公开(公告)号：US20190319800A1

公开(公告)日：2019-10-17

申请号：US16455967

申请日：2019-06-28

Applicant: Intel Corporation

Inventor： RAFAEL MISOCZKI ,  VIKRAM SURESH ,  DAVID WHEELER ,  SANTOSH GHOSH ,  MANOJJ SASTRY

IPC: H04L9/32 ,  H04L9/06

Abstract: In one example an apparatus comprises accelerator logic to pre-compute at least a portion of a message representative, hash logic to generate the message representative based on an input message, and signature logic to generate a signature to be transmitted in association with the message representative, the signature logic to apply a hash-based signature scheme to a private key to generate the signature comprising a public key, and determine whether the message representative satisfies a target threshold allocation of computational costs between a cost to generate the signature and a cost to verify the signature. Other examples may be described.

公开(公告)号：US20230017447A1

公开(公告)日：2023-01-19

申请号：US17934682

申请日：2022-09-23

Applicant: Intel Corporation

Inventor： SANU MATHEW ,  MANOJ SASTRY ,  SANTOSH GHOSH ,  VIKRAM SURESH ,  ANDREW H. REINDERS ,  RAGHAVAN KUMAR ,  RAFAEL MISOCZKI

IPC: H04L9/32 ,  G06F21/76 ,  H04L9/08

Abstract: A mechanism is described for facilitating unified accelerator for classical and post-quantum digital signature schemes in computing environments, according to one embodiment. A method of embodiments, as described herein, includes unifying classical cryptography and post-quantum cryptography through a unified hardware accelerator hosted by a trusted platform of the computing device. The method may further include facilitating unification of a first finite state machine associated with the classical cryptography and a second finite state machine associated with the post-quantum cryptography though one or more of a single the hash engine, a set of register file banks, and a modular exponentiation engine.

公开(公告)号：US20190319797A1

公开(公告)日：2019-10-17

申请号：US16455908

申请日：2019-06-28

Applicant: Intel Corporation

Inventor： VIKRAM SURESH ,  SANU MATHEW ,  MANOJ SASTRY ,  SANTOSH GHOSH ,  RAGHAVAN KUMAR ,  RAFAEL MISOCZKI

IPC: H04L9/32 ,  H04L9/08

Abstract: In one example an apparatus comprises a computer readable memory, hash logic to generate a message hash value based on an input message, signature logic to generate a signature to be transmitted in association with the message, the signature logic to apply a hash-based signature scheme to a private key to generate the signature comprising a public key, and accelerator logic to pre-compute at least one set of inputs to the signature logic. Other examples may be described.

公开(公告)号：US20220337421A1

公开(公告)日：2022-10-20

申请号：US17854911

申请日：2022-06-30

Applicant: Intel Corporation

Inventor： SANTOSH GHOSH ,  VIKRAM SURESH ,  SANU MATHEW ,  MANOJ SASTRY ,  ANDREW H. REINDERS ,  RAGHAVAN KUMAR ,  RAFAEL MISOCZKI

IPC: H04L9/32 ,  H04L9/08 ,  H04L9/06 ,  H04L9/30

Abstract: In one example an apparatus comprises a computer readable memory, an XMSS verification manager logic to manage XMSS verification functions, a one-time signature and public key generator logic, a chain function logic to implement chain function algorithms, a low latency SHA3 hardware engine, and a register bank communicatively coupled to the XMSS verification manager logic. Other examples may be described.

公开(公告)号：US20220086010A1

公开(公告)日：2022-03-17

申请号：US17534158

申请日：2021-11-23

Applicant: Intel Corporation

Inventor： VIKRAM SURESH ,  SANU MATHEW ,  MANOJ SASTRY ,  SANTOSH GHOSH ,  RAGHAVAN KUMAR ,  RAFAEL MISOCZKI

IPC: H04L9/32 ,  H04L9/06 ,  G06F9/38 ,  H04L9/08

Abstract: In one example an apparatus comprises a computer readable memory, a signature logic to generate a signature to be transmitted in association with a message, the signature logic to apply a hash-based signature scheme to the message using a private key to generate the signature comprising a public key, or a verification logic to verify a signature received in association with the message, the verification logic to apply the hash-based signature scheme to verify the signature using the public key, and an accelerator logic to apply a structured order to at least one set of inputs to the hash-based signature scheme. Other examples may be described.

