公开(公告)号：US20170346633A1

公开(公告)日：2017-11-30

申请号：US15166925

申请日：2016-05-27

Applicant: NXP B.V.

Inventor： Joppe Willem Bos ,  Artur Tadeusz Burchard ,  Jan Hoogerbrugge ,  Wilhelmus Petrus Adrianus Johannus Michiels

IPC: H04L9/30 ,  G06F7/72

CPC classification number: H04L9/3066 ,  G06F7/725 ,  G06F12/1433 ,  G06F2207/7242 ,  G06F2207/7252 ,  H04L9/002 ,  H04L2209/16 ,  H04L2209/46

Abstract: A system for securely computing an elliptic curve scalar multiplication in an unsecured environment, including: a secure processor including secure memory, the secure processor configured to: split a secure scalar K into m2 random values ki, where i is an integer index; randomly select m1−m2 values ki for the indices m2

公开(公告)号：US20160328542A1

公开(公告)日：2016-11-10

申请号：US14815474

申请日：2015-07-31

Applicant: NXP B.V.

Inventor： Jan Hoogerbrugge ,  Wil Michiels ,  Pim Vullers

IPC: G06F21/14 ,  H04L9/30 ,  G06F21/60

CPC classification number: G06F21/14 ,  G06F21/50 ,  G06F21/602 ,  G06F2221/0748 ,  H04L9/3066

Abstract: A method of obscuring software code implementing an elliptic curve cryptography (ECC) point multiplication function, including: receiving ECC parameters including a multiplier d having N bits; transforming multiplier d into an array d(i) with −1, 0, and +1 values while maintaining the same value for d; and generating ECC point multiplication function operations using the transformed multiplier array d(i) and N, wherein the generated ECC point multiplication function operations are split variable operations.

Abstract translation: 一种模糊实施椭圆曲线密码术（ECC）点乘法函数的软件代码的方法，包括：接收包括具有N位的乘法器d的ECC参数; 将乘数d变换为具有-1,0和+1值的数组d（i），同时保持d相同的值; 以及使用变换乘法器阵列d（i）和N生成ECC点乘法函数运算，其中所生成的ECC点乘法函数运算是分割可变运算。

公开(公告)号：US20160180066A1

公开(公告)日：2016-06-23

申请号：US14575972

申请日：2014-12-18

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: G06F21/14 ,  H04L9/06 ,  H04L9/00

CPC classification number: G06F21/14 ,  G06F2221/0748 ,  H04L9/002 ,  H04L9/06 ,  H04L9/0631 ,  H04L2209/16

Abstract: A method of performing a keyed cryptographic operation by a cryptographic system mapping an encoded input message to an output message, including: receiving an encoding selection parameter p; receiving the encoded input message, wherein the encoding on the input message corresponds to the encoding selection parameter p; decoding the input message using an inverse of a default input encoding; computing a first portion of the cryptographic operation on the decoded input message to produce a first portion output; and compensating the first portion output based upon the encoding selection parameter p.

Abstract translation: 一种通过将编码的输入消息映射到输出消息的加密系统执行密钥加密操作的方法，包括：接收编码选择参数p; 接收所述编码输入消息，其中所述输入消息上的编码对应于所述编码选择参数p; 使用默认输入编码的倒数对输入消息进行解码; 计算解码输入消息上的密码操作的第一部分以产生第一部分输出; 以及基于编码选择参数p补偿第一部分输出。

公开(公告)号：US09329622B2

公开(公告)日：2016-05-03

申请号：US14244757

申请日：2014-04-03

Applicant: NXP B.V.

Inventor： Hamed Fatemi ,  Rinze Ida Mechtildis Peter Meijer ,  Ghiath Al-Kadi ,  Surendra Guntur ,  Jan Hoogerbrugge

IPC: G06F1/00 ,  G06F1/04 ,  G06F1/06 ,  G06F1/08 ,  G06F9/38

CPC classification number: G06F1/06 ,  G06F1/04 ,  G06F1/08 ,  G06F9/38 ,  G06F9/3869 ,  G06F11/00

Abstract: This invention provides a clock control circuit, which can be added to any pipeline-processor to solve timing problems arising from variations due to process outcome and environmental conditions. Critical instructions are detected (instructions that exercise critical paths) in conjunction with environmental sensing (such as process, temperature and voltage). This information is used to control cycle stealing.

Abstract translation: 本发明提供一种时钟控制电路，其可以被添加到任何流水线处理器以解决由于过程结果和环境条件引起的变化引起的定时问题。 检测到关键指令（执行关键路径的指令）与环境感测（如过程，温度和电压）相结合。 此信息用于控制周期窃取。

公开(公告)号：US20150372989A1

公开(公告)日：2015-12-24

申请号：US14313402

申请日：2014-06-24

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  H04L9/002 ,  H04L9/0631 ,  H04L63/083 ,  H04L2209/043 ,  H04L2209/16

Abstract: A method of performing a cryptographic operation using a cryptographic implementation in a cryptographic system, including: receiving, by the cryptographic system, an identifying string value; receiving, by the cryptographic system, an input message; performing, by the cryptographic system, a keyed cryptographic operation mapping the input message into an output message wherein the output message is the correct result when the indentifying string value is one of a set of binding string values, wherein the set includes a plurality of binding string values.

