Patents by Inventor Tze-Lei Poo
Tze-Lei Poo has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9037875Abstract: In one or more embodiments, an integrated circuit includes a programmable memory, a key generation module and a module. The programmable memory is to maintain a first key portion. The key generation module is to generate a key using the first key portion from the programmable memory and a second key portion received via a memory interface. The module is to encrypt or decrypt data using the key.Type: GrantFiled: April 15, 2013Date of Patent: May 19, 2015Assignee: Marvell International Ltd.Inventors: Tze Lei Poo, Gregory Burd, Phuc Thanh Tran, Saeed Azimi
-
Patent number: 9002002Abstract: A hardware architecture for encryption and decryption device can improve the encryption and decryption data rate by using parallel processing, and pipeline operation, and save footprint by sharing hardware components. The hardware architecture can also be associated with a memory to protect the information stored at the memory. The encryption device can include a tweaking value manager to generate an array of tweaking values corresponding to the array of data blocks based on a tweaking encryption key, a first encryption unit to encrypt a first portion of the array of data blocks into a first portion of encrypted data blocks based on corresponding tweaking values and a data encryption key, a second encryption unit to encrypt a second portion of the array of data blocks, and a data block combiner to combine the first portion of encrypted data blocks and the second portion of encrypted data blocks.Type: GrantFiled: July 18, 2013Date of Patent: April 7, 2015Assignee: Marvell International Ltd.Inventors: Tze Lei Poo, Siu-Hung Fred Au, Gregory Burd, David Geddes, Heng Tang
-
Patent number: 8776211Abstract: Devices, systems, methods, and other embodiments associated with processing commands according to authorization are described. In one embodiment, a chip includes an unsecure module configured to control unsecure firmware to process a command on data flowing in a datapath. The unsecure module processes commands from untrusted sources and trusted sources. The chip includes a secure module configured to determine if a command is from a trusted source and when the command is from a trusted source, the secure module controls secure firmware to further process the data flowing in the datapath. When the command is from an untrusted source, the secure module controls the secure firmware to not process the data flowing in the datapath.Type: GrantFiled: December 10, 2012Date of Patent: July 8, 2014Assignee: Marvell International Ltd.Inventors: Phuc Thanh Tran, Bing Xiao, Tze Lei Poo, Peter Nhat Dinh
-
Patent number: 8750498Abstract: A cryptographic device includes a first state module, a key addition module, a byte substitution module, and a column mixing module. The first state module stores a first data block. The key addition module adds a key to the first data block to generate a second data block. The byte substitution module replaces each byte of the second data block to generate a third data block. The byte substitution module includes a first byte substitution sub-module that generates an intermediate data block in response to the second data block, a pipeline register that stores the intermediate data block, and a second byte substitution sub-module that generates the third data block in response to the intermediate data block. The column mixing module generates a fourth data block based on the third data block and provides the fourth data block to the first state module for storage.Type: GrantFiled: April 9, 2012Date of Patent: June 10, 2014Assignee: Marvell International Ltd.Inventors: Tze Lei Poo, Heng Tang, Siu-Hung Fred Au, Gregory Burd
-
Patent number: 8645716Abstract: The present disclosure describes apparatuses and techniques for fail-safe key zeroization. In some aspects a periodic counter is activated that is configured to indicate an amount of time that content of a one-time-programmable (OTP) memory is accessible and overwriting of the content of the OTP is caused when the periodic counter reaches a predetermined value effective to zeroize the content. In other aspects a periodic counter is started in response to a power event and one or more encryption keys stored in OTP memory are zeroized if an indication of media drive security is not received within a predetermined amount of time.Type: GrantFiled: October 4, 2011Date of Patent: February 4, 2014Assignee: Marvell International Ltd.Inventors: Vineet Dujari, Tze Lei Poo
