Architecture of an encryption circuit implementing various types of encryption algorithms simultaneously without a loss of performance

Abstract

An encryption circuit for simultaneously processing various encryption algorithms, the circuit being capable of being coupled with a host system hosted by a computing machine. The circuit comprises an input / output module responsible for the data exchanges between the host system and the circuit via a dedicated bus. An encryption module coupled with the input / output module is in charge of the encryption and decryption operations. Isolation means between the input / output module and the encryption module makes the sensitive information stored in the encryption module inaccessible to the host system and ensures the parallelism of the operations performed by the input / output module and the encryption module. The circuit is supported on a peripheral component interconnect card. The circuit is specifically adapted to provide “hardware” protection of computer servers or stations.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS [0001] This application is a continuation of application Ser. No. 09 / 706,728, filed Nov. 7, 2000, which claims priority under 35 U.S.C. §119 to French Application No. 9914067, filed Nov. 9, 1999, each of which is hereby incorporated by reference.FIELD OF THE INVENTION [0002] The present invention applies to the field of encryption, and more particularly, relates to an architecture of an encryption circuit implementing various types of encryption algorithms simultaneously. [0003] This architecture is embodied by a circuit supported by a PCI (Peripheral Component Interconnect) card, and makes it possible to implement various encryption algorithms in parallel, without a loss of performance in a machine (server or station). It also plays the role of a vault in which the secret elements (keys and certificates) required for any electronic encryption function are stored. DESCRIPTION OF RELATED ART [0004] The increased need for performance in cryptogr...

AI Technical Summary

Benefits of technology

"The invention is an encryption circuit that can be used with a host computer system. It has three main components: an input / output module, an encryption module, and isolation means. The encryption module is responsible for encryption and decryption operations and storing sensitive information. The isolation means prevents the sensitive information from being accessed by the host system and ensures the parallelism of the operations performed by the input / output module and the encryption module. The invention has two main advantages: it allows fast execution of various encryption algorithms with two levels of parallelism and makes invisible to the host system all of the encryption resources made available to the system. It also enables hardware and software implementations of various encryption algorithms to coexist without a loss of performance and is scalable by a choice of standard microprocessor and programmable logic technologies."

Problems solved by technology

There are known implementations of security architectures based on ASIC (Application Specific Integrated Circuit) components, which entail high development costs for a solution that remains inflexible, both on the manufacturer end and on the user end.

Furthermore, there is no architecture existing today that is capable of executing a set of algorithms simultaneously with a guaranteed throughput for each of them.

Images