Class / Patent application number | Description | Number of patent applications / Date published |
713192000 | Having separate add-on board | 33 |
20090037747 | Security Chip - Two kinds of security chips having a security interface are provided. One kind of security chip comprises a processor module, an encrypt/decrypt module, a memory module, a power detecting module and a security I/O module, and all of the modules are connected with each other by an internal bus in the security chip; the other kind of security chip comprises a processor module, an encrypt/decrypt module, a memory module, a power detecting module and an I/O interface module, all of the modules being connected with each other by the internal bus in the security chip, wherein, the security chip also comprises a security input module, a security output module and a south bridge interface module, and all of the modules are connected with each other by the internal bus in the security chip. With the security chip provided by the present invention, it is possible to encrypt/decrypt the I/O information of an information processing device, ensure the safety of the I/O information, and thus prevent the information from being listened to or otherwise revealed. | 02-05-2009 |
20090307501 | APPARATUS, SYSTEM, AND METHOD FOR COMMUNICATION BETWEEN A DRIVER AND AN ENCRYPTION SOURCE - An apparatus, system, and method are disclosed for interfacing a driver with an encryption source that uses a communication module that allows the driver and the encryption source to communicate messages to one another, wherein the messages result in the encryption source providing encryption data that the communication module relays to the driver. | 12-10-2009 |
20090327756 | SECURE DIGITAL CONTENT STORAGE DEVICE - A secure digital content storage device comprising a memory for storing digital data, a decoder, coupled to the memory, for generating analog output based on the digital data, and a secure enclosure, or a secure connection between the memory and the decoder, or a single monolithic integrated circuit structure for preventing unauthorized access to the digital content stored in the memory. Under the present invention, the secure digital content storage device protects the digital content stored therein from unauthorized replication or tampering by an external device or agent. | 12-31-2009 |
20100115291 | Secure Virtual Machine Manager - Secure processing systems providing host-isolated security are provided. An exemplary secure processing system includes a host processor and a virtual machine instantiated on the host processor. A virtual unified security hub (USH) is instantiated on the virtual machine to provide security services to applications executing on the host processor. The virtual USH may further include an application programming interface (API) operable to expose the security services to the applications. A further exemplary secure processing system includes a host processor running a windows operating system for example, a low power host processor, and a USH processor configured to provide secure services to both the host processor and the low power host processor isolating the secure services from the host processor and the low power processor. The USH processor may also include an API to expose the security services to applications executing on the host processor and/or the low power host processor. | 05-06-2010 |
20100174919 | PROGRAM EXECUTION APPARATUS, CONTROL METHOD, CONTROL PROGRAM, AND INTEGRATED CIRCUIT - Information processing apparatus | 07-08-2010 |
20100191982 | DEVICE - A device is provided which includes: a processor that outputs a command signal or an address signal and includes a bus module which inputs or outputs a data signal; and an encryption circuit that encrypts or decrypts the data signal in an encryption method using a common key and the address signal, wherein the processor and the encryption circuit are provided in a chip. | 07-29-2010 |
20110060921 | Data Encryption Device - A device for encryption of data. The device may include a first coupling for connection to a computer, a second coupling for connection to an external data storage device, and an encryption circuit for encryption and decryption of data stored on or being transferred to the external data storage device, wherein the encryption circuit is arranged such that during encryption a decryption key is stored on the external data storage device, and such that during decryption the decryption key is retrieved from the external data storage device. | 03-10-2011 |
20110252244 | METHOD AND INTEGRATED CIRCUIT FOR SECURE ENCRYPTION AND DECRYPTION - In one embodiment of the present invention, a secure cryptographic circuit arrangement is provided. The secure cryptographic circuit includes a cryptographic processing block, a spreading sequence generator, and a delay control circuit. The cryptographic processing block has a plurality of signal paths. One or more of the plurality of signal paths includes respective adjustable delay circuits. The spreading sequence generator is configured to output a sequence of pseudo-random numbers. The delay control circuit has an input coupled to an output of the spreading sequence number generator and one or more outputs coupled to respective delay adjustment inputs of the adjustable delay circuits. The delay control circuit is configured to adjust the adjustable delay circuits based on the pseudo-random numbers. | 10-13-2011 |
20120036372 | Conditional Access Integration in a SOC for Mobile TV Applications - An integrated circuit (IC) includes a demodulator for receiving encrypted information data and a hardware unit that enables conditional access to the information data. The hardware unit includes a processing unit, a RAM, a ROM, multiple non-volatile registers, and an interface unit for transferring an attribute to the demodulator. The non-volatile registers may include an IC identification and an encryption key. In an embodiment, the ROM includes a boot code that causes the processing unit to fetch a code from an external memory and store the fetched code in the RAM. The fetched code may include a certificate that ensures the authenticity of the code. The fetched code may be encrypted and decrypted by the ROM using the IC identification and the encryption key. The demodulator includes a descrambler for decrypting the received information data using the attribute. The information data may include digital radio or television content. | 02-09-2012 |
20120047374 | TAMPER RESISTANCE EXTENSION VIA TAMPER SENSING MATERIAL HOUSING INTEGRATION - Systems and apparatuses disclosed herein provide for a tamper resistant electronic device. The electronic device can include a circuit board, housing, a security shield, one or more pressure sensitive switches, and security electronics. The security shield can cover a first area of the circuit board and be configured to sense tampering. The security shield can also be integrated into the first part of the housing, wherein a second area of the circuit board is covered by the housing and is outside of the security shield, both the first area and the second area having electronics therein. The security electronics on the circuit board can be coupled to the security shield and the one or more pressure switches, and can be configured to zeroize data stored on the circuit board if the security shield senses tampering or if one or more of the one or more pressure sensitive switches is disengaged. | 02-23-2012 |
20120079287 | Firmware Authentication and Deciphering for Secure TV Receiver - A method for authenticating and deciphering an encrypted program file for execution by a secure element includes receiving the program file and a digital certificate that is associated with the program file from an external device. The method stores the program file and the associated certificate in a secure random access memory disposed in the secure element and hashes the program file to obtain a hash. The method authenticates the program file by comparing the obtained hash with a checksum that is stored in the certificate. Additionally, the method writes runtime configuration information stored in the certificate to corresponding configuration registers disposed in the secure element. The method further generates an encryption key using a seed value stored in the certificate and a unique identifier disposed in the secure element and deciphers the program file using the generated encryption key. | 03-29-2012 |
20120284533 | METHOD AND CIRCUIT FOR CRYPTOGRAPHIC OPERATION - A method of performing a cryptographic operation including: receiving a plurality of binary input values; splitting the binary input values into a plurality of non-binary digits of base r, where r is an integer greater than 2 and not equal to a power of 2; and performing, by a cryptographic block on each of the plurality of non-binary digits, a different modulo r operation to generate at least one output digit) of base r. | 11-08-2012 |
20130031375 | Method and apparatus for protecting software of mobile terminal - A method for protecting software of a mobile terminal is provided in the disclosure, wherein an encryption chip is mounted in the mobile terminal. The method includes: when the mobile terminal is turned on, whether or not the encryption chip is invalid is detected; when it is not invalid, the encryption chip authenticates the software of the mobile terminal through interaction with a main chip; when the authentication is not passed, the encryption chip controls a functional module of the mobile terminal through a hardware protection circuit. An apparatus for protecting software of a mobile terminal is also provided in the present disclosure. The solution of the disclosure can prevent the software of the mobile terminal from being cracked and protect the functions of the mobile terminal from illegal usage, thus the security of the mobile terminal is greatly improved and the interests of operators and manufacturers are protected. | 01-31-2013 |
