R3 Holdco has filed a patent for a method that involves a trusted execution environment (TEE) and a configurable logic device (CLD). The TEE sends encrypted messages to the CLD to provide a session key and configuration data for the CLD. The CLD receives and decrypts the messages, stores the session key, and configures itself based on the received data. GlobalData’s report on R3 Holdco gives a 360-degree view of the company including its patenting strategy. Buy the report here.
According to GlobalData’s company profile on R3 Holdco, was a key innovation area identified from patents. R3 Holdco's grant share as of September 2023 was 39%. Grant share is based on the ratio of number of grants to total number of patents.
A method for secure communication and configuration of a logic device
A recently filed patent (Publication Number: US20230254138A1) describes a method performed by a computing system with an execution environment (EE) and a configurable logic device (CLD). The method involves sending encrypted messages from the EE to the CLD to provide a session key and configuration data for configuring the CLD. The CLD then receives and decrypts these messages using its private key, stores the session key, and configures itself based on the received configuration data. The CLD can be a field-programmable gate array (FPGA) or a complex programmable logic device (CPLD).
The session key mentioned in the patent can be either a symmetric key or a public/private keypair. Additionally, the method includes an attestation process to receive the CLD public key, ensuring the authenticity of the CLD. The computing system can have multiple CLDs, each with a unique private key, and a unique session key is generated for each CLD under the control of the trusted execution environment (TEE).
The configuration data provided in the CLD messages specifies the configuration of the CLD using a hardware description language. The CLD is initialized before being configured, and an attestation component is included in the CLD to perform the attestation process and provide the public key to the TEE.
The patent also describes a configurable logic device (CLD) that includes configurable logic and a trusted execution environment (TEE) interface. The TEE interface receives encrypted messages from the TEE, decrypts them using the CLD's private key, stores the session key, and configures the configurable logic based on the received configuration data. The CLD can also receive messages from the TEE encrypted with the session key, decrypt them, and provide the data to the configurable logic.
The CLD TEE can be provided by a processor on the same integrated circuit as the CLD, and the CLD private key is embedded into the CLD during manufacturing. The patent also mentions a computer-readable storage medium storing instructions for a secure enclave, which perform steps such as adding configuration data and a session key to a message, encrypting it with the CLD public key, and sending it to the CLD.
Overall, this patent describes a method and system for securely configuring a configurable logic device using encrypted messages and session keys, ensuring the authenticity and integrity of the configuration process.