REQUESTED AND ALLOWED CRYPTOGRAPHIC OPERATIONS COMPARISON

Embodiments herein relate to cryptographic operations. A process identifier (PID) identifying a process requesting a cryptographic operation is received. Next, at least one allowed cryptographic operation associated with the PID is determined. Then, the requested cryptographic operation is compared to the at least one allowed cryptographic operation, to determine if the requested cryptographic operation is allowable.

Skip to: Description  ·  Claims  · Patent History  ·  Patent History
Description
PRIORITY INFORMATION

This application claims the benefit of priority on U.S. Provisional Application No. 61/509,078, filed Jul. 18, 2011, the entire contents of which are incorporated herein in their entirety by reference.

BACKGROUND

A crypto process may access a crypto engine, to carry out a cryptographic operation. Before the cryptographic operation can be carried out, the crypto process provides parameters to the crypto engine, such as a mode and/or algorithm, as well as a key value. The crypto process may retrieve the key value from a separate location, such as a key table. The key value may be associated with different types of cryptographic operations and/or different processes. For example, the key value may be associated only with some types of crypto processes and/or cryptographic operations. The key association may be set within the crypto process requesting the cryptographic operation itself or be enforced by another process.

However, security may be compromised if the key association is not securely maintained. For example, an unauthorized party may modify the key association in order to carry out an unauthorized cryptographic operation and/or allow access to the key value by an unauthorized process. Manufacturers, vendors, and/or users are challenged to provide more secure methods for preserving key associations.

BRIEF DESCRIPTION OF THE DRAWINGS

The following detailed description references the drawings, wherein:

FIG. 1 is an example block diagram of a cryptographic device;

FIG. 2 is another example block diagram of a cryptographic device;

FIG. 3 is an example block diagram of a computing device including instructions for comparing requested and allowed cryptographic operations; and

FIG. 4 is an example flowchart of a cryptographic method.

 DETAILED DESCRIPTION

Specific details are given in the following description to provide a thorough understanding of embodiments. However, it will be understood by one of ordinary skill in the art that embodiments may be practiced without these specific details. For example, systems may be shown in block diagrams in order not to obscure embodiments in unnecessary detail. In other instances, well-known processes, structures and techniques may be shown without unnecessary detail in order to avoid obscuring embodiments.

A crypto process may seek to carry out a cryptographic operation, such as encryption or decryption of information. Thus, the crypto process may send cryptographic parameters, such as a type of algorithm, mode and/or key value, to a crypto engine. For security reasons, use of the key value may be restricted to only certain types of cryptographic operations or crypto processes. These restrictions or attributes may be set in software, such as at the crypto process requesting the cryptographic operation itself or at another process.

However, security may be compromised if the process is accessed by an unauthorized user. For example, the key value may be leaked and/or the attributes associated therewith may be manipulated or ignored. As a result, the unauthorized user may be able to carry out improper cryptographic operations and thus, for example, decrypt confidential information.

Embodiments may reduce a likelihood of key values being exposed and/or attributes associated therewith from being violated. For example, an attribute module may receive a process identifier (PID) identifying a process requesting a cryptographic operation. Next, the attribute module may determine at least one allowed cryptographic operation associated with the PID. Then, a comparison module may compare the requested cryptographic operation to the at least one allowed cryptographic operation. If the requested cryptographic operation is allowable, the comparison may signal a crypto module to carry out the requested cryptographic operation. Otherwise, the requested cryptographic operation will not be performed. Thus, an unauthorized cryptographic operation may be prevented and security may be increased.

In one embodiment, the process may not have direct access to the key value. Instead, the process may forward a key identifier (KID), to the attribute module. The attribute module may then retrieve the key value based on the KID, and forward the key value directly to the crypto module. Further, the attribute module may further filter the at least one allowed cryptographic operation based on the KID. Thus, security may be improved by not exposing the key value and/or the attributes associated therewith to the process. Further, as the process does not forward the key value to the crypto module, a likelihood of the crypto module receiving an invalid key value from the process is also reduced. Further, by blocking visibility to the process of the attributes associated with the key value, security may be improved by reducing a likelihood that a user knows all possible cryptographic operations and/or processes associated with a key value.

In another embodiment, the attribute module and/or comparison module may be implemented in hardware only. Therefore, security may be improved as modifying or violating the hardware implemented attributes may be substantially more difficult. Further, performance may be improved as performing operations directly via hardware logic may require substantially fewer execution cycles than performing the operations via software.

Referring now to the drawings, FIG. 1 is an example block diagram of a cryptographic device 100. The cryptographic device 100 may be included in any type of device performing cryptographic operations, such as a secure microprocessor, a notebook computer, a desktop computer, an all-in-one system, a slate computing device, a portable reading device, a wireless email device, a mobile phone, and the like. In the embodiment of FIG. 1, the device 100 includes an attribute module 110 and a comparison module 120.

The attribute and comparison modules 110 and 120 may include, for example, a hardware device including electronic circuitry for implementing the functionality described below, such as a register or Boolean logic. In addition or as an alternative, the attribute and comparison modules 110 and 120 may be implemented as a series of instructions encoded on a machine-readable storage medium and executable by a processor.

The attribute module 110 is to receive a process identifier (PID) from a crypto process 130. The PID identifies the crypto process 130 requesting a cryptographic operation. The attribute module 110 is to determine at least one allowed cryptographic operation associated with the PID. The comparison module 120 is to compare the requested cryptographic operation to the at least one allowed cryptographic operation output by the attribute module 110, to determine if the requested cryptographic operation is allowable. The term cryptographic operation may refer to any to type of procedure related to encryption and/or decryption of information, such as data or code. The term process may refer to any part of a computer program or instance thereof. Embodiments of the attribute and comparison modules 110 and 120 will be explained in greater detail with respect to FIG. 2.

FIG. 2 is another example block diagram of a cryptographic device 200. The cryptographic device 200 may be included in any type of device performing cryptographic operations, such as a secure microprocessor, a notebook computer, a desktop computer, an all-in-one system, a slate computing device, a portable reading device, a wireless email device, a mobile phone, and the like.

In the embodiment of FIG. 2, the device 200 includes an attribute module 210, a comparison module 220, a crypto module 230 and a secure key memory 240. The attribute and comparison modules 210 and 220 of FIG. 2 may be similar to the attribute and comparison modules 110 and 120 of FIG. 1.

The attribute module 210, the comparison module 220 and the crypto module 230 may include, for example, hardware devices including electronic circuitry for implementing the functionality described below. In addition or as an alternative, each module may be implemented as a series of instructions encoded on a machine-readable storage medium and executable by a processor. The secure key memory 240 may be part of a machine-readable storage medium, such as any type of electronic, magnetic, optical, or other physical storage device capable of storing information, like data or instructions. Example of the machine-readable storage medium include Random Access Memory (RAM), an Electrically Erasable Programmable Read-Only Memory (EEPROM), a storage drive, a Compact Disc Read Only Memory (CD-ROM), and the like.

In FIG. 2, the attribute module 210 receives a key identifier (KID) from a crypto process 250 requesting a cryptographic operation, where the KID is a reference to a key value. Alternatively, in another embodiment, the attribute module 210 may instead receive the key value itself. The attribute module 210 also receives the PID of the crypto process 250. As noted above, the PID provides the identity of the crypto process 250. Each process and/or type of process may have a different PID. The attribute module 210 determines at least one allowed cryptographic operation associated with the received PID and KID, as described in further detail below.

The comparison module 220 receives process attributes from the crypto process 250 related to the requested cryptographic operation and receives allowed attributes related to the at least one allowed cryptographic operation. As shown in FIG. 2, the process and allowed attributes each include an algorithm, a mode, and an application field. The application field may indicate a type or use of the information upon which the requested cryptographic operation is to be performed.

The algorithm field may include a symmetric or asymmetric key algorithm. Examples of symmetric algorithms include Twofish, Serpent, AES (Rijndael), Blowfish, CASTS, RC4, 3DES, IDEA and the like. Examples of asymmetric algorithms include Diffie-Hellman key exchange protocol, Digital Signature Standard (DSS), EIGamal, Paillier cryptosystem, RSA encryption algorithm and Cramer-Shoup cryptosystem, and the like. The algorithm field may indicate a type of encryption or decryption procedure to be performed.

The mode field may include a block or stream cipher mode. Examples of block cipher mode include Electronic codebook (ECB), Cipher-block chaining (CBC), Propagating cipher-block chaining (PCBC), Cipher feedback (CFB), Output feedback (OFB), Counter (CTR) mode and the like. Examples of stream cipher mode include synchronous and self-synchronizing stream ciphers, such as RC4, A5/1, A5/2, Chameleon, FISH, Helix, ISAAC, MUGI, Panama, Phelix, Pike, SEAL, SOBER, SOBER-128, WAKE and the like. The mode field may relate to a type of procedure for enabling the repeated and secure use of the algorithm using the same key value. While the process and allowed attributes are described as including the algorithm, mode and application fields, embodiments may also include different types of cryptographic information.