20130246810 | SYSTEMS AND METHODS FOR SECURING DATA IN MOTION - The systems and methods of the present invention provide a solution that makes data provably secure and accessible—addressing data security at the bit level—thereby eliminating the need for multiple perimeter hardware and software technologies. Data security is incorporated or weaved directly into the data at the bit level. The systems and methods of the present invention enable enterprise communities of interest to leverage a common enterprise infrastructure. Because security is already woven into the data, this common infrastructure can be used without compromising data security and access control. In some applications, data is authenticated, encrypted, and parsed or split into multiple shares prior to being sent to multiple locations, e.g., a private or public cloud. The data is hidden while in transit to the storage location, and is inaccessible to users who do not have the correct credentials for access. | 09-19-2013 |
20130332747 | REMOVABLE DRIVE WITH DATA ENCRYPTION - A removable drive such as a USB drive or key is provided for connecting to computer devices to provide secure and portable data storage. The drive includes a drive manager adapted to be run by an operating system of the computer device. The drive manager receives a password, generates a random key based on the password, encrypts a user-selected data file in memory of the computer device using the key, and stores the encrypted file in the memory of the removable drive. The drive manager performs the encryption of the data file without corresponding encryption applications being previously loaded on the computer system. The drive manager may include an Advanced Encryption Standard (AES) cryptography algorithm The drive manager generates a user interface that allows a user to enter passwords, select files for encryption and decryption, and create folders for storing the encrypted files on the removable drive. | 12-12-2013 |
20140006804 | VIRTUALIZED TRUSTED DESCRIPTORS | 01-02-2014 |
20140068275 | Measuring Platform Components With A Single Trusted Platform Module - In accordance with some embodiments, a single trusted platform module per platform may be used to handle conventional trusted platform tasks as well as those that would arise prior to the existence of a primary trusted platform module in conventional systems. Thus one single trusted platform module may handle measurements of all aspects of the platform including the baseboard management controller. In some embodiments, a management engine image is validated using a read only memory embedded in a chipset such as a platform controller hub, as the root of trust. Before the baseboard management controller (BMC) is allowed to boot, it must validate the integrity of its flash memory. But the BMC image may be stored in a memory coupled to a platform controller hub (PCH) in a way that it can be validated by the PCH. | 03-06-2014 |
20140068276 | INFORMATION PROCESSING APPARATUS - A hardware TPM has a plurality of registers, and performs data protection by encryption of data associated with the value of one of the plurality of registers. A register number manager manages, for each application, a register number used for the data protection. During execution of an application, an application executor issues a data protection request that designates a register number preset in the application. A software TPM transfers, to the hardware TPM, the data protection request in which the register number designated in the data protection request has been replaced with the register number managed by the register number manager. | 03-06-2014 |
20140089682 | Security Enclave Processor for a System on a Chip - An SOC implements a security enclave processor (SEP). The SEP may include a processor and one or more security peripherals. The SEP may be isolated from the rest of the SOC (e.g. one or more central processing units (CPUs) in the SOC, or application processors (APs) in the SOC). Access to the SEP may be strictly controlled by hardware. For example, a mechanism in which the CPUs/APs can only access a mailbox location in the SEP is described. The CPU/AP may write a message to the mailbox, which the SEP may read and respond to. The SEP may include one or more of the following in some embodiments: secure key management using wrapping keys, SEP control of boot and/or power management, and separate trust zones in memory. | 03-27-2014 |
20140181534 | CRYPTOGRAPHIC CIRCUIT PROTECTION FROM DIFFERENTIAL POWER ANALYSIS - According to an example embodiment, a device provides cryptographic processing functions using secret data. The device can include protection from differential power analysis (DPA). The encryption processing circuit and its memory can be decoupled from external power source(s) during encryption-related computations. A local power storage element, such as a capacitive element, can provide power while the encryption processing circuit is decoupled from the external power source(s). The local power storage element can then be reconnected and charged once the encryption-related computations are completed or paused. | 06-26-2014 |