Abstract translation: 一种使用加密系统中的密码实现进行加密操作的方法，包括：密码系统接收识别字符串值; 通过加密系统接收输入消息; 通过加密系统执行将输入消息映射到输出消息中的密钥加密操作，其中当识别字符串值是一组绑定字符串值中时，输出消息是正确的结果，其中该集合包括多个绑定 字符串值。

公开(公告)号：US20230418478A1

公开(公告)日：2023-12-28

申请号：US17848346

申请日：2022-06-23

Applicant: NXP B.V.

Inventor： Wilhelmus Petrus Adrianus Johannus Michiels ,  Jan Hoogerbrugge ,  Paul Kimelman

IPC: G06F3/06

CPC classification number: G06F3/0623 ,  G06F3/0622 ,  G06F3/0656 ,  G06F3/0659 ,  G06F3/0631 ,  G06F3/0673

Abstract: Tweakable block cipher encryption is described using a buffer identifier and a memory address. A method includes receiving a data block from a buffer, the buffer having a buffer identifier, combining a memory address and the buffer identifier to generate a tweak, encrypting the data block using the tweak in a tweakable block cipher, and storing the encrypted data block in in a memory at a location corresponding to the memory address

公开(公告)号：US11720384B2

公开(公告)日：2023-08-08

申请号：US16893628

申请日：2020-06-05

Applicant: NXP B.V.

Inventor： Jan Hoogerbrugge

IPC: G06F12/00 ,  G06F9/455 ,  G06F12/02 ,  G06F12/1018 ,  G06F12/0882 ,  G06F12/14

CPC classification number: G06F9/45558 ,  G06F9/45545 ,  G06F12/0246 ,  G06F12/0292 ,  G06F12/0882 ,  G06F12/1018 ,  G06F12/1408 ,  G06F2009/45583 ,  G06F2009/45587

Abstract: A method is provided in a data processing system having second level address translation (SLAT) controlled by a hypervisor. In the method, hashes of all memory pages accessible by a guest OS are stored (set S). Also, hashes of all memory pages previously accessed by the guest OS are stored (set T). When the guest OS attempts an access to a memory page having executable code for which it does not have permission, an exception is generated. A hash of the memory page is compared with the hashes of set T and set S. If there is not a match within set T, then the guest OS has never attempted the requested operation before and suspicious behavior is reported. If there is not a match within set S, the requested operation is reported as illegal. In another embodiment, the memory page may be encrypted to prevent the guest OS from reading the memory page.

公开(公告)号：US11521084B2

公开(公告)日：2022-12-06

申请号：US16816346

申请日：2020-03-12

Applicant: NXP B.V.

Inventor： Jan Hoogerbrugge

IPC: G06N5/04 ,  G06N20/10

Abstract: A data processing system and a method for detecting an anomaly in the data processing system are provided. The method includes receiving a plurality of program counter values from a processing core of the data processing system. Each of the plurality of program counter values corresponds to an instruction being executed in the data processing system. A histogram is constructed using the plurality of program counter values. The histogram is provided to a machine learning (ML) model and used for training the ML model. If training has already been accomplished, the histogram is provided during inference operation of the ML model. The ML model and the histogram are used to detect an anomaly in the data processing system. If an anomaly is detected, an indication of the anomaly may be provided.

公开(公告)号：US10652011B2

公开(公告)日：2020-05-12

申请号：US15617940

申请日：2017-06-08

Applicant: NXP B.V.

Inventor： Joppe Willem Bos ,  Jan Hoogerbrugge ,  Marc Joye ,  Wilhelmus Petrus Adrianus Johannus Michiels

IPC: G06F21/00 ,  H04L9/06 ,  H04L9/30 ,  G09C1/00 ,  G06F21/60

Abstract: A method for producing a white-box implementation of a cryptographic function using garbled circuits, including: producing, by a first party, a logic circuit implementing the cryptographic function using a plurality of logic gates and a plurality of wires; garbling the produced logic circuit, by the first party, including garbling the plurality of logic gates and assigning two garbled values for each of the plurality of wires; and providing a second party the garbled logic circuit and a first garbled circuit input value.

公开(公告)号：US20190312718A1

公开(公告)日：2019-10-10

申请号：US16451221

申请日：2019-06-25

Applicant: NXP B.V.

Inventor： Wilhelmus Petrus Adrianus Johannus Michiels ,  Jan Hoogerbrugge ,  Joppe Willem Bos

IPC: H04L9/00 ,  G06F21/75

Abstract: A method for performing a secure function in a data processing system is provided. In accordance with one embodiment, the method includes generating and encoding an encryption key. The encoded encryption key may be encrypted in a key store in a trusted execution environment (TEE) of the data processing system. The encrypted encryption key may encrypted, stored, and decrypted in the key store in the TEE, but used in a white-box implementation to perform a secure function. The secure function may include encrypting a value in the white-box implementation for securing a monetary value on, for example, a smart card. In one embodiment, each time an encryption key or decryption key is used, it is changed to a new key. The method makes code lifting and rollback attacks more difficult for an attacker because the key is stored separately from, for example, a white-box implementation in secure storage.