公开(公告)号：US11570186B2

公开(公告)日：2023-01-31

申请号：US16712479

申请日：2019-12-12

Applicant: Intel Corporation

Inventor： Marcio Juliato ,  Manoj Sastry ,  Michael Kara-Ivanov ,  Aviad Kipnis ,  Shabbir Ahmed ,  Christopher Gutierrez ,  Vuk Lesi

IPC: H04L9/40 ,  H04L12/40 ,  H04L47/31

Abstract: Techniques and screening messages based on tags in an automotive environment, such as, messages communicated via a communication bus, like the CAN bus. Messages can be tagged with either a binary or probabilistic tag indicating whether the message is fraudulent. ECUs coupled to the CAN bus can receive the messages and the message tags and can determine whether to fully consume the message based on the tag.

公开(公告)号：US20220350888A1

公开(公告)日：2022-11-03

申请号：US17867780

申请日：2022-07-19

Applicant: INTEL CORPORATION

Inventor： Christopher N. Gutierrez ,  Marcio Juliato ,  Shabbir Ahmed ,  Qian Wang ,  Manoj Sastry ,  Liuyang L. Yang ,  Xiruo Liu

IPC: G06F21/56

Abstract: Logic may implement observation layer intrusion detection systems (IDSs) to combine observations by intrusion detectors and/or other intrusion detection systems. Logic may monitor one or more control units at one or more observation layers of an in-vehicle network, each of the one or more control units to perform a vehicle function. Logic may combine observations of the one or more control units at the one or more observation layers. Logic may determine, based on a combination of the observations, that one or more of the observations represent an intrusion. Logic may determine, based at least on the observations, characteristics of an attack, and to pass the characteristics of the attack information to a forensic logging system to log the attack or pass the characteristics of the attack to a recovery system for informed selection of recovery procedures. Logic may dynamically adjust a threshold for detection of suspicious activity.

公开(公告)号：US11463262B2

公开(公告)日：2022-10-04

申请号：US16720956

申请日：2019-12-19

Applicant: Intel Corporation

Inventor： Marcio Juliato ,  Shabbir Ahmed ,  Christopher Gutierrez ,  Xiruo Liu ,  Manoj Sastry ,  Liuyang Yang

IPC: H04L9/32 ,  H04L12/40

Abstract: Various embodiments are generally directed to providing authentication and confidentiality mechanisms for message communication over an in-vehicle network. For example, authentication data associated with a communicating node may be transmitted over the network by encoding different predefined voltage levels on top of the message bits of the message being communicated. Different voltage levels may represent different encodings, such as a bit-pair or any bit combination of the authentication data. In a further example, messaging confidentiality between at least two communicating nodes may be achieved by pseudo-randomly flipping, or scrambling, the dominant and recessive voltages of the entire message frame at the analog level based on a pseudo-random control bit sequence.

公开(公告)号：US20220224701A1

公开(公告)日：2022-07-14

申请号：US17706955

申请日：2022-03-29

Applicant: Intel Corporation

Inventor： Christopher Gutierrez ,  Vuk Lesi ,  Manoj Sastry ,  Christopher Hall ,  Marcio Juliato ,  Shabbir Ahmed ,  Qian Wang

IPC: H04L9/40 ,  H04J3/06

Abstract: Techniques to secure a time sensitive network are described. An apparatus may establish a data stream between a first device and a second device in a network domain, the network domain includes a plurality of switching nodes, receive messages from the first device by the second device in the network domain, the messages to comprise time information to synchronize a first clock for the first device and a second clock for the second device to a network time for the network domain, update a correction field for a received message with a residence time and time delay value by the second device, determine whether the updated message is benign or malicious, update the correction field for the updated message with an inference time when the updated message is benign, and prevent relay of the updated message to other devices in the network domain when the updated message is malicious.

公开(公告)号：US11303429B2

公开(公告)日：2022-04-12

申请号：US16455950

申请日：2019-06-28

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Vikram Suresh ,  Sanu Mathew ,  Manoj Sastry ,  Andrew H. Reinders ,  Raghavan Kumar ,  Rafael Misoczki

IPC: H04L9/06 ,  G06F7/503 ,  G06F9/30 ,  H04L9/32

Abstract: In one example an apparatus comprises a computer readable memory, an XMSS operations logic to manage XMSS functions, a chain function controller to manage chain function algorithms, a secure hash algorithm-2 (SHA2) accelerator, a secure hash algorithm-3 (SHA3) accelerator, and a register bank shared between the SHA2 accelerator and the SHA3 accelerator. Other examples may be described.

