Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

Abstract: The methods and systems may provide a scalable round-robin arbiter tree that performs round-robin arbitration for a plurality of requests received from a set of requestors. The round-robin arbiter may stack a plurality of round-robin cells in stages where an output of a first stage of round-robin cells is an input to a next stage of round-robin cells. The round-robin arbiter may transform an arbitration state at each stage of the arbitration and propagate the arbitration state into the next stage for arbitration. The arbitration state from the final stage round-robin cell is fed back to the first stage of the round-robin cells and used in a subsequent arbitration round.

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

Abstract: The methods and systems may provide a scalable round-robin arbiter tree that performs round-robin arbitration for a plurality of requests received from a set of requestors. The round-robin arbiter may stack a plurality of round-robin cells in stages where an output of a first stage of round-robin cells is an input to a next stage of round-robin cells. The round-robin arbiter may transform an arbitration state at each stage of the arbitration and propagate the arbitration state into the next stage for arbitration. The arbitration state from the final stage round-robin cell is fed back to the first stage of the round-robin cells and used in a subsequent arbitration round.

Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

Abstract: In an embodiment, an integrated circuit such as an SOC (or even a discrete chip system) includes one or more local timebases in various locations. The timebases may be incremented based on a high frequency local clock that may be subject to variation during use due. Periodically, based on a lower frequency clock that is subject to less variation, the local timebases may be synchronized to the correct time, using hardware circuitry. In particular, the correct timebase value for the next synchronization may be transmitted to each local timebase, and the control circuit for the local timebase may be configured to saturate the local timebase at the correct value if the local timebase reaches the correct value before the synchronization occurs. Similarly, if the synchronization occurs and the local timebase has not reached the correct value, the control circuit may be configured to load the correct timebase value.

Abstract: In an embodiment, an integrated circuit such as an SOC (or even a discrete chip system) includes one or more local timebases in various locations. The timebases may be incremented based on a high frequency local clock that may be subject to variation during use due. Periodically, based on a lower frequency clock that is subject to less variation, the local timebases may be synchronized to the correct time, using hardware circuitry. In particular, the correct timebase value for the next synchronization may be transmitted to each local timebase, and the control circuit for the local timebase may be configured to saturate the local timebase at the correct value if the local timebase reaches the correct value before the synchronization occurs. Similarly, if the synchronization occurs and the local timebase has not reached the correct value, the control circuit may be configured to load the correct timebase value.

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

Abstract: In an embodiment, an integrated circuit such as an SOC (or even a discrete chip system) includes one or more local timebases in various locations. The timebases may be incremented based on a high frequency local clock that may be subject to variation during use due. Periodically, based on a lower frequency clock that is subject to less variation, the local timebases may be synchronized to the correct time, using hardware circuitry. In particular, the correct timebase value for the next synchronization may be transmitted to each local timebase, and the control circuit for the local timebase may be configured to saturate the local timebase at the correct value if the local timebase reaches the correct value before the synchronization occurs. Similarly, if the synchronization occurs and the local timebase has not reached the correct value, the control circuit may be configured to load the correct timebase value.

Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

Abstract: Techniques are disclosed relating to processor power control and interrupts. In one embodiment, an apparatus includes a processor configured to assert an indicator that the processor is suspending execution of instructions until the processor receives an interrupt. In this embodiment, the apparatus includes power circuitry configured to alter the power provided to the processor based on the indicator. In this embodiment, the apparatus includes throttling circuitry configured to, in response to receiving a request from the power circuitry to alter the power provided to the processor, block the request until the end of a particular time interval subsequent to receipt of the request or de-assertion of the indicator. In some embodiments, the particular time interval corresponds to latency between the processor receiving an interrupt and de-asserting the indicator.