公开(公告)号：US20160171252A1

公开(公告)日：2016-06-16

申请号：US14955269

申请日：2015-12-01

Applicant: Cryptography Research, Inc

Inventor： Andrew John Leiserson ,  Mark Evan Marson

IPC: G06F21/75 ,  H04L9/00 ,  H04L9/06 ,  G06F21/78

Abstract: A cryptographic accelerator (processor) retrieves data blocks for processing from a memory. These data blocks arrive and are stored in an input buffer in the order they were stored in memory (or other known order)—typically sequentially according to memory address (i.e., in-order.) The processor waits until a certain number of data blocks are available in the input buffer and then randomly selects blocks from the input buffer for processing. This randomizes the processing order of the data blocks. The processing order of data blocks may be randomized within sets of data blocks associated with a single read transaction, or across sets of data blocks associated with multiple read transactions.

Abstract translation: 加密加速器（处理器）从存储器检索用于处理的数据块。 这些数据块按照存储器（或其他已知顺序）存储的顺序存储在输入缓冲器中 - 根据存储器地址（即，按顺序）顺序地存储。处理器等待直到一定数量的数据块 在输入缓冲器中可用，然后从输入缓冲器中随机选择块进行处理。 这随机化了数据块的处理顺序。 数据块的处理顺序可以在与单个读取事务相关联的数据块的集合内，或者与多个读取事务相关联的数据块组之间随机化。

公开(公告)号：US20250036726A1

公开(公告)日：2025-01-30

申请号：US18794631

申请日：2024-08-05

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Mark Evan Marson ,  Michael Alexander Hamburg ,  Helena Handschuh

IPC: G06F21/14 ,  G06N3/02

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

公开(公告)号：US20240413968A1

公开(公告)日：2024-12-12

申请号：US18732270

申请日：2024-06-03

Applicant: Cryptography Research, Inc.

Inventor： Mark Evan Marson ,  Michael Alexander Hamburg ,  Helena Handschuh

IPC: H04L9/00 ,  H04L9/06

Abstract: Aspects and implementations are directed to systems and techniques for protecting cryptographic operations against side-channel attacks by masking a ciphertext data using one or more masks randomly sampled from a null space associated with a tensor representation of a secret data and generating a plaintext data using the masked ciphertext data.

公开(公告)号：US20230254115A1

公开(公告)日：2023-08-10

申请号：US18008602

申请日：2021-06-04

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Michael Alexander Hamburg ,  Helena Handschuh ,  Mark Evan Marson

IPC: H04L9/06 ,  G06F17/14

CPC classification number: H04L9/0631 ,  G06F17/142

Abstract: Aspects of the present disclosure involve a method and a system to perform a cryptographic operation that involves a number theoretic transformation of a first vector to a second vector by obtaining components of the first vector, performing a plurality of iterations that each include determining a plurality of output values, wherein each of the plurality of output values is a linear combination of two or more input values, the input values into a first iteration being the components of the first vector and the output values of the last iteration being representative of components of the second vector, and wherein one or more of the output values of at least one iteration are randomized by multiplying at least one input value by a random number, and determining, based on the output values of the last of the plurality of iterations, the components of the second vector.

公开(公告)号：US20220182232A1

公开(公告)日：2022-06-09

申请号：US17601205

申请日：2020-04-04

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Mark Evan Marson ,  Michael Hutter ,  Bart Stevens

IPC: H04L9/08 ,  H04L9/16 ,  H04L9/00

Abstract: Disclosed are memory encryption systems and methods that rotate encryption keys for robust resistance against side-channel-analysis (SCA)-based attacks on communication paths between an encryption engine within a trust boundary and an external memory component. A key data structure has a plurality of keys that are used to encrypt a plurality of memory blocks in the external memory. The memory blocks encrypted with the oldest key of the key data structure are identified. Encrypted data is read from the identified memory blocks. The encrypted data is decrypted from the identified memory blocks. The data is then re-encrypted using the selected key that is newer than the oldest key, and re-written to the identified memory blocks.

公开(公告)号：US20220021534A1

公开(公告)日：2022-01-20

申请号：US17389746

申请日：2021-07-30

Applicant: Cryptography Research, Inc.