In one embodiment, the attribute module 210 may include a plurality of attributes lists. Each of the attributes lists may include the algorithm, mode, and application fields. Further, each of the allowed attributes lists may be associated with at least one of a plurality of the PIDs. Also, each of the allowed attributes lists may be associated with at least one of a plurality of the KIDs. While the attributes lists are described as including the algorithm, mode, and application fields, embodiments are not limited thereto. For example, the attributes lists may include various types and/or number of attributes. For instance, at least one of the attributes lists may include only one field or even no fields.

The attribute module 210 outputs one of the attributes lists as the allowed attributes to the comparison module 220 based on the received PID and the received the KID. In an embodiment, the algorithm, mode, and application fields may be multi-bit fields. Each of the bits of the algorithm field of the process and allowed attributes may correspond to one of a plurality of different types of cryptographic algorithms, such as those described above. Similarly, each of the bits of the mode field of the process and allowed attributes may correspond to one of a plurality of different types of cryptographic modes, such as those described above. Further, each of the bits of the application field of the process and allowed attributes may correspond to one of a plurality of different types of application uses. Examples of different application uses may include a type of source or destination of the information, such as an external memory destination or a key value source. However, embodiments are not limited thereto. For example, different application uses may include a type of the information, a type of the user, a type of application requesting the cryptographic operation, a time of the request, and the like.

Depending on the attributes associated with the PID and KID, more than one bit may be set for any one of the multi-bit fields of the algorithm, mode, and application fields of the allowed attributes output by the attribute module 210. For example, more than one bit may be set for the algorithm field if the crypto is process is allowed to use more than type of algorithm for the key value associated with the KID. Nonetheless, the crypto process may only request one type of cryptographic operation at a time. Thus, only one of the bits may be set for each of the algorithm, mode, and application fields of the process attributes output by the crypto process.

In another embodiment, the attribute module 210 may output or allow access to the plurality of attributes lists and the plurality of KIDs associated therewith to the crypto process 250. As a result, the crypto process 250 may select from one of the plurality of KIDs to output to the attribute module 210 based on the allowed one or more operations or attributes associated with each of the KIDs. Thus, the crypto process 250 may more efficiently select the KID based on knowledge of the cryptographic operations allowable to the crypto process 250 for a given KID.

In FIG. 2, the comparison module 220 is shown to include a plurality of bitwise AND gates 221-223. Each of the bitwise AND gates 221-223 bitwise logically ANDs one of the algorithm, mode, and application fields of the process attributes with that of the allowed attributes. For example, the first bitwise AND gate 221 bitwise logically ANDs the m-bit application field of the allowed attributes received from the attribute module 210 with the m-bit application field of the process attributes received from the crypto process 250, where m is a natural number. The second bitwise AND gate 222 bitwise logically ANDs the n-bit mode field of the allowed attributes received from the attribute module 210 with the n-bit mode field of the process attributes received from the crypto process 250, where n is a natural number. The third bitwise AND gate 223 bitwise logically ANDs the o-bit algorithm field of the allowed attributes received from the attribute module 210 with the o-bit algorithm field of the process attributes received from the crypto process 250, where o is a natural number.

The comparison module 220 also includes a plurality of OR gates 224-226. Each of the OR gates 224-226 logically ORs an output of one of the bitwise AND gates 221-223. For example, the first OR gate 224 logically ORs the m-bit output of the first AND gate 221. The second OR gate 225 logically ORs the n-bit output of the second AND gate 222. The third OR gate 226 logically ORs the o-bit output of the third AND gate 223. If an output of the first OR gate 224 is a logic one or high, then this indicates that the requested application by the crypto process 250 is an allowed application use. Otherwise, if the output of the first OR gate 224 is a logic zero or low, then this indicates that the requested application by the crypto process 250 is not an allowed application use. An output of the second and third OR gates 225 and 226 may indicate similar results with respect to the requested algorithm and mode by the crypto process 250.

The comparison module 220 further includes a first AND gate 227 to logically AND an output of the plurality of OR gates 224-226. If an output of the first AND gate 227 is a logic one or high, then this indicates that the algorithm, mode and application requested by the crypto process 250 is an acceptable combination, and thus an allowable cryptographic operation. Conversely, if the output of the first AND gate 227 is a logic zero or low, then this indicates that the algorithm, mode and application requested by the crypto process 250 is not an acceptable combination, and thus not an allowable cryptographic operation.

The output of the first AND gate 227 is output to the crypto process 250 as a success signal to indicate whether the requested cryptographic operation is to be performed. For example, if the success signal is at a logic one or high, then the crypto process 250 is notified that the requested cryptographic operation is an allowable cryptographic operation and will be performed. Otherwise, if the success signal is at a logic zero or low, then the crypto process 250 is notified that the requested cryptographic operation is not an allowable cryptographic operation and will not be performed.

The output of the first AND gate 227 is also input to a second AND gate 228 of the comparison module 220. The second AND gate 228 logically ANDs the output of the first AND gate 227 with a first start signal output by the crypto process 250 to output a second start signal. The first start signal indicates a time at which the crypto process 250 seeks to start the requested cryptographic operation. Hence, the second AND gate 228 will output the second start signal at a logic one or high, when the requested cryptographic operation is allowable and to ready to begin.

The output of the second AND gate 228 is output to crypto module 230. The crypto module 230 also receives the process attributes, such as the algorithm, mode and application fields, from the crypto process 250. Further, the crypto module 230 receives length, source and destination fields from the crypto process 250. The length field indicates a length of the information to be operated upon. The source field indicates a location, such as a pointer, of the information to be operated upon. The destination field indicates a location, such as a pointer, at which the information is to be written to after being operated upon.

The secure key memory 240 may store a plurality of key values. Further, the secure key memory may output one of the plurality of key values to the crypto module 230 in response to receiving one of the plurality of KIDs from the attribute module 210. Each of the key values may be associated with at least one of the KIDs. In FIG. 2, the key value is output to the crypto module 230 via the attribute module 210. However, embodiments may also include the KID being directly received by the secure key memory 240 and/or key value being directly output from the secure key memory 240 to the crypto module 230. In other embodiments, the secure key memory 240 may be excluded and the plurality of key values may be stored directly at the attribute module 210. Storing the plurality of key values at the secure key memory 240 may prevent separation between the plurality of key values, simplify key management and/or reduce the likelihood of corruption or leaking of the key values.

A supervisory process 260 may set at least one of the plurality of the attributes lists at the attribute module 210. For example, the supervisory process 260 may add, modify or delete attributes lists. The supervisory process 260 may also add key values to the secure key memory 240. In order to improve security, the supervisory process 260 may be separate from the crypto process 250 and the crypto process 250 may not generally set any of the plurality of the attributes lists. However, in an embodiment, the crypto process 250 may add an attributes list to the attribute module 210 that is associated with a key value added to the secure key memory 240 by the crypto process 250.

Upon receiving the length, source and destination fields, the key value, the process parameters and the second start signal, the crypto module 230 performs the requested cryptographic operation, if the second start signal is at the logic high, thus indicating that the requested cryptographic operation is allowable and ready to begin.

FIG. 3 is an example block diagram of a computing device 300 including instructions for comparing requested and allowed cryptographic operations. In the embodiment of FIG. 3, the computing device 300 includes a processor 310 and a machine-readable storage medium 320. The machine-readable storage medium 320 further includes instructions 322, 324, 326 and 328 for comparing requested and allowed cryptographic operations.

The computing device 300 may be, for example, a chip set, a notebook computer, a slate computing device, a portable reading device, a wireless email device, a mobile phone, or any other device capable of executing the instructions 322, 324, 326 and 328. In certain examples, the computing device 300 may include or be connected to additional components such as memories, sensors, displays, etc.

The processor 410 may be, at least one central processing unit (CPU), at least one semiconductor-based microprocessor, at least one graphics processing unit (GPU), other hardware devices suitable for retrieval and execution of instructions stored in the machine-readable storage medium 320, or combinations thereof. The processor 410 may fetch, decode, and execute instructions 322, 324, 326 and 328 to implement encrypting or decrypting of information. As an alternative or in addition to retrieving and executing instructions, the processor 310 may include at least one integrated circuit (IC), other control logic, other electronic circuits, or combinations thereof that include a number of electronic components for performing the functionality of instructions 322, 324, 326 and 328.

The machine-readable storage medium 320 may be any electronic, magnetic, optical, or other physical storage device that contains or stores executable instructions. Thus, the machine-readable storage medium 420 may be, for example, Random Access Memory (RAM), an Electrically Erasable Programmable Read-Only Memory (EEPROM), a storage drive, a Compact Disc Read Only Memory (CD-ROM), and the like. As such, the machine-readable storage medium 320 can be non-transitory. As described in detail below, machine-readable storage medium 320 may be encoded with a series of executable instructions encrypting or decrypting information.

Moreover, the instructions 322, 324, 326 and 328 when executed by a processor (e.g., via one processing element or multiple processing elements of the processor) can cause the processor to perform processes, such as, the process of FIG. 4. For example, the receive instructions 322 may be executed by the processor 310 to receive process parameters defining a requested cryptographic operation by a process. The process parameters may include a process ID (PID) identifying the process and a key identifier (KID) referencing a key value. The select instructions 324 may be executed by the processor 310 to select one of a plurality of attributes lists based on the PID and the KID. The selected attributes list defines at least one allowed operation. The compare instructions 326 may be executed by the processor 310 to compare the selected attributes list to at least part of the process parameters. The determine instructions 328 may be executed by the processor 310 to determine if the at least one allowed operation includes the requested cryptographic operation, based on the comparison.

The machine-readable storage medium 320 may also include instructions (not shown) to allow a crypto module (not shown) to perform the requested cryptographic operation if the at least one allowed operation includes the requested cryptographic operation, and to alert the process that the requested cryptographic operation is not performed if the at least one allowed operation does not include the requested cryptographic operation. An operation of the device 300 may be described in more detail with respect to FIG. 4.

FIG. 4 is an example flowchart of a cryptographic method 400. Although execution of the method 400 is described below with reference to the device 100, other suitable components for execution of the method 400 can be utilized, such as the device 200. Additionally, the components for executing the method 400 may be spread among multiple devices (e.g., a processing device in communication with input and output devices). In certain scenarios, multiple devices acting in coordination can be considered a single device to perform the method 400. The method 400 may be implemented in the form of executable instructions stored on a machine-readable storage medium, such as storage medium 320, and/or in the form of electronic circuitry.

At block 405, the device 100 receives a process identifier (PID) identifying a crypto process 130 requesting a cryptographic operation and a key identifier (KID) associated with the crypto process 130. Then, at block 410, the device 100 selects one of a plurality of attributes lists based on the received PID and KID. Each the attributes lists are associated with at least one of a plurality of PIDs and at least one of a plurality of KIDs. Next, at block 415, the device 100 receives process attributes indicating the requested cryptographic operation of the crypto process 130.

As noted above, the process attributes and each of the attributes lists include an algorithm, a mode, and an application field. The application field indicates a type or use of the information upon which the requested cryptographic operation is to be performed. As also noted above, the algorithm, mode, and application fields may include a plurality of bits. Only one of the bits may set for each of the algorithm, mode, and application fields of the process attributes, while at least one of bits may be set for each of the algorithm, mode, and application fields of the allowed attributes. The bits of the algorithm, mode and application fields are set to indicate a corresponding type of allowable algorithms, modes and applications.

Lastly, at block 420, the device 100 compares the received process attributes to allowed attributes included in the selected attributes list to determine if the requested cryptographic operation is allowable. The allowed attributes indicate at least one allowed cryptographic operation of the crypto process 130.

According to the foregoing, embodiments provide a method and/or device for reducing a likelihood of tampering with cryptographic attributes associated with key values or KIDs. For example, a comparison module may compare a cryptographic operation requested by a crypto process with cryptographic operations that are allowed for a given key value, to determine whether the requested cryptographic operation is allowable. Further, key values and attributes associated therewith may be accessed and/or stored separately from the crypto process to provide greater security.

Claims

1. A device comprising:

an attribute module to receive a process identifier (PID) identifying a process requesting a cryptographic operation, the attribute module to determine at least one allowed cryptographic operation associated with the PID; and
a comparison module to compare the requested cryptographic operation to the at least one allowed cryptographic operation, to determine if the requested cryptographic operation is allowable.

2. The device of claim 1, wherein,

the attribute module further receives at least one of a key value and a key identifier (KID), where the KID is a reference to the key value, and
the attribute module further determines the at least one allowed cryptographic operation associated with the received PID and the received at least one of the key value and the KID.

3. The device of claim 2, wherein,

the comparison module receives process attributes related to the requested cryptographic operation and receives allowed attributes related to the at least one allowed cryptographic operation,
the process and allowed attributes each include at least one of an algorithm, a mode, and an application field, and
the application field indicates at least one of how and where the requested cryptographic operation is to be performed on data.

