Secure memory transaction unit

摘要

A method for providing security for plaintext data being transferred between units in a computer system includes steps of dividing a memory into a series of addressable locations, each of the addressable locations having an address at which can be stored version information, a data authentication tag, and ciphertext corresponding to the plaintext. The system retrieves the ciphertext, the version information, and the data authentication tag, and generates encryption keys for decrypting the information stored at the address. If the data authentication tag indicates the plaintext data are valid, then the system provides the decrypted plaintext to the requestor, or encrypts new plaintext data and stores the corresponding ciphertext with new authentication and version information at the first address.

主权项

1. A method for providing security for plaintext data in a computer system comprising:
using a stream cipher encrypting the plaintext data to thereby create ciphertext before storing the ciphertext in an addressable memory at memory locations therein; and wherein:
the encryption uses statistically different keys for every memory location; and the encryption uses statistically different keys for every write operation; and the keys are recreated for decrypting data upon retrieving the data from the addressable memory.