Inventor： Ambuj Kumar ,  Mark Evan Marson ,  Daniel Robert Beitel

IPC: H04L9/30 ,  H04L9/32 ,  H04W12/02 ,  G06F21/60 ,  H04L9/08

Abstract: A first entity may provide a request to transmit data from the first entity to a second entity. The first entity may receive a session key from the second entity in response to the request where the session key is encrypted by a second key that is based on a combination of a public key and a location associated with the second entity. A location associated with the first entity may be identified. Furthermore, a first key may be generated based on a combination of the location associated with the first entity and a private key that corresponds to the public key. The first key may decrypt data encrypted by the second key when the location associated with the first entity corresponds to the location associated with the second entity.

公开(公告)号：US10860229B2

公开(公告)日：2020-12-08

申请号：US15512041

申请日：2015-08-31

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Benjamin Che-Ming Jun ,  William Craig Rawlings ,  Ambuj Kumar ,  Mark Evan Marson

IPC: G06F12/00 ,  G06F3/06 ,  G06F21/71 ,  G06F21/76 ,  G11C17/16 ,  G11C17/18

Abstract: A request associated with one or more privileges assigned to a first entity may be received. Each of the one or more privileges may correspond to an operation of an integrated circuit. Information corresponding to the first entity and stored in a memory that is associated with the integrated circuit may be identified. Furthermore, the memory may be programmed to modify the information stored in the memory that is associated with the integrated circuit in response to the request associated with the one or more privileges assigned to the first entity.

公开(公告)号：US10311255B2

公开(公告)日：2019-06-04

申请号：US15392961

申请日：2016-12-28

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Andrew John Leiserson ,  Mark Evan Marson ,  Megan Anneke Wachs

IPC: H04L9/00 ,  G06F21/71 ,  G06F21/72 ,  G06F21/75

Abstract: A method of and system for gate-level masking of secret data during a cryptographic process is described. A mask share is determined, wherein a first portion of the mask share includes a first number of zero-values and a second number of one-values, and a second portion of the mask share includes the first number of one-values and the second number of zero-values. Masked data values and the first portion of the mask share are input into a first portion of masked gate logic, and the masked data values and the second portion of the mask share are input into a second portion of the masked gate logic. A first output from the first portion of the masked gate logic and a second output from the second portion of the masked gate logic are identified, wherein either the first output or the second output is a zero-value.

公开(公告)号：US20180183593A1

公开(公告)日：2018-06-28

申请号：US15900722

申请日：2018-02-20

Applicant: Cryptography Research, Inc.

Inventor： Ambuj Kumar ,  Mark Evan Marson ,  Daniel Robert Beitel

IPC: H04L9/30 ,  H04W12/02 ,  H04L9/32 ,  G06F21/60 ,  H04W4/40 ,  H04L29/06

CPC classification number: H04L9/3066 ,  G06F21/606 ,  G06F2221/2107 ,  G06F2221/2111 ,  H04L9/0872 ,  H04L9/3263 ,  H04L63/0442 ,  H04L63/107 ,  H04W4/046 ,  H04W4/40 ,  H04W12/00503 ,  H04W12/02

Abstract: A first entity may provide a request to transmit data from the first entity to a second entity. The first entity may receive a session key from the second entity in response to the request where the session key is encrypted by a second key that is based on a combination of a public key and a location associated with the second entity. A location associated with the first entity may be identified. Furthermore, a first key may be generated based on a combination of the location associated with the first entity and a private key that corresponds to the public key. The first key may decrypt data encrypted by the second key when the location associated with the first entity corresponds to the location associated with the second entity.

公开(公告)号：US20170154193A1

公开(公告)日：2017-06-01

申请号：US15392961

申请日：2016-12-28

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Andrew John Leiserson ,  Mark Evan Marson ,  Megan Anneke Wachs

IPC: G06F21/72 ,  H04L9/00

CPC classification number: G06F21/72 ,  G06F21/71 ,  G06F21/755 ,  H04L9/003 ,  H04L2209/04 ,  H04L2209/12 ,  H04L2209/16

Abstract: A method of and system for gate-level masking of secret data during a cryptographic process is described. A mask share is determined, wherein a first portion of the mask share includes a first number of zero-values and a second number of one-values, and a second portion of the mask share includes the first number of one-values and the second number of zero-values. Masked data values and the first portion of the mask share are input into a first portion of masked gate logic, and the masked data values and the second portion of the mask share are input into a second portion of the masked gate logic. A first output from the first portion of the masked gate logic and a second output from the second portion of the masked gate logic are identified, wherein either the first output or the second output is a zero-value.