US 11,943,207 B2
One-touch inline cryptographic data processing
Kshitij Arun Doshi, Tempe, AZ (US); Uzair Qureshi, Chandler, AZ (US); Lokpraveen Mosur, Gilbert, AZ (US); Patrick Fleming, Portlaoise (IE); Stephen Doyle, Ennis (IE); Brian Andrew Keating, Limerick (IE); and Ned M. Smith, Beaverton, OR (US)
Assigned to Intel Corporation, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Sep. 25, 2020, as Appl. No. 17/032,391.
Prior Publication US 2021/0014203 A1, Jan. 14, 2021
Int. Cl. H04L 9/40 (2022.01); G06F 13/28 (2006.01); G06F 21/60 (2013.01)
CPC H04L 63/0435 (2013.01) [G06F 13/28 (2013.01); G06F 21/602 (2013.01); H04L 63/166 (2013.01)] 25 Claims
OG exemplary drawing
 
1. An edge computing device operable in an edge computing system, the edge computing device comprising:
network communications circuitry (NCC);
an enhanced direct memory access (DMA) engine coupled to a memory device, the enhanced DMA engine comprising a cryptographic engine; and
processing circuitry coupled to the NCC and the enhanced DMA engine, the processing circuitry configured to:
perform a secure exchange with a second edge computing device to negotiate a shared symmetric encryption key, based on a request for data received via the NCC from the second edge computing device; and
generate an inline encryption command for communication to the enhanced DMA engine, the inline encryption command including: a first address associated with a storage location storing the data, a second address associated with a memory location in the memory device, and the shared symmetric encryption key;
wherein the enhanced DMA engine is configured to retrieve the data from the storage location using the first address, encrypt the data using the cryptographic engine and based on the shared symmetric encryption key, and store the encrypted data in the memory location using the second address.