-
Patent number: 8543838Abstract: Cryptographic apparatus having corresponding methods and computer-readable media comprise: a mailbox memory module to store cryptographic commands received from a client over a client bus, wherein the client is external to the cryptographic apparatus; and a secure processor to obtain the cryptographic commands from the mailbox memory module over a first secure internal bus, execute the cryptographic commands, and store a status of execution of the cryptographic commands in the mailbox memory module over the first secure internal bus, wherein the client obtains the status of the cryptographic commands from the mailbox memory module over the client bus.Type: GrantFiled: November 11, 2010Date of Patent: September 24, 2013Assignee: Marvell International Ltd.Inventors: Siu-Hung Fred Au, Gregory Burd, Wayne C. Datwyler, Leonard J. Galasso, Tze Lei Poo, Minda Zhang
-
Patent number: 8494155Abstract: An encryption device can include a tweaking value manager that is configured to generate an array of tweaking values corresponding to the array of data blocks based on a tweaking encryption key, a first encryption unit that is configured to encrypt a first portion of the array of data blocks into a first portion of encrypted data blocks based on corresponding tweaking values and a data encryption key, a second encryption unit that is configured to encrypt a second portion of the array of data blocks into a second portion of encrypted data blocks based on corresponding tweaking values and the data encryption key, and a data block combiner that is configured to combine the first portion of encrypted data blocks and the second portion of encrypted data blocks into an array of encrypted data blocks.Type: GrantFiled: October 7, 2011Date of Patent: July 23, 2013Assignee: Marvell International Ltd.Inventors: Tze Lei Poo, Siu-Hung Fred Au, Gregory Burd, David Geddes, Heng Tang
-
Patent number: 8423789Abstract: In one or more embodiments, an integrated circuit includes a programmable memory, a key generation module and a module. The programmable memory is to maintain a first key portion. The key generation module is to generate a key using the first key portion from the programmable memory and a second key portion received via a memory interface. The module is to encrypt or decrypt data using the key.Type: GrantFiled: May 22, 2008Date of Patent: April 16, 2013Assignee: Marvell International Ltd.Inventors: Tze Lei Poo, Gregory Burd, Phuc Thanh Tran, Saeed Azimi
-
Patent number: 8332931Abstract: Devices, systems, methods, and other embodiments associated with processing commands according to authorization are described. In one embodiment, a chip includes a secure module configured to store secure firmware, and to execute the secure firmware. The secure firmware prevents the secure module from at least partially processing a command that originated from an untrusted source. The chip also includes an unsecure module configured to store unsecure firmware, and to execute the unsecure firmware. The unsecure firmware permits the unsecure module to process a command having originated from an untrusted source. The chip is configured where the unsecure firmware is separately updateable from the secure firmware.Type: GrantFiled: September 1, 2009Date of Patent: December 11, 2012Assignee: Marvell International Ltd.Inventors: Phuc Thanh Tran, Bing Xiao, Tze Lei Poo, Peter Nhat Dinh
-
Patent number: 8171309Abstract: Secure memory controlled access is described. In embodiment(s), memory stores encrypted data and the memory includes a secure memory partition to store cryptographically sensitive data utilized to control access to the encrypted data stored on the memory. Controller firmware can access the encrypted data stored on the memory, but is precluded from access to the secure memory partition and the cryptographically sensitive data. Secure firmware can access the cryptographically sensitive data stored on the secure memory partition to control access by the controller firmware to the encrypted data stored on the memory.Type: GrantFiled: November 14, 2008Date of Patent: May 1, 2012Assignee: Marvell International Ltd.Inventors: Tze Lei Poo, Gregory Burd
-
