公开(公告)号：US11914870B2

公开(公告)日：2024-02-27

申请号：US17435360

申请日：2020-03-04

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Elke De Mulder ,  Michael Hutter ,  Samantha Gummalla

IPC: G06F3/06

CPC classification number: G06F3/0623 ,  G06F3/0655 ,  G06F3/0679

Abstract: Aspects of the present disclosure calculate masked data shares dynamically inside the CPU boundary, and use a plurality of memory channels to write the masked data shares to an external memory location and/or to read the data shares from that external memory location. Each dynamically generated mask value is uniquely associated with a corresponding memory channel during writing data to the external memory. The modified masked data is unmasked or remasked during a subsequent read operation.

公开(公告)号：US20210256165A1

公开(公告)日：2021-08-19

申请号：US17169074

申请日：2021-02-05

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Guilherme Ozari de Almeida ,  Elena Trichina ,  Elke De Mulder

IPC: G06F21/72 ,  G06F7/72 ,  G06F21/60 ,  H04L9/06

Abstract: Systems and methods for protecting from external monitoring attacks cryptographic data processing operations involving universal polynomial hash functions computation. An example method may comprise: receiving an input data block and an iteration result value; performing a first field multiplication operation to produce a new iteration result value, by iteratively processing, starting from a first bit position, bits of a combination of the input data block and the iteration result value, wherein the first bit position is represented by one of: a least-significant bit and a most-significant bit; performing a second field multiplication operation to produce a new mask correction value, by iteratively processing operand bits starting from a second bit position, wherein the second bit position is represented by one of: a least-significant bit and a most-significant bit, and wherein the second bit position is different from the first bit position; applying the new mask correction value to the new iteration result value; and producing, based on the new iteration result value, a value of a cryptographic hash function to be utilized by at least one of: an authenticated encryption operation or an authenticated decryption operation.

公开(公告)号：US20190296898A1

公开(公告)日：2019-09-26

申请号：US16311148

申请日：2017-06-23

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Elke De Mulder

IPC: H04L9/08 ,  H04L9/06

Abstract: Systems and methods for performing cryptographic data processing operations employing non-linear share encoding for protecting from external monitoring attacks. An example method may comprise: receiving a plurality of shares representing a secret value employed in a cryptographic operation, wherein plurality of shares comprises a first share represented by an un-encoded form and a second share represented by an encoded form; producing a transformed form of the second share; and performing the cryptographic operation using the transformed form of the second share.

公开(公告)号：US10855443B2

公开(公告)日：2020-12-01

申请号：US15646614

申请日：2017-07-11

Applicant: Cryptography Research, Inc.

Inventor： Elena Trichina ,  Guilherme Ozari de Almeida ,  Elke De Mulder

IPC: H04L9/06 ,  H04L9/32 ,  G09C1/00

Abstract: Systems and methods for protecting from external monitoring attacks cryptographic data processing operations involving computation of a universal polynomial hash function, such as GHASH function. An example method may comprise: receiving an input data block, an iteration result value, and a mask value; performing a non-linear operation to produce a masked result value, wherein a first operand of the non-linear operation is represented by a combination of the iteration result value and the input data block, and the second operand of the non-linear operation is represented by a secret hash value, and wherein one of the first operand or the second operand is masked using a mask value; determining, based on the mask value, a mask correction value; and producing a new iteration result value by applying the mask correction value to the masked result value.

公开(公告)号：US10789358B2

公开(公告)日：2020-09-29

申请号：US16061409

申请日：2016-10-12

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Sami Saab ,  Elke De Mulder ,  Pankaj Rohatgi ,  Craig E Hampel ,  Jeremy Cooper ,  Winthrop Wu

IPC: G06F21/55 ,  G06F21/62

Abstract: Embodiments herein facilitate resisting side channel attacks through various implementations and combinations of implementations. In embodiments, this is accomplished by preventing sensitive data from consecutively following other data through potentially vulnerable resources which otherwise may cause data to leak. Where such vulnerabilities to attacks are known, suspected, or as a proactive precaution, a cleaner can be used to inhibit the sensitive data from passing through the vulnerable areas consecutively and thus inhibit the leakage. Embodiments also envision utilizing certain types of circuits to assist in preventing leakage. By using such circuits one can reduce or even potentially eliminate the requirement for cleaners as mentioned previously.

