-
公开(公告)号:US09961057B2
公开(公告)日:2018-05-01
申请号:US14850886
申请日:2015-09-10
Applicant: NXP B.V.
Inventor: Marcel Medwed , Martin Feldhofer , Ventzislav Nikov
CPC classification number: H04L63/068 , H04L9/003 , H04L9/0618 , H04L63/062 , H04L2209/805
Abstract: Methods of securing a cryptographic device against implementation attacks, are described. A disclosed method comprises the steps of obtaining a key (230) from memory of the cryptographic device; providing the key and a constant input (210) to an encryption module (240); deriving an output (250) of encrypted data bits using the encryption module (240); providing the output (250), the key (230) and an input vector (270) to a key update module (260); and using said key update module (260) to modify the key based on at least a part (270a) of the input vector (270) to derive an updated key (230a). This prevents the value of the key from being derived using the updated key or by using side-channel attacks because the input is constant for all keys. Additionally, by altering the input vector, the updated key is also altered.
-
公开(公告)号:US20250077439A1
公开(公告)日:2025-03-06
申请号:US18456732
申请日:2023-08-28
Applicant: NXP B.V.
Inventor: Marcel Medwed , Jan Hoogerbrugge
IPC: G06F12/10
Abstract: A data processing system is provided that includes a processor and a memory. The processor is configured to execute instructions to access a location pointed to by an address pointer. The memory is coupled to the processor and configured to have a plurality of memory portions. A first address pointer for accessing a first portion of the memory includes a type bit field, a tag bit field, and a first address bit field. A second address pointer for accessing a second portion of the memory is configured to have only the type bit field and a second address bit field without the tag bit field. The type bit field is set to a first value for the tagged pointer and a second value for the untagged pointer. In another embodiment, a method is provided for accessing a location in the data processing system.
-
公开(公告)号:US20240192307A1
公开(公告)日:2024-06-13
申请号:US18079473
申请日:2022-12-12
Applicant: NXP B.V.
Inventor: Eduardo Pimentel de Alvarenga , Marcel Medwed , Tobias Schneider , Erik Kraft
IPC: G01S5/14
CPC classification number: G01S5/14
Abstract: In an ultra-wideband (UWB) communication network, a controller anchor changes which anchor of a group of anchors serves as initiator for each of multiple ranging rounds. Based on the capabilities of the anchors in the UWB communication network, the controller selects among multiple modes for designating which anchor serves as initiator for each ranging round. In a first mode, the anchors take turns serving as the initiator for successive ranging rounds in round robin fashion. In a second mode, the anchors randomly take turns serving as the initiator for ranging rounds. By dynamically selecting an initiator for each ranging round, launching a successful jamming attack becomes significantly more complicated.
-
14.发明授权公开(公告)号:US11687678B2
公开(公告)日:2023-06-27
申请号:US17081589
申请日:2020-10-27
Applicant: NXP B.V.
Inventor: Marcel Medwed , Tobias Schneider , Ventzislav Nikov , Jorge Miguel Ventuzelos Pereira , Rudi Verslegers , Nikita Veshchikov , Joppe Willem Bos , Jan Hoogerbrugge
CPC classification number: G06F21/74 , G06F21/606
Abstract: A device and methods are described that comprise at least one host application and a rich execution environment. At least one interface is operably coupled to the REE for communicating with a remote server. A security sub-system comprises a security monitoring and control circuit coupled to the REE and connectable to the remote server via the REE and the at least one interface. The security monitoring and control circuit comprises an analytics circuit configured to detect an anomaly following a compromisation of the device. The security monitoring and control circuit is arranged to treat the REE as an untrusted component and in response to a detection of a compromisation of the REE or a component in the device that is accessible by the REE by the analytics circuit, the security monitoring and control circuit is configured to re-establish a secure connection to the remote server that tunnels through the REE and at least partially removes the compromisation from the device.
-
公开(公告)号:US20220330016A1
公开(公告)日:2022-10-13
申请号:US17851609
申请日:2022-06-28
Applicant: NXP B.V.
Inventor: Marcel Medwed , Stefan Lemsitzer
IPC: H04W12/02 , H04W12/0433 , H04W12/069 , H04L9/32 , H04L9/40
Abstract: Various embodiments relate to a method and system for resuming a secure communication session with a server by a device, including: sending a message to the server requesting the resumption of a secure communication session; receiving from the server a server identifier, a server nonce, and a salt; determining that the device has a shared key with the server based upon the server identifier; determining that the received salt is valid; calculating a salted identifier based upon the shared key and the salt; sending the salted identifier to the server; and resuming the secure communication session with the server.
-
Patent Agency Ranking
公开(公告)号:US11055202B1
公开(公告)日:2021-07-06
申请号:US16715656
申请日:2019-12-16
Applicant: NXP B.V.
