US2005132186A1PendingUtilityA1

Method and apparatus for a trust processor

47
Priority: Dec 11, 2003Filed: Mar 31, 2004Published: Jun 16, 2005
Est. expiryDec 11, 2023(expired)· nominal 20-yr term from priority
G06F 2221/2105G06F 12/1408G06F 21/57G06F 21/72
47
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

In an embodiment, an apparatus includes a cryptographic processor within a wireless device. The cryptographic processor includes at least one cryptographic unit. The cryptographic processor also includes a nonvolatile memory to store one or more microcode instructions, wherein at least one of the one or more microcode instructions is related to a sensitive operation. The cryptographic processor also includes a controller to control execution of the one or more microcode instructions by the at least one cryptographic unit, wherein the controller is to preclude execution of the sensitive operation if the apparatus is within an untrusted state.

Claims

exact text as granted — not AI-modified
1 . An apparatus comprising: 
 a cryptographic processor within a wireless device, the cryptographic processor comprising: 
 at least one cryptographic unit;  
 a nonvolatile memory to store one or more microcode instructions, wherein at least one of the one or more microcode instructions is related to a sensitive operation; and  
 a controller to control execution of the one or more microcode instructions by the at least one cryptographic unit, wherein the controller is to preclude execution of the sensitive operation if the apparatus is within an untrusted state.  
   
   
   
       2 . The apparatus of  claim 1 , further comprising: 
 a volatile memory to store a cache of at least one cryptographic key and a counter, and    at least one platform configuration register.    
   
   
       3 . The apparatus of  claim 2 , wherein a sensitive operation is an operation that uses a root encryption key for the apparatus, an operation that uses one of the at least one encryption key or an operation that is to access the counter or the at least one platform configuration register.  
   
   
       4 . The apparatus of  claim 2 , wherein the apparatus is within the untrusted state if the apparatus is improperly initialized, if an authentication operation of one of the at least one cryptographic key fails or if one of the cryptographic units is to perform an illegal operation.  
   
   
       5 . The apparatus of  claim 4 , wherein an illegal operation includes an out-of-order execution by one of the at least one cryptographic units.  
   
   
       6 . A method comprising: 
 receiving a primitive instruction into a cryptographic processor within a wireless device;    retrieving at least one microcode instruction from a nonvolatile memory within the cryptographic processor based on the primitive instruction; and    executing the at least one microcode instruction if the microcode instruction is not a sensitive operation or if the at least one microcode instruction is a sensitive operation and the cryptographic processor is in a trusted state.    
   
   
       7 . The method of  claim 6 , wherein executing the at least one microcode instruction if the microcode instruction is not the sensitive operation comprises executing the at least one microcode instruction if the microcode instruction does not uses a root encryption key of the cryptographic processor.  
   
   
       8 . The method of  claim 6 , wherein executing the at least one microcode instruction if the microcode instruction is not the sensitive operation comprises executing the at least one microcode instruction if the microcode instruction does not uses an encryption key protected within the cryptographic processor.  
   
   
       9 . The method of  claim 6 , wherein executing the at least one microcode instruction if the microcode instruction is not the sensitive operation comprises executing the at least one microcode instruction if the microcode instruction does not access a monotonic counter or data in a platform configuration register.  
   
   
       10 . The method of  claim 6  further comprising initializing the cryptographic processor prior to receiving the primitive instruction, wherein initializing comprises verifying at least one functional unit in the cryptographic processor is generating proper results.  
   
   
       11 . The method of  claim 10 , wherein verifying the at least one functional unit in the cryptographic processor is generating proper results comprises verifying a hash unit in the cryptographic processor is generating correct hashes.  
   
   
       12 . The method of  claim 10 , wherein verifying the at least one functional unit in the cryptographic processor is generating proper results comprises verifying a random number generator unit is generating random numbers.  
   
   
       13 . The method of  claim 10 , wherein verifying the at least one functional unit in the cryptographic processor is generating proper results comprises verifying an exponential arithmetic unit or an arithmetic logic unit is computing proper results.  
   
   
       14 . A method comprising: 
 receiving a patch of at least one microcode instruction stored in nonvolatile memory within a cryptographic processor in a wireless device; and    validating the patch during a boot operation of the wireless device prior to execution of the patch of the at least one microcode instruction, wherein the validating comprises: 
 validating a cryptographic key of the patch based on a hash of the cryptographic key that is stored in a one time programmable storage in a nonvolatile memory that is external to the cryptographic processor.  
   
   
   
       15 . The method of  claim 14  further comprising receiving a signature of the patch, wherein the validating of the patch comprises: 
 generating a digest of the patch using a hash unit within the cryptographic processor;    decrypting the received signature of the patch to generate a decrypted received signature;    comparing the decrypted received signature to the generated digest; and    validating the patch if the decrypted received signature equals the generated digest.    
   
