公开(公告)号：US10482275B2

公开(公告)日：2019-11-19

申请号：US15111972

申请日：2015-01-27

Applicant: Cryptography Research, Inc.

Inventor： Craig E. Hampel ,  Jean-Michel Cioranesco ,  Rodrigo Portella do Canto ,  Guilherme Ozari de Almeida

IPC: G06F21/62 ,  G06F21/44 ,  G06F21/57 ,  G06F21/85 ,  H04L29/06 ,  G06F21/75

Abstract: Systems and methods for implementing access control by systems-on-chip (SoCs). An example SoC may comprise: an access control unit comprising a secure memory for storing access control data, the access control unit to: receive a message comprising an access control data item; store the access control data item in the secure memory; perform at least one of: authenticating the message using a message digest function, or validating contents of the secure memory by comparing a stored reference value with a calculated value of a message digest function of the contents of the secure memory; and control, in view of the access control data item, access by an initiator device to a target device.

公开(公告)号：US10461925B2

公开(公告)日：2019-10-29

申请号：US15673284

申请日：2017-08-09

Applicant: Cryptography Research, Inc.

Inventor： Matthew Pond Baker ,  Elena Trichina ,  Jean-Michel Cioranesco ,  Michael Hutter

IPC: H04L9/06 ,  G06F21/60 ,  H04L9/00 ,  G06F21/55 ,  G06F21/75

Abstract: An integrated circuit may implement a masked substitution box that includes a counter that generates counter values. An input mask component may generate unmasked input values based on a combination of respective counter values and an input mask value. Furthermore, a substitution function component may receive the unmasked input values and may generate output values based on respective unmasked input values and a substitution function. An output mask component may generate masked output values based on a combination of respective output values and an output mask value. The masked output values may be stored at memory elements.

公开(公告)号：US20160028728A1

公开(公告)日：2016-01-28

申请号：US14811473

申请日：2015-07-28

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Craig E. Hampel ,  Jean-Michel Cioranesco ,  Rodrigo Portella do Canto ,  Guilherme Ozari de Almeida ,  Christopher Gori

IPC: H04L29/06 ,  G06F12/14

CPC classification number: H04L63/0876 ,  G06F12/1408 ,  G06F21/6209 ,  G06F21/71 ,  G06F2212/1052 ,  G06F2221/2105 ,  G06F2221/2141 ,  G06F2221/2145 ,  H04L9/3234 ,  H04L9/3242 ,  H04L9/3247 ,  H04L63/10

Abstract: Systems and methods for implementing access control by systems-on-chip (SoCs). An example SoC may comprise an access control unit employed to: receive a message comprising an access control data item; validate the message using a value of a message digest function of contents of the message and a value of a state variable reflecting a state of communications between the access control unit and a programming agent that has initiated the message, wherein the value of the state variable is derived from a previous value of the message digest function calculated within a current communication session between the access control unit and the programming agent; update the state variable using the value of the message digest function of the contents of the message; and control, using the access control data item, access by an initiator device to a target device.

Abstract translation: 通过片上系统（SoC）实现访问控制的系统和方法。 示例SoC可以包括访问控制单元，其用于：接收包括访问控制数据项的消息; 使用所述消息的内容的消息摘要功能的值和反映所述访问控制单元与已经发起所述消息的编程代理之间的通信状态的状态变量的值来验证所述消息，其中，所述状态变量的值 从在访问控制单元和编程代理之间的当前通信会话中计算的消息摘要功能的先前值导出; 使用消息内容的消息摘要功能的值更新状态变量; 并且使用访问控制数据项来控制由发起者设备到目标设备的访问。

公开(公告)号：US11018849B2

公开(公告)日：2021-05-25

申请号：US16666017

申请日：2019-10-28

Applicant: Cryptography Research, Inc.