公开(公告)号：US20220108039A1

公开(公告)日：2022-04-07

申请号：US17551961

申请日：2021-12-15

Applicant: Intel Corporation

Inventor： Vikram Suresh ,  Sanu Mathew ,  Rafael Misoczki ,  Santosh Ghosh ,  Raghavan Kumar ,  Manoj Sastry ,  Andrew H. Reinders

IPC: G06F21/72 ,  G06F21/76 ,  H04L9/32 ,  H04L9/08

Abstract: Embodiments are directed to post quantum public key signature operation for reconfigurable circuit devices. An embodiment of an apparatus includes one or more processors; and a reconfigurable circuit device, the reconfigurable circuit device including a dedicated cryptographic hash hardware engine, and a reconfigurable fabric including logic elements (LEs), wherein the one or more processors are to configure the reconfigurable circuit device for public key signature operation, including mapping a state machine for public key generation and verification to the reconfigurable fabric, including mapping one or more cryptographic hash engines to the reconfigurable fabric, and combining the dedicated cryptographic hash hardware engine with the one or more mapped cryptographic hash engines for cryptographic signature generation and verification.

公开(公告)号：US20220094518A1

公开(公告)日：2022-03-24

申请号：US17025344

申请日：2020-09-18

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Andrew Reinders ,  Rafael Misoczki ,  Rosario Cammarota ,  Manoj Sastry

IPC: H04L9/00 ,  H04L9/30

Abstract: Embodiments are directed to low circuit depth homomorphic encryption evaluations. An embodiment of an apparatus includes a hardware accelerator to receive a ciphertext generated by homomorphic encryption (HE) for evaluation, determine two coefficients of the ciphertext for HE evaluation, input the two coefficients as a first operand and a second operand to a pipeline multiplier for low circuit depth HE evaluation, perform combinatorial multiplication between the first operand and portions of the second operand, accumulate results of the combinatorial multiplication at each stage of the pipeline multiplier, and perform reduction with Mersenne prime modulus on a resulting accumulated output of the combinatorial multipliers of the pipeline multiplier.

公开(公告)号：US20220083651A1

公开(公告)日：2022-03-17

申请号：US17024107

申请日：2020-09-17

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Avinash L. Varna ,  Reuven Elbaum ,  Manoj Sastry

IPC: G06F21/55

Abstract: Protection of authentication tag computation against power and electromagnetic side-channel attacks is described. An example of one or more storage mediums includes instructions for performing a process for calculation of an authentication tag for a data encryption operation, including generating one or more random values; receiving multiple data blocks for calculation, and performing calculation utilizing the received data blocks and the one or more random values to generate intermediate values; performing a data accumulation operation to accumulate random values in calculation of the data blocks; and calculating the authentication tag based at least in part on the generated intermediate values and the accumulated random values.

公开(公告)号：US20220078024A1

公开(公告)日：2022-03-10

申请号：US17014600

申请日：2020-09-08

Applicant: Intel Corporation

Inventor： RAFAEL MISOCZKI ,  Andrew H. Reinders ,  Santosh Ghosh ,  Manoj Sastry

IPC: H04L9/32 ,  H04L9/30 ,  H04L9/06 ,  H04L9/14 ,  H04L9/08 ,  G06N10/00

Abstract: An apparatus comprises a plurality of hardware security modules, at least a first hardware security module in the plurality of hardware security modules comprising processing circuitry to generate a first plurality of pairs of cryptographic key pairs comprising a first plurality of private keys and a first plurality of public keys, forward the first plurality of public keys to a remote computing device, receive, from the remote computing device, a first plurality of ciphertexts, wherein each ciphertext in the plurality of ciphertexts represents an encryption of a cryptographic seed with a public key selected from the plurality of public keys, receive, from a subset of hardware security modules in the plurality of hardware security modules, a subset of private keys.

公开(公告)号：US20220014540A1

公开(公告)日：2022-01-13

申请号：US17484197

申请日：2021-09-24

Applicant: Intel Corporation

Inventor： Marcio Juliato ,  Javier Perez-Ramirez ,  Vuk Lesi ,  Dave Cavalcanti ,  Manoj Sastry ,  Christopher Gutierrez ,  Qian Wang ,  Shabbir Ahmed

IPC: H04L29/06

Abstract: Systems, apparatuses and methods may provide for technology that detects one or more non-compliant nodes with respect to a timing schedule, detects one or more compliant nodes with respect to the timing schedule, and identifies a malicious node based on positions of the one or more non-compliant nodes and the one or more compliant nodes in a network topography. The non-compliant node(s) and the compliant node(s) may be detected based on post-synchronization messages, historical attribute data and/or plane diversity data.