Aspects of the present disclosure involve a cryptographic processor that includes four or more multiplication circuits, two or more addition circuits, and two or more memory circuits. The cryptographic engine is configured to perform a variety of operations, including modular multiplication, modular inversion, matrix multiplication, Montgomery multiplication, computations of Jacobi symbols, and the like. The cryptographic engine support streaming computations where at least some of the multiplication circuits operate on multipliers and/or multiplicands that are also used during other cycles of computations.
Multiple (e.g., two) hosts access a single memory channel (and/or device) via a memory controller. The single memory channel/device can support at most one access at a time. To reduce contention between the multiple hosts, the memory controller comprises multiple (e.g., two), independent, host ports. Each host port is associated with a write buffer(s) in the memory controller that stores write data at least until the memory controller writes the data to the memory channel. Data stored in a write buffer may be used to respond to memory access commands (e.g., reads or writes) on the ports without accessing the memory channel. In this manner, the hosts do not directly contend with each other for the single memory channel or the memory controller.
A multi-domain masked AND gate includes inner-domain calculations, re-sharing, register stage, cross-domain calculations, and compression. The inner-domain multiplication and the re-sharing are calculated prior to storing the re-shared variables in the register stage. Thus, the inputs to the cross-domain multiplication and the compression are performed on variables that have been refreshed by additional randomness. This AND gate does not need statistically independent inputs, is secure in the probing model even in the presence of glitches, also known as the robust probing model. A two-domain input and two domain output AND gate can be implemented using six (6) registers, four (4) two input logical AND gates, and eight (8) exclusive-OR (XOR) gates. The AND gate may also be used to implement an AES S-box that has two (2) register stages and takes two (2) clock cycles per computation.
G06F 21/75 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation, e.g. to counteract reverse engineering
G06F 9/30 - Arrangements for executing machine instructions, e.g. instruction decode
Multiple helper data solutions (a.k.a., helper data images) are generated to produce preselected non-random values (a.k.a., “target values”) from a physically unclonable function (PUF) circuit. Therefore, multiple preselected PUF output values may be generated for a given integrated circuit die, where each the output values are derived from a combination of the chip-unique PUF circuit and the chip-unique helper data solution. These helper data blocks are stored in a nonvolatile memory on the integrated circuit die. In an embodiment, the preselected non-random values may be used as secret encryption or decryption keys. In this manner, multiple secret values can be reliably stored within a chip, using a combination of the chip-unique PUF circuit and the multiple chip-unique helper data solution.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
5.
MASKING WITH EFFICIENT UNMASKING VIA DOMAIN EMBEDDING IN CRYPTOGRAPHIC DEVICES AND APPLICATIONS
Disclosed aspects and implementations are directed to systems and techniques for protecting cryptographic operations against side-channel attacks. In one example, polynomials associated with secret data and public data defined on a working domain having a first dimension are mapped to an auxiliary domain having a larger second dimension. The mapped polynomials are masked using masking polynomials associated with a kernel of a homomorphism transformation from the auxiliary domain to the working domain. One or more computations are then performed on the masked polynomials in the auxiliary domain and an output is transformed from the auxiliary domain to the working domain.
Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.
An application executing at a first platform receives, from a tester device, a first request to generate a secure data asset. Responsive to authenticating the client, the application sends, to a second platform, a second request to determine whether the client has access to the secure data asset. Responsive to receiving an indication, from the second platform, that the client has access to the secure data asset, the application performs one or more operations to generate the secure data asset. The application sends, to the tester device, the generated secure data asset.
A system receives, from a first provisioning entity, a request for first secure device data related to a semiconductor device. The first secure device data is associated with one or more provisioning operations performed, on the semiconductor device, by a second provisioning entity. Based on determining that the first provisioning entity has permission to access the first secure device data, the first secure device data is provided to the first provisioning entity. Second secure device data associated with one or more provisioning operations performed by the first provisioning entity on the semiconductor device is received from the first provisioning entity.
Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.
Aspects and implementations are directed to systems and techniques for protecting cryptographic operations against side-channel attacks by masking a ciphertext data using one or more masks randomly sampled from a null space associated with a tensor representation of a secret data and generating a plaintext data using the masked ciphertext data.
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
11.
RECONFIGURABLE PROCESSING UNITS FOR EFFICIENT SUPPORT OF MULTIPLE POST-QUANTUM CRYPTOGRAPHIC ALGORITHMS
Disclosed aspects and implementations are directed to devices and techniques for performing cryptographic operations using post-quantum algorithms. Reconfigurable processing devices supports multiple algorithms that deploy various integer and polynomial arithmetic operations including Number Theoretic Transforms, inverse Number Theoretic Transforms, pointwise polynomial multiplications, pairwise polynomial multiplications, pointwise-pairwise polynomial multiplications, Karatsuba multiplications, and/or other operations. The reconfigurable processing device(s) may be integrated into a streaming pipeline that includes a hash value generator and a sampler with matching throughputs for efficient utilization of computational and memory resources.
12.
FUNCTIONS WITH A PRE-CHARGE OPERATION AND AN EVALUATION OPERATION
An input data may be received. A portion of a cryptographic operation may be performed with the received input data at a first function component. During the performance of the cryptographic operation at the first function component, a pre-charge operation may be performed at a second function component. Furthermore, the second function component may be used to perform another portion of the cryptographic operation with a result of the portion of the cryptographic operation performed at the first function component.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
13.
LOW LATENCY METADATA DECRYPTION USING HASH AND PSEUDORANDOM FUNCTIONS
Systems and techniques for cryptographically protecting data in a computer memory are disclosed. The techniques include dividing the data into a first portion and a second portion, encrypting the first portion of the data to create a first stored form of the data, encrypting the second portion of the data, and storing, in the computer memory, the first stored form of the data and a second stored form of the data. The techniques include, to encrypt the second portion, calculating a hash based on the first stored form of the data, applying a first pseudorandom function to the hash to obtain a bit sequence, and combining the bit sequence with the second portion of the data to obtain the second stored form of the data.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
14.
MULTI-LANE CRYPTOGRAPHIC ENGINES WITH SYSTOLIC ARCHITECTURE AND OPERATIONS THEREOF
Aspects of the present disclosure involve a cryptographic processor that includes a systolic array having a plurality of processing lanes (PLs), each PL including a systolic sub-array of two or more processing elements (PEs), each PE being configured to multiply two numbers to obtain and store a multiplication product. The cryptographic processor is configured to efficiently perform a variety of operations, including multiplication of large numbers, modular reduction, Montgomery reduction, and the like.
G06F 7/544 - Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using non-contact-making devices, e.g. tube, solid state deviceMethods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using unspecified devices for evaluating functions by calculation
G06F 5/06 - Methods or arrangements for data conversion without changing the order or content of the data handled for changing the speed of data flow, i.e. speed regularising
G06F 7/72 - Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radixComputing devices using combinations of denominational and non-denominational quantity representations using residue arithmetic
15.
PROVISIONING A VOLATILE SECURITY CONTEXT IN A ROOT OF TRUST
A first device receives, from a second device, a request to provision a security context for the second device. The first device transmits a nonce value to the second device and receives, from the second device, a data structure encoding the security context and a cryptographically signed digest of a combination of the data structure, the nonce value, and a public key. The first device determines a first digest using the nonce value and cryptographically signed digest, and a second digest using the data structure, the nonce value, and the public key. Responsive to determining that the first digest matches the second digest, the first device provisions the security context for the second device by storing the security context on the volatile memory.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
Disclosed systems and techniques include a cryptographic processor for processing of both unprotected data and protected data using an unprotected data path. In one implementation, the cryptographic processor includes a processing unit, and a control unit to selectively cause the processing unit to operate in a public mode or a secure mode. In the public mode, the processing unit performs a computational operation to compute a nonlinear function of a public data. In the secure mode, the processing unit computes, over a plurality of iterations, a plurality of shares of the nonlinear function of a secure data. At each iteration, the processing unit performs multiple instances of the computational operation to compute a respective share of the nonlinear function of the secure data.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
17.
GENERATING A TARGET DATA BASED ON A FUNCTION ASSOCIATED WITH A PHYSICAL VARIATION OF A DEVICE
A value corresponding to a physical variation of a device may be received. Furthermore, helper data associated with the physical variation of the device may be received. A result data may be generated based on a combination of the value corresponding to the physical variation of the device and the helper data. An error correction operation may be performed on the result data to identify one or more code words associated with the error correction operation. Subsequently, a target data may be generated based on the one or more code words.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
A system limits the use (e.g., number of encryptions and/or decryptions using that key value) of cryptographic key values. When a key value's usage count exceeds the limit, that value is "retired", and a new key value is selected. Key identifiers and a key versions are associated with each encrypted data block. The key identifiers are also associated with current key values, a current version indicators, and usage indicators. Key identifiers may also be associated with one or more previous (i.e., 'retired') version indicators and corresponding previous key values. When an encrypted data block associated with a given key identifier is accessed, the key version indicator associated with that block, and the key version indicators associated with the current and previous keys, are used to select the proper key from either the current key value or one of the previous key values.
Technologies for generating an M-bit selection vector for a selector circuit that receives as input M binary values from a set of entropy-generation elements and outputs N binary values responsive to the M-bit selection vector are described. N bits in the M-bit selection vector are set to a first logic state, and M-N bits of the M-bit selection vector are set to a second logic state. A determination of which N bits in the M-bit selection vector are set to the first logic state is determined by a process. The process includes determining an accumulated Hamming weight value for M bit positions of the M-bit selection vector using K samples and identifying N bit positions in the M-bit selection vector using the accumulated Hamming weight values. The process sets the N bits corresponding to the N bit positions in the M-bit selection vector to the first logic state.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
Technologies for providing an integrity tree architecture that reduces the number of memory accesses and verification operations needed to perform a read operation. One inline memory encryption (IME) engine performs operations that include receiving a read command for data stored at a data block. The operations further include obtaining a first authentication tag associated with the data block, a first counter value used to generate the first authentication tag; a root counter value, and an intermediate tag. The operations further include generating a second authentication tag based on the intermediate tag, the first counter value, the root counter value, and the data from the data block, and responsive to determining that a value of the first authentication tag matches a value of the second authentication tag, sending, to the host system, the data stored at the data block.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
A request to perform a memory operation addressed to a first address corresponding to a first logical unit of logical units of a memory is received. Address mask data that corresponds to the logical units is identified. Multiple transformed addresses are determined using the first address and the address mask data. The transformed addresses can include a target address corresponding to the first logical unit and additional addresses corresponding to other logical units. The memory operation is performed at the target address corresponding to the first logical unit and dummy memory operations are performed at the additional addresses corresponding to the additional logical units.
Systems and techniques for secure execution of a computing code and protection against code reuse attacks are disclosed. The techniques include fetching, by a processor, a first instruction of the computing code, determining a first verification value, wherein the first verification value is based, at least in part, on one or more attributes of the first instruction, accessing a first stored verification value, and evaluating, using the first verification value and the first stored verification value, execution integrity of the computing code.
G06F 21/56 - Computer malware detection or handling, e.g. anti-virus arrangements
G06F 21/52 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure
G06F 12/14 - Protection against unauthorised use of memory
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
Technologies for protecting a secure context in a hardware root of trust (ROT) are described. One hardware ROT includes key generation logic and a cryptographic circuit. The key generation logic generates a first key from a value, corresponding to a physical variation of the hardware ROT, and first helper data associated with the physical variation of the hardware ROT. The key generation logic generates a second key from the value and second helper data associated with the physical variation of the hardware ROT. The cryptographic circuit receives a first encrypted secure context from off-chip storage and decrypts the first encrypted secure context using the first key to obtain a secure context. The cryptographic circuit encrypts the secure context using the second key to obtain a second encrypted secure context and stores the second encrypted secure context in the off-chip storage.
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
H04L 9/14 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms
24.
PERFORMING VERIFIED RESTORE OF DATA ASSETS IN A CRYPTOGRAPHIC DEVICE
A first platform receives a request to generate a verification package for restoring a backup image at a second platform. The first platform generates a first data asset. The first platform generates a second data asset based on the first data asset and an asset list associated with the backup image. The first platform generates a third data asset based on the asset list. The first platform sends a response that includes the verification package comprising the first data asset, the second data asset, and the third data asset.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
Aspects and implementations include systems and techniques for efficient protection of secret data against replay attacks, including updating a unit of data of a plurality of units of data, updating an individual portion of a counter for the unit of data, the counter including an individual portion and a common portion, accessing a pointer value that distinguishes counters corresponding to a first epoch from counters corresponding to a second epoch, selecting, based on at least the pointer value and a value of the individual portion of the counter, an update value, and modifying the pointer value using the update value.
G06F 21/78 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
26.
INTEGRITY-PROTECTION AUTHENTICATION THROUGH INTERMEDIATE STATES
Technologies for protecting data integrity of an authentication algorithm using intermediate states are described. One inline memory encryption (IME) engine performs an authentication algorithm that uses a hash function to compute an authentication tag. The IME engine includes integrity-protection logic to store an intermediate state of a tag computation and incoming data segments. In the event of an error in the computation, the integrity-protection logic can compute the intermediate state again using a last intermediate state and the last data segment.
G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06F 17/00 - Digital computing or data processing equipment or methods, specially adapted for specific functions
27.
PROTECTION OF POLYNOMIAL CRYPTOGRAPHIC OPERATIONS AGAINST SIDE-CHANNEL ATTACKS WITH CHANGE-OF-VARIABLE TRANSFORMATIONS
Disclosed aspects and implementations are directed to systems and techniques for protecting cryptographic operations using change-of-variable transformation, from a first variable to a second variable, of a first polynomial obtained using an input into a cryptographic operation and a second polynomial obtained using a cryptographic key for the cryptographic operation, performing a joint operation using the transformed first polynomial and the transformed second polynomial, and computing an output of the cryptographic operation using an output of the joint operation.
Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.
Aspects of the present disclosure involve a method, a system and a computer readable memory to perform a secure update of a target device, including communicating an update instruction to the target device, generating one or more data values using the update instruction, generating a first authentication value using the data value(s), receiving a second authentication value from the target device, wherein the second authentication value is generated by the target device in response to the update instruction, and determining whether the secure update has been successful based on a comparison of the first authentication value and the second authentication value.
Multiple helper data solutions (a.k.a., helper data blocks), and therefore multiple possible PUF output values, are generated for a given integrated circuit die. These helper data blocks are encrypted and stored in a nonvolatile memory on the integrated circuit die. Each helper data block is encrypted such that each helper data block can only be decrypted by a decryption key that is different from the other encrypted helper data blocks stored on that integrated circuit die. The keys to decrypt the multiple helper data blocks are released one at a time and spread over time. Because the helper data is encrypted, each PUF output value is only discoverable when its associated key is released. Accordingly, counterfeit systems or integrated circuits will need to be re-reverse engineered each time a new key is released.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
A request, from a tester device, to generate a secure data asset to be securely provisioned to a target device is received by an appliance cluster. The request includes an authorization token. Responsive to receiving the request, one or more verification operations to determine whether the tester device is authorized to request the generation of the secure data asset is performed based on the authorization token. Responsive to determining that the tester device is authorized to request the generation of the secure data asset, a generation of the secure data asset by a hardware security module (HSM) is caused. The generated secure data asset is sent to the tester device in response to the request to generate the secure data asset.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
Aspects and implementations include systems and techniques for encryption and decryption of error-corrected codewords for combined protection against corruption of data and adversarial attacks, including obtaining a block of data that has a first plurality of symbols, generating, based on the first plurality of symbols, a second plurality of symbols, wherein the second plurality of symbols includes one or more error correction symbols for the first plurality of symbols, encrypting the second plurality of symbols using a set of symbol-level ciphers (SLCs) to obtain an encrypted plurality of symbols, and using the encrypted plurality of symbols in a computer operation.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
33.
Secure feature and key management in integrated circuits
A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.
G06F 21/71 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
H04L 9/14 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
A value corresponding to an input for a cryptographic operation may be received. The value may be masked by multiplying the value with a first number modulo a prime number. The cryptographic operation may subsequently be performed on the masked value.
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
G06F 21/71 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
35.
Providing access to a hardware resource based on a canary value
A container corresponding to executable code may be received. In response receiving the container, an assertion value may be stored in an assertion register. A final canary value may be generated based on a cycles combining a prior canary value and a mix value. A determination may be made as to whether the final canary value matches with the assertion value stored in the assertion register. In response to determining that the final canary value matches with the assertion value, one or more privilege registers may be programmed to provide access to hardware resources for the container corresponding to the executable user code.
G06F 21/51 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
36.
TECHNIQUES AND DEVICES FOR CONFIGURABLE MEMORY ENCRYPTION AND AUTHENTICATION
Disclosed systems and techniques involve flexible encryption, decryption, retrieval, and authentication of data. The systems may include a cryptographic processor that, in a first selectable mode of operation is configured to identify plaintext blocks, generate encrypted ciphertext blocks, process sequentially the ciphertext blocks to obtain an authentication value, encrypt the authentication value, and store the ciphertext blocks and an authentication tag, obtained based on the encrypted authentication value. In a second selectable mode, the cryptographic processor may perform ciphertext block encryption but forgo obtaining the authentication value.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06F 12/14 - Protection against unauthorised use of memory
G06F 12/06 - Addressing a physical block of locations, e.g. base addressing, module addressing, address space extension, memory dedication
H04L 9/14 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms
H04L 9/16 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
37.
PROTECTION OF TRANSFORMATIONS BY INTERMEDIATE RANDOMIZATION IN CRYPTOGRAPHIC OPERATIONS
Aspects of the present disclosure involve a method and a system to perform a cryptographic operation that involves a number theoretic transformation of a first vector to a second vector by obtaining components of the first vector, performing a plurality of iterations that each include determining a plurality of output values, wherein each of the plurality of output values is a linear combination of two or more input values, the input values into a first iteration being the components of the first vector and the output values of the last iteration being representative of components of the second vector, and wherein one or more of the output values of at least one iteration are randomized by multiplying at least one input value by a random number, and determining, based on the output values of the last of the plurality of iterations, the components of the second vector.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06F 17/14 - Fourier, Walsh or analogous domain transformations
38.
System and method to improve efficiency in multiplication_ladder-based cryptographic operations
Aspects of the present disclosure involve a method to perform a cryptographic operation using a plurality of iterations, each of the plurality of iterations comprising: loading a first number corresponding to a difference between a first component of a first input working point on an elliptic curve and a first component of a second input working point on the elliptic curve, loading a second number corresponding to a difference between the first component of the first input working point and a first component of a third input working point on the elliptic curve, and determining a third number corresponding to a difference between a first component of a first output working point on the elliptic curve and the first component of the second input working point, wherein determining the third number comprises squaring a product of the first number and a first function of the second number.
An application executing at a first platform receives, from a tester device, a first request to generate a secure data asset to be securely provisioned to a target device. Responsive to receiving the first request, the application performs one or more operations related to the generation of the secure data asset. Subsequent to performing the one or more operations related to the generation of the secure data asset, the application sends, to a second secure platform, a second request to generate the secure data asset. The application receives, from the second secure platform, the generated secure data asset.