20140189369 | Instructions Processors, Methods, and Systems to Process Secure Hash Algorithms - A method of an aspect includes receiving an instruction. The instruction indicates a first source of a first packed data including state data elements a | 07-03-2014 |
20140298040 | SYSTEMS, METHODS AND APPARATUSES FOR SECURE STORAGE OF DATA USING A SECURITY-ENHANCING CHIP - A computer processor and a security enhancing chip may be provided. In one aspect, the computer processor may comprise a storage for storing an encryption key, a central processing unit (CPU) configured to execute one or more software programs, and a circuit configured to calculate a hash function to generate a hash value for data loaded into the computer processor and generate an authentication token for a request initiated by a software program running on the CPU. In another aspect, the security enhancing chip may comprise a first storage for storing an encryption key, a second storage for storing a certificate, a hash storage and circuit components configured to validate, using the first certificate, command(s) adding the encryption key to the first storage and storing a first hash to the hash storage, and to process a request if a second hash in the request is equal to the first hash. | 10-02-2014 |
20140310533 | SEMICONDUCTOR DEVICE AND METHOD FOR DRIVING THE SAME - An object is to solve all of the following problems caused when a volatile register and a non-volatile register are used as registers in a processor: degradation of the integrity of data stored in the non-volatile register; loss of data security due to the processor and a non-volatile memory device that are provided apart from each other; and slow data processing speed due to wiring delay or the like caused by these devices provided apart from each other. When data maintained in the volatile register is stored in the non-volatile register before supply of power supply voltage is stopped, the data is encrypted by an encryption circuit and stored in a non-volatile memory device that is provided separately from the processor. Then, the data stored in the non-volatile register is compared with the compressed and encrypted data stored in the non-volatile memory device. | 10-16-2014 |
20140325240 | PROGRAMMING ON-CHIP NON-VOLATILE MEMORY IN A SECURE PROCESSOR USING A SEQUENCE NUMBER - An improved secure programming technique involves reducing the size of bits programmed in on-chip secret non-volatile memory, at the same time enabling the typical secure applications supported by secure devices. A technique for secure programming involves de-coupling chip manufacture from the later process of connecting to ticket servers to obtain tickets. A method according to the technique may involve sending a (manufacturing) server signed certificate from the device prior to any communication to receive tickets. A device according to the technique may include chip-internal non-volatile memory to store the certificate along with the private key, in the manufacturing process. | 10-30-2014 |
20140325241 | DEVICE SPECIFIC INFORMATION GENERATION DEVICE AND DEVICE SPECIFIC GENERATION METHOD - A device generating specific information of a semiconductor device includes a bit generation unit including a glitch generation circuit and a bit conversion circuit for converting a shape of the glitch into an information bit. The glitch generation circuit includes a plurality of combinational circuits mounted thereon to output a plurality of different glitches. The bit generation unit further includes a selector for selecting one glitch from among the plurality of different glitches in response to a selection signal to output the selected one glitch to the bit conversion circuit. The device further includes a performance evaluation/control unit for outputting the selection signal to obtain a piece of bit information corresponding to each of the plurality of different glitches and specifying a glitch satisfying a desired performance based on the respective pieces of bit information. | 10-30-2014 |
20150067352 | Receptacle-Configured Cryptographic Device - Disclosed is a cryptographic device that may automatically configure its traffic interfaces and cryptographic modes when it is inserted into an electrically keyed receptacle in a host system. Such automatic configuration may enable a single cryptographic module to support a range of input/output interfaces, such as SPI, Ethernet, RS-232 Serial, and RS-485 Serial, for example, and also to support a range of cryptographic modes, such as Cipher Block Chaining, Galois Counter Mode, or Long Cycle Mode, for Communications Security (COMSEC) and Transmission Security (TRANSEC) purposes. In addition, such automatic configuration may include parameters that affect power consumption, such as device clock rate or other power management features. | 03-05-2015 |
