Patents by Inventor Boris Dolgunov
Boris Dolgunov has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240110975Abstract: Methods and apparatus relating to techniques to provide secure remote debugging are described. In an embodiment, a debugging entity generates and transmits a host token to a device via an interface. The interface provides encrypted communication between the debugging entity and the device. The debugging entity generates a session key based at least in part on the host token and a device token. The debugging entity transmits an acknowledgement signal to the device after generation of the session key to initiate a debug session. The debugging entity transmits a debug unlock key to the device to cause the device to be unlocked for the debug session. Other embodiments are also disclosed and claimed.Type: ApplicationFiled: September 30, 2022Publication date: April 4, 2024Applicant: Intel CorporationInventors: Tsvika Kurts, Vladislav Mladentsev, Elias Khoury, Rakesh Kandula, Reuven Elbaum, Boris Dolgunov
-
Publication number: 20230409759Abstract: Embodiments described herein may include apparatus, systems, techniques, or processes that are directed to access control mechanisms used to protect isolated memory regions. Embodiments described herein enable a distributed and efficient register structure enabling system providers to reduce cost and improve system performance while preventing malicious devices from accessing isolated memory regions. Isolated memory region access control registers are distributed through multiple access points or bridges but each may be optimized and minimized to allow fast and efficient access control. Other embodiments may be described and/or claimed.Type: ApplicationFiled: June 20, 2022Publication date: December 21, 2023Inventors: Boris Dolgunov, Maulik L. Dhada, William John Bainbridge, Siva Bhanu Krishna Boga, Ruben Daniel Varela Velasco, David Deitcher
-
Patent number: 11754623Abstract: Systems and techniques of the present disclosure may provide remote debugging of an integrated circuit (IC) device while preventing unauthorized access of device intellectual property (IP). A system may include an IC device that generates an encrypted session key and an interface that enables communication between the IC device and a remote debugging site. The interface may enable the IC device to send the encrypted the encrypted session key to initiate a remote debug process, receive an acknowledgement from the remote debugging session, and authenticate the acknowledgement. Further, the interface may enable to the IC device to initiate a secure debug session between the IC device and the remote debugging site.Type: GrantFiled: August 9, 2021Date of Patent: September 12, 2023Assignee: Intel CorporationInventors: Tsvika Kurts, Boris Dolgunov, Vladislav Mladentsev, Ittai Anati, Elias Khoury, Maor Kima, Eran Shlomo, Shay Gueron, William Penner
-
Patent number: 11544174Abstract: Methods and apparatus for protecting trace data of a remote debug session for a computing system. In one embodiment, a method includes storing trace data received from one or more trace interfaces to a storage location of a target device, where the trace data is generated from execution at the target device, and where the trace data is protected from an unauthorized access. The method continues with transmitting the trace data to a debug host computer with encryption through a communication channel between the target device and the debug host computer.Type: GrantFiled: March 27, 2020Date of Patent: January 3, 2023Assignee: INTEL CORPORATIONInventors: Loren James McConnell, Tsvika Kurts, Boris Dolgunov, Vamsi Krishna Jakkampudi, Marcus Winston, Kevin David Safford
-
Publication number: 20220414022Abstract: In an embodiment, an apparatus includes a memory access controller to be coupled to a memory and a memory management unit (MMU) coupled to the memory access controller. The MMU is to receive a memory transaction comprising an original transaction security attribute from a first device; responsive to the memory transaction comprising a first physical address of the memory, transmit the memory transaction to the memory access controller; and responsive to the memory transaction comprising a virtual address, generate a translated memory transaction comprising a translated physical address of the memory based on the virtual address and a translated transaction security attribute and transmit the translated memory transaction to the memory access controller, the translated physical address and the translated transaction security attribute associated with an operating system (OS) memory region of the memory associated with an OS. Other embodiments are described and claimed.Type: ApplicationFiled: June 25, 2021Publication date: December 29, 2022Inventors: Siva Bhanu Krishna Boga, William John Bainbridge, Maulik L. Dhada, Boris Dolgunov
-
Publication number: 20210364571Abstract: Systems and techniques of the present disclosure may provide remote debugging of an integrated circuit (IC) device while preventing unauthorized access of device intellectual property (IP). A system may include an IC device that generates an encrypted session key and an interface that enables communication between the IC device and a remote debugging site. The interface may enable the IC device to send the encrypted the encrypted session key to initiate a remote debug process, receive an acknowledgement from the remote debugging session, and authenticate the acknowledgement. Further, the interface may enable to the IC device to initiate a secure debug session between the IC device and the remote debugging site.Type: ApplicationFiled: August 9, 2021Publication date: November 25, 2021Inventors: Tsvika Kurts, Boris Dolgunov, Vladislav Mladentsev, Ittai Anati, Elias Khoury, Maor Kima, Eran Shlomo, Shay Gueron, William Penner
-