A computing system includes a host device and a root of trust (RoT) device for performing batch encryption and decryption operations facilitated by a direct memory access (DMA) engine. The host device generates a command table for batch processing of a set of address tables that each describe a set of data blocks of a file to be encrypted or decrypted. The DMA engine facilitates a DMA transfer of the command table from the host memory to an RoT memory of the RoT device. The RoT device then performs batch processing of the address tables referenced in the command table. For each address table, the DMA engine copies a set of data blocks from the host memory to the RoT memory, a cryptographic engine encrypts or decrypts the data blocks, and the DMA engine copies the transformed data blocks back to the host memory.
Technologies for detecting and classifying errors detected in pipelined hardware are described. One device includes a hardware pipeline with a set of pipeline stages. Error detection logic can detect an error in the hardware pipeline, and control logic can classify the error in one of the multiple categories based on a type of the error, a position of the first data in a data stream that triggered the error, and a position of a pipeline stage in which the error is detected. The control logic can perform an error-response action based on the error classification of the error.
Disclosed are systems and techniques for enhanced protection of cryptographic key generation in cryptographic applications. In particular, described is a method and a system that performs the method of obtaining input numbers associated with a cryptographic application, generating masking matrix based on at least one random value, obtaining masked numbers using a matrix product of the MM and the input numbers, determining a greatest common divisor (GCD) of the masked numbers, identifying a GCD of the input numbers, and using the identified GCD to generate a cryptographic key.
Computing devices, methods, and systems for corrections to the “almost” binary extended GCD in a cryptographic operation of a cryptographic process are disclosed. Exemplary implementations may: receive, from a cryptographic process, a command to compute a binary extended greatest common denominator of a first input value and a second input value for a cryptographic operation; compute, by a binary extended GCD algorithm, the binary extended GCD using a multiplication with an inverse of two, instead of a division by two, to obtain a first output value; compute, by the binary extended GCD algorithm, a second output value and a third output value; and return, to the cryptographic process, the first output value, the second output value, and the third output value.
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
G06F 7/72 - Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radixComputing devices using combinations of denominational and non-denominational quantity representations using residue arithmetic
G06F 7/38 - Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation
44.
Data flow control module for autonomous flow control of multiple DMA engines
A DMA system includes two or more DMA engines that facilitate transfers of data through a shared memory. The DMA engines may operate independently of each other and with different throughputs. A data flow control module controls data flow through the shared memory by tracking status information of data blocks in the shared memory. The data flow control module updates the status information in response to read and write operations to indicate whether each block includes valid data that has not yet been read or if the block has been read and is available for writing. The data flow control module shares the status information with the DMA engines via a side-channel interface to enable the DMA engines to determine which block to write to or read from.
G06F 13/28 - Handling requests for interconnection or transfer for access to input/output bus using burst mode transfer, e.g. direct memory access, cycle steal
A multi-domain masked AND gate includes inner-domain calculations, re-sharing, register stage, cross-domain calculations, and compression. The inner-domain multiplication and the re-sharing are calculated prior to storing the re-shared variables in the register stage. Thus, the inputs to the cross-domain multiplication and the compression are performed on variables that have been refreshed by additional randomness. This AND gate does not need statistically independent inputs, is secure in the probing model even in the presence of glitches, also known as the robust probing model. A two-domain input and two domain output AND gate can be implemented using six (6) registers, four (4) two input logical AND gates, and eight (8) exclusive-OR (XOR) gates. The AND gate may also be used to implement an AES S-box that has two (2) register stages and takes two (2) clock cycles per computation.
G06F 21/76 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
G11C 19/00 - Digital stores in which the information is moved stepwise, e.g. shift registers
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
H04L 9/28 - Arrangements for secret or secure communicationsNetwork security protocols using particular encryption algorithm
Multiple helper data solutions (a.k.a., helper data images) are generated to produce preselected non-random values (a.k.a., "target values") from a physically unclonable function (PUF) circuit. Therefore, multiple preselected PUF output values may be generated for a given integrated circuit die, where each the output values are derived from a combination of the chip-unique PUF circuit and the chip-unique helper data solution. These helper data blocks are stored in a nonvolatile memory on the integrated circuit die. In an embodiment, the preselected non-random values may be used as secret encryption or decryption keys. In this manner, multiple secret values can be reliably stored within a chip, using a combination of the chip-unique PUF circuit and the multiple chip-unique helper data solution.
G06F 21/30 - Authentication, i.e. establishing the identity or authorisation of security principals
G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
G06F 21/76 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
47.
Using cryptographic blinding for efficient use of montgomery multiplication
Aspects of the present disclosure involves receiving an input message, generating a first random value that is used to blind the input message to prevent a side-channel analysis (SCA) attack, computing a second random value using the first random value and a factor used to compute the Montgomery form of a blinded input message without performing an explicit Montgomery conversion of the input message, and computing a signature using Montgomery multiplication, of the first random value and the second random value, wherein the signature is resistant to the SCA attack.
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
48.
EFFICIENT INTEGRITY MONITORING OF PROCESSING OPERATIONS WITH MULTIPLE MEMORY ARRAYS
Disclosed systems and techniques are directed to efficient integrity monitoring of computational operations using multiple memory arrays collectively representative of known events associated with the computational operations. Disclosed techniques include obtaining event identification value representative of a state of the computing device associated with execution of an operation on the computing device, obtaining memory pointers and selecting, based on the memory pointers, mapping values from multiple memory arrays, computing an event response value, and classifying the operation among a plurality of classes, based on the event response value.
Technologies for selectively distributing a same random number to multiple cryptographic circuits are described. One apparatus includes a plurality of cryptographic circuits. Each of the plurality of cryptographic circuits is to receive a random number for differential power analysis (DPA) protection of a cryptographic operation. At least two of the plurality of cryptographic circuits are configured to selectively use a same random number.
A prover chip uses a key multiplier value generated by a proof-of-work function from a challenge value, a random number, and elliptic curve cryptography (ECC) techniques to generate a one-time (or ephemeral) use private key. Similarly, a verifier chip uses the key multiplier value generated by an equivalent proof-of-work function, a public key received from the prover, and ECC techniques to derive a one-time use public key that corresponds to the ephemeral private key generated by the prover chip. The prover chip uses the ephemeral private key to sign the second challenge value and send this signed second challenge value to the verifier chip. The verifier verifies the value it receives using the one-time use public key and if the signature on the second challenge value is valid, authenticates the prover chip to a system.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
The embodiments herein are directed to technologies for backside security meshes of semiconductor packages. One package includes a substrate having a first interconnect terminal of a first type and a second interconnect terminal of a second type. The package also includes a first security mesh structure disposed on a first side of an integrated circuit die and a conductive path coupled between the first interconnect terminal and the second interconnect terminal. The first security mesh structure is coupled to the first interconnect terminal and the second interconnect terminal being coupled to a terminal on a second side of the integrated circuit die.
An application executing at a first platform receives, from a tester device, a first request to generate a secure data asset. Responsive to authenticating the client, the application sends, to a second platform, a second request to determine whether the client has access to the secure data asset. Responsive to receiving an indication, from the second platform, that the client has access to the secure data asset, the application performs one or more operations to generate the secure data asset. The application sends, to the tester device, the generated secure data asset.
G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
G06F 21/73 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
H04W 12/0431 - Key distribution or pre-distributionKey agreement
53.
LOW-LATENCY MULTI-KEY ENCRYPTION AND DECRYPTION ENGINE AND TECHNIQUES
Disclosed systems and techniques involve low-latency multi-key encryption processing in which block keys are precomputed based on multiple cryptographic keys, stored, and then selected for encryption or decryption of data during run-time cryptographic operations. The block keys may be precomputed, for each cryptographic key, in such quantities that allow uninterrupted flow of encryption or decryption operations. Replacement block keys may be concurrently generated to replace the blocks being consumed and authentication values may be computed or updated. Various described techniques allow parallel processing for efficient low-latency block key generation and cryptographic operations.
Aspects of the present disclosure involve a method and a system to perform the method to obtain a cryptographic output of a plurality of rounds of a cipher, by performing a plurality of modified rounds of the cipher, each of the modified rounds computing an unmasking transform, an operation of a respective round of the cipher, and a masking transform, the unmasking transform being an inverse of the masking transform of a previous round of the cipher.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
A first device transmits a first message to a second device as part of a challenge-response protocol in order to authenticate the second device. A power limited power supply coupled to the second device limits power consumption by the second device during the second device's challenge-response protocol calculations. The first device measures a response time of the second device during the challenge-response protocol. The authentication of the second device is based on the response time of the second device while it has limited power consumption.
A request associated with one or more privileges assigned to a first entity may be received. Each of the one or more privileges may correspond to an operation of an integrated circuit. Information corresponding to the first entity and stored in a memory that is associated with the integrated circuit may be identified. Furthermore, the memory may be programmed to modify the information stored in the memory that is associated with the integrated circuit in response to the request associated with the one or more privileges assigned to the first entity.
G06F 3/06 - Digital input from, or digital output to, record carriers
G06F 21/71 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
G06F 21/76 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
G11C 17/16 - Read-only memories programmable only onceSemi-permanent stores, e.g. manually-replaceable information cards in which contents are determined by selectively establishing, breaking or modifying connecting links by permanently altering the state of coupling elements, e.g. PROM using electrically-fusible links
G11C 17/18 - Auxiliary circuits, e.g. for writing into memory
57.
SIGN-EFFICIENT ADDITION AND SUBTRACTION FOR STREAMINGCOMPUTATIONS IN CRYPTOGRAPHIC ENGINES
Aspects of the present disclosure involve techniques and cryptographic processors configured to perform the techniques that include sign-efficient addition and subtraction operations that use Montgomery reduction and are capable of facilitating fast streaming operations. The techniques involve receiving a first number and a second number, where the first number and second number are within a target interval, and performing a modular operation to obtain a third number, the third number being within the same target interval and representing a sum or a difference of a rescaled first number and a rescaled second number, and wherein the modular operation includes a Montgomery reduction.
Aspects of the present disclosure involve a cryptographic processor that includes four or more multiplication circuits, two or more addition circuits, and two or more memory circuits. The cryptographic engine is configured to perform a variety of operations, including modular multiplication, modular inversion, matrix multiplication, Montgomery multiplication, computations of Jacobi symbols, and the like. The cryptographic engine support streaming computations where at least some of the multiplication circuits operate on multipliers and/or multiplicands that are also used during other cycles of computations.
G06F 7/53 - Multiplying only in parallel-parallel fashion, i.e. both operands being entered in parallel
G06F 7/505 - AddingSubtracting in bit-parallel fashion, i.e. having a different digit-handling circuit for each denomination
G06F 7/72 - Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radixComputing devices using combinations of denominational and non-denominational quantity representations using residue arithmetic
H04L 9/14 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms
59.
MULTI-LANE CRYPTOGRAPHIC ENGINES WITH SYSTOLIC ARCHITECTURE AND OPERATIONS THEREOF
Aspects of the present disclosure involve a cryptographic processor that includes a systolic array having a plurality of processing lanes (PLs), each PL including a systolic subarray of two or more processing elements (PEs), each PE being configured to multiply two numbers to obtain and store a multiplication product. The cryptographic processor is configured to efficiently perform a variety of operations, including multiplication of large numbers, modular reduction, Montgomery reduction, and the like.
G06F 15/80 - Architectures of general purpose stored program computers comprising an array of processing units with common control, e.g. single instruction multiple data processors
G06F 7/53 - Multiplying only in parallel-parallel fashion, i.e. both operands being entered in parallel
G06F 9/44 - Arrangements for executing specific programs
60.
SHARE DOMAIN ARRANGEMENTS FOR MASKED HARDWARE IMPLEMENTATIONS
Hardware masking may be used as a countermeasure to make power analysis attacks more difficult. Masking attempts to decouple the secret and/or processed values of a cryptographic algorithm from its intermediate values. One method of masking probabilistically splits each bit of a computation into multiple shares. Mask-share domains (i.e., the wires and gates that perform a computation on a share) are physically spaced to reduce coupling between mask-share domains. The mask-share domains may be connected to the same power supply network. The physical distance between mask-share domains along the power-supply network may be selected to reduce coupling between mask-share domains that may occur via the power supply network. The mask-share domains may each be connected to different on-chip power supply networks.
G06F 21/75 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation, e.g. to counteract reverse engineering
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
61.
Masked gate logic for resistance to power analysis
A method of and system for gate-level masking of secret data during a cryptographic process is described. A mask share is determined, wherein a first portion of the mask share includes a first number of zero-values and a second number of one-values, and a second portion of the mask share includes the first number of one-values and the second number of zero-values. Masked data values and the first portion of the mask share are input into a first portion of masked gate logic, and the masked data values and the second portion of the mask share are input into a second portion of the masked gate logic. A first output from the first portion of the masked gate logic and a second output from the second portion of the masked gate logic are identified, wherein either the first output or the second output is a zero-value.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
G06F 21/71 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
G06F 21/75 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation, e.g. to counteract reverse engineering
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
62.
PROTECTING CRYPTOGRAPHIC KEYS STORED IN NON-VOLATILE MEMORY
Systems and methods for protecting cryptographic keys stored in a non-volatile memory. An example method may comprise: storing a device root key in a non-volatile memory; storing a volatile key in a volatile memory; storing a masked cryptographic key in the non-volatile memory, wherein the masked cryptographic key is produced by combining a cryptographic key and the device root key; storing a masked device root key in the non-volatile memory, wherein the masked root key is produced by combining the device root key and the volatile key; and erasing the device root key from the non-volatile memory.
G06F 12/14 - Protection against unauthorised use of memory
G06F 21/79 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
Described are implementations directed to protecting secret data against adversarial attacks by obfuscating the secret data during storage and communication. Obfuscation techniques include, among other things, splitting secret data into a plurality of portions, performing rotation of secret data, splitting secret data into a plurality of shares, modifying shares of secret data in view of the values of the shares, and various other protection mechanisms.
A container corresponding to executable code may be received. In response to receiving the container, a container manager resident in a memory of a computation environment may be executed to verify the container. The container manager may be verified by a boot loader of the computation environment. Permissions of the container to access the resources of a computation environment may be determined after the verification of the container by the container manager. Access to one or more resources of the computation environment may be provided by transferring control to the one or more resources from the container manager to the container based on the permissions of the container for the resources of the computation environment.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 21/51 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
65.
Anti-tamper shield based on strings of series resistors
A resistor mesh with distributed sensing points is provided in a security chip as an anti-tamper shield. An analog multiplexing circuit is configured to receive a pair of digital selection values created by an algorithm processing circuit, and produce a respective differential voltage formed by a pair of voltages obtained at a pair of selected sensing points within the resistor mesh corresponding to the pair of digital selection values. Each differential voltage is converted into a corresponding digital output value. An algorithm processing circuit is configured to receive a respective digital output value associated with each pair of digital selection values and derive a binary value based on a subset of the digital output values, wherein the binary value is unique to the security chip.
The embodiments described herein describe technologies for Module management, including Module creation and Module deployment to a target device in an operation phase of a manufacturing lifecycle of the target device in a cryptographic manager (CM) environment. One implementation includes a Root Authority (RA) device that receives a first command to create a Module and executes a Module Template to generate the Module in response to the first command. The RA device receives a second command to create a deployment authorization message. The Module and the deployment authorization message are deployed to an Appliance device. A set of instructions of the Module, when permitted by the deployment authorization message and executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision a data asset to the target device.
G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
G06F 21/73 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
G06F 21/33 - User authentication using certificates
H04W 12/30 - Security of mobile devicesSecurity of mobile applications
H04W 12/0431 - Key distribution or pre-distributionKey agreement
H04L 67/60 - Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
A pattern detector circuit is provided in a security chip, wherein the pattern detector circuit monitors accesses of a plurality of configuration registers, each of the plurality of configuration registers having a corresponding address. In response to receiving from a host a predefined sequence of accesses of the plurality of configuration registers for one or more operations to the plurality of configuration registers, a processor in the pattern detector circuit determines a value indicative of a current version of a netlist for the security chip. The determined value is made available to be obtained by a read operation by the host at a specific configuration register address.
G06F 21/40 - User authentication by quorum, i.e. whereby two or more security principals are required
G06F 21/76 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
68.
ANTI-COUNTERFEITING APPLICATIONS FOR ADVANCED MEMORIES
A block of data is provided from a verifier module to an authenticator module, the size of the block being correlated with one or more desired characteristics of the authenticator module. The verifier module receives a response from the authenticator module, the response comprising data result derived from a calculation involving the challenge value and the block of data. The verifier module verifies whether the response is indicative of the one or more desired characteristics of the authenticator module.
Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.
Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.
Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.
An input data may be received. A portion of a cryptographic operation may be performed with the received input data at a first function component. During the performance of the cryptographic operation at the first function component, a pre-charge operation may be performed at a second function component. Furthermore, the second function component may be used to perform another portion of the cryptographic operation with a result of the portion of the cryptographic operation performed at the first function component.
H04L 29/00 - Arrangements, apparatus, circuits or systems, not covered by a single one of groups
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
73.
Efficient side-channel-attack-resistant memory encryptor based on key update
Disclosed are memory encryption systems and methods that rotate encryption keys for robust resistance against side-channel-analysis (SCA)-based attacks on communication paths between an encryption engine within a trust boundary and an external memory component. A key data structure has a plurality of keys that are used to encrypt a plurality of memory blocks in the external memory. The memory blocks encrypted with the oldest key of the key data structure are identified. Encrypted data is read from the identified memory blocks. The encrypted data is decrypted from the identified memory blocks. The data is then re-encrypted using the selected key that is newer than the oldest key, and re-written to the identified memory blocks.
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
H04L 9/16 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
Aspects of the present disclosure involve a method and a system to support execution of the method to obtain a first N cryptographic key, receive a key diversification information comprising a first plurality of bits, obtain an expanded key diversification information (EKDI) comprising a second plurality of bits, wherein a number of bits in the second plurality of bits is greater than a number of bits in the first plurality of bits, and wherein a value of each bit of the second plurality of bits is deterministically obtained in view of values of the first plurality of bits, and apply, by the processing device, a key derivation function to the first cryptographic key and the EKDI to obtain a second cryptographic key.
Aspects of the present disclosure involve a method, a system and a computer readable memory to perform a cryptographic operation that includes identifying a first set of mutually coprime numbers, obtaining a second set of input numbers coprime with a corresponding one of the first set of mutually coprime numbers, obtaining an output number that is a weighted sum of the second set of input numbers, each of the second set of input numbers being taken with a weight comprising a product of all of the first set of mutually coprime numbers except the corresponding one of the first set of mutually coprime numbers, and performing the cryptographic operation using the output number.
Aspects of the present disclosure calculate masked data shares dynamically inside the CPU boundary, and use a plurality of memory channels to write the masked data shares to an external memory location and/or to read the data shares from that external memory location. Each dynamically generated mask value is uniquely associated with a corresponding memory channel during writing data to the external memory. The modified masked data is unmasked or remasked during a subsequent read operation.
A method for performing a security chip protocol comprises receiving, by processing hardware of a security chip, a message from a first device as part of performing the security chip protocol. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware determines a path through a key tree based at least in part on the message. The processing hardware derives a validator at least in part from the secret value using a sequence of entropy redistribution operations associated with the path through the key tree. The processing hardware exchanges the validator between the security chip and the first device as part of the security chip protocol in order to authenticate at least one of the security chip or the first device.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06F 21/55 - Detecting local intrusion or implementing counter-measures
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
G06F 12/14 - Protection against unauthorised use of memory
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/16 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
G06F 21/76 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
G06F 8/71 - Version control Configuration management
G06F 21/75 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation, e.g. to counteract reverse engineering
78.
SYSTEM AND METHOD TO GENERATE PRIME NUMBERS IN CRYPTOGRAPHIC APPLICATIONS
Aspects of the present disclosure involve a method, a system and a computer readable memory to generate and use prime numbers in cryptographic operations by determining one or more polynomial functions that have no roots modulo each of a predefined set of prime numbers, selecting one or more input numbers, generating a candidate number by applying one or more instances of the one or more polynomial functions to the one or more input numbers, determining that the candidate number is a prime number, and using the determined prime number to decrypt an input into the cryptographic operation.
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
G06F 7/72 - Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radixComputing devices using combinations of denominational and non-denominational quantity representations using residue arithmetic
79.
System and method to optimize decryption operations in cryptographic applications
Aspects of the present disclosure involve a method, a system and a computer readable memory to optimize performance of cryptographic operations by avoiding computations of inverse values during decryption of encrypted messages.
Aspects of the present disclosure involve a method and a system to support execution of the method to perform a cryptographic operation involving a first vector and a second vector, by projectively scaling the first vector, performing a first operation involving the scaled first vector and the second vector to obtain a third vector, generating a random number, storing the third vector in a first location, responsive to the random number having a first value, or in a second location, responsive to the random number having a second value, and performing a second operation involving a first input and a second input, wherein, based on the random number having the first value or the second value, the first input is the third vector stored in the first location or the second location and the second input is a fourth vector stored in the second location or the first location.
G06F 21/78 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
81.
Efficient squaring with loop equalization in arithmetic logic units
H04L 29/06 - Communication control; Communication processing characterised by a protocol
G06F 7/57 - Arithmetic logic units [ALU], i.e. arrangements or devices for performing two or more of the operations covered by groups or for performing logical operations
G06F 7/72 - Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radixComputing devices using combinations of denominational and non-denominational quantity representations using residue arithmetic
G09C 1/00 - Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
82.
Maintaining secure session state with failover during endpoint provisioning
The embodiments described herein describe technologies to maintaining a secure session state with failover during endpoint provisioning. A cluster of hardware devices can be used for provisioning endpoint devices with secrecy, integrity, access controller, high availability, minimal transaction time, and interactive transactions with multiple requests and response within a session. The embodiments are directed to a first computing device being elected as a leader and sharing context information of a session with other computing devices as followers in the cluster such that a follower can resume the session if the leader fails.
G06F 11/20 - Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
G06F 21/71 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
Aspects of the present disclosure involve a method and a system to execute the method to perform a cryptographic operation involving a modulo N computation, the method comprising loading a first integer number and a second integer number, wherein the first integer number and the second integer number are within an interval of 2N integer numbers, and performing an arithmetic operation involving the first integer number and the second integer number, wherein the arithmetic operation is to produce a third integer number, and wherein the arithmetic operation comprises a shifting operation to ensure that the third integer number is inside the interval of 2N integer numbers.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06F 7/72 - Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radixComputing devices using combinations of denominational and non-denominational quantity representations using residue arithmetic
A first entity may provide a request to transmit data from the first entity to a second entity. The first entity may receive a session key from the second entity in response to the request where the session key is encrypted by a second key that is based on a combination of a public key and a location associated with the second entity. A location associated with the first entity may be identified. Furthermore, a first key may be generated based on a combination of the location associated with the first entity and a private key that corresponds to the public key. The first key may decrypt data encrypted by the second key when the location associated with the first entity corresponds to the location associated with the second entity.
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04W 12/02 - Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
H04W 4/40 - Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
H04W 4/46 - Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for vehicle-to-vehicle communication [V2V]
85.
Diversifying a base symmetric key based on a public key
A symmetric key that is stored at a device may be received. A public key from a remote entity may also be received at the device. Furthermore, a derived key may be generated based on a one way function between the symmetric key that is stored at the device and the public key that is received from the remote entity. The derived key may be encrypted with the public key and transmitted to the remote entity. The encryption of the derived key with the public key may provide secure transmission of the derived key to an authorized remote entity with a private key that may be used to decrypt the encrypted derived key.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
An indication of a key generation function may be received from a server. A random value may be received based on a volatile memory of a device. A cryptographic key may be generated based on the key generation function from the server and the random value that is based on the volatile memory of the device. The cryptographic key may be stored at a non-volatile memory of the device.
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
A first arithmetic input share and a second arithmetic input share of an initial arithmetically-masked cryptographic value are received. A sequence of operations using the arithmetic input shares and a randomly generated number is performed, where a current operation in the sequence of operations generates a corresponding intermediate value that is used in a subsequent operation. At the end of the sequence of operations, a first Boolean output share and a second Boolean output share are generated. The arithmetic-to-Boolean mask conversion is independent of the input bit length.
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
G06F 21/75 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation, e.g. to counteract reverse engineering
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
A first share value and a second share value may be received. A combination of the first share value and the second share value may correspond to an exponent value. The value of a first register is updated using a first equation that is based on the first and second share values and the value of a second register is updated using a second equation that is based on the second share value. One of the value of the first register or the value of the second register is selected based on a bit value of the second share value.
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
G06F 7/72 - Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radixComputing devices using combinations of denominational and non-denominational quantity representations using residue arithmetic
G06F 21/75 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation, e.g. to counteract reverse engineering
89.
PROTECTION OF TRANSFORMATIONS BY INTERMEDIATE RANDOMIZATION IN CRYPTOGRAPHIC OPERATIONS
Aspects of the present disclosure involve a method and a system to perform a cryptographic operation that involves a number theoretic transformation of a first vector to a second vector by obtaining components of the first vector, performing a plurality of iterations that each include determining a plurality of output values, wherein each of the plurality of output values is a linear combination of two or more input values, the input values into a first iteration being the components of the first vector and the output values of the last iteration being representative of components of the second vector, and wherein one or more of the output values of at least one iteration are randomized by multiplying at least one input value by a random number, and determining, based on the output values of the last of the plurality of iterations, the components of the second vector.