公开(公告)号：US12261935B2

公开(公告)日：2025-03-25

申请号：US17105247

申请日：2020-11-25

Applicant: Cryptography Research, Inc.

Inventor： Elena Trichina ,  Guilherme Ozari de Almeida ,  Elke De Mulder

IPC: H04L9/06 ,  G09C1/00 ,  H04L9/32

Abstract: Systems and methods for protecting from external monitoring attacks cryptographic data processing operations involving computation of a universal polynomial hash function, such as GHASH function. An example method may comprise: receiving an input data block, an iteration result value, and a mask value; performing a non-linear operation to produce a masked result value, wherein a first operand of the non-linear operation is represented by a combination of the iteration result value and the input data block, and the second operand of the non-linear operation is represented by a secret hash value, and wherein one of the first operand or the second operand is masked using a mask value; determining, based on the mask value, a mask correction value; and producing a new iteration result value by applying the mask correction value to the masked result value.

公开(公告)号：US11101981B2

公开(公告)日：2021-08-24

申请号：US16444758

申请日：2019-06-18

Applicant: Cryptography Research, Inc.

Inventor： Pankaj Rohatgi ,  Elke De Mulder ,  Michael Hutter

IPC: H04L29/06 ,  G06F21/00 ,  H04L9/06 ,  H04L9/08 ,  H04L9/00

Abstract: Share values for use in a cryptographic operation may be received and the cryptographic operation may be performed based on the share values. A pseudorandom number that is to be used by the cryptographic operation may be identified and the pseudorandom number may be generated based on a portion of the share values that are used in the cryptographic operation. The cryptographic operation may then be performed based on the generated pseudorandom number.

公开(公告)号：US20210026956A1

公开(公告)日：2021-01-28

申请号：US17033568

申请日：2020-09-25

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Sami Saab ,  Elke De Mulder ,  Pankaj Rohatgi ,  Craig E. Hampel ,  Jeremy Cooper ,  Winthrop Wu

IPC: G06F21/55 ,  G06F21/62

Abstract: Embodiments herein facilitate resisting side channel attacks through various implementations and combinations of implementations. In embodiments, this is accomplished by preventing sensitive data from consecutively following other data through potentially vulnerable resources which otherwise may cause data to leak. Where such vulnerabilities to attacks are known, suspected, or as a proactive precaution, a cleaner can be used to inhibit the sensitive data from passing through the vulnerable areas consecutively and thus inhibit the leakage. Embodiments also envision utilizing certain types of circuits to assist in preventing leakage. By using such circuits one can reduce or even potentially eliminate the requirement for cleaners as mentioned previously.

公开(公告)号：US10333699B1

公开(公告)日：2019-06-25

申请号：US15206136

申请日：2016-07-08

Applicant: Cryptography Research, Inc.

Inventor： Pankaj Rohatgi ,  Elke De Mulder ,  Michael Hutter

IPC: H04L29/06 ,  G06F21/00 ,  H04L9/06 ,  H04L9/08

Abstract: Share values for use in a cryptographic operation may be received and the cryptographic operation may be performed based on the share values. A pseudorandom number that is to be used by the cryptographic operation may be identified and the pseudorandom number may be generated based on a portion of the share values that are used in the cryptographic operation. The cryptographic operation may then be performed based on the generated pseudorandom number.

公开(公告)号：US12229322B2

公开(公告)日：2025-02-18

申请号：US17169074

申请日：2021-02-05

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Guilherme Ozari de Almeida ,  Elena Trichina ,  Elke De Mulder

IPC: H04L9/06 ,  G06F7/72 ,  G06F21/60 ,  G06F21/72

Abstract: Systems and methods for protecting from external monitoring attacks cryptographic data processing operations involving universal polynomial hash functions computation. An example method may comprise: receiving an input data block and an iteration result value; performing a first field multiplication operation to produce a new iteration result value, by iteratively processing, starting from a first bit position, bits of a combination of the input data block and the iteration result value, wherein the first bit position is represented by one of: a least-significant bit and a most-significant bit; performing a second field multiplication operation to produce a new mask correction value, by iteratively processing operand bits starting from a second bit position, wherein the second bit position is represented by one of: a least-significant bit and a most-significant bit, and wherein the second bit position is different from the first bit position; applying the new mask correction value to the new iteration result value; and producing, based on the new iteration result value, a value of a cryptographic hash function to be utilized by at least one of: an authenticated encryption operation or an authenticated decryption operation.