Secure communication of sensitive information between electronic devices or between components within a device over unsecured or secured channels has become commonplace with the development of methods to encrypt and decrypt such sensitive information. Two broad categories of these encryption techniques are symmetric and asymmetric encryption, both of which are widely used today. Symmetric encryption involves the use of a secret key known by both a transmitter and receiver of sensitive information. Using the same secret key, the transmitter can encrypt the data and the receiver can decrypt the data upon receipt. One often-utilized example of symmetric encryption is the Advanced Encryption Standard (AES), which uses a series of key-specific processing steps to transform an input message into an encrypted message and a series of corresponding decryption steps to retrieve the original message at the receiver.
Asymmetric encryption, on the other hand, utilizes two related keys: a public key and a private key. The public key is universally available and may be utilized by any transmitting device who wishes to send sensitive information to a particular receiver. The private key, however, which is necessary to decrypt the data encrypted with the public key, is known only by the receiver. Thus, any message that is encrypted and transmitted using the public key may only be decrypted in a reasonable amount of time by the receiver that possesses the corresponding private key. One prevalent asymmetric encryption algorithm is the Rivest-Shamir-Adleman (RSA) algorithm, which utilizes modular exponentiation to generate the public and private keys needed for secure communication. Another popular asymmetric encryption scheme is Elliptic Curve Cryptography (ECC), which is based on the algebraic structure of elliptic curves and assumes that finding the discrete logarithm of an elliptic curve with respect to a public base point is infeasible to compute.
Some devices employ multiple processors such as a central processing unit (CPU), a graphics processing unit (GPU) and a cryptographic co-processor (CCP). The cryptographic co-processor includes a cryptographic engine that can perform various cryptographic operations such as symmetric, asymmetric, hashing, digital signature signing, encryption, decryption and other cryptographic operations. The cryptographic co-processor is typically used to generate cryptographic keys such as asymmetric key pairs but typically do so in response to an application making a request for new keys, or through other request mechanisms requiring the CCP to generate key pairs on an as needed basis. For example, RSA key generation is a time consuming operation. With the key sizes linearly increasing, the generation time can be exponentially slower. For example, generation of 2048 bits for an RSA key or higher can be very time intensive for the CCP to generate keys. RSA key sizes are thought to need to be increased to 3072 bits or higher.
An improved technique is needed to generate asymmetric keys and provide the asymmetric keys to the appropriate requestor.