Generic encryption system for nonsecure datapaths

摘要

A secure generic encryption system for nonsecure datapaths comprises a format-specific adaptation layer/data path for receiving and processing nonsecure content data; an authentication engine located within a security perimeter and coupled to an external communication interface for authentication and supplying the format-specific adaptation layer/data path, located outside the security perimeter, with an output signal indicating whether authentication is successful; and a generic encryption module located within the security perimeter and coupled (1) to the authentication engine for receiving from the authentication engine initialization vectors, encryption keys, and the output signal indicating whether authentication is successful, and (2) to the format-specific adaptation layer/data path for (a) receiving a read signal from the format-specific adaptation layer/data path, and (b) providing the format-specific adaptation layer/data path with a data-available signal to indicate whether data is available to be read.