IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 12277234 B1

PDFFull Text
Date of Patent:
Apr. 14, 2025

Filed:

Dec. 25, 2020

Cryptographic computing in multitenant environments

Applicant:

Intel Corporation, Santa Clara, CA (US);

Inventors:

David M. Durham, Beaverton, OR (US);

Michael D. LeMay, Hillsboro, OR (US);

Salmin Sultana, Hillsboro, OR (US);

Karanvir S. Grewal, Hillsboro, OR (US);

Michael E. Kounavis, Portland, OR (US);

Sergej Deutsch, Hillsboro, OR (US);

Andrew James Weiler, Hillsboro, OR (US);

Abhishek Basak, Bothell, WA (US);

Dan Baum, Haifa, IL;

Santosh Ghosh, Hillsboro, OR (US);

Assignee:

Intel Corporation, Santa Clara, CA (US);

Attorney:

Alliance IP, LLC

Primary Examiner:

Yogesh Paliwal

Int. Cl.
CPC ...
G06F 21/00 (2012.12); G06F 21/54 (2012.12); G06F 21/60 (2012.12); G06F 21/79 (2012.12);
U.S. Cl.
CPC ...
G06F 21/602 (2012.12); G06F 21/54 (2012.12); G06F 21/79 (2012.12);
Abstract

A processor, a system, a machine readable medium, and a method. The processor comprises first circuitry to: encrypt a first code image using a first code key; load the encrypted first code image into a memory area allocated in memory for the first code image by an operating system miming on the processor; and send to the operating system a substitute key that corresponds to the first code key, wherein the first code key is concealed from the operating system; and an instruction cache including control circuitry; and second circuitry coupled to the instruction cache, the second circuitry to: receive the substitute key from the operating system; in response to a first request from the operating system to execute the first code image to instantiate a first process, perform a first cryptographic function using a hardware key to generate the first code key from the substitute key; and program the control circuitry of the instruction cache with the first code key to enable the first code image to be decrypted using the first code key.

Find Patent Forward Citations

Loading…