Patents by Inventor Kirk S. Yap

Kirk S. Yap has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12164371
    Abstract: In one embodiment, an apparatus includes: an integrity circuit to receive data and generate a protection code based at least in part on the data; a cryptographic circuit coupled to the integrity circuit to encrypt the data into encrypted data and encrypt the protection code into an encrypted protection code; a message authentication code (MAC) circuit coupled to the cryptographic circuit to compute a MAC comprising a tag using header information, the encrypted data, and the encrypted protection code; and an output circuit to send the header information, the encrypted data, and the tag to a receiver via a link. Other embodiments are described and claimed.
    Type: Grant
    Filed: December 4, 2020
    Date of Patent: December 10, 2024
    Assignee: Intel Corporation
    Inventors: Raghunandan Makaram, Kirk S. Yap
  • Publication number: 20240333472
    Abstract: An apparatus of an aspect includes a substitution box (S-box) circuitry. The S-box circuitry includes multiplicative inverse circuitry. The multiplicative inverse circuitry is to receive an 8-bit input in Galois field and is to generate a corresponding 8-bit output in Galois field. The 8-bit output is to be a multiplicative inverse of the 8-bit input as long as there has been no error in the generation of the 8-bit output. The apparatus also includes error detection circuitry to receive the 8-bit input and that is coupled with the S-box circuitry to receive the 8-bit output. The error detection circuitry to detect whether an error has occurred in the generation of the 8-bit output based at least in part on whether the 8-bit output is the multiplicative inverse of the 8-bit input. Other apparatus, methods, and systems are also disclosed.
    Type: Application
    Filed: March 31, 2023
    Publication date: October 3, 2024
    Inventors: Raghavan Kumar, Sanu Mathew, Avinash V. Varna, Kirk S. YAP
  • Publication number: 20240146521
    Abstract: Instructions and logic provide for a Single Instruction Multiple Data (SIMD) SM4 round slice operation. Embodiments of an instruction specify a first and a second source data operand set, and substitution function indicators, e.g. in an immediate operand. Embodiments of a processor may include encryption units, responsive to the first instruction, to: perform a slice of SM4-round exchanges on a portion of the first source data operand set with a corresponding keys from the second source data operand set in response to a substitution function indicator that indicates a first substitution function, perform a slice of SM4 key generations using another portion of the first source data operand set with corresponding constants from the second source data operand set in response to a substitution function indicator that indicates a second substitution function, and store a set of result elements of the first instruction in a SIMD destination register.
    Type: Application
    Filed: December 18, 2023
    Publication date: May 2, 2024
    Inventors: Sean M. Gulley, Gilbert M. Wolrich, Vinodh Gopal, Kirk S. Yap, Wajdi K. Feghali
  • Publication number: 20240028341
    Abstract: Examples described herein relate to a non-transitory computer-readable medium comprising instructions, that if executed by circuitry, cause the circuitry to: configure circuitry to perform cryptographic operations on packets based on Advanced Encryption Standard with Galois/Counter Mode (AES-GCM) hash (GHASH), wherein the cryptographic operations comprise a reduction operation and wherein the reduction operation comprises a single Galois territory multiplication 64 bit operation. The circuitry can include one or more of: a central processing unit (CPU), CPU-executed microcode, an accelerator, or a network interface device.
    Type: Application
    Filed: September 30, 2023
    Publication date: January 25, 2024
    Inventors: Erdinc OZTURK, Kirk S. YAP, Tomasz KANTECKI
  • Patent number: 11849035
    Abstract: Instructions and logic provide for a Single Instruction Multiple Data (SIMD) SM4 round slice operation. Embodiments of an instruction specify a first and a second source data operand set, and substitution function indicators, e.g. in an immediate operand. Embodiments of a processor may include encryption units, responsive to the first instruction, to: perform a slice of SM4-round exchanges on a portion of the first source data operand set with a corresponding keys from the second source data operand set in response to a substitution function indicator that indicates a first substitution function, perform a slice of SM4 key generations using another portion of the first source data operand set with corresponding constants from the second source data operand set in response to a substitution function indicator that indicates a second substitution function, and store a set of result elements of the first instruction in a SIMD destination register.