Inventor： Matthew Pond Baker ,  Elena Trichina ,  Jean-Michel Cioranesco ,  Michael Hutter

IPC: H04L9/06 ,  G06F21/55 ,  G06F21/75 ,  G06F21/60 ,  H04L9/00

Abstract: An integrated circuit may implement a masked substitution box that includes substitution function components, a decoder, and a logic component. Each of the substitution function components may receive a same input value and a different mask value and may generate a respective output mask value based on the same input value and respective different mask value The decoder may receive an input mask value and generate a decoded output value that is based on the received input mask value. The logic component may select one of the output mask values from one of the substitution function components based on the decoded output value.

公开(公告)号：US20180062830A1

公开(公告)日：2018-03-01

申请号：US15673284

申请日：2017-08-09

Applicant: Cryptography Research, Inc.

Inventor： Matthew Pond Baker ,  Elena Trichina ,  Jean-Michel Cioranesco ,  Michael Hutter

IPC: H04L9/06 ,  G06F21/60 ,  H04L9/00

CPC classification number: H04L9/0631 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  H04L9/003 ,  H04L9/0618 ,  H04L2209/12

Abstract: An integrated circuit may implement a masked substitution box that includes a counter that generates counter values. An input mask component may generate unmasked input values based on a combination of respective counter values and an input mask value. Furthermore, a substitution function component may receive the unmasked input values and may generate output values based on respective unmasked input values and a substitution function. An output mask component may generate masked output values based on a combination of respective output values and an output mask value. The masked output values may be stored at memory elements.

公开(公告)号：US09853974B2

公开(公告)日：2017-12-26

申请号：US14811473

申请日：2015-07-28

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Craig E. Hampel ,  Jean-Michel Cioranesco ,  Rodrigo Portella do Canto ,  Guilherme Ozari de Almeida ,  Christopher Gori

IPC: H04L29/06 ,  G06F12/14

CPC classification number: H04L63/0876 ,  G06F12/1408 ,  G06F21/6209 ,  G06F21/71 ,  G06F2212/1052 ,  G06F2221/2105 ,  G06F2221/2141 ,  G06F2221/2145 ,  H04L9/3234 ,  H04L9/3242 ,  H04L9/3247 ,  H04L63/10

Abstract: Systems and methods for implementing access control by systems-on-chip (SoCs). An example SoC may comprise an access control unit employed to: receive a message comprising an access control data item; validate the message using a value of a message digest function of contents of the message and a value of a state variable reflecting a state of communications between the access control unit and a programming agent that has initiated the message, wherein the value of the state variable is derived from a previous value of the message digest function calculated within a current communication session between the access control unit and the programming agent; update the state variable using the value of the message digest function of the contents of the message; and control, using the access control data item, access by an initiator device to a target device.

公开(公告)号：US11200348B2

公开(公告)日：2021-12-14

申请号：US16663072

申请日：2019-10-24

Applicant: Cryptography Research, Inc

Inventor： Roberto Rivoir ,  Elke De Mulder ,  Jean-Michel Cioranesco

IPC: G06F21/75

Abstract: A side-channel attack resistant circuit topology for performing logic functions. This topology includes combinatorial logic to perform the at least one logic function. A logic input selector alternately supplies, in response to a first timing reference signal, an input to the combinatorial logic with noise generating input values and valid input values. A first latch input selector alternately supplies, in response to the first timing reference signal, a first memory element input with noise generating input values and valid logic output values. The valid logic output values are received from the combinatorial logic. A first memory element latches the valid logic output values in response to a second timing reference signal.

公开(公告)号：US10771235B2

公开(公告)日：2020-09-08

申请号：US15682881

申请日：2017-08-22

Applicant: Cryptography Research, Inc.

