Invention Grant
US09076019B2 Method and apparatus for memory encryption with integrity check and protection against replay attacks
有权
用于内存加密的方法和装置,具有完整性检查和防止重放攻击
- Patent Title: Method and apparatus for memory encryption with integrity check and protection against replay attacks
- Patent Title (中): 用于内存加密的方法和装置,具有完整性检查和防止重放攻击
-
Application No.: US13977213Application Date: 2011-06-29
-
Publication No.: US09076019B2Publication Date: 2015-07-07
- Inventor: Shay Gueron , Uday Savagaonkar , Francis X. McKeen , Carlos V. Rozas , David M. Durham , Jacob Doweck , Ofir Mulla , Ittai Anati , Zvika Greenfield , Moshe Maor
- Applicant: Shay Gueron , Uday Savagaonkar , Francis X. McKeen , Carlos V. Rozas , David M. Durham , Jacob Doweck , Ofir Mulla , Ittai Anati , Zvika Greenfield , Moshe Maor
- Applicant Address: US CA Santa Clara
- Assignee: Intel Corporation
- Current Assignee: Intel Corporation
- Current Assignee Address: US CA Santa Clara
- Agent L. Cho
- International Application: PCT/US2011/042413 WO 20110629
- International Announcement: WO2013/002789 WO 20130103
- Main IPC: G06F21/00
- IPC: G06F21/00 ; G06F21/72 ; G06F12/14
Abstract:
A method and apparatus to provide cryptographic integrity checks and replay protection to protect against hardware attacks on system memory is provided. A mode of operation for block ciphers enhances the standard XTS-AES mode of operation to perform memory encryption by extending a tweak to include a “time stamp” indicator. A tree-based replay protection scheme uses standard XTS-AES to encrypt contents of a cache line in the system memory. A Message-Authentication Code (MAC) for the cache line is encrypted using enhanced XTS-AES and a “time stamp” indicator associated with the cache line. The “time stamp indicator” is stored in a processor.
Public/Granted literature
- US20140223197A1 METHOD AND APPARATUS FOR MEMORY ENCRYPTION WITH INTEGRITY CHECK AND PROTECTION AGAINST REPLAY ATTACKS Public/Granted day:2014-08-07
Information query
