Patents by Inventor Andrew James Weiler
Andrew James Weiler has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11977760Abstract: Securely loading digital blocks into memory for consumption by a processor. A method includes, at a memory protection shim, receiving a digital block and a manifest for the digital block. The manifest includes a transformation key for the digital block. The transformation key is configured to be used for at least one of validating the digital block or decrypting the digital block. The manifest is encrypted. The method further includes decrypting the manifest to obtain the transformation keys. The method further includes using the transformation keys to perform at least one of validating or decrypting the digital block. The method further includes retransforming the digital block using a memory protection shim ephemeral key to perform at least one of creating an authentication tag or encrypting the digital block. The method further includes storing the retransformed digital block in memory.Type: GrantFiled: September 8, 2023Date of Patent: May 7, 2024Assignee: IDAHO SCIENTIFIC LLCInventors: Andrew James Weiler, Nathan Charles Chrisman, Claude Harmon Garrett, V, Dale Weston Reese, Matthew Ryan Waltz, Jay Takeji Hirata
-
Patent number: 11966332Abstract: An apparatus comprising a CPU core configured to execute instructions and consume data. The apparatus includes a memory configured to store the instructions and the data. A memory protection shim is coupled to the CPU core and the memory. The memory protection shim is configured to perform transformations over digital blocks to perform at least one of authentication or decryption of the digital blocks received from the memory. The memory protection shim is coupled to the CPU core in a fashion that prevents egress of the digital blocks or ingress of other external digital blocks between the memory protection shim and the CPU core.Type: GrantFiled: October 13, 2022Date of Patent: April 23, 2024Assignee: IDAHO SCIENTIFIC LLCInventors: Dale Weston Reese, Matthew Ryan Waltz, Jay Takeji Hirata, Andrew James Weiler, Nathan Charles Chrisman, Claude Harmon Garrett, V
-
Publication number: 20240086556Abstract: An apparatus comprising a CPU core configured to execute instructions and consume data. The apparatus includes a memory configured to store the instructions and the data. A memory protection shim is coupled to the CPU core and the memory. The memory protection shim is configured to perform transformations over digital blocks to perform at least one of authentication or decryption of the digital blocks received from the memory. The memory protection shim is coupled to the CPU core in a fashion that prevents egress of the digital blocks or ingress of other external digital blocks between the memory protection shim and the CPU core.Type: ApplicationFiled: September 12, 2022Publication date: March 14, 2024Inventors: Dale Weston Reese, Matthew Ryan Waltz, Jay Takeji Hirata, Andrew James Weiler, Nathan Charles Chrisman, Claude Harmon Garrett, V
-
Publication number: 20240086321Abstract: An apparatus comprising a CPU core configured to execute instructions and consume data. The apparatus includes a memory configured to store the instructions and the data. A memory protection shim is coupled to the CPU core and the memory. The memory protection shim is configured to perform transformations over digital blocks to perform at least one of authentication or decryption of the digital blocks received from the memory. The memory protection shim is coupled to the CPU core in a fashion that prevents egress of the digital blocks or ingress of other external digital blocks between the memory protection shim and the CPU core.Type: ApplicationFiled: October 13, 2022Publication date: March 14, 2024Inventors: Dale Weston Reese, Matthew Ryan Waltz, Jay Takeji Hirata, Andrew James Weiler, Nathan Charles Chrisman, Claude Harmon Garrett, V
-
Patent number: 11928058Abstract: An apparatus comprising a CPU core configured to execute instructions and consume data. The apparatus includes a memory configured to store the instructions and the data. A memory protection shim is coupled to the CPU core and the memory. The memory protection shim is configured to perform transformations over digital blocks to perform at least one of authentication or decryption of the digital blocks received from the memory. The memory protection shim is coupled to the CPU core in a fashion that prevents egress of the digital blocks or ingress of other external digital blocks between the memory protection shim and the CPU core.Type: GrantFiled: October 13, 2022Date of Patent: March 12, 2024Assignee: IDAHO SCIENTIFIC LLCInventors: Dale Weston Reese, Matthew Ryan Waltz, Jay Takeji Hirata, Andrew James Weiler, Nathan Charles Chrisman, Claude Harmon Garrett, V
-
Publication number: 20240061598Abstract: Hardware enforced CPU core protection by identification of digital blocks as instructions or data. A method includes, at a memory controller shim, receiving, from a CPU core, a memory read request. The memory read request comprises an address for a block. The block at the address is requested from a memory. The block is received from the memory. At least one of a decryption key or an authentication key is accessed. At least one of a decryption transformation or an authentication transformation is performed on the block using the decryption key or the authentication key. When the decryption transformation or authentication transformation is deemed valid, a plain text version of the block is returned to the CPU core for consumption. When the decryption transformation or authentication transformation is deemed invalid, the CPU core is prevented from consuming the plain text version of the block.Type: ApplicationFiled: August 16, 2022Publication date: February 22, 2024Inventors: Dale Weston Reese, Matthew Ryan Waltz, Jay Takeji Hirata, Andrew James Weiler, Nathan Charles Chrisman, Claude Harmon Garrett, V