   
       16 . The method of  claim 14 , wherein receiving the patch of the at least one microcode instruction stored in the nonvolatile memory within the cryptographic processor in the wireless device comprises receiving the patch from a nonvolatile memory external to the cryptographic processor.  
   
   
       17 . The method of  claim 14 , wherein receiving the patch of the at least one microcode instruction stored in the nonvolatile memory within the cryptographic processor in the wireless device comprises receiving a patch of a part of the microcode instructions in the nonvolatile memory, wherein the patch includes at least one patch flag that identifies the part of the microcode instructions to be patched.  
   
   
       18 . The method of  claim 14  further comprising loading a segment of the patch into a volatile memory within the cryptographic processor after at least one microcode instruction within the segment is to be executed in place of a microcode instruction stored in the nonvolatile memory within the cryptographic processor.  
   
   
       19 . A machine-readable medium that provides instructions, which when executed by a machine, cause said machine to perform operations comprising: 
 receiving a primitive instruction into a cryptographic processor;    retrieving at least one microcode instruction from a memory within the cryptographic processor based on the primitive instruction; and    executing the at least one microcode instruction if the at least one microcode instruction is a sensitive operation and the cryptographic processor is in a trusted state.    
   
   
       20 . The machine-readable medium of  claim 19 , wherein executing the at least one microcode instruction if the microcode instruction is a sensitive operation comprises executing the at least one microcode instruction if the microcode instruction uses a root encryption key of the cryptographic processor.  
   
   
       21 . The machine-readable medium of  claim 19 , wherein executing the at least one microcode instruction if the microcode instruction is a sensitive operation comprises executing the at least one microcode instruction if the microcode instruction uses a data encryption key protected within the cryptographic processor.  
   
   
       22 . The machine-readable medium of  claim 19  further comprising initializing the cryptographic processor prior to receiving the primitive instruction, wherein initializing comprises verifying at least one functional unit in the cryptographic processor is generating proper results.  
   
   
       23 . A machine-readable medium that provides instructions, which when executed by a machine, cause said machine to perform operations comprising: 
 receiving a patch of at least one microcode instruction stored in nonvolatile memory within a cryptographic processor in a wireless device; and    validating the patch during a boot operation of the wireless device prior to execution of the patch of the at least one microcode instruction, wherein the validating comprises: 
 validating a cryptographic key of the patch based on a hash of the cryptographic key that is stored in a one time programmable storage in a nonvolatile memory that is external to the cryptographic processor.  
   
   
   
       24 . The machine-readable medium of  claim 23  further comprising receiving a signature of the patch, wherein the validating of the patch comprises: 
 generating a signature of the patch using a hash unit within the cryptographic processor;    comparing the received signature to the generated signature; and    validating the patch if the received signature equals the generated signature.    
   
   
       25 . The machine-readable medium of  claim 23 , wherein receiving the patch of the at least one microcode instruction stored in the nonvolatile memory within the cryptographic processor in the wireless device comprises receiving the patch from a nonvolatile memory external to the cryptographic processor.  
   
   
       26 . The machine-readable medium of  claim 23  further comprising loading a segment of the patch into a volatile memory within the cryptographic processor after at least one microcode instruction within the segment is to be executed in place of a microcode instruction stored in the nonvolatile memory within the cryptographic processor.  
   
   
       27 . A system comprising: 
 a FLASH memory to store a hash in a one time programmable storage, wherein the hash is of a cryptographic key associated with a patch of the at least one microcode instruction; and    a cryptographic processor comprising: 
 a nonvolatile memory to store the at least one microcode instruction to be patched;  
 a number of cryptographic units; and  
 a controller to cause at least one of the number of cryptographic units to validate the patch based on the cryptographic key and the hash of the cryptographic key.  
   
   
   
       28 . The system of  claim 27 , wherein the FLASH memory is to store a signature of the patch based on the cryptographic key, wherein the controller is to cause at least one of the number of cryptographic units to validate the patch based on the signature.  
   
   
       29 . The system of  claim 27 , wherein the nonvolatile memory is a read only memory.  
   
   
       30 . The system of  claim 27 , wherein the cryptographic processor further comprises a volatile memory, wherein the controller is to cause the patch to be loaded into the volatile memory after the patch is validated.  
   
   
       31 . The system of  claim 30 , further comprising an application processor to generate a primitive instruction related to a cryptographic operation, wherein the controller is to retrieve the at least one microcode instruction related to the primitive instruction from the patch loaded into the volatile memory or from the nonvolatile memory.  
   
   
       32 . The system of  claim 31 , further comprising a shared volatile memory, wherein the shared volatile memory is partitioned into a public section and a private section, wherein the public section is accessible by the cryptographic processor and the application processor, and wherein the private section is accessible by the cryptographic processor and not the application processor.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.