公开(公告)号：US11228422B2

公开(公告)日：2022-01-18

申请号：US16734296

申请日：2020-01-03

Applicant: Cryptography Research, Inc.

Inventor： Christopher Gori ,  Pankaj Rohatgi

IPC: H04L9/00 ,  G06F21/75 ,  G09C1/00

Abstract: Input signals may be received. Furthermore, a control signal controlling the implementation of a Differential Power Analysis (DPA) countermeasure may be received. One of the input signals may be transmitted as an output signal based on the control signal. A cryptographic operation may be performed based on the first output signal that is transmitted based on the control signal.

公开(公告)号：US10897344B2

公开(公告)日：2021-01-19

申请号：US16519330

申请日：2019-07-23

Applicant: Cryptography Research, Inc.

Inventor： Sami James Saab ,  Pankaj Rohatgi ,  Craig E. Hampel

IPC: G06F21/55 ,  G06F9/30 ,  H04L9/06 ,  H04L9/00 ,  H04L9/08

Abstract: Systems and methods for performing cryptographic data processing operations in a manner resistant to external monitoring attacks. An example method may comprise: executing, by a processing device, a first data manipulation instruction, the first data manipulation instruction affecting a state of the processing device; executing a second data manipulation instruction, the second data manipulation instruction interacting with said internal state; and breaking a detectable interaction of the first data manipulation instruction and the second data manipulation instruction by executing a third data manipulation instruction utilizing an unpredictable data item.

公开(公告)号：US10789358B2

公开(公告)日：2020-09-29

申请号：US16061409

申请日：2016-10-12

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Sami Saab ,  Elke De Mulder ,  Pankaj Rohatgi ,  Craig E Hampel ,  Jeremy Cooper ,  Winthrop Wu

IPC: G06F21/55 ,  G06F21/62

Abstract: Embodiments herein facilitate resisting side channel attacks through various implementations and combinations of implementations. In embodiments, this is accomplished by preventing sensitive data from consecutively following other data through potentially vulnerable resources which otherwise may cause data to leak. Where such vulnerabilities to attacks are known, suspected, or as a proactive precaution, a cleaner can be used to inhibit the sensitive data from passing through the vulnerable areas consecutively and thus inhibit the leakage. Embodiments also envision utilizing certain types of circuits to assist in preventing leakage. By using such circuits one can reduce or even potentially eliminate the requirement for cleaners as mentioned previously.

公开(公告)号：US20170085368A1

公开(公告)日：2017-03-23

申请号：US15311741

申请日：2015-05-15

Applicant: Cryptography Research, Inc.

Inventor： Sami James Saab ,  Pankaj Rohatgi ,  Craig E. Hampel

IPC: H04L9/00 ,  H04L9/08

CPC classification number: H04L9/002 ,  G06F9/30007 ,  G06F21/556 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/0822 ,  H04L2209/12

Abstract: Systems and methods for performing cryptographic data processing operations in a manner resistant to external monitoring attacks. An example method may comprise: executing, by a processing device, a first data manipulation instruction, the first data manipulation instruction affecting an internal state of the processing device; executing a second data manipulation instruction, the second data manipulation instruction interacting with said internal state; and breaking a detectable interaction of the first data manipulation instruction and the second data manipulation instruction by executing a third data manipulation instruction utilizing an unpredictable data item.

公开(公告)号：US20160048684A1

公开(公告)日：2016-02-18

申请号：US14617437

申请日：2015-02-09

Applicant: Cryptography Research, Inc.

Inventor： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC: G06F21/57 ,  G06F9/44 ,  H04L9/08 ,  H04L9/00

CPC classification number: G06F21/575 ,  G06F8/71 ,  G06F9/44505 ,  G06F12/1408 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F21/76 ,  G06F2212/402 ,  G06F2221/034 ,  G06F2221/2107 ,  G06F2221/2125 ,  G06F2221/2145 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/0869 ,  H04L2209/24 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2463/061

Abstract: A computing device includes a secure storage hardware to store a secret value and processing hardware comprising at least one of a cache or a memory. During a secure boot process the processing hardware loads untrusted data into at least one of the cache or the memory of the processing hardware, the untrusted data comprising an encrypted data segment and a validator, retrieves the secret value from the secure storage hardware, derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, verifies, using the validator, whether the encrypted data segment has been modified, and decrypts the encrypted data segment using a first decryption key derived from the initial key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.

Abstract translation: 计算设备包括用于存储秘密值的安全存储硬件和包括高速缓存或存储器中的至少一个的处理硬件。 在安全引导过程期间，处理硬件将不可信数据加载到处理硬件的高速缓存或存储器中的至少一个中，不可信数据包括加密数据段和验证器，从安全存储硬件检索秘密值， 至少部分地基于与加密数据段和秘密值相关联的标识符的初始密钥，使用验证器来验证加密数据段是否已经被修改，并且使用从第一解密密钥导出的第一解密密钥来解密加密数据段 响应于验证加密的数据段未被修改来产生解密的数据段的初始密钥。

公开(公告)号：US11507659B2

公开(公告)日：2022-11-22

申请号：US17033568

申请日：2020-09-25

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Sami Saab ,  Elke De Mulder ,  Pankaj Rohatgi ,  Craig E. Hampel ,  Jeremy Cooper ,  Winthrop Wu

IPC: G06F21/55 ,  G06F21/62

Abstract: Embodiments herein facilitate resisting side channel attacks through various implementations and combinations of implementations. In embodiments, this is accomplished by preventing sensitive data from consecutively following other data through potentially vulnerable resources which otherwise may cause data to leak. Where such vulnerabilities to attacks are known, suspected, or as a proactive precaution, a cleaner can be used to inhibit the sensitive data from passing through the vulnerable areas consecutively and thus inhibit the leakage. Embodiments also envision utilizing certain types of circuits to assist in preventing leakage. By using such circuits one can reduce or even potentially eliminate the requirement for cleaners as mentioned previously.

公开(公告)号：US11463236B2

公开(公告)日：2022-10-04

申请号：US16466983

申请日：2017-12-04

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Rodrigo Portella do Canto ,  Elke De Mulder ,  Pankaj Rohatgi ,  Matthew Pond Baker

IPC: H04L9/06

Abstract: An indication of a mode of operation to be performed with a block cipher may be received. Logic associated with the block cipher may be configured based on the indicated mode of operation to be performed with the block cipher. Furthermore, an input data and a mask data may be received. The input data may be combined with the mask data to generate a masked input data based on the configured logic. The masked input data may be provided to the block cipher based on the configured logic and an output data may be generated with the block cipher based on the provided masked input data.

公开(公告)号：US20220083665A1

公开(公告)日：2022-03-17

申请号：US17382333

申请日：2021-07-21

Applicant: Cryptography Research, Inc.

Inventor： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC: G06F21/57 ,  G06F21/60 ,  H04L9/08 ,  H04L9/32 ,  G06F21/55 ,  H04L9/00 ,  G06F12/14 ,  H04L9/06 ,  H04L9/16 ,  G06F9/445 ,  G06F21/76 ,  G06F8/71

Abstract: A computing device includes a secure storage hardware to store a secret value and processing hardware comprising at least one of a cache or a memory. During a secure boot process the processing hardware loads untrusted data into at least one of the cache or the memory of the processing hardware, the untrusted data comprising an encrypted data segment and a validator, retrieves the secret value from the secure storage hardware, derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, verifies, using the validator, whether the encrypted data segment has been modified, and decrypts the encrypted data segment using a first decryption key derived from the initial key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.

公开(公告)号：US11074349B2

公开(公告)日：2021-07-27

申请号：US16240671

申请日：2019-01-04

Applicant: Cryptography Research, Inc.

Inventor： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC: G06F21/57 ,  G06F21/60 ,  H04L9/08 ,  H04L9/32 ,  G06F21/55 ,  H04L9/00 ,  G06F12/14 ,  H04L9/06 ,  H04L9/16 ,  G06F9/445 ,  G06F21/76 ,  G06F8/71 ,  H04L29/06 ,  G06F21/75

Abstract: A method for device authentication comprises receiving, by processing hardware of a first device, a message from a second device to authenticate the first device. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware derives a validator from the secret value using a path through a key tree. The first device then sends the validator to the second device.

公开(公告)号：US20200175162A1

公开(公告)日：2020-06-04

申请号：US16061409

申请日：2016-10-12

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Sami James Saab ,  Elke De Mulder ,  Pankaj Rohatgi ,  Craig E. Hampel ,  Jeremy Cooper ,  Winthrop Wu

IPC: G06F21/55 ,  G06F21/62

Abstract: Embodiments herein facilitate resisting side channel attacks through various implementations and combinations of implementations. In embodiments, this is accomplished by preventing sensitive data from consecutively following other data through potentially vulnerable resources which otherwise may cause data to leak. Where such vulnerabilities to attacks are known, suspected, or as a proactive precaution, a cleaner can be used to inhibit the sensitive data from passing through the vulnerable areas consecutively and thus inhibit the leakage. Embodiments also envision utilizing certain types of circuits to assist in preventing leakage. By using such circuits one can reduce or even potentially eliminate the requirement for cleaners as mentioned previously.