IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0185887
(2002-06-26)
|
등록번호 |
US-7392415
(2008-06-24)
|
발명자
/ 주소 |
- Grawrock,David W.
- Poisner,David I.
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
3 인용 특허 :
169 |
초록
▼
Methods, apparatus and machine-readable medium are described that attempt to protect secrets from sleep attacks. In some embodiments, the secrets are encrypted and a security enhanced environment dismantled prior to entering a sleep state. Some embodiments further re-establish a security enhanced en
Methods, apparatus and machine-readable medium are described that attempt to protect secrets from sleep attacks. In some embodiments, the secrets are encrypted and a security enhanced environment dismantled prior to entering a sleep state. Some embodiments further re-establish a security enhanced environment and decrypt the secrets in response to a wake event.
대표청구항
▼
What is claimed is: 1. A method comprising storing unencrypted secrets in a memory of a system; setting a first flag in a secrets store to indicate that the memory contains unencrypted secrets; setting a second flag in a sleep enable store to request a sleep controller to cause the system to enter
What is claimed is: 1. A method comprising storing unencrypted secrets in a memory of a system; setting a first flag in a secrets store to indicate that the memory contains unencrypted secrets; setting a second flag in a sleep enable store to request a sleep controller to cause the system to enter one of a plurality of sleep states by powering down at least one of a plurality of system components; determining which of the plurality of sleep states to enter based on a sleep type store, wherein the type of sleep state determines which of the plurality of system components to power down and the wake-up latency of the system; detecting a sleep attack, determining that the memory contains unencrypted secrets based on the secrets store; and before entering a sleep state, in response to determining that the memory contains unencrypted secrets based on the secrets store, invoking a sleep attack response that protects the unencrypted secrets from the sleep attack, the sleep attack response including one or more from the group of generating a system reset event, generating a system halt event, generating a system shutdown event, generating a system power off event, powering circuitry used to protect the unencrypted secrets during the sleep state, or erasing the memory. 2. The method of claim 1 wherein setting the second flag in the sleep enable store is in response to a sleep event. 3. The method of claim 1 further comprising encrypting one or more portions of the memory in response to a sleep event. 4. The method of claim 3 further comprising generating a contents attestation that attests to the one or more portions of the memory. 5. The method of claim 3 further comprising generating a structure that identifies the one or more portions of the memory; and generating one or more attestations that attest to the structure and the one or more portions of the memory. 6. The method of claim 5 further comprising sealing the structure and the one or more attestations to a monitor of a computing device. 7. A chipset to support a processor in a system, comprising a secrets store to indicate whether a memory in the system contains unencrypted secrets; a sleep controller; a sleep enable store to request the sleep controller to cause the system to enter one of a plurality of sleep states by powering down at least one of a plurality of system components; a sleep type store to indicate which of the plurality of sleep states to enter, wherein the indication determines which of the plurality of system components to power down and the wake-up latency of the system; sleep attack detection logic to detect a sleep attack and determine that the memory contains secrets based on the secrets store, in response to a request from the processor to enter the sleep state and to invoke an attack response before entering the sleep state, where the sleep attack response includes one or more from the group of generating a system reset event, generating a system halt event, generating a system shutdown event, generating a system power off event, powering circuitry used to protect the unencrypted secrets during the sleep state, or erasing the memory. 8. The chipset of claim 7 further comprising an interface that prevents untrusted modification of the secrets store. 9. The chipset of claim 7 further comprising an interface that requires receipt of one or more messages prior to allowing updates to the secrets store. 10. A system comprising an operating system and a more privileged monitor, the operating system to store unencrypted secrets in system memory; receive a first flag in a secrets store to indicate the memory contains unencrypted secrets; receive a second flag in a sleep enable store to request a sleep controller, to enter a sleep state by powering down at least one of a plurality of system components based on the sleep state type, determine which of the plurality of sleep states to enter based on a sleep type store, wherein the type of sleep state determines which of the plurality of system components to power down and the wake-up latency of the system, and to transfer processing of the sleep event to the monitor, and the monitor, based on a secrets store that indicates whether a memory contains unencrypted secrets and in response to the sleep event and before the system enters the sleep state, to encrypt one or more pages of the memory and to indicate that the memory contains no unencrypted secrets. 11. The system of claim 10, wherein the monitor is to further update the secrets store to indicate that the memory contains no unencrypted secrets. 12. The system of claim 10, wherein the monitor is to return processing of the sleep event to the operating system, and the operating system is to write encrypted and non-encrypted pages of memory to non-volatile storage. 13. The system of claim 10, wherein the monitor is to return processing of the sleep event to the operating system, and the operating system is to cause the system to enter the sleep state. 14. The system of claim 10, wherein the monitor is to further generate a contents attestation that attests to the encrypted pages of the memory. 15. The system of claim 14, wherein the monitor is to further generate a structure that identifies the encrypted pages, and is to generate a structure attestation that attests to the structure. 16. The system of claim 15, wherein the monitor is to further seal to the monitor the contents attestation, the structure attestation, and a monitor key to decrypt the encrypted pages. 17. A system comprising volatile memory comprising security enhanced regions, a secrets store to indicate whether the volatile memory contains unencrypted secrets, a sleep controller; a sleep enable store to request the sleep controller, in response to a sleep event, to cause the system to enter one of a plurality of sleep states by powering down at least one of a plurality of system components; a sleep type store to indicate which of the plurality of sleep states to enter, wherein the indication determines which of the plurality of system components to power down and the wake-up latency of the system; sleep attack detection logic to invoke a sleep attack response before entry into the sleep state, in response to the sleep enable store being updated to invoke entry into the sleep state and the secrets store indicating that the volatile memory contains unencrypted secrets, where the sleep attack response includes one or more from the group of: generating a system reset event, generating a system halt event, generating a system shutdown event, generating a system power off event, powering circuitry used to protect the unencrypted secrets during the sleep state such as a processor to encrypt the security enhanced regions in response to the sleep event and to update the secrets store to indicate that the volatile memory contains no unencrypted secrets in response to encrypting the security enhanced regions, or erasing the memory. 18. The system of claim 17, wherein the processor is to further generate a contents attestation that attests to the security enhanced regions and is to invoke the sleep attack response in response to a wake event if the contents attestation indicates that the security enhanced regions are not authentic. 19. The system of claim 18, wherein the processor is to further seal the contents attestation and a key to decrypt the security enhanced regions to the system. 20. The system of claim 19, wherein the processor is to further invoke the sleep attack response in response to a wake event if unsealing the contents attestation and the key fails. 21. A machine-readable medium comprising a plurality of instructions that in response to being executed, result in a system setting a first flag in a secrets store to indicate that the memory contains unencrypted secrets; in response to a sleep event, setting a second flag in a sleep enable store to request a sleep controller to cause the system to enter one of a plurality of sleep states by powering down at least one of a plurality of system components; determining which of the plurality of sleep states to enter based on a sleep type store, wherein the type of sleep state determines which of the plurality of system components to power down and the wake-up latency of the system; detecting a sleep attack; determining that the memory contains unencrypted secrets based on the secrets store; before entering the sleep state, in response to determining that the memory contains unencrypted secrets based on the secrets store, encrypting contents of the memory, and generating a contents attestation that attests to the contents of the memory. 22. The machine-readable medium of claim 21 wherein the plurality of instructions in response to being executed further result in the system using the contents attestation to verify the authenticity of the contents in response to a wake event, and invoking a sleep attack response in response to determining that the contents of the memory are not authentic. 23. The machine-readable medium of claim 22 wherein the plurality of instructions in response to being executed further result in the system sealing the contents attestation and a key to decrypt the contents of the memory to the system in response to the sleep event, unsealing the contents attestation and the key in response to a wake event, and invoking the sleep attack response in response to a failure in unsealing the contents attestation and the key.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.