4. The device of claim 3, wherein,

the attribute module includes a plurality of attributes lists,
each of the attributes lists include the algorithm, mode, and application field,
each of the allowed attributes lists is associated with at least one of a plurality of the PIDs,
each of the allowed attributes lists is associated with at least one of a plurality of the KIDs and the key values, and
the attribute module outputs one of the attributes lists as the allowed attributes based on the received PID and the received at least one of the key value and the KID.

5. The device of claim 4, further comprising:

a crypto module to receive the process attributes from the process, wherein
the comparison module indicates to the process that the requested cryptographic operation was not performed, if the comparison module determines that the requested cryptographic operation is not allowable

6. The device of claim 5, wherein the crypto module performs the requested cryptographic operation if the comparison module determines that the requested cryptographic operation is allowable.

7. The device of claim 6, wherein,

the algorithm, mode, and application fields are multi-bit fields,
the comparison module includes a plurality of bitwise AND gates, each of the bitwise AND logic gates to bitwise logically AND one of the algorithm, mode, and application field of the process attributes with that of the allowed attributes, and
the comparison module includes a plurality of OR gates, each of the OR gates to logically OR an output of one of the bitwise AND gates, and
the comparison module includes an AND gate to logically AND an output of the plurality of OR gates.

8. The device of claim 7, wherein

only one of the bits is set for each of the algorithm, mode, and application fields of the process attributes,
each of the bits of the algorithm field of the process and allowed attributes corresponds to one of a plurality of different types of cryptographic algorithms,
each of the bits of the mode field of the process and allowed attributes corresponds to one of a plurality of different types of cryptographic modes, and.
each of the bits of the application field of the process and allowed attributes corresponds to one of a plurality of different types of application uses.

9. The device of claim 6, further comprising:

a secure key memory to store the plurality of key values, wherein
the secure key memory outputs one of the plurality of key values to the crypto module in response to receiving one of the plurality of KIDs from the attribute module,
a supervisory application is to set at least one of the plurality of the attributes lists, and
the process is to only add an attributes list associated with a first key value of the plurality of key values if the process added the first key value to the secure memory.

10. The device of claim 9, wherein,

the attribute module is to output the plurality of attributes lists and the plurality of KIDs associated therewith to the process, and
the process is select one of the plurality of KIDs to output to the attribute module based on the allowed one or more operations associated with the plurality of attributes lists and the KIDs.

11. A cryptographic method, comprising:

receiving a process identifier (PID) identifying a process requesting a cryptographic operation and a key identifier (KID) associated with the process;
selecting one of a plurality of attributes lists based on the received PID and KID, each the attributes lists to be associated with at least one of a plurality of PIDs and at least one of a plurality of KIDs;
receiving process attributes indicating the requested cryptographic operation of the process; and
comparing the received process attributes to allowed attributes included in the selected attributes list to determine if the requested cryptographic operation is allowable, the allowed attributes to indicate at least one allowed cryptographic operation of the process.

12. The method of claim 11, wherein

the process attributes and each of the attributes lists include an algorithm, a mode, and an application field, and
the application field indicates at least one of how and where the requested cryptographic operation is to be performed on information.

13. The method of claim 12, wherein

the algorithm, mode, and application fields include a plurality of bits,
only one of the bits is set for each of the algorithm, mode, and application fields of the process attributes,
at least one of bits is set for each of the algorithm, mode, and application fields of the allowed attributes, and
the bits of the algorithm, mode and application fields are set to indicate a corresponding type of allowable algorithms, modes and applications.

14. A non-transitory computer-readable storage medium storing instructions that, if executed by a processor of a device, cause the processor to:

receive process parameters defining a requested cryptographic operation by a process, the process parameters including a process ID (PID) identifying the process and a key identifier (KID) referencing a key value;
select one of a plurality of attributes lists based on the PID and the KID, the selected attributes list to define at least one allowed operation;
compare the selected attributes list to at least part of the process parameters; and
determine if the at least one allowed operation includes the requested cryptographic operation, based on the comparison.

15. The non-transitory computer-readable storage medium of claim 14, further comprising instructions that, if executed by the processor, cause the processor to:

allow a crypto module to perform the requested cryptographic operation if the at least one allowed operation includes the requested cryptographic operation; and
alert the process that the requested cryptographic operation is not performed if the at least one allowed operation does not include the requested cryptographic operation.
Patent History
Publication number: 20140140512
Type: Application
Filed: Jan 6, 2012
Publication Date: May 22, 2014
Inventor: Ted A. Hadley (Cupertino, CA)
Application Number: 14/232,229
Classifications
Current U.S. Class: Key Management (380/277)
International Classification: H04L 9/08 (20060101);