Inventor： Jean-Michel Cioranesco ,  Elena Trichina ,  Elke De Mulder ,  Matthew Pond Baker

IPC: H04L9/00 ,  H04L9/14 ,  H04L9/06

Abstract: Systems and methods for protecting block cipher computation operations, from external monitoring attacks. An example apparatus for implementing a block cipher may comprise: a first register configured to store a first pre-computed mask value represented by a combination of a first random value and a second random value; a second register configured to store an output mask value, wherein the output mask value is an inverse permutation function of the first random value; a third register configured to store a second pre-computed mask value represented by a combination the first pre-computed mask value and a permutation function of the output mask value; a fourth register configured to store an input mask value, wherein the input mask value is a combination of an expansion function of the first random value and a key mask value; a non-linear transformation circuit configured to apply the expansion function to a masked round state, perform a non-linear transformation of a combination of a masked key with an output of the expansion function, and apply the permutation function to the output of the non-linear transformation, wherein the non-linear transformation is defined using the input mask value stored in the fourth register and the output mask value stored in the second register; and two round feedback circuits configured to swap the masked round state produced by the non-linear transformation and combine the masked round state with the first pre-computed mask value stored in the first register and the second pre-computed mask value stored in the third register.

公开(公告)号：US20160350549A1

公开(公告)日：2016-12-01

申请号：US15111972

申请日：2015-01-27

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Craig E. Hampel ,  Jean-Michel Cioranesco ,  Rodrigo Portella do Canto ,  Guilherme Ozari de Almeida

IPC: G06F21/62 ,  H04L29/06

CPC classification number: G06F21/6218 ,  G06F21/44 ,  G06F21/57 ,  G06F21/755 ,  G06F21/85 ,  H04L63/0227 ,  H04L63/06 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/101 ,  H04L63/123

Abstract: Systems and methods for implementing access control by systems-on-chip (SoCs). An example SoC may comprise: an access control unit comprising a secure memory for storing access control data, the access control unit to: receive a message comprising an access control data item; store the access control data item in the secure memory; perform at least one of: authenticating the message using a message digest function, or validating contents of the secure memory by comparing a stored reference value with a calculated value of a message digest function of the contents of the secure memory; and control, in view of the access control data item, access by an initiator device to a target device.

Abstract translation: 通过片上系统（SoC）实现访问控制的系统和方法。 示例SoC可以包括：访问控制单元，包括用于存储访问控制数据的安全存储器，所述访问控制单元用于：接收包括访问控制数据项的消息; 将访问控制数据项存储在安全存储器中; 执行以下至少之一：使用消息摘要功能认证所述消息，或者通过将所存储的参考值与所述安全存储器的内容的消息摘要功能的计算值进行比较来验证所述安全存储器的内容; 并且鉴于访问控制数据项，控制启动器设备到目标设备的访问。

公开(公告)号：US11743028B2

公开(公告)日：2023-08-29

申请号：US17009361

申请日：2020-09-01

Applicant: Cryptography Research, Inc.

Inventor： Jean-Michel Cioranesco ,  Elena Trichina ,  Elke De Mulder ,  Matthew Pond Baker

IPC: H04L9/00 ,  H04L9/14 ,  H04L9/06

CPC classification number: H04L9/002 ,  H04L9/0618 ,  H04L9/14 ,  H04L2209/12 ,  H04L2209/16

Abstract: Systems and methods for protecting block cipher computation operations, from external monitoring attacks. An example apparatus for implementing a block cipher may comprise: a first register configured to store a first pre-computed mask value represented by a combination of a first random value and a second random value; a second register configured to store an output mask value, wherein the output mask value is an inverse permutation function of the first random value; a third register configured to store a second pre-computed mask value represented by a combination the first pre-computed mask value and a permutation function of the output mask value; a fourth register configured to store an input mask value, wherein the input mask value is a combination of an expansion function of the first random value and a key mask value; a non-linear transformation circuit configured to apply the expansion function to a masked round state, perform a non-linear transformation of a combination of a masked key with an output of the expansion function, and apply the permutation function to the output of the non-linear transformation, wherein the non-linear transformation is defined using the input mask value stored in the fourth register and the output mask value stored in the second register; and two round feedback circuits configured to swap the masked round state produced by the non-linear transformation and combine the masked round state with the first pre-computed mask value stored in the first register and the second pre-computed mask value stored in the third register.