Publication number: 20210303443Abstract: Methods and apparatus for protecting trace data of a remote debug session for a computing system. In one embodiment, a method includes storing trace data received from one or more trace interfaces to a storage location of a target device, where the trace data is generated from execution at the target device, and where the trace data is protected from an unauthorized access. The method continues with transmitting the trace data to a debug host computer with encryption through a communication channel between the target device and the debug host computer.Type: ApplicationFiled: March 27, 2020Publication date: September 30, 2021Inventors: Loren James MCCONNELL, Tsvika KURTS, Boris DOLGUNOV, Vamsi Krishna JAKKAMPUDI, Marcus WINSTON, Kevin David SAFFORD
-
Patent number: 11100023Abstract: In one example, a semiconductor die includes a plurality of agents and a fabric coupled to at least some of the plurality of agents. The fabric may include at least one router to provide communication between two or more of the plurality of agents, the at least one router coupled to a first agent of the plurality of agents, where the first agent is to send a first message to the at least one router, the first message comprising a first header including a first source identifier, and the at least one router is to validate that the first source identifier is associated with the first agent and if so to direct the first message towards a destination agent, and otherwise to prevent the first message from being directed towards the destination agent. Other embodiments are described and claimed.Type: GrantFiled: September 28, 2017Date of Patent: August 24, 2021Assignee: Intel CorporationInventors: Ruirui Huang, Nilanjan Palit, Robert P. Adler, Ioannis T. Schoinas, Avishay Snir, Boris Dolgunov
-
Patent number: 11085964Abstract: Systems and techniques of the present disclosure may provide remote debugging of an integrated circuit (IC) device while preventing unauthorized access of device intellectual property (IP). A system may include an IC device that generates an encrypted session key and an interface that enables communication between the IC device and a remote debugging site. The interface may enable the IC device to send the encrypted the encrypted session key to initiate a remote debug process, receive an acknowledgement from the remote debugging session, and authenticate the acknowledgement. Further, the interface may enable to the IC device to initiate a secure debug session between the IC device and the remote debugging site.Type: GrantFiled: May 3, 2019Date of Patent: August 10, 2021Assignee: Intel CorporationInventors: Tsvika Kurts, Boris Dolgunov, Vladislav Mladentsev, Ittai Anati, Elias Khoury, Maor Kima, Eran Shlomo, Shay Gueron, William Penner
-
Publication number: 20200348361Abstract: Systems and techniques of the present disclosure may provide remote debugging of an integrated circuit (IC) device while preventing unauthorized access of device intellectual property (IP). A system may include an IC device that generates an encrypted session key and an interface that enables communication between the IC device and a remote debugging site. The interface may enable the IC device to send the encrypted the encrypted session key to initiate a remote debug process, receive an acknowledgement from the remote debugging session, and authenticate the acknowledgement. Further, the interface may enable to the IC device to initiate a secure debug session between the IC device and the remote debugging site.Type: ApplicationFiled: May 3, 2019Publication date: November 5, 2020Inventors: Tsvika Kurts, Boris Dolgunov, Vladislav Mladentsev, Ittai Anati, Elias Khoury, Maor Kima, Eran Shlomo, Shay Gueron, William Penner
-
Publication number: 20190095372Abstract: In one example, a semiconductor die includes a plurality of agents and a fabric coupled to at least some of the plurality of agents. The fabric may include at least one router to provide communication between two or more of the plurality of agents, the at least one router coupled to a first agent of the plurality of agents, where the first agent is to send a first message to the at least one router, the first message comprising a first header including a first source identifier, and the at least one router is to validate that the first source identifier is associated with the first agent and if so to direct the first message towards a destination agent, and otherwise to prevent the first message from being directed towards the destination agent. Other embodiments are described and claimed.Type: ApplicationFiled: September 28, 2017Publication date: March 28, 2019Inventors: Ruirui Huang, Nilanjan Palit, Robert P. Adler, Ioannis T. Schoinas, Avishay Snir, Boris Dolgunov
-
Patent number: 9813392Abstract: Disclosed is a method for providing a public key for authenticating an integrated circuit. In the method, the integrated circuit obtains a hardware key and an integrated circuit identifier. The integrated circuit generates a derived key based on the hardware key using a key derivation function (KDF) shared with a manufacturing machine. The integrated circuit generates a private key and a corresponding public key using the derived key as an input to a deterministic function. The integrated circuit then provides the public key and the integrated circuit identifier to a partner service for authentication of the integrated circuit using an anonymized credential database to be provided to the partner service by a manufacturer.Type: GrantFiled: March 6, 2015Date of Patent: November 7, 2017Assignee: QUALCOMM IncorporatedInventors: Dean Lorenz, Boris Dolgunov, Roberto Avanzi, Ivan Hugh Mclean
-
Publication number: 20160261565Abstract: Disclosed is a method for providing a public key for authenticating an integrated circuit. In the method, the integrated circuit obtains a hardware key and an integrated circuit identifier. The integrated circuit generates a derived key based on the hardware key using a key derivation function (KDF) shared with a manufacturing machine. The integrated circuit generates a private key and a corresponding public key using the derived key as an input to a deterministic function. The integrated circuit then provides the public key and the integrated circuit identifier to a partner service for authentication of the integrated circuit using an anonymized credential database to be provided to the partner service by a manufacturer.Type: ApplicationFiled: March 6, 2015Publication date: September 8, 2016Inventors: Dean Lorenz, Boris Dolgunov, Roberto Avanzi, Ivan Hugh Mclean
-
Patent number: 9143331Abstract: One feature pertains to a content accessing device for securing content. The content accessing device is provisioned with a cryptographic algorithm, and generates a symmetric key also known to a content storage device. The content accessing device sends a first authentication challenge to the content storage device, where the first authentication challenge is based on the cryptographic algorithm and the symmetric key. The content accessing device receives a second authentication challenge from the content storage device in response to sending the first authentication challenge, and determines whether the first authentication challenge is different from the second authentication challenge. If the second authentication challenge is different from the first authentication challenge the content accessing device sends a first response to the content storage device in response to the second authentication challenge.Type: GrantFiled: June 6, 2013Date of Patent: September 22, 2015Assignee: QUALCOMM IncorporatedInventors: Roberto Avanzi, Boris Dolgunov
-
Patent number: 9094191Abstract: A method operational on a receiver device for exchanging and/or generating security keys is provided. A first encrypted master key Km is received at the receiver device from a transmitter device, the first encrypted master key Km secured by a receiver public key Kpub-rx. The first encrypted master key Km may be decrypted with a receiver private key Kpri-rx to obtain the master key Km. The master key Km may be encrypted using a block cipher that applies a receiver secret key Kh to obtain a second encrypted master key.Type: GrantFiled: March 14, 2013Date of Patent: July 28, 2015Assignee: QUALCOMM IncorporatedInventors: Roberto Avanzi, Boris Dolgunov, Gregory Gordon Rose
-
Patent number: 8996851Abstract: A host device and method for securely booting the host device with operating system code loaded from a storage device are provided. In one embodiment, a host device is in communication with a storage device having a private memory area storing boot loader code and a public memory area storing operating system code. The host device instructs the storage device to initiate a boot mode and receives the boot loader code from the storage device. The host device executes the boot loader code which performs a security check and executes the operating system code loaded from the storage device only if the security check is successful.Type: GrantFiled: August 10, 2010Date of Patent: March 31, 2015Assignee: SanDisk IL Ltd.Inventors: Boris Dolgunov, Reuven Elhamias, Ehud Cohen
-
Patent number: 8918650Abstract: A method for data cryptography includes accepting input data, which contains a section that is to undergo a cryptographic operation and starts at an offset with respect to a beginning of the input data, by a Direct Memory Access (DMA) module. The input data is aligned by the DMA module to cancel out the offset. The aligned input data is read out of the DMA module, and the cryptographic operation is performed on the section.Type: GrantFiled: October 27, 2008Date of Patent: December 23, 2014Assignee: SanDisk IL Ltd.Inventors: Boris Dolgunov, Leonid Minz, Roy Krotman
-
Patent number: 8909900Abstract: A storage device and method for updating data stored in a partition of the storage device are provided. In one embodiment, a storage device is provided that contains a logical-to-physical address map and a memory with a first partition storing original data and a second partition. The storage device receives from a host device (i) a command to write updated data to a first logical address and (ii) a signature for verifying integrity of the updated data, wherein the first logical address is mapped to a physical address of the first partition. The storage device then stores the updated data in the second partition instead of the first partition and attempts to verify the signature of the updated data. If the attempt to verify the signature is successful, the storage device updates the logical-to-physical address map to map the first logical address to a physical address of the second partition.Type: GrantFiled: November 23, 2011Date of Patent: December 9, 2014Assignee: SanDisk IL Ltd.Inventors: Boris Dolgunov, Nir Ekhauz, Nir Paz
-
Patent number: 8880776Abstract: Systems and methods for accessing data at a data storage device are disclosed. In a particular embodiment, a method includes receiving cluster information at a controller of a data storage device, the data storage device further including a memory, the cluster information being associated with a data file that is stored at the memory. The method also includes accessing the cluster information to locate at least one region of the memory corresponding to the data file. The method further includes accessing data from the data file at the at least one region of the memory that is identified by the cluster information. Accessing of data from the data file includes the controller executing an internal application.Type: GrantFiled: December 16, 2008Date of Patent: November 4, 2014Assignee: Sandisk IL Ltd.Inventors: Eran Shen, Boris Dolgunov
-
Publication number: 20140270166Abstract: A method operational on a receiver device for exchanging and/or generating security keys is provided. A first encrypted master key Km is received at the receiver device from a transmitter device, the first encrypted master key Km secured by a receiver public key Kpub-rx. The first encrypted master key Km may be decrypted with a receiver private key Kpri-rx to obtain the master key Km. The master key Km may be encrypted using a block cipher that applies a receiver secret key Kh to obtain a second encrypted master key.Type: ApplicationFiled: March 14, 2013Publication date: September 18, 2014Applicant: QUALCOMM IncorporatedInventors: Roberto Avanzi, Boris Dolgunov, Gregory Gordon Rose