Inventor: Jan Hoogerbrugge , Marcel Medwed
Abstract: A system and method for accessing a tagged global variable in software, including: randomly generating tags for global variables in the software; tagging the global variables with the random tags; creating a pointer to each global variable with the random tags in unused bits of the pointer wherein the pointer points to the associated global variable; accessing one global variable indirectly using the tagged pointer; determining whether tag on the accessed global variable matches the tag on the accessed pointer; and indicating a fault when the tag on the accessed global variable does not match the tag on the accessed pointer.
-
公开(公告)号:US10567155B2
公开(公告)日:2020-02-18
申请号:US15143259
申请日:2016-04-29
Applicant: NXP B.V.
Inventor: Marcel Medwed , Ventzislav Nikov , Martin Feldhofer
Abstract: Methods of securing a cryptographic device against implementation attacks are described. A disclosed method comprises the steps of: generating secret values (324) using a pseudorandom generator (510); providing a key (330), an input (324) having a number of chunks and the secret values to an encryption module (340); indexing the chunks and the secret values (324); processing the input chunk wise by encrypting the secret values (324) indexed by the chunks using the key (330) and the encryption module (340); generating for each chunk a pseudorandom output (330′) of the encryption module (340), providing the pseudorandom output as the key (330′) when processing the next chunk; and performing a final transformation on the last pseudorandom output (330′) from the previous step by using it as a key to encrypt a fixed plaintext.
-
公开(公告)号:US20160323097A1
公开(公告)日:2016-11-03
申请号:US15143259
申请日:2016-04-29
Applicant: NXP B.V.
Inventor: Marcel Medwed , Ventzislav Nikov , Martin Feldhofer
CPC classification number: H04L9/002 , G06F7/582 , H04L9/003 , H04L9/0662 , H04L9/0869 , H04L9/0891 , H04L63/0457 , H04L63/08 , H04L63/123
Abstract: Methods of securing a cryptographic device against implementation attacks are described. A disclosed method comprises the steps of: generating secret values (324) using a pseudorandom generator (510); providing a key (330), an input (324) having a number of chunks and the secret values to an encryption module (340); indexing the chunks and the secret values (324); processing the input chunk wise by encrypting the secret values (324) indexed by the chunks using the key (330) and the encryption module (340); generating for each chunk a pseudorandom output (330′) of the encryption module (340), providing the pseudorandom output as the key (330′) when processing the next chunk; and performing a final transformation on the last pseudorandom output (330′) from the previous step by using it as a key to encrypt a fixed plaintext.
Abstract translation: 描述了保护加密设备免遭实施攻击的方法。 所公开的方法包括以下步骤:使用伪随机发生器(510)产生秘密值(324); 提供密钥(330),具有多个块的输入(324)和秘密值给加密模块(340); 索引大块和秘密值(324); 通过使用密钥(330)和加密模块(340)加密由块索引的秘密值(324)来处理输入块; 为每个块生成加密模块(340)的伪随机输出(330'),在处理下一个块时提供伪随机输出作为密钥(330'); 并且通过使用它作为加密固定明文的密钥,对前一步骤的最后伪随机输出(330')执行最终变换。
-
公开(公告)号:US20240377969A1
公开(公告)日:2024-11-14
申请号:US18314207
申请日:2023-05-09
Applicant: NXP B.V.
Inventor: Marcel Medwed , Lorenz Schumm
IPC: G06F3/06
Abstract: A method is provided to protect access to a memory in a data processing system. For each application of a plurality of applications, there is a fetch secret, a load secret, and a store secret. A fetch tweak, a load tweak, and a store tweak is computed for each application as a combination of one or more of the fetch secret, the load secret, and the store secret. Data to be stored in the memory is encrypted using the store tweak, and data to be retrieved from the memory is decrypted using the load tweak. Only a software security monitor of the data processing system knows the fetch secret, and each application knows its own load and store secrets. All three of the fetch secret, store secret, and the load secret have to be switched for a context switch in the data processing system.
-
公开(公告)号:US20240118380A1
公开(公告)日:2024-04-11
申请号:US17938430
申请日:2022-10-06
Applicant: NXP B.V.
Inventor: Tobias Schneider , Eduardo Pimentel de Alvarenga , Marcel Medwed , Erik Kraft , Stefan Lemsitzer , Robert Spreitzer
IPC: G01S7/02
CPC classification number: G01S7/023
Abstract: A method is provided for detecting interference in a radar system. The method includes transmitting, by a transmitter of the radar system, a sequence of radar pulses at a regular interval with a rest period following each radar pulse of the sequence of radar pulses. The transmitter is disabled during each rest period. A receiver is enabled to receive reflected radar pulses from a target during the rest period following each radar pulse of the sequence of radar pulses. Some of the radar pulses are selected to be omitted and not transmitted. The receiver is still enabled during the rest periods following the omitted transmission pulses. Any reflected pulses received during the rest periods following the omitted transmission pulses may be an indication of a targeted interference of the radar system. In another embodiment, a radar system is provided.
-
-
-
-
-
-
-
-
-
Search Results
25
records
(took 0.017 seconds)
