F11/34 ,  H04L9/32 ,  H04L67/125

Abstract: An apparatus to collect firmware measurement data at a computing system is disclosed. The apparatus includes a plurality of agents, each including a non-volatile memory storing firmware executed to perform a function associated with the agent, verification logic to generate measurement data by verifying the integrity of the firmware and a register to store the measurement data, and a processor to execute an instruction to collect firmware measurement data from each of the plurality of agents.

公开(公告)号：US20220150046A1

公开(公告)日：2022-05-12

申请号：US17477028

申请日：2021-09-16

Applicant: Intel Corporation

Inventor： Dumitru-Daniel Dinu ,  Emre Karabulut ,  Aditya Katragada ,  Geoffrey Strongin ,  Avinash L. Varna

IPC: H04L9/00 ,  G06F21/72

Abstract: A security processor includes a scheduler to read input data blocks from an input buffer, send the input data blocks to one or more cryptographic circuits in a first random order; and send data blocks having random values in a second random order to one or more of the cryptographic circuits that did not receive the input data blocks.

公开(公告)号：US20230169173A1

公开(公告)日：2023-06-01

申请号：US18088730

申请日：2022-12-26

Applicant: Intel Corporation

Inventor： Aditya Katragada ,  Prashant Dewan ,  Karunakara Kotary ,  Vinupama Godavarthi ,  Kumar Dwarakanath ,  Alex Izbinsky ,  Purushottam Goel

IPC: G06F21/57 ,  G06F21/72 ,  G06F9/445

CPC classification number: G06F21/572 ,  G06F21/72 ,  G06F9/445 ,  G06F2221/033

Abstract: An integrated circuit provides a firmware dashboard to communicatively couple to a basic input/output system (BIOS), and provide to the BIOS a firmware load interface, and an intellectual property (IP) block interface to communicatively couple to an IP block, wherein the IP block provides a push model to load a firmware or a pull model to load the firmware, and wherein the firmware dashboard provides a common load flow to the BIOS for both the push model and pull model.

公开(公告)号：US11416370B2

公开(公告)日：2022-08-16

申请号：US16832163

申请日：2020-03-27

Applicant: Intel Corporation

Inventor： Prashant Dewan ,  Uttam Sengupta ,  Aditya Katragada

IPC: G06F11/34 ,  H04L9/32 ,  H04L67/125

Abstract: An apparatus to collect firmware measurement data at a computing system is disclosed. The apparatus includes a plurality of agents, each including a non-volatile memory storing firmware executed to perform a function associated with the agent, verification logic to generate measurement data by verifying the integrity of the firmware and a register to store the measurement data, and a processor to execute an instruction to collect firmware measurement data from each of the plurality of agents.