-
公开(公告)号:US20150270950A1
公开(公告)日:2015-09-24
申请号:US14219734
申请日:2014-03-19
Applicant: NXP B.V.
Inventor: Wil Michiels , Jan Hoogerbrugge
CPC classification number: H04L9/002 , G09C1/00 , H04L9/0618 , H04L63/1466 , H04L2209/043 , H04L2209/16 , H04L2209/24
Abstract: A method of performing a keyed cryptographic operation mapping an input message to an output message, wherein the input message comprises m input data and the output message comprises m output data and wherein the cryptographic operation includes at least one round and the cryptographic operation specifies a substitution box for mapping input data into output data, including: transforming each of the m input data into n output data using n split substitution boxes, wherein the n split substitution boxes sum to the specified substitution box; and mixing and combining the m×n output data.
Abstract translation: 一种执行将输入消息映射到输出消息的密钥加密操作的方法,其中所述输入消息包括m个输入数据,并且所述输出消息包括m个输出数据,并且其中所述密码操作包括至少一个回合,并且所述密码操作指定替换 用于将输入数据映射到输出数据中,包括:使用n个分割取代框将每个m个输入数据变换为n个输出数据,其中n个分割替换框求和到指定的替换框; 并混合并组合m×n个输出数据。
-
公开(公告)号:US20250053639A1
公开(公告)日:2025-02-13
申请号:US18366727
申请日:2023-08-08
Applicant: NXP B.V.
Inventor: Marcel Medwed , Erik Kraft , Jan Hoogerbrugge , Tobias Schneider
Abstract: A method is provided to protect a stack of return addresses from manipulation. The return address indicates where to return in a computer program after a subroutine is called. In the method, an encryption key and an initial tweak value is selected. For a return address to be stored on the stack, a first chained address is generated by encrypting the return address with the encryption key and the initial tweak value. The first chained address is provided to the stack instead of the return address. For a subsequent return address that is subsequent to the return address, a second chained address is generated by encrypting the subsequent return address with the encryption key and the first chained address. The second chained address is provided to the stack instead of the subsequent return address. The method provides effective protection without requiring additional memory in a memory limited system.
-
公开(公告)号:US12019759B2
公开(公告)日:2024-06-25
申请号:US17143762
申请日:2021-01-07
Applicant: NXP B.V.
IPC: G06F12/1009 , G06F21/60 , G06F9/455 , G06N20/00
CPC classification number: G06F21/60 , G06F12/1009 , G06F9/45558 , G06F2212/657 , G06N20/00
Abstract: A data processing system has a processor and a system memory. The system memory may be a dynamic random-access memory (DRAM). The processor includes an embedded memory. The system memory is coupled to the processor and is organized in a plurality of pages. A portion of the code or data stored in the plurality of memory pages is selected for permutation. A permutation order is generated and the memory pages containing the portion of code or data is permuted using a permutation order. The permutation order and/or a reverse permutation order to recover the original order may be stored in the embedded memory. Permuting the memory pages with a permutation order stored in the embedded memory prevents the code or data from being read during a freeze attack on the system memory in a way that is useful to an attacker.
-
公开(公告)号:US20240202323A1
公开(公告)日:2024-06-20
申请号:US18067043
申请日:2022-12-16
Applicant: NXP B.V.
IPC: G06F21/55 , G06N5/04 , G06V10/764 , G06V10/774
CPC classification number: G06F21/554 , G06N5/04 , G06V10/764 , G06V10/774 , G06F2221/034
Abstract: Systems and methods for protecting a Machine Learning (ML) model from extraction have been described. In an illustrative, non-limiting embodiment, a method may include: obtaining a plurality of input samples usable as part of an inference operation, wherein the inference operation is performed through execution of a machine learning (ML) model. The method may further include obtaining a plurality of outputs from the inference operation. The method may further include detecting a temporal inconsistency among at least one of: (a) the plurality of input samples, or (b) the plurality of outputs. Finally, the method may further include identifying an attempt to extract the ML model, based at least in part upon the determination.
-
公开(公告)号:US20240004994A1
公开(公告)日:2024-01-04
申请号:US17810428
申请日:2022-07-01
Applicant: NXP B.V.
CPC classification number: G06F21/554 , G06N3/08 , G06F2221/031
Abstract: A method is provided for protecting a machine learning model from a side channel attack. A weighted sum vector having first and second elements is initialized. A weight vector for a connection between a node of a first layer and a node of a second layer is multiplied with an input vector to the node of the first layer. A first element of the weight vector includes a weight, and a first element of the input vector includes the input. A second element of the weight vector is a negation of the first element of the weight vector and the second element of the input vector equals the first element of the input vector. A multiplication result is added to the weighted sum vector to produce a computed weighted sum vector. An output vector including the computed weighted sum vector is provided to the node of the second layer.
-
Patent Agency Ranking
公开(公告)号:US11783055B2
公开(公告)日:2023-10-10
申请号:US17079992
申请日:2020-10-26
Applicant: NXP B.V.
CPC classification number: G06F21/602 , G06N20/00
Abstract: A data processing system includes a rich execution environment, a hardware accelerator, a trusted execution environment, and a memory. The REE includes a processor configured to execute an application. A compute kernel is executed on the hardware accelerator and the compute kernel performs computations for the application. The TEE provides relatively higher security than the REE and includes an accelerator controller for controlling operation of the hardware accelerator. The memory has an unsecure portion coupled to the REE and to the TEE, and a secure portion coupled to only the TEE. The secure portion is relatively more secure than the unsecure portion. Data that is to be accessed and used by the hardware accelerator is stored in the secure portion of the memory. In another embodiment, a method is provided for securely executing an application is the data processing system.
-
公开(公告)号:US11782744B2
公开(公告)日:2023-10-10
申请号:US17066179
申请日:2020-10-08
Applicant: NXP B.V.
CPC classification number: G06F9/45558 , G06F21/79 , H04L9/0643 , G06F2009/45583 , G06F2221/2149
Abstract: A data processing system has a processor, a system memory, and a hypervisor. The system memory stores program code and data in a plurality of memory pages. The hypervisor controls SLAT (second level address translation) read, write, and execute access rights of the plurality of memory pages. A portion of the plurality of memory pages are classified as being in a secure enclave portion of the system memory and a portion is classified as being in an unsecure memory area. The portion of the memory pages classified in the secure enclave is encrypted and a hash is generated for each of the memory pages. During an access of a memory page, the hypervisor determines if the accessed memory page is in the secure enclave or in the unsecure memory area based on the hash. In another embodiment, a method for accessing a memory page in the secure enclave is provided.
-
公开(公告)号:US20220129566A1
公开(公告)日:2022-04-28
申请号:US17079992
申请日:2020-10-26
Applicant: NXP B.V.
Abstract: A data processing system includes a rich execution environment, a hardware accelerator, a trusted execution environment, and a memory. The REE includes a processor configured to execute an application. A compute kernel is executed on the hardware accelerator and the compute kernel performs computations for the application. The TEE provides relatively higher security than the REE and includes an accelerator controller for controlling operation of the hardware accelerator. The memory has an unsecure portion coupled to the REE and to the TEE, and a secure portion coupled to only the TEE. The secure portion is relatively more secure than the unsecure portion. Data that is to be accessed and used by the hardware accelerator is stored in the secure portion of the memory. In another embodiment, a method is provided for securely executing an application is the data processing system.
-
公开(公告)号:US10726108B2
公开(公告)日:2020-07-28
申请号:US16391437
申请日:2019-04-23
Applicant: NXP B.V.
Inventor: Jan Hoogerbrugge , Wil Michiels
Abstract: A method of obscuring the input and output of a modular exponentiation function, including: receiving modular exponentiation parameters including an exponent e having N bits and a modulus m; generating randomly a pre-multiplier; calculating a post-multiplier based upon the pre-multiplier, exponent e, and modulus m; multiplying an input to the modular exponentiation function by the pre-multiplier; performing the modular exponentiation function; and multiplying the output of the modular exponentiation function by the post-multiplier, wherein multiplying an input to the modular exponentiation function by the pre-multiplier, performing the modular exponentiation function, and multiplying the output of the modular exponentiation function by the post-multiplier are split variable operations.
-
公开(公告)号:US10567159B2
公开(公告)日:2020-02-18
申请号:US15616648
申请日:2017-06-07
Applicant: NXP B.V.
Abstract: A method for mapping an input message to a message authentication code (MAC) by a white-box implementation of a keyed cryptographic operation in a cryptographic system that includes using a white-box implementation of the block cipher in a MAC.
-
-
-
-
-
-
-
-
-
Search Results
97
records
(took 0.018 seconds)