    Type: Grant
    Filed: April 11, 2022
    Date of Patent: December 19, 2023
    Assignee: Intel Corporation
    Inventors: Sean M. Gulley, Gilbert M. Wolrich, Vinodh Gopal, Kirk S. Yap, Wajdi K. Feghali
  • Publication number: 20230401037
    Abstract: Methods and apparatus for optimization techniques for modular multiplication algorithms. The optimization techniques may be applied to variants of modular multiplication algorithms, including variants of Montgomery multiplication algorithms and Barrett multiplication algorithms. The optimization techniques reduce the number of serial steps in Montgomery reduction and Barrett reduction. Modular multiplication operations involving products of integer inputs A and B may be performed in parallel to obtain a value C that is reduced to a residual RES. Modular multiplication and modular reduction operations may be performed in parallel. The number of serial steps in the modular reductions are reduced to L, where L serial steps, where w is a digit size in bits, and L is a number of digits of operands=[k/w].
    Type: Application
    Filed: August 24, 2023
    Publication date: December 14, 2023
    Inventors: Erdinc OZTURK, Kirk S. YAP, Tomasz KANTECKI
  • Publication number: 20230101226
    Abstract: Systems, methods, and circuitries are disclosed for a per-process memory encryption system. At least one translation lookaside buffer (TLB) is configured to encode key identifiers for keys in one or more bits of either the virtual memory address or the physical address. The process state memory configured to store a first process key table for a first process that maps key identifiers to unique keys and a second process key table that maps the key identifiers to different unique keys. The active process key table memory configured to store an active key table. In response to a request for data corresponding to a virtual memory address, the at least one TLB is configured to provide a key identifier for the data to the active process key table to cause the active process key table to return the unique key mapped to the key identifier.
    Type: Application
    Filed: August 26, 2022
    Publication date: March 30, 2023
    Applicant: Tahoe Research, Ltd.
    Inventors: Wajdi FEGHALI, Vinodh GOPAL, Kirk S. YAP, Sean GULLEY, Raghunandan MAKARAM
  • Publication number: 20230020359
    Abstract: In one embodiment, an apparatus includes: a control circuit to receive a message authentication code (MAC) for an epoch comprising a plurality of flits; a calculation circuit to calculate a computed MAC for the epoch; a cryptographic circuit to receive the epoch via a link and decrypt the plurality of flits, prior to authentication of the epoch; and at least one memory to store messages of the decrypted plurality of flits, prior to the authentication of the epoch. Other embodiments are described and claimed.
    Type: Application
    Filed: September 28, 2022
    Publication date: January 19, 2023
    Inventors: Nitish Paliwal, Binal Nasit, Peeyush Purohit, Kirk S. Yap, Raghunandan Makaram, Robert G. Blankenship
  • Patent number: 11550582
    Abstract: A processor includes an instruction decoder to receive a first instruction to process a secure hash algorithm 2 (SHA-2) hash algorithm, the first instruction having a first operand associated with a first storage location to store a SHA-2 state and a second operand associated with a second storage location to store a plurality of messages and round constants. The processor further includes an execution unit coupled to the instruction decoder to perform one or more iterations of the SHA-2 hash algorithm on the SHA-2 state specified by the first operand and the plurality of messages and round constants specified by the second operand, in response to the first instruction.
    Type: Grant
    Filed: June 17, 2020
    Date of Patent: January 10, 2023
    Assignee: Intel Corporation
    Inventors: Kirk S. Yap, Gilbert M. Wolrich, James D. Guilford, Vinodh Gopal, Erdinc Ozturk, Sean M. Gulley, Wajdi K. Feghali, Martin G. Dixon
  • Patent number: 11494222
    Abstract: Systems, methods, and circuitries are disclosed for a per-process memory encryption system. At least one translation lookaside buffer (TLB) is configured to encode key identifiers for keys in one or more bits of either the virtual memory address or the physical address. The process state memory configured to store a first process key table for a first process that maps key identifiers to unique keys and a second process key table that maps the key identifiers to different unique keys. The active process key table memory configured to store an active key table. In response to a request for data corresponding to a virtual memory address, the at least one TLB is configured to provide a key identifier for the data to the active process key table to cause the active process key table to return the unique key mapped to the key identifier.
    Type: Grant
    Filed: December 18, 2020
    Date of Patent: November 8, 2022
    Assignee: Tahoe Research, Ltd.
    Inventors: Wajdi Feghali, Vinodh Gopal, Kirk S. Yap, Sean Gulley, Raghunandan Makaram
  • Patent number: 11494320
    Abstract: Apparatus, systems and methods for implementing delayed decompression schemes. As a burst of packets comprising compressed packets and uncompressed packets are received over an interconnect link, they are buffered in a receive buffer without decompression. Subsequently, the packets are forwarded from the receive buffer to a consumer such as processor core, with the compressed packets being decompressed prior to reaching the processor core. Under a first delayed decompression approach, packets are decompressed when they are read from the receive buffer in conjunction with forwarding the uncompressed packet (or uncompressed data contained therein) to the consumer. Under a second delayed decompression scheme, the packets are read from the receive buffer and forwarded to a decompressor using a first datapath width matching the width of the packets, decompressed, and then forwarded to the consumer using a second datapath width matching the width of the uncompressed data.
    Type: Grant
    Filed: September 24, 2018
    Date of Patent: November 8, 2022
    Assignee: Intel Corporation
    Inventors: Simon N Peffers, Kirk S Yap, Sean Gulley, Vinodh Gopal, Wajdi Feghali
  • Publication number: 20220353070
    Abstract: Instructions and logic provide for a Single Instruction Multiple Data (SIMD) SM4 round slice operation. Embodiments of an instruction specify a first and a second source data operand set, and substitution function indicators, e.g. in an immediate operand. Embodiments of a processor may include encryption units, responsive to the first instruction, to: perform a slice of SM4-round exchanges on a portion of the first source data operand set with a corresponding keys from the second source data operand set in response to a substitution function indicator that indicates a first substitution function, perform a slice of SM4 key generations using another portion of the first source data operand set with corresponding constants from the second source data operand set in response to a substitution function indicator that indicates a second substitution function, and store a set of result elements of the first instruction in a SIMD destination register.
    Type: Application
    Filed: April 11, 2022
    Publication date: November 3, 2022
    Inventors: Sean M. Gulley, Gilbert M. Wolrich, Vinodh Gopal, Kirk S. Yap, Wajdi K. Feghali
  • Publication number: 20220224510
    Abstract: Encryption interface technologies are described. A processor can include a system agent, an encryption interface, and a memory controller. The system agent can communicate data with a hardware functional block. The encryption interface can be coupled between the system agent and a memory controller. The encryption interface can receive a plaintext request from the system agent, encrypt the plaintext request to obtain an encrypted request, and communicate the encrypted request to the memory controller. The memory controller can communicate the encrypted request to a main memory of the computing device.
    Type: Application
    Filed: March 28, 2022
    Publication date: July 14, 2022
    Inventors: Eugene M. Kishinevsky, Uday Savagaonkar, Alpa T. Narendra Trivedi, Siddhartha Chhabra, Baiju V. Patel, Men Long, Kirk S. Yap, David M. Durham
  • Patent number: 11316661
    Abstract: Encryption interface technologies are described. A processor can include a system agent, an encryption interface, and a memory controller. The system agent can communicate data with a hardware functional block. The encryption interface can be coupled between the system agent and a memory controller. The encryption interface can receive a plaintext request from the system agent, encrypt the plaintext request to obtain an encrypted request, and communicate the encrypted request to the memory controller. The memory controller can communicate the encrypted request to a main memory of the computing device.
    Type: Grant
    Filed: January 3, 2020
    Date of Patent: April 26, 2022
    Assignee: Intel Corporation
    Inventors: Eugene M. Kishinevsky, Uday R. Savagaonkar, Alpa T. Narendra Trivedi, Siddhartha Chhabra, Baiju V. Patel, Men Long, Kirk S. Yap, David M. Durham
  • Patent number: 11303438
    Abstract: Instructions and logic provide for a Single Instruction Multiple Data (SIMD) SM4 round slice operation. Embodiments of an instruction specify a first and a second source data operand set, and substitution function indicators, e.g. in an immediate operand. Embodiments of a processor may include encryption units, responsive to the first instruction, to: perform a slice of SM4-round exchanges on a portion of the first source data operand set with a corresponding keys from the second source data operand set in response to a substitution function indicator that indicates a first substitution function, perform a slice of SM4 key generations using another portion of the first source data operand set with corresponding constants from the second source data operand set in response to a substitution function indicator that indicates a second substitution function, and store a set of result elements of the first instruction in a SIMD destination register.
    Type: Grant
    Filed: July 14, 2020
    Date of Patent: April 12, 2022
    Assignee: Intel Corporation
    Inventors: Sean M. Gulley, Gilbert M. Wolrich, Vinodh Gopal, Kirk S. Yap, Wajdi K. Feghali
  • Publication number: 20210336767
    Abstract: A memory subsystem includes link encryption for the system memory data bus. The memory controller can provide encryption for data at rest and link protection. The memory controller can optionally provide link encryption. Thus, the system can provide link protection for the data in transit. The memory module can include a link decryption engine that can decrypt link encryption if it is used, and performs a link integrity check with a link integrity tag associated with the link protection. The memory devices can then store the encrypted protected data and ECC data from the link decryption engine after link protection verification.
    Type: Application
    Filed: June 25, 2021
    Publication date: October 28, 2021
    Inventors: Raghunandan MAKARAM, Kirk S. YAP, Rajat AGARWAL, George VERGIS, Bill NALE, Jacob DOWECK
  • Publication number: 20210218548
    Abstract: Techniques for real-time updating of encryption keys are disclosed. In the illustrative embodiment, an encrypted link is established between a local and remote processor over a point-to-point interconnect. The encrypted link is operated for some time until the encryption key should be updated. The local processor sends a key update message to the remote processor notifying the remote processor of the change. The remote processor prepares for the change and sends a key update confirmation message to the local processor. The local processor then sends a key switch message to the remote processor. The local processor pauses transmission of encrypted message while the remote processor completes use of the encrypted message. After a pause, the local processor continues sending encrypted messages with the updated encryption key.
    Type: Application
    Filed: March 26, 2021
    Publication date: July 15, 2021
    Applicant: Intel Corporation
    Inventors: Vinit Mathew Abraham, Raghunandan Makaram, Kirk S. Yap, Siva Prasad Gadey, Tanmoy Kar
  • Publication number: 20210149704
    Abstract: Systems, methods, and circuitries are disclosed for a per-process memory encryption system. At least one translation lookaside buffer (TLB) is configured to encode key identifiers for keys in one or more bits of either the virtual memory address or the physical address. The process state memory configured to store a first process key table for a first process that maps key identifiers to unique keys and a second process key table that maps the key identifiers to different unique keys. The active process key table memory configured to store an active key table. In response to a request for data corresponding to a virtual memory address, the at least one TLB is configured to provide a key identifier for the data to the active process key table to cause the active process key table to return the unique key mapped to the key identifier.
    Type: Application
    Filed: December 18, 2020
    Publication date: May 20, 2021
    Inventors: Wajdi FEGHALI, Vinodh GOPAL, Kirk S. YAP, Sean GULLEY, Raghunandan MAKARAM
  • Publication number: 20210089388
    Abstract: In one embodiment, an apparatus includes: an integrity circuit to receive data and generate a protection code based at least in part on the data; a cryptographic circuit coupled to the integrity circuit to encrypt the data into encrypted data and encrypt the protection code into an encrypted protection code; a message authentication code (MAC) circuit coupled to the cryptographic circuit to compute a MAC comprising a tag using header information, the encrypted data, and the encrypted protection code; and an output circuit to send the header information, the encrypted data, and the tag to a receiver via a link. Other embodiments are described and claimed.
    Type: Application
    Filed: December 4, 2020
    Publication date: March 25, 2021
    Inventors: RAGHUNANDAN MAKARAM, KIRK S. YAP
  • Patent number: 10922079
    Abstract: Data element filter logic (“hardware accelerator”) in a processor that offloads computation for an in-memory database select/extract operation from a Central Processing Unit (CPU) core in the processor is provided. The Data element filter logic provides a balanced performance across an entire range of widths (number of bits) of data elements in a column-oriented Database Management System.
    Type: Grant
    Filed: December 28, 2017
    Date of Patent: February 16, 2021
    Assignee: Intel Corporation
    Inventors: Vinodh Gopal, Kirk S. Yap, James Guilford, Simon N. Peffers