PROTECTION OF COMMUNICATIONS BETWEEN TRUSTED EXECUTION ENVIRONMENT AND HARDWARE ACCELERATOR UTILIZING ENHANCED END-TO-END ENCRYPTION AND INTER-CONTEXT SECURITY

Abrégé

Embodiments are directed to protection of communications between a trusted execution environment and a hardware accelerator utilizing enhanced end-to-end encryption and inter-context security. An embodiment of an apparatus includes one or more processors having one or more trusted execution environments (TEEs) including a first TEE to include a first trusted application; an interface with a hardware accelerator, the hardware accelerator including trusted embedded software or firmware; and a computer memory to store an untrusted kernel mode driver for the hardware accelerator, the one or more processors to establish an encrypted tunnel between the first trusted application in the first TEE and the trusted software or firmware, generate a call for a first command from the first trusted application, generate an integrity tag for the first command, and transfer command parameters for the first command and the integrity tag to the kernel mode driver to generate the first command.

Classes IPC  ?

• G06F 21/60 - Protecting data
• G06F 21/76 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
• H04L 9/08 - Key distribution
• H04L 9/14 - Arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms