公开(公告)号：US09367693B2

公开(公告)日：2016-06-14

申请号：US14752677

申请日：2015-06-26

Applicant: Cryptography Research, Inc.

Inventor： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC: H04L9/32 ,  G06F21/57 ,  G06F21/60 ,  H04L9/00 ,  H04L9/08 ,  G06F12/14 ,  H04L9/06 ,  H04L9/16 ,  G06F9/445 ,  G06F21/76 ,  G06F9/44 ,  H04L29/06

CPC classification number: G06F21/575 ,  G06F8/71 ,  G06F9/44505 ,  G06F12/1408 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F21/76 ,  G06F2212/402 ,  G06F2221/034 ,  G06F2221/2107 ,  G06F2221/2125 ,  G06F2221/2145 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/0869 ,  H04L2209/24 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2463/061

Abstract: A bitstream for configuration of a programmable logic device is received, the bitstream comprising a data segment and authentication data associated with the data segment. The programmable logic device computes a hash of the data segment. The programmable logic device compares the computed hash of the data segment with the authentication data. Configuration of the programmable logic device halts responsive to a determination that the computed hash of the data segment does not match the authentication data. Configuration of the programmable logic device using the data segment continues responsive to a determination that the computed hash of the data segment matches the authentication data.

Abstract translation: 接收用于配置可编程逻辑设备的比特流，所述比特流包括与所述数据段相关联的数据段和认证数据。 可编程逻辑器件计算数据段的散列。 可编程逻辑设备将计算出的数据段的散列与认证数据进行比较。 可编程逻辑设备的配置响应于所计算的数据段的散列与认证数据不匹配的确定停止。 使用数据段的可编程逻辑设备的配置继续响应于所计算的数据段的散列与认证数据匹配的确定。

公开(公告)号：US20140281573A1

公开(公告)日：2014-09-18

申请号：US13835402

申请日：2013-03-15

Applicant: Cryptography Research, Inc.

Inventor： Joshua M. Jaffe

IPC: G06F21/72

CPC classification number: G06F21/72 ,  G06F7/723 ,  G06F2207/7238 ,  G06F2207/7257 ,  H04L9/003 ,  H04L2209/046

Abstract: Methods and systems for masking certain cryptographic operations in a manner designed to defeat side-channel attacks are disclosed herein. Squaring operations can be masked to make squaring operations indistinguishable or less distinguishable from multiplication operations. In general, squaring operations are converted into multiplication operations by masking them asymmetrically. Additional methods and systems are disclosed for defeating DPA, cross-correlation, and high-order DPA attacks against modular exponentiation.

Abstract translation: 本文公开了以旨在打败侧信道攻击的方式掩蔽某些加密操作的方法和系统。 平方运算可以被掩蔽，使得平方运算与乘法运算不可区分或较不区别。 一般来说，平方运算通过不对称地将它们进行掩蔽来转换成乘法运算。 公开了额外的方法和系统，用于消除针对模数乘方的DPA，互相关和高阶DPA攻击。

公开(公告)号：US11797683B2

公开(公告)日：2023-10-24

申请号：US17382333

申请日：2021-07-21

Applicant: Cryptography Research, Inc.

Inventor： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC: G06F21/57 ,  G06F21/60 ,  H04L9/08 ,  H04L9/32 ,  G06F21/55 ,  H04L9/00 ,  G06F12/14 ,  H04L9/06 ,  H04L9/16 ,  G06F9/445 ,  G06F21/76 ,  G06F8/71 ,  H04L9/40 ,  G06F21/75

CPC classification number: G06F21/575 ,  G06F8/71 ,  G06F9/44505 ,  G06F12/1408 ,  G06F21/556 ,  G06F21/602 ,  G06F21/76 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/085 ,  H04L9/088 ,  H04L9/0861 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3247 ,  H04L9/3271 ,  G06F21/755 ,  G06F2212/402 ,  G06F2221/034 ,  G06F2221/2107 ,  G06F2221/2125 ,  G06F2221/2145 ,  H04L9/50 ,  H04L63/0428 ,  H04L63/0869 ,  H04L2209/24 ,  H04L2209/56 ,  H04L2463/061

Abstract: A method for performing a security chip protocol comprises receiving, by processing hardware of a security chip, a message from a first device as part of performing the security chip protocol. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware determines a path through a key tree based at least in part on the message. The processing hardware derives a validator at least in part from the secret value using a sequence of entropy redistribution operations associated with the path through the key tree. The processing hardware exchanges the validator between the security chip and the first device as part of the security chip protocol in order to authenticate at least one of the security chip or the first device.

公开(公告)号：US10423807B2

公开(公告)日：2019-09-24

申请号：US15935279

申请日：2018-03-26

Applicant: Cryptography Research, Inc.

Inventor： Joshua M. Jaffe

IPC: G06F11/30 ,  G06F21/72 ,  G06F7/72 ,  H04L9/00

Abstract: Methods and systems for masking certain cryptographic operations in a manner designed to defeat side-channel attacks are disclosed herein. Squaring operations can be masked to make squaring operations indistinguishable or less distinguishable from multiplication operations. In general, squaring operations are converted into multiplication operations by masking them asymmetrically. Additional methods and systems are disclosed for defeating DPA, cross-correlation, and high-order DPA attacks against modular exponentiation.

公开(公告)号：US10262141B2

公开(公告)日：2019-04-16

申请号：US15395809

申请日：2016-12-30

Applicant: Cryptography Research, Inc.

Inventor： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC: G06F8/71 ,  H04L9/00 ,  H04L9/06 ,  H04L9/08 ,  H04L9/16 ,  H04L9/32 ,  G06F12/14 ,  G06F21/55 ,  G06F21/57 ,  G06F21/60 ,  G06F21/75 ,  G06F21/76 ,  G06F9/445 ,  H04L29/06

Abstract: A computing device includes a secure storage hardware to store a secret value and processing hardware comprising at least one of a cache or a memory. During a secure boot process the processing hardware loads untrusted data into at least one of the cache or the memory of the processing hardware, the untrusted data comprising an encrypted data segment and a validator, retrieves the secret value from the secure storage hardware, derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, verifies, using the validator, whether the encrypted data segment has been modified, and decrypts the encrypted data segment using a first decryption key derived from the initial key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.

公开(公告)号：US09940463B2

公开(公告)日：2018-04-10

申请号：US15691601

申请日：2017-08-30

Applicant: Cryptography Research, Inc.

Inventor： Paul Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC: H04L9/32 ,  G06F21/57 ,  G06F9/445 ,  H04L9/16 ,  H04L9/08 ,  G06F12/14 ,  H04L9/00 ,  G06F21/60 ,  G06F21/76 ,  H04L9/06 ,  G06F9/44 ,  H04L29/06 ,  G06F21/75

CPC classification number: G06F21/575 ,  G06F8/71 ,  G06F9/44505 ,  G06F12/1408 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F21/76 ,  G06F2212/402 ,  G06F2221/034 ,  G06F2221/2107 ,  G06F2221/2125 ,  G06F2221/2145 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/0869 ,  H04L2209/24 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2463/061

Abstract: A method for device authentication comprises receiving, by processing hardware of a first device, a message from a second device to authenticate the first device. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware derives a validator from the secret value using a path through a key tree, wherein the path is based on the message, wherein deriving the validator using the path through the key tree comprises computing a plurality of successive intermediate keys starting with a value based on the secret value and leading to the validator, wherein each successive intermediate key is derived based on at least a portion of the message and a prior key. The first device then sends the validator to the second device.

公开(公告)号：US09569623B2

公开(公告)日：2017-02-14

申请号：US14617437

申请日：2015-02-09

Applicant: Cryptography Research, Inc.

Inventor： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC: H04L9/00 ,  G06F21/57 ,  G06F21/60 ,  H04L9/08 ,  H04L9/32 ,  G06F12/14 ,  H04L9/06 ,  H04L9/16 ,  G06F9/445 ,  G06F21/76 ,  G06F9/44 ,  G06F21/55 ,  H04L29/06

CPC classification number: G06F21/575 ,  G06F8/71 ,  G06F9/44505 ,  G06F12/1408 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F21/76 ,  G06F2212/402 ,  G06F2221/034 ,  G06F2221/2107 ,  G06F2221/2125 ,  G06F2221/2145 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/0869 ,  H04L2209/24 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2463/061

Abstract: A computing device includes a secure storage hardware to store a secret value and processing hardware comprising at least one of a cache or a memory. During a secure boot process the processing hardware loads untrusted data into at least one of the cache or the memory of the processing hardware, the untrusted data comprising an encrypted data segment and a validator, retrieves the secret value from the secure storage hardware, derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, verifies, using the validator, whether the encrypted data segment has been modified, and decrypts the encrypted data segment using a first decryption key derived from the initial key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.

Abstract translation: 计算设备包括用于存储秘密值的安全存储硬件和包括高速缓存或存储器中的至少一个的处理硬件。 在安全引导过程期间，处理硬件将不可信数据加载到处理硬件的高速缓存或存储器中的至少一个中，不可信数据包括加密数据段和验证器，从安全存储硬件检索秘密值， 至少部分地基于与加密数据段和秘密值相关联的标识符的初始密钥，使用验证器来验证加密数据段是否已经被修改，并且使用从第一解密密钥导出的第一解密密钥来解密加密数据段 响应于验证加密的数据段未被修改来产生解密的数据段的初始密钥。

公开(公告)号：US08977864B2

公开(公告)日：2015-03-10

申请号：US14201539

申请日：2014-03-07

Applicant: Cryptography Research, Inc.

