Memory device with secure boot updates and self recovery
US-2024406008-A1 · Dec 5, 2024 · US
Systems, methods and apparatuses for secure storage of data using a security-enhancing chip
US11074371B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11074371-B2 |
| Application number | US-201916716622-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 17, 2019 |
| Priority date | Mar 29, 2013 |
| Publication date | Jul 27, 2021 |
| Grant date | Jul 27, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A computer processor and a security enhancing chip may be provided. In one aspect, the computer processor may comprise a storage for storing an encryption key, a central processing unit (CPU) configured to execute one or more software programs, and a circuit configured to calculate a hash function to generate a hash value for data loaded into the computer processor and generate an authentication token for a request initiated by a software program running on the CPU. In another aspect, the security enhancing chip may comprise a first storage for storing an encryption key, a second storage for storing a certificate, a hash storage and circuit components configured to validate, using the first certificate, command(s) adding the encryption key to the first storage and storing a first hash to the hash storage, and to process a request if a second hash in the request is equal to the first hash.
First claim
Opening claim text (preview).
What is claimed is: 1. A security enhancing chip of one computing device, the security enhancing chip comprising: a first storage for storing an encryption key; a second storage for storing a first certificate; a hash storage; and circuit components configured to: receive a command to store a first hash value in the hash storage; validate the command to store the first hash value using the first certificate; store the first hash value in the hash storage when validation of the command to store the first hash value is successful; receive a command to add the encryption key to the first storage; validate the command to add the encryption key using the first certificate; add the encryption key to the first storage when validation of the command to add the encryption key is successful; receive a request for an operation, the request comprising a second hash value; validate the request using the encryption key; verify that the second hash value is equal to the first hash value stored in the hash storage; and process the request when the request is valid and verification of the second hash value is successful. 2. The security enhancing chip of claim 1 , wherein the request is one of a request to retrieve data, a request to store data, and a request for a service to be performed. 3. The security enhancing chip of claim 1 , wherein the circuit components are further configured to verify that the request is received from a computer processor within a predefined distance. 4. The security enhancing chip of claim 1 , wherein to process the request, the circuit components are further configured to store data in association with the second hash value. 5. The security enhancing chip of claim 4 , wherein the data in association with the second hash value is another encryption key to be stored at the security-enhancing chip. 6. The security enhancing chip of claim 4 , wherein the data in association with the second hash value is a piece of code to be stored at the security-enhancing chip. 7. The security enhancing chip of claim 4 , wherein the data in association with the second hash value is a second certificate to be stored within the security-enhancing chip. 8. The security enhancing chip of claim 1 , wherein the encryption key is a public key of a public and private key pair, and wherein to validate the request using the encryption key, the circuit components are further configured to verify a signature of the request using the public key. 9. The security enhancing chip of claim 1 , wherein the encryption key is a secret key, and wherein to validate the request using the encryption key, the circuit components are further configured to verify a message authentication code (MAC) of the request using the secret key. 10. A method for operating a security enhancing chip of one computing device, the method comprising: receiving a command to store a first hash value in a hash storage of the security enhancing chip; validating the command to store the first hash value using a first certificate stored in the security enhancing chip; storing the first hash value in the hash storage when validation of the command to store the first hash value is successful; receiving a command to add an encryption key to a first storage of the security enhancing chip; validating the command to add the encryption key using the first certificate; adding the encryption key to the first storage when validation of the command to add the encryption key is successful; receiving a request for an operation, the request comprising a second hash value; validating the request using the encryption key; verifying that the second hash value is equal to the first hash value stored in the hash storage; and processing the request when the request is valid and verification of the second hash value is successful. 11. The method of claim 10 , wherein the request is one of a request to retrieve data, a request to store data, and a request for a service to be performed. 12. The method of claim 10 , further comprising verifying that the request is received from a computer processor within a predefined distance. 13. The method of claim 10 , wherein processing the request comprises storing data in association with the second hash value. 14. The method of claim 13 , wherein the data in association with the second hash value is another encryption key to be stored at the security-enhancing chip. 15. The method of claim 13 , wherein the data in association with the second hash value is a piece of code to be stored at the security-enhancing chip. 16. The method of claim 13 , wherein the data in association with the second hash value is a second certificate to be stored within the security-enhancing chip. 17. The method of claim 10 , wherein the encryption key is a public key of a public and private key pair, and wherein validating the request using the encryption key comprises verifying a signature of the request using the public key. 18. The method of claim 10 , wherein the encryption key is a secret key, and wherein validating the request using the encryption key comprises verifying a message authentication code (MAC) of the request using the secret key.
Assignees
Inventors
Classifications
- G06F21/575Primary
Secure boot · CPC title
- G06F21/72Primary
in cryptographic circuits · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11074371B2 cover?
- A computer processor and a security enhancing chip may be provided. In one aspect, the computer processor may comprise a storage for storing an encryption key, a central processing unit (CPU) configured to execute one or more software programs, and a circuit configured to calculate a hash function to generate a hash value for data loaded into the computer processor and generate an authenticatio…
- Who is the assignee on this patent?
- Ologn Technologies Ag
- What technology area does this patent fall under?
- Primary CPC classification G06F21/575. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jul 27 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).