-
公开(公告)号:US20230281305A1
公开(公告)日:2023-09-07
申请号:US18159800
申请日:2023-01-26
CPC分类号: G06F21/556 , G06F21/602
摘要: A method including generating an initialization vector, then producing a new mask using the generated initialization vector and using a secret key, masking a datum to be written to an internal cache memory using the constructed new mask, to obtain a masked datum, storing, in a given word of the internal cache memory, the masked datum and the generated initialization vector, and unmasking the masked datum, this including extracting the initialization vector contained in the word, reconstructing the mask using the extracted initialization vector and using the secret key, then unmasking the masked datum using the new mask thus reconstructed.
-
公开(公告)号:US20240320151A1
公开(公告)日:2024-09-26
申请号:US18581454
申请日:2024-02-20
发明人: Olivier SAVRY
IPC分类号: G06F12/0811 , G06F21/60
CPC分类号: G06F12/0811 , G06F21/602
摘要: This method comprises:
selecting, depending on an address of a word to be read or written, a first cell in an indirection table and using, as first value generated for a line index, the value contained in this first cell, and
in response to triggering of a cache miss:
storing the word retrieved from a memory of higher rank in a new line identified by a second line-index value, this second value being contained in a second cell of the indirection table, and
permutating, in the indirection table, only values contained in the first and second cells, so that after this permutation the first cell contains the second value and the second cell contains the first value.-
3.发明申请公开(公告)号:US20200089919A1
公开(公告)日:2020-03-19
申请号:US16470067
申请日:2017-12-14
发明人: Damien COUROUSSE , Thomas HISCOCK , Olivier SAVRY
摘要: A method for executing a polymorphic machine code, wherein: for each branching address at which a base block of a flow of generated instructions starts, the microprocessor automatically adds, in the generated flow of instructions, a renewal instruction suitable, when it is executed, for triggering the renewal of an initialization vector of a module for decryption by flow with a specific value associated with this branching address, then a flow encryption module encrypts the flow of instructions as it is generated and, during this encryption, each base block is encrypted using a specific value associated with the branching address at which it starts. Only the instruction flow encrypted in this way is recorded in the main memory. During execution of the encrypted instruction flow, the added renewal instructions are executed as they are encountered.
-
公开(公告)号:US20190080096A1
公开(公告)日:2019-03-14
申请号:US16130115
申请日:2018-09-13
发明人: Olivier SAVRY
摘要: In this method, a securing hardware module of a microprocessor: 1) verifies (176) the integrity and the authenticity of a cryptogram contained in a code line loaded with the aid of a message authentication code contained in this same line and triggers (172) the signalling of an execution fault if the integrity or the authenticity of the cryptogram is not confirmed, and then 2) decrypts (178) the cryptogram to obtain a decrypted instruction or a decrypted datum if the integrity and the authenticity of the cryptogram are confirmed, and then: in the case of a decrypted instruction, the decrypted instruction is recorded (180) in a queue of instructions to be executed successively one after another by an arithmetic and logic unit of the microprocessor, and in the case of a decrypted datum, the decrypted datum is recorded in an internal register of the microprocessor while waiting to be processed by the arithmetic and logic unit.
-
公开(公告)号:US20210004456A1
公开(公告)日:2021-01-07
申请号:US16918144
申请日:2020-07-01
发明人: Olivier SAVRY
摘要: A method for executing a binary code of a secure function includes obtaining a pointer containing: a first range of bits containing the address of a line of code, and a second, different range of bits containing an identifier of the pointer, storing the line of code, this line of code containing a first integrity tag constructed or encrypted using the identifier of the pointer, loading the line of code from the address contained in the first range of bits of the pointer, verifying the integrity of the loaded line of code by constructing a second integrity tag using the identifier of the pointer contained in the second range of bits of the pointer used to load it.
-
6.发明申请公开(公告)号:US20200302068A1
公开(公告)日:2020-09-24
申请号:US16823441
申请日:2020-03-19
发明人: Olivier SAVRY
摘要: A method for executing, with a microprocessor, a binary code, this method including executing a prologue of a function called by a microprocessor, this execution including encrypting a return address of the calling or called function and saving the return address thus encrypted in a call stack, this encryption being carried out using a first value that is not used when data are saved in the call stack by the called function and that is independent of the address at which the return address thus encrypted is saved in the call stack, then executing an epilogue of the function called by the microprocessor, this execution including decrypting, using the first value, the encrypted return address saved in the call stack, then branching to an instruction line identified by this decrypted return address.
-
公开(公告)号:US20190103980A1
公开(公告)日:2019-04-04
申请号:US16142182
申请日:2018-09-26
发明人: Olivier SAVRY
IPC分类号: H04L9/32 , H04W4/80 , H04W12/06 , G06K19/073
摘要: The invention relates to an RFID tag adapted to access a service of interest from an access terminal, said RFID tag (1) comprising an integrated circuit (3) configured to: enable a cryptographic authentication of the RFID tag (1) by said access terminal (7) using a current cryptography key shared by the RFID tag (1) and the access terminal (7), said authentication allowing access to said service of interest, and enable the RFID tag (1) to recover a new current cryptography key updated by an NFC smartphone after said NFC smartphone has authenticated the RFID tag (1), using an initial cryptography key previously shared between the RFID tag (1) and said smartphone.
-
公开(公告)号:US20200349294A1
公开(公告)日:2020-11-05
申请号:US16866619
申请日:2020-05-05
发明人: Olivier SAVRY
摘要: A method for executing a binary code includes for each item of data to be recorded: executing an algorithm for constructing a data line containing a cryptogram of this item of data constructed using an initialization vector ivj associated with an address @j of the main memory using a relationship ivj=Fiv(@j), where the function Fiv, is a pre-programmed function that associates a different initialization vector ivj with each different address @j of a main memory, and then recording this constructed data line in the main memory at the address @j, where each instruction line of a basic block is constructed by executing the same construction algorithm as the one executed to construct the data line and using the same function Fiv, the item of data for this purpose being taken to be equal to the instruction masked using a mask associated with this basic block.
-
公开(公告)号:US20200257637A1
公开(公告)日:2020-08-13
申请号:US16744268
申请日:2020-01-16
IPC分类号: G06F12/128 , G06F12/1009 , G06F12/0897
摘要: A method for managing a cache memory, including executing first and second processes, when the second process modifies the state of the cache memory, updating the value of an indicator associated with this second process, and comparing the value of this indicator to a predefined threshold and, when this predefined threshold is exceeded, detecting an abnormal use of the cache memory by the second process, in response to this detection, modifying pre-recorded relationships in order to associate with the identifier of the second process a value of a parameter q different from the value of the parameter q associated with the first process so that, after this modification, when the received address of a word to be read is the same for the first and second processes, then the set addresses used to read this word from the cache memory are different.
-
公开(公告)号:US20210173946A1
公开(公告)日:2021-06-10
申请号:US17109424
申请日:2020-12-02
发明人: Olivier SAVRY , Thomas HISCOCK
摘要: A method for executing a computer program, wherein when a microprocessor writes a block of No bytes of a datum of a block of cleartext data stored in an unencrypted memory, a security module switches a validity indicator associated with this block of No bytes to an active state wherein it indicates that this block of bytes is valid, and each time a block of No bytes of a datum of the block of cleartext data is loaded by the microprocessor from the unencrypted memory, the hardware security module verifies whether the validity indicator associated with this block of No bytes is in its active state and, if such is the case, processing, by the microprocessor, of this block of No bytes is permitted, and, if such is not the case, processing, by the microprocessor, of this block of No bytes is forbidden.
-
-
-
-
-
-
-
-
-
搜索结果
12 条记录 (耗时 0.021 秒)