公开(公告)号：US20220224514A1

公开(公告)日：2022-07-14

申请号：US17707629

申请日：2022-03-29

Applicant: Intel Corporation

Inventor： SANTOSH GHOSH ,  VIKRAM SURESH ,  SANU MATHEW ,  MANOJ SASTRY ,  ANDREW H. REINDERS ,  RAGHAVAN KUMAR ,  RAFAEL MISOCZKI

IPC: H04L9/06 ,  G06F7/503 ,  G06F9/30 ,  H04L9/32

Abstract: In one example an apparatus comprises a computer readable memory, an XMSS operations logic to manage XMSS functions, a chain function controller to manage chain function algorithms, a secure hash algorithm-2 (SHA2) accelerator, a secure hash algorithm-3 (SHA3) accelerator, and a register bank shared between the SHA2 accelerator and the SHA3 accelerator. Other examples may be described.

公开(公告)号：US20190319802A1

公开(公告)日：2019-10-17

申请号：US16456004

申请日：2019-06-28

Applicant: Intel Corporation

Inventor： RAFAEL MISOCZKI ,  Santosh Ghosh ,  Manoj Sastry ,  David Wheeler

IPC: H04L9/32 ,  H04L9/06 ,  H04L9/00

Abstract: In one example an apparatus comprises a computer readable memory to store a public key associated with a signing device, communication logic to receive, from the signing device, a signature chunk which is a component of a signature generated by a hash-based signature algorithm, and at least a first intermediate node value associated with the signature chunk, verification logic to execute a first hash chain beginning with the signature chunk to produce at least a first computed intermediate node value, execute a second hash chain beginning with the at least one intermediate node value associated with the signature chunk to produce a first computed final node value, and use the first computed intermediate node value and the first computed final computed node value to validate the signature generated by the hash-based signature algorithm. Other examples may be described.

公开(公告)号：US20190319801A1

公开(公告)日：2019-10-17

申请号：US16455978

申请日：2019-06-28

Applicant: Intel Corporation

Inventor： MANOJ SASTRY ,  RAFAEL MISOCZKI

IPC: H04L9/32 ,  H04L9/06 ,  H04L9/08

Abstract: In one example an apparatus comprises a computer readable memory; and a signature module to generate a set of cryptographic keys for attestation of group member devices and a set of leaf nodes in a sub-tree of a Merkle tree corresponding to the set of cryptographic keys, forward the set of leaf nodes to a group manager device, receive, from the group manager device, a subset of intermediate nodes in the Merkle tree, the intermediate nodes being common to all available authentications paths through the Merkel tree for signatures originating in the sub-tree, and determine a cryptographic key that defines an authentication path through the Merkle tree, the authentication path comprising one or more nodes from the set of leaf nodes and one or more nodes from the intermediate nodes received from the group manager device. Other examples may be described.

公开(公告)号：US20220239498A1

公开(公告)日：2022-07-28

申请号：US17721656

申请日：2022-04-15

Applicant: Intel Corporation

Inventor： MANOJ SASTRY ,  RAFAEL MISOCZKI

IPC: H04L9/32 ,  H04L9/06 ,  H04L9/08

Abstract: In one example an apparatus comprises a computer readable memory; and a signature module to generate a set of cryptographic keys for attestation of group member devices and a set of leaf nodes in a sub-tree of a Merkle tree corresponding to the set of cryptographic keys, forward the set of leaf nodes to a group manager device, receive, from the group manager device, a subset of intermediate nodes in the Merkle tree, the intermediate nodes being common to all available authentications paths through the Merkel tree for signatures originating in the sub-tree, and determine a cryptographic key that defines an authentication path through the Merkle tree, the authentication path comprising one or more nodes from the set of leaf nodes and one or more nodes from the intermediate nodes received from the group manager device. Other examples may be described.

公开(公告)号：US20220078024A1

公开(公告)日：2022-03-10

申请号：US17014600

申请日：2020-09-08

Applicant: Intel Corporation

Inventor： RAFAEL MISOCZKI ,  Andrew H. Reinders ,  Santosh Ghosh ,  Manoj Sastry

IPC: H04L9/32 ,  H04L9/30 ,  H04L9/06 ,  H04L9/14 ,  H04L9/08 ,  G06N10/00

Abstract: An apparatus comprises a plurality of hardware security modules, at least a first hardware security module in the plurality of hardware security modules comprising processing circuitry to generate a first plurality of pairs of cryptographic key pairs comprising a first plurality of private keys and a first plurality of public keys, forward the first plurality of public keys to a remote computing device, receive, from the remote computing device, a first plurality of ciphertexts, wherein each ciphertext in the plurality of ciphertexts represents an encryption of a cryptographic seed with a public key selected from the plurality of public keys, receive, from a subset of hardware security modules in the plurality of hardware security modules, a subset of private keys.