Patent number: 8155308Abstract: A cryptographic device comprises a first pipeline stage, a pipeline register, and a second pipeline stage. The first pipeline stage comprises a first byte substitution module that performs mathematical operations on a received byte and outputs an intermediate value based on the mathematical operations. The pipeline register stores the intermediate value. The second pipeline stage comprises a second byte substitution module and a column mixing module. The second byte substitution module generates a replacement byte corresponding to the received byte based on mathematical operations performed on the stored intermediate value. The column mixing module transforms groups of four bytes of a plurality of replacement bytes including the replacement byte.Type: GrantFiled: October 10, 2007Date of Patent: April 10, 2012Assignee: Marvell International Ltd.Inventors: Tze Lei Poo, Heng Tang, Siu-Hung Fred Au, Gregory Burd
-
Patent number: 8036377Abstract: The disclosure provides a hardware architecture for encryption and decryption device. The hardware architecture can improve the encryption and decryption data rate by using parallel processing, and pipeline operation. Further, the hardware architecture can save footprint by sharing hardware components. Additionally, the hardware architecture can be associated with a memory to protect the information stored at the memory.Type: GrantFiled: December 12, 2007Date of Patent: October 11, 2011Assignee: Marvell International Ltd.Inventors: Tze Lei Poo, Siu-Hung Fred Au, Gregory Burd, David Geddes, Heng Tang
-
Patent number: 8015224Abstract: In a device having a data channel, in which random numbers are needed, such as a data storage device that uses random numbers to generate keys for cryptographic applications, random numbers are generated by a deterministic random bit generator seeded by bits derived from noise on the channel itself. The bits may be extracted from the least significant bits of the data signal after it is digitized, because those bits correspond to the noise in the signal. The extraction may occur immediately after digitization, or after subsequent filtering. A data signal emulator may be provided to simulate a data signal if a seed is required at a time when there is no data activity on the channel. The extracted bits may be post-processed to remove bias before the seed is provided to the deterministic random bit generator.Type: GrantFiled: December 3, 2007Date of Patent: September 6, 2011Assignee: Marvell International Ltd.Inventors: Panu Chaichanavong, Tze Lei Poo, Zining Wu, Saeed Azimi, Gregory Burd
-
Patent number: 7289668Abstract: Methods and systems for document image decoding incorporating a Stack algorithm improve document image decoding. The application of the Stack algorithm is iterated to improved decoding. A provisional weight is determined for a partial path to reduce template matching. In addition, semantically equivalent hypotheses are identified to reduce redundant hypotheses.Type: GrantFiled: August 9, 2002Date of Patent: October 30, 2007Assignee: Xerox CorporationInventors: Daniel H. Greene, Tze-Lei Poo, Ashok C. Popat
-
Patent number: 7039240Abstract: Methods and systems for document image decoding incorporating a Stack algorithm improve document image decoding. The application of the Stack algorithm is iterated to improve decoding. A provisional weight is determined for a partial path to reduce template matching. In addition, semantically equivalent hypotheses are identified to reduce redundant hypotheses.Type: GrantFiled: August 9, 2002Date of Patent: May 2, 2006Assignee: Xerox CorporationInventors: Daniel H. Greene, Justin K Romberg, Tze-Lei Poo, Ashok C. Popat
-
Publication number: 20040028278Abstract: Methods and systems for document image decoding incorporating a Stack algorithm improve document image decoding. The application of the Stack algorithm is iterated to improve decoding. A provisional weight is determined for a partial path to reduce template matching. In addition, semantically equivalent hypotheses are identified to reduce redundant hypotheses.Type: ApplicationFiled: August 9, 2002Publication date: February 12, 2004Applicant: XEROX CORPORATIONInventors: Daniel H. Greene, Justin K. Romberg, Tze-Lei Poo, Ashok C. Popat
-
Publication number: 20040028280Abstract: Methods and systems for document image decoding incorporating a Stack algorithm improve document image decoding. The application of the Stack algorithm is iterated to improved decoding. A provisional weight is determined for a partial path to reduce template matching. In addition, semantically equivalent hypotheses are identified to reduce redundant hypotheses.Type: ApplicationFiled: August 9, 2002Publication date: February 12, 2004Applicant: XEROX CORPORATIONInventors: Daniel H. Greene, Tze-Lei Poo, Ashok C. Popat