Stored public key validity registers for cryptographic devices and systems

摘要

Systems and techniques for performing cryptographic operations based on public key validity registers are described. A described system includes a controller and a memory structure to store one or more public keys. The memory structure includes one or more validity registers that respectively correspond to the one or more public keys. The controller has exclusive write access to the validity register. The controller can be configured to perform an authentication of a public key, write an authentication status value to the corresponding validity register based on a result of the authentication, and perform one or more cryptographic operations using the public key that are conditional on the validity register indicating an authenticated status for the public key.

主权项

1. An apparatus comprising:
a memory structure to store a public key, wherein the memory structure comprises a validity register that corresponds to the public key; and a controller configured to perform an authentication of the public key, write an authentication status value to the validity register based on a result of the authentication, the authentication status value corresponding to one of an authenticated status for the public key or an unauthenticated status for the public key, and perform one or more cryptographic operations using the public key that are conditional on the validity register indicating the authenticated status for the public key, wherein the apparatus has exclusive write access to the validity register, wherein the validity register comprises two or more bits, and the controller is configured to write the authentication status value to each of the two or more bits, and wherein the controller is configured to read the two or more bits from the validity register to determine an authentication status for the public key based on at least one of whether a majority agreement of the two or more bits indicates the authenticated status for the public key or whether any bit of the two or more bits indicates the unauthenticated status for the public key.