A container corresponding to executable code may be received. The container may be executed in a secure computation environment by performing one or more operations specified by the executable code of the container. An instruction to terminate the executing of the container may be received from a high level operating system (HLOS) that is external to the secure computation environment. A determination may be made as to whether the container is associated with a preemption privilege and the executing of the container may be terminated after receiving the instruction from the HLOS based on the determination of whether the container is associated with the preemption privilege.
G06F 21/45 - Structures or tools for the administration of authentication
G06F 21/52 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
A container corresponding to executable code may be received. In response receiving the container, an assertion value may be stored in an assertion register. A final canary value may be generated based on a cycles combining a prior canary value and a mix value. A determination may be made as to whether the final canary value matches with the assertion value stored in the assertion register. In response to determining that the final canary value matches with the assertion value, one or more privilege registers may be programmed to provide access to hardware resources for the container corresponding to the executable user code.
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
G06F 21/51 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
Described are technologies of all-digital camouflage circuits. The camouflage circuit can include a first chain of inverters, synthesized with a first standard cell with a first transistor threshold, and a second chain of inverters, synthesized with a second standard cell with a second transistor threshold that is different than the first transistor threshold. A first flip-flop receives a first output of the first chain as a data input and a second output of the second chain as a clock input. A second flip-flop receives the second output as a data input and the first output of the first chain as a clock input. Given the different transistor thresholds, one flip-flop always outputs an active signal that corresponds to an input signal applied to the first chain and the second chain. The other flip-flop always output a constant signal, such an always low signal.
G06F 30/327 - Logic synthesisBehaviour synthesis, e.g. mapping logic, HDL to netlist, high-level language to RTL or netlist
G06F 21/14 - Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
H03K 19/20 - Logic circuits, i.e. having at least two inputs acting on one outputInverting circuits characterised by logic function, e.g. AND, OR, NOR, NOT circuits
93.
Generating a device identification key from a base key for authentication with a network
A base key that is stored at a device may be received. A network identification may further be received. A device identification key may be generated based on a combination of the network identification and the base key. Furthermore, the device identification key may be used to authenticate the device with a network that corresponds to the network identification.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
Aspects of the present disclosure involve a method to perform a cryptographic operation using a plurality of iterations, each of the plurality of iterations comprising: loading a first number corresponding to a difference between a first component of a first input working point on an elliptic curve and a first component of a second input working point on the elliptic curve, loading a second number corresponding to a difference between the first component of the first input working point and a first component of a third input working point on the elliptic curve, and determining a third number corresponding to a difference between a first component of a first output working point on the elliptic curve and the first component of the second input working point, wherein determining the third number comprises squaring a product of the first number and a first function of the second number.
A prover chip uses a key multiplier value generated by a proof-of-work function from a challenge value, a random number, and elliptic curve cryptography (ECC) techniques to generate a one-time (or ephemeral) use private key. Similarly, a verifier chip uses the key multiplier value generated by an equivalent proof-of-work function, a public key received from the prover, and ECC techniques to derive a one-time use public key that corresponds to the ephemeral private key generated by the prover chip. The prover chip uses the ephemeral private key to sign the second challenge value and send this signed second challenge value to the verifier chip. The verifier verifies the value it receives using the one-time use public key and if the signature on the second challenge value is valid, authenticates the prover chip to a system.
A first address bus may be located in an upper layer of an integrated circuit that is associated with a memory and a memory controller. The first address bus may receive a first portion of a memory address. A second address bus may be located in a lower layer of the integrated circuit where the second address bus is to receive a second portion of the memory address. Furthermore, a data bus may be located in an intermediate layer where the data bus is to receive data corresponding to the memory address from the memory and may transmit the data to the memory controller. The intermediate layer may be between the upper layer and the lower layer. A layout of the signals of the data bus may vertically overlap with a layout of signals of the first address bus and a layout of signals of the second address bus.
G06F 21/85 - Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
G06F 7/58 - Random or pseudo-random number generators
G06F 11/10 - Adding special bits or symbols to the coded information, e.g. parity check, casting out nines or elevens
G06F 21/45 - Structures or tools for the administration of authentication
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
97.
Generating a target data based on a function associated with a physical variation of a device
A value corresponding to a physical variation of a device may be received. Furthermore, helper data associated with the physical variation of the device may be received. A result data may be generated based on a combination of the value corresponding to the physical variation of the device and the helper data. An error correction operation may be performed on the result data to identify one or more code words associated with the error correction operation. Subsequently, a target data may be generated based on the one or more code words.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
98.
Protecting parallel multiplication operations from external monitoring attacks
Systems and methods for protecting from external monitoring attacks cryptographic data processing operations involving universal polynomial hash functions computation. An example method may comprise: receiving an input data block and an iteration result value; performing a first field multiplication operation to produce a new iteration result value, by iteratively processing, starting from a first bit position, bits of a combination of the input data block and the iteration result value, wherein the first bit position is represented by one of: a least-significant bit and a most-significant bit; performing a second field multiplication operation to produce a new mask correction value, by iteratively processing operand bits starting from a second bit position, wherein the second bit position is represented by one of: a least-significant bit and a most-significant bit, and wherein the second bit position is different from the first bit position; applying the new mask correction value to the new iteration result value; and producing, based on the new iteration result value, a value of a cryptographic hash function to be utilized by at least one of: an authenticated encryption operation or an authenticated decryption operation.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06F 7/72 - Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radixComputing devices using combinations of denominational and non-denominational quantity representations using residue arithmetic
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
A first device transmits a first message to a second device as part of a challenge-response protocol in order to authenticate the second device. A power limited power supply coupled to the second device limits power consumption by the second device during the second device's challenge-response protocol calculations. The first device measures a response time of the second device during the challenge-response protocol. The authentication of the second device is based on the response time of the second device while it has limited power consumption.
Computing devices, methods, and systems for corrections to the "almost" binary extended GCD in a cryptographic operation of a cryptographic process are disclosed. Exemplary implementations may: receive, from a cryptographic process, a command to compute a binary extended greatest common denominator of a first input value and a second input value for a cryptographic operation; compute, by a binary extended GCD algorithm, the binary extended GCD using a multiplication with an inverse of two, instead of a division by two, to obtain a first output value; compute, by the binary extended GCD algorithm, a second output value and a third output value; and return, to the cryptographic process, the first output value, the second output value, and the third output value.
G06F 7/72 - Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radixComputing devices using combinations of denominational and non-denominational quantity representations using residue arithmetic
G06F 7/38 - Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation
