US 11,863,670 B2
Efficient side-channel-attack-resistant memory encryptor based on key update
Mark Evan Marson, Carlsbad, CA (US); Michael Hutter, Vienna (AT); and Bart Stevens, Valkenswaard (NL)
Assigned to Cryptography Research, Inc., San Jose, CA (US)
Appl. No. 17/601,205
Filed by CRYPTOGRAPHY RESEARCH, INC., San Jose, CA (US)
PCT Filed Apr. 4, 2020, PCT No. PCT/US2020/029012
§ 371(c)(1), (2) Date Oct. 4, 2021,
PCT Pub. No. WO2020/219398, PCT Pub. Date Oct. 29, 2020.
Claims priority of provisional application 62/836,857, filed on Apr. 22, 2019.
Prior Publication US 2022/0182232 A1, Jun. 9, 2022
Int. Cl. G06F 21/00 (2013.01); H04L 29/06 (2006.01); H04L 9/08 (2006.01); H04L 9/00 (2022.01); H04L 9/16 (2006.01)
CPC H04L 9/0891 (2013.01) [H04L 9/003 (2013.01); H04L 9/16 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A computer-hardware implemented method comprising:
accessing a key data structure comprising a plurality of encryption keys that are used to encrypt a plurality of memory blocks in an external memory;
identifying a memory block of the plurality of memory blocks that is encrypted with an oldest encryption key in the key data structure;
reading encrypted data from the identified memory block;
decrypting the encrypted data from the identified memory block;
selecting an encryption key from the key data structure, wherein the selected encryption key is newer than the oldest encryption key;
re-encrypting the decrypted data from the identified memory block using the selected encryption key;
allowing an inline encryption engine to take precedence over updates from a memory update encryption engine that operates in tandem with the inline encryption engine; and
writing the re-encrypted data to the identified memory block.