Inventor： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC: H04L9/32 ,  H04L9/00 ,  H04L9/08 ,  G06F21/60 ,  G06F12/14 ,  H04L29/06

CPC classification number: G06F21/575 ,  G06F8/71 ,  G06F9/44505 ,  G06F12/1408 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F21/76 ,  G06F2212/402 ,  G06F2221/034 ,  G06F2221/2107 ,  G06F2221/2125 ,  G06F2221/2145 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/0869 ,  H04L2209/24 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2463/061

Abstract: Techniques usable by devices to encrypt and decrypt sensitive data to in a manner that provides security from external monitoring attacks. The encrypting device has access to a base secret cryptographic value (key) that is also known to the decrypting device. The sensitive data are decomposed into segments, and each segment is encrypted with a separate encryption key derived from the base key and a message identifier to create a set of encrypted segments. The encrypting device uses the base secret cryptographic value to create validators that prove that the encrypted segments for this message identifier were created by a device with access to the base key. The decrypting device, upon receiving an encrypted segments and validator(s), uses the validator to verify the message identifier and that the encrypted segment are unmodified, then uses a cryptographic key derived from the base key and message identifier to decrypt the segments.

Abstract translation: 技术可以由设备加密和解密敏感数据，以提供安全性从外部监视攻击。 加密设备可以访问解密设备也是已知的基本密钥加密值（密钥）。 敏感数据被分解为段，并且每个段用来自基本密钥的单独的加密密钥和消息标识符加密，以创建一组加密的段。 加密设备使用基本秘密加密值来创建验证器，证明该消息标识符的加密段由具有访问基本密钥的设备创建。 解密装置在接收到加密的段和验证器时，使用验证器来验证消息标识符，并且加密段未被修改，然后使用从基本密钥和消息标识符导出的加密密钥来解密段。

公开(公告)号：US20170177874A1

公开(公告)日：2017-06-22

申请号：US15395809

申请日：2016-12-30

Applicant: Cryptography Research, Inc.

Inventor： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC: G06F21/57 ,  H04L9/00 ,  H04L9/06 ,  G06F21/60

CPC classification number: G06F21/575 ,  G06F8/71 ,  G06F9/44505 ,  G06F12/1408 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F21/76 ,  G06F2212/402 ,  G06F2221/034 ,  G06F2221/2107 ,  G06F2221/2125 ,  G06F2221/2145 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/0869 ,  H04L2209/24 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2463/061

Abstract: A computing device includes a secure storage hardware to store a secret value and processing hardware comprising at least one of a cache or a memory. During a secure boot process the processing hardware loads untrusted data into at least one of the cache or the memory of the processing hardware, the untrusted data comprising an encrypted data segment and a validator, retrieves the secret value from the secure storage hardware, derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, verifies, using the validator, whether the encrypted data segment has been modified, and decrypts the encrypted data segment using a first decryption key derived from the initial key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.

公开(公告)号：US09419790B2

公开(公告)日：2016-08-16

申请号：US14530905

申请日：2014-11-03

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

IPC: H04L9/00 ,  G06F1/32 ,  G06F7/00 ,  G06F21/55 ,  G06F21/75 ,  G06F21/77 ,  G06K19/073 ,  G06Q20/34 ,  G07F7/08 ,  G07F7/10 ,  G06F1/06 ,  G09C1/00

CPC classification number: H04L9/0618 ,  G06F1/06 ,  G06F1/266 ,  G06F1/3225 ,  G06F7/00 ,  G06F21/75 ,  G06F21/755 ,  G06F21/77 ,  G06F2207/7223 ,  G06F2207/7266 ,  G06K19/073 ,  G06K19/07363 ,  G06Q20/341 ,  G06Q20/382 ,  G06Q20/409 ,  G07F7/08 ,  G07F7/082 ,  G07F7/1008 ,  G09C1/00 ,  H04L9/003 ,  H04L2209/04 ,  H04L2209/08 ,  H04L2209/56 ,  H04L2209/805

Abstract: Information leaked from smart cards and other tamper resistant cryptographic devices can be statistically analyzed to determine keys or other secret data. A data collection and analysis system is configured with an analog-to-digital converter connected to measure the device's consumption of electrical power, or some other property of the target device, that varies during the device's processing. As the target device performs cryptographic operations, data from the A/D converter are recorded for each cryptographic operation. The stored data are then processed using statistical analysis, yielding the entire key, or partial information about the key that can be used to accelerate a brute force search or other attack.

Abstract translation: 从智能卡和其他防篡改加密设备泄露的信息可以进行统计分析，以确定密钥或其他秘密数据。 数据采集​​和分析系统配置有连接的模拟 - 数字转换器，用于测量设备在设备处理期间变化的设备的电力消耗或目标设备的某些其他属性。 当目标设备执行加密操作时，对于每个密码操作记录来自A / D转换器的数据。 然后使用统计分析处理存储的数据，产生整个密钥，或者可以用于加速强力搜索或其他攻击的密钥的部分信息。