Field
This disclosure relates generally to semiconductor processing devices, and more specifically, encrypting or decrypting (ciphering) data in memory to a system-on-a-chip device.
Related Art
Inline encryption is the method of encrypting or decrypting (ciphering) data as it transfers on a bus. Double data rate (DDR) SDRAM inline encryption engines are dedicated to an external port so the memory available for ciphering from that single encryption engine is limited to DRAM. Inline encryption of other memories, volatile or non-volatile, require additional dedicated engines. Encrypted data for external storage in an inline process may be cryptographically bound to a chip and addresses but not to the encryption mode used for a given region of memory and not to the originating process and associated resources (i.e. resource domain). Different uses of encrypted data can require different encryption modes for security and performance reasons. For instance, non-volatile data used for on-the-fly decryption may be restricted to decryption from memory to the core only, in a specific advanced encryption standard (AES) counter cipher mode while data stored in DDR may use a strong but slower AES-XEX-based Tweaked Code Book mode with CipherText Stealing (XTS) mode.
Traditional cryptographic bindings do not take into account the resource's domain identity. A resource domain controller in a data processing system includes information that groups various resources, such as bus masters and peripherals, into common domains. Each group can be referred to as a resource domain and can include one or more data processor and peripheral devices. The resource domain information, therefore, assigns data processors and peripherals of a data processing system to one or more resource domains. Multiple and mutually suspicious processes on the same chip originating from distinct resource domains execute, transfer, or store security-sensitive data to the same external memory or bus. In traditional inline encryption techniques, a process' external data is only cryptographically protected from the other resource domains by address. Traditional resource domain bindings require internal memory for secure storage which is more likely to be synchronized for address-based separation. An external device where the ciphered data resides may be out of synchronization in terms of address assignment from internal management processes due to power, clock, reset, etc . . . and therefore subject to malicious or inadvertent exposure across resource domains. Therefore cryptographically binding addresses is not sufficient to protect data between the on chip processes when data is stored external to the chip.