US 12,093,431 B2
Security plugin for a system-on-a-chip platform
Manoj R. Sastry, Portland, OR (US); Alpa Narendra Trivedi, Portland, OR (US); and Men Long, Beaverton, OR (US)
Assigned to Intel Corporation, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Aug. 1, 2023, as Appl. No. 18/363,176.
Application 18/363,176 is a continuation of application No. 17/679,009, filed on Feb. 23, 2022, granted, now 11,768,964.
Application 17/679,009 is a continuation of application No. 16/936,999, filed on Jul. 23, 2020, granted, now 11,263,352, issued on Mar. 1, 2022.
Application 16/936,999 is a continuation of application No. 14/577,812, filed on Dec. 19, 2014, granted, now 10,726,162, issued on Jul. 28, 2020.
Prior Publication US 2023/0376637 A1, Nov. 23, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/72 (2013.01); G06F 21/85 (2013.01); G09C 1/00 (2006.01); H04L 9/06 (2006.01); H04L 9/08 (2006.01)
CPC G06F 21/72 (2013.01) [G06F 21/85 (2013.01); G09C 1/00 (2013.01); H04L 9/0643 (2013.01); H04L 9/0897 (2013.01); G06F 2207/7219 (2013.01); G06F 2211/008 (2013.01); G06F 2213/0038 (2013.01); H04L 2209/76 (2013.01)] 18 Claims
OG exemplary drawing
 
1. An apparatus for a system-on-a-chip, the apparatus comprising:
a cryptographic circuit including:
a cryptographic engine selected from a plurality of cryptographic engines to implement Advanced Encryption Standard (AES), and
a standard interface that is generic to the plurality of cryptographic engines, wherein, in operation, unencrypted messages from an initiator component to be received by a system-on-a-chip interconnect interface are to be provided to the cryptographic engine via the standard interface to produce encrypted messages to be transmitted to a destination component, wherein the standard interface is to transmit each of the unencrypted messages to an interface of the cryptographic engine to make the cryptographic engine available to a fabric of the system-on-a-chip;
a cryptographic controller to manage a cryptographic key to be used by the cryptographic engine to produce the encrypted messages, wherein the cryptographic controller is to perform key negotiation with another component, and wherein a seed key is to be designated to the cryptographic controller, wherein the seed key is an initialization key; and
a cryptographic state manager to manage cryptographic session states of a cryptographic session between the initiator component and the destination component, wherein the cryptographic state manager is to maintain a data structure, the data structure to include a field for a session key.