20150095660 | Computational System - A computational system is configured to protect against integrity violation. The computational system includes a processing unit and a critical resource, the critical resource being controllable by the processing unit so as to be locked or unlocked. The critical resource is configured to intermittently transmit a polling value to the processing unit, and the processing unit is configured to apply a transformation onto the polling value so as to obtain a response value and send the response value back to the critical resource. The critical resource is configured to check the response value on correctness so as to obtain a check result, and subject the controllability to a dependency on the check result. | 04-02-2015 |
20150312047 | INTEGRATED SECURITY DEVICE AND SIGNAL PROCESSING METHOD USED FOR AN INTEGRATED SECURITY DEVICE - An integrated security device, including: an encryption/decoding processing unit for executing processing necessary for authentication by using a logic circuit that forms an encryption/decoding function; a selector for selecting signals whose number corresponds to a specific number of lines from among signals from a plurality of intermediate nodes of the logic circuit in accordance with a selection signal; and a signal processing unit having a function of detecting a glitch caused by the signals corresponding to the specific number of lines, for implementing both a function of generating a physical random number and a function of generating a device identifier by a physical characteristic based on the glitch detected by switch-selecting the signals corresponding to the specific number of lines. | 10-29-2015 |
20150317495 | Protecting Critical Data Structures in an Embedded Hypervisor System - A system and method for securing a hypervisor and operating systems that execute on a computing device. An encrypted hypervisor is uploaded to a hardware chip. Prior to being executed, the hypervisor is decrypted using a secure security processor and stored in an on-chip memory. When a processor on the hardware chip executes the hypervisor, at least one on-chip component continuously authenticates the hypervisor during execution. A hypervisor configures a processor with access rights associated with an operating system, where the access rights determine access of the operating system to an at least one resource. A transaction filter then uses the access rights associated with the operating system to monitor the access of the operating system to the at least one resource in real-time as the operating system executes on a processor. | 11-05-2015 |
20160048704 | Secure Semiconductor Device Having Features to Prevent Reverse Engineering - An encryption circuit for receiving an input of a first digital key and plaintext data, the encryption circuit for mathematically manipulating the digital key and the plaintext data to encrypt the plaintext data into encrypted data, wherein at least a portion of the encryption circuit comprises IBG circuitry. A decryption circuit for receiving an input of a second digital key and the encrypted data, the decryption circuit for mathematically manipulating the digital key and the encrypted data to decrypt the encrypted data into the plaintext data, wherein at least a portion of the decryption circuit comprises IBG circuitry | 02-18-2016 |
20160070932 | Providing A Trusted Execution Environment Using A Processor - In an embodiment, a system on a chip includes: a single core to execute a legacy instruction set, the single core configured to enter a system management mode (SMM) to provide a trusted execution environment to perform at least one secure operation; and a memory controller coupled to the single core, the memory controller to interface with a system memory, where a portion of the system memory comprises a secure memory for the SMM, and the single core is to authenticate and execute a boot firmware, and pass control to the SMM to obtain a key pair from a protected storage and store the key pair in the secure memory. Other embodiments are described and claimed. | 03-10-2016 |
20160188910 | AUTOMATED MANUFACTURING SYSTEM WITH ADAPTER SECURITY MECHANISM AND METHOD OF MANUFACTURE THEREOF - A method of operation of an automated assembly system includes: detecting a socket adapter having an adapter identifier and an adapter cryptographic chip; calculating a primary key hash based on a primary key in a programming cryptographic chip; calculating an adapter hash based on the adapter identifier using the adapter cryptographic chip; matching the primary key hash to the adapter hash to update an authentication token with the adapter identifier for authenticating the socket adapter on the device programming system; and programming programmable devices in the socket adapter based on the authentication token. | 06-30-2016 |
20190147192 | METHOD AND APPARATUS FOR TRUST DOMAIN CREATION AND DESTRUCTION | 05-16-2019 |