-
Patent number: 11755221Abstract: Hardware enforced CPU core protection by identification of digital blocks as instructions or data. A method includes, at a memory controller shim, receiving, from a CPU core, a memory read request. The memory read request comprises an address for a block. The block at the address is requested from a memory. The block is received from the memory. At least one of a decryption key or an authentication key is accessed. At least one of a decryption transformation or an authentication transformation is performed on the block using the decryption key or the authentication key. When the decryption transformation or authentication transformation is deemed valid, a plain text version of the block is returned to the CPU core for consumption. When the decryption transformation or authentication transformation is deemed invalid, the CPU core is prevented from consuming the plain text version of the block.Type: GrantFiled: October 13, 2022Date of Patent: September 12, 2023Assignee: IDAHO SCIENTIFIC LLCInventors: Dale Weston Reese, Matthew Ryan Waltz, Jay Takeji Hirata, Andrew James Weiler, Nathan Charles Chrisman, Claude Harmon Garrett, V
-
Patent number: 11711201Abstract: In one embodiment, an encoded pointer is constructed from a stack pointer that includes offset. The encoded pointer includes the offset value and ciphertext that is based on encrypting a portion of a decorated pointer that includes a maximum offset value. Stack data is encrypted based on the encoded pointer, and the encoded pointer is stored in a stack pointer register of a processor. To access memory, a decoded pointer is constructed based on decrypting the ciphertext of the encoded pointer and the offset value. Encrypted stack data is accessed based on the decoded pointer, and the encrypted stack is decrypted based on the encoded pointer.Type: GrantFiled: March 26, 2021Date of Patent: July 25, 2023Assignee: Intel CorporationInventors: Andrew James Weiler, David M. Durham, Michael D. LeMay, Sergej Deutsch, Michael E. Kounavis, Salmin Sultana, Karanvir S. Grewal
-
Patent number: 11580035Abstract: A processor includes a register to store an encoded pointer to a variable in stack memory. The encoded pointer includes an encrypted portion and a fixed plaintext portion of a memory address corresponding to the variable. The processor further includes circuitry to, in response to a memory access request for associated with the variable, decrypt the encrypted portion of the encoded pointer to obtain first upper address bits of the memory address and a memory allocation size for a variable, decode the encoded pointer to obtain the memory address, verify the memory address is valid based, at least in part on the memory allocation size, and in response to determining that the memory address is valid, allow the memory access request.Type: GrantFiled: December 26, 2020Date of Patent: February 14, 2023Assignee: Intel CorporationInventors: David M. Durham, Karanvir S. Grewal, Michael D. LeMay, Salmin Sultana, Andrew James Weiler
-
Publication number: 20230027329Abstract: A processor, a system, a machine readable medium, and a method.Type: ApplicationFiled: December 26, 2020Publication date: January 26, 2023Applicant: Intel CorporationInventors: David M. Durham, Michael D. LeMay, Salmin Sultana, Karanvir S. Grewal, Michael E. Kounavis, Sergej Deutsch, Andrew James Weiler, Abhishek Basak, Dan Baum, Santosh Ghosh
-
Publication number: 20210218547Abstract: In one embodiment, an encoded pointer is constructed from a stack pointer that includes offset. The encoded pointer includes the offset value and ciphertext that is based on encrypting a portion of a decorated pointer that includes a maximum offset value. Stack data is encrypted based on the encoded pointer, and the encoded pointer is stored in a stack pointer register of a processor. To access memory, a decoded pointer is constructed based on decrypting the ciphertext of the encoded pointer and the offset value. Encrypted stack data is accessed based on the decoded pointer, and the encrypted stack is decrypted based on the encoded pointer.Type: ApplicationFiled: March 26, 2021Publication date: July 15, 2021Applicant: Intel CorporationInventors: Andrew James Weiler, David M. Durham, Michael D. LeMay, Sergej Deutsch, Michael E. Kounavis, Salmin Sultana, Karanvir S. Grewal
-
Publication number: 20210149825Abstract: A processor includes a register to store an encoded pointer to a variable in stack memory. The encoded pointer includes an encrypted portion and a fixed plaintext portion of a memory address corresponding to the variable. The processor further includes circuitry to, in response to a memory access request for associated with the variable, decrypt the encrypted portion of the encoded pointer to obtain first upper address bits of the memory address and a memory allocation size for a variable, decode the encoded pointer to obtain the memory address, verify the memory address is valid based, at least in part on the memory allocation size, and in response to determining that the memory address is valid, allow the memory access request.Type: ApplicationFiled: December 26, 2020Publication date: May 20, 2021Inventors: David M. Durham, Karanvir S. Grewal, Michael D. LeMay, Salmin Sultana, Andrew James Weiler