Patent application number | Description | Published |
20080320263 | METHOD, SYSTEM, AND APPARATUS FOR ENCRYPTING, INTEGRITY, AND ANTI-REPLAY PROTECTING DATA IN NON-VOLATILE MEMORY IN A FAULT TOLERANT MANNER - According to some embodiments, a method for providing encryption, integrity, and anti-replay protection of data in a fault tolerant manner is disclosed. A data blob and an anti-replay table blob are copied to a temporary storage region in a non-volatile memory. In an atomic operation, a status indicator is set and a monotonic counter is incremented after the data blob and the anti-replay table blob are copied to the temporary storage region. If a fault occurs while the status indicator is set, the data blob and the anti-replay table blob may be recovered from the temporary storage region. | 12-25-2008 |
20100329455 | Cryptographic key generation using a stored input value and a stored count value - Embodiments of an invention for cryptographic key generation using a stored input value and a stored count value have been described. In one embodiment, a processor includes non-volatile storage storing an input value and a count value, and logic to generate a cryptographic key based on the stored input value and the stored count value. | 12-30-2010 |
20110299680 | Methods and Apparatuses for Securing Playback Content - An apparatus for secured playback is presented. In one embodiment, the apparatus includes a controller that includes a key derivation module to manage authentication and key derivation. In one embodiment, the apparatus provides a video decryption key to a graphics engine if video data portions in a data stream are retrievable without having to decrypt the data stream. In one embodiment, the apparatus also includes a decryption module to decrypt a part of data in conjunction with an encryption key to generate video information and video data. The controller then writes an encrypted version of the video data to a video buffer of a graphics engine. | 12-08-2011 |
20120137137 | METHOD AND APPARATUS FOR KEY PROVISIONING OF HARDWARE DEVICES - Keying materials used for providing security in a platform are securely provisioned both online and offline to devices in a remote platform. The secure provisioning of the keying materials is based on a revision of firmware installed in the platform. | 05-31-2012 |
20120155633 | AUDIO CONTENT PROTECTION - In some embodiments an embedded processor is to participate in cryptographic key exchange with an audio software application, and a key exchange communication path is coupled between the audio software application and the embedded processor. Other embodiments are described and claimed. | 06-21-2012 |
20120159128 | Handling Media Streams In A Programmable Bit Processor - In one embodiment, the present invention is directed to a bit processor that includes an execution unit to, responsive to an instruction for access of data of a first bit width, access data of a second bit width, the second bit width having a different number of bits than the first bit width when some of the data accessed includes non-stream data. Other embodiments are described and claimed. | 06-21-2012 |
20120173877 | METHOD AND APPARATUS FOR BUILDING A HARDWARE ROOT OF TRUST AND PROVIDING PROTECTED CONTENT PROCESSING WITHIN AN OPEN COMPUTING PLATFORM - A system architecture provides a hardware-based root of trust solution for supporting distribution and playback of premium digital content. In an embodiment, hardware root of trust for digital content and services is a solution where the basis of trust for security purposes is rooted in hardware and firmware mechanisms in a client computing system, rather than in software. From this root of trust, the client computing system constructs an entire media processing pipeline that is protected for content authorization and playback. In embodiments of the present invention, the security of the client computing system for content processing is not dependent on the operating system (OS), basic input/output system (BIOS), media player application, or other host software. | 07-05-2012 |
20130283392 | METHOD AND APPARATUS FOR POLICY-BASED CONTENT SHARING IN A PEER TO PEER MANNER USING A HARDWARE BASED ROOT OF TRUST - Securely sharing content between a first system and a second system is provided. A hardware-based root of trust is established between the first system and a server. Content requested by a user and an encrypted license blob associated with the content is received by the first system from the server. A first agent on the first system connects with a second agent on the second system. The encrypted license blob and a sub-license request are sent from the first agent to a security processor on the first system. The first security processor decrypts the encrypted license blob, validates the sub-license request, and if allowed, creates a sub-license to allow the second system to play the content. The first security processor sends the sub-license to a security processor on the second system. The first system provides access to the content to the second system for future playback according to the sub-license. | 10-24-2013 |
20140006760 | OUT-OF-BAND HOST OS BOOT SEQUENCE VERIFICATION | 01-02-2014 |
20140089659 | Method and apparatus for key provisioning of hardware devices - Keying materials used for providing security in a platform are securely provisioned both online and offline to devices in a remote platform. The secure provisioning of the keying materials is based on a revision of firmware installed in the platform. | 03-27-2014 |
20140089660 | ENHANCED PRIVACY ID BASED PLATFORM ATTESTATION - As opposed to utilizing a manufacturer provisioned EK Certificate for AIK processes, embodiments of the invention utilize EPID based data. EPID mitigates the privacy issues of common RSA PKI security implementations where every individual is uniquely identified by their private keys. Instead, EPID provides the capability of remote attestation but only identifies the client computing system as having a component (such as a chipset) from a particular technology generation. EPID is a group signature scheme, where one group's public key corresponds to multiple private keys, and private keys generate a group signature which is verified by the group public key. EPID provides the security property of being anonymous and unlinkable—given two signatures, one cannot determine whether the signatures are generated from one or two private keys. EPID also provides the security property of being unforgeable—without a private key, one cannot create a valid signature. | 03-27-2014 |
20140109170 | UNAUTHORIZED ACCESS AND/OR INSTRUCTION PREVENTION, DETECTION, AND/OR REMEDIATION, AT LEAST IN PART, BY STORAGE PROCESSOR - An embodiment may include a storage processor that may be comprised, at least in part, in a host. The host may include at least one host central processing unit (CPU) to execute at least one host operating system (OS). The storage processor may execute at least one operation in isolation from interference from and control by the at least one host CPU and the at least one host OS. The at least one operation may facilitate, at least in part: (1) prevention, at least in part, of unauthorized access to storage, (2) prevention, at least in part, of execution by the at least one host CPU of at least one unauthorized instruction, (3) detection, at least in part, of the at least one unauthorized instruction, and/or (4) remediation, at least in part, of at least one condition associated, at least in part, with the at least unauthorized instruction. | 04-17-2014 |
20140112471 | Method and Apparatus for Building a Hardware Root of Trust and Providing Protected Content Processing Within an Open Computing Platform - A system architecture provides a hardware-based root of trust solution for supporting distribution and playback of premium digital content. In an embodiment, hardware root of trust for digital content and services is a solution where the basis of trust for security purposes is rooted in hardware and firmware mechanisms in a client computing system, rather than in software. From this root of trust, the client computing system constructs an entire media processing pipeline that is protected for content authorization and playback. In embodiments of the present invention, the security of the client computing system for content processing is not dependent on the operating system (OS), basic input/output system (BIOS), media player application, or other host software. | 04-24-2014 |
20140157404 | VIRTUALIZING A HARDWARE MONOTONIC COUNTER - Embodiments of an invention for virtualizing a hardware monotonic counter are disclosed. In one embodiment, an apparatus includes a hardware monotonic counter, virtualization logic, a first non-volatile storage location, and a second non-volatile storage location. The virtualization logic is to create a virtual monotonic counter from the hardware monotonic counter. The first non-volatile storage location is to store an indicator that the count of the hardware monotonic counter has changed. The second non-volatile storage location is to store an indicator that the count of the virtual monotonic counter has changed. | 06-05-2014 |