公开(公告)号：US20240220640A1

公开(公告)日：2024-07-04

申请号：US18148638

申请日：2022-12-30

申请人： Intel Corporation

发明人： Daniël Kuijsters ,  Christoph Dobraunig ,  Santosh Ghosh

IPC分类号： G06F21/60 ,  G06F21/54 ,  G06F21/55

CPC分类号： G06F21/602 ,  G06F21/54 ,  G06F21/554

摘要： In one example an apparatus comprises a first input node to receive a first input bit, an encryption circuit to split the first input bit into a first share and a second share, and perform an encryption function on the first input share and the second input share to generate a first output share and a second output share, an error tag generator circuit to calculate a first error tag from the first input share and the second input share, and calculate a second error tag from the first output share and the second output share, an error detection circuit to generate an error signal when the first error tag does not match the second error tag.

公开(公告)号：US11985226B2

公开(公告)日：2024-05-14

申请号：US17133183

申请日：2020-12-23

申请人： Intel Corporation

发明人： Santosh Ghosh ,  Marcio Juliato ,  Manoj Sastry

IPC分类号： H04L9/06 ,  H03M13/15 ,  H04L9/00

CPC分类号： H04L9/0643 ,  H03M13/151 ,  H04L9/002

摘要： An apparatus comprises an input register comprising a state register and a parity field, a first round secure hash algorithm (SHA) datapath communicatively coupled to the state register, comprising a first section to perform a θ step of a SHA calculation, a second section to perform a ρ step and a ρ step of the SHA calculation, a third section to perform a χ step of the SHA calculation and a fourth section to perform a τ step of the SHA calculation.

公开(公告)号：US11954045B2

公开(公告)日：2024-04-09

申请号：US17485213

申请日：2021-09-24

申请人： Intel Corporation

发明人： David M. Durham ,  Michael LeMay ,  Santosh Ghosh ,  Sergej Deutsch

IPC分类号： G06F12/14 ,  G06F12/0802 ,  G06F21/55 ,  G06F21/56 ,  G06F21/79

CPC分类号： G06F12/1408 ,  G06F12/0802 ,  G06F21/554 ,  G06F2212/466

摘要： Technologies disclosed herein provide one example of a system that includes processor circuitry and integrity circuitry. The processor circuitry is to receive a first request associated with an application to perform a memory access operation for an address range in a memory allocation of memory circuitry. The integrity circuitry is to determine a location of a metadata region within a cacheline that includes at least some of the address range, identify a first portion of the cacheline based at least in part on a first data bounds value stored in the metadata region, generate a first integrity value based on the first portion of the cacheline, and prevent the memory access operation in response to determining that the first integrity value does not correspond to a second integrity value stored in the metadata region.

公开(公告)号：US11909857B2

公开(公告)日：2024-02-20

申请号：US16724732

申请日：2019-12-23

申请人： Intel Corporation

发明人： Santosh Ghosh ,  Marcio Juliato ,  Rafael Misoczki ,  Manoj Sastry ,  Liuyang Yang ,  Shabbir Ahmed ,  Christopher Gutierrez ,  Xiruo Liu

IPC分类号： H04L9/06 ,  H04L9/32 ,  H04W4/40

CPC分类号： H04L9/0631 ,  H04L9/0637 ,  H04L9/3242 ,  H04W4/40 ,  H04L2209/26 ,  H04L2209/601

摘要： Systems, apparatus, methods, and techniques for functional safe execution of encryption operations are provided. A fault tolerant counter and a complementary pair of encryption flows are provided. The fault tolerant counter may be based on a gray code counter and a hamming distance checker. The complementary pair of encryption flows have different implementations. The output from the complementary pair of encryption flows can be compared, and where different, errors generated.

公开(公告)号：US11792005B2

公开(公告)日：2023-10-17

申请号：US17699830

申请日：2022-03-21

申请人： Intel Corporation

发明人： Santosh Ghosh ,  Andrew H. Reinders ,  Manoj Sastry

IPC分类号： H04L9/40 ,  H04L9/30

CPC分类号： H04L9/3093 ,  H04L2209/12

摘要： A method comprises fetching, by fetch circuitry, an encoded butterfly instruction comprising an opcode, a first source identifier, a second source identifier, a third source identifier, and two destination identifiers, decoding, by decode circuitry, the decoded butterfly instruction to generate a decoded butterfly instruction, and executing, by execution circuitry, the decoded butterfly instruction to retrieve operands representing a first input polynomial-coefficient from the first source, a second input polynomial-coefficient from the second source, and a primitive nth root of unity from the third source, perform, in an atomic fashion, a butterfly operation to generate a first output polynomial-coefficient and a second output polynomial-coefficient, and store the first output coefficient and the second output coefficient in a register file accessible to the execution circuitry.

公开(公告)号：US20230091951A1

公开(公告)日：2023-03-23

申请号：US17478579

申请日：2021-09-17

申请人： Intel Corporation

发明人： Santosh Ghosh ,  Manoj Sastry

IPC分类号： H04L9/30 ,  H04L9/08 ,  G06F7/53 ,  G06F7/487

摘要： Polynomial multiplication for side-channel protection in cryptography is described. An example of a apparatus includes one or more processors to process data; a memory to store data; and polynomial multiplier circuitry to multiply a first polynomial by a second polynomial, the first polynomial and the second polynomial each including a plurality of coefficients, the polynomial multiplier circuitry including a set of multiplier circuitry, wherein the polynomial multiplier circuitry is to select a first coefficient of the first polynomial for processing, and multiply the first coefficient of the first polynomial by all of the plurality of coefficients of the second polynomial in parallel using the set of multiplier circuits.

公开(公告)号：US11575504B2

公开(公告)日：2023-02-07

申请号：US16776467

申请日：2020-01-29

申请人： Intel Corporation

发明人： David M. Durham ,  Michael LeMay ,  Michael E. Kounavis ,  Santosh Ghosh ,  Sergej Deutsch ,  Anant Vithal Nori ,  Jayesh Gaur ,  Sreenivas Subramoney ,  Karanvir S. Grewal

IPC分类号： H04L9/06 ,  G06F9/30 ,  G06F12/1027

摘要： A processor comprises a first register to store an encoded pointer to a memory location. First context information is stored in first bits of the encoded pointer and a slice of a linear address of the memory location is stored in second bits of the encoded pointer. The processor also includes circuitry to execute a memory access instruction to obtain a physical address of the memory location, access encrypted data at the memory location, derive a first tweak based at least in part on the encoded pointer, and generate a keystream based on the first tweak and a key. The circuitry is to further execute the memory access instruction to store state information associated with memory access instruction in a first buffer, and to decrypt the encrypted data based on the keystream. The keystream is to be generated at least partly in parallel with accessing the encrypted data.

公开(公告)号：US11569994B2

公开(公告)日：2023-01-31

申请号：US17356972

申请日：2021-06-24

申请人： Intel Corporation

发明人： Santosh Ghosh ,  Andrew Reinders ,  Manoj Sastry

IPC分类号： H04L9/30 ,  H04L9/06 ,  H04L9/14

摘要： An accelerator includes polynomial multiplier circuitry including at least one modulus multiplier operating according to a mode. The at least one modulus multiplier include a multiplier to multiply two polynomial coefficients to generate a multiplication result, a power of two reducer to reduce the multiplication result to a reduced multiplication result when the mode is a power of two mode, and a prime modulus reducer to reduce the multiplication result to the reduced multiplication result when the mode is a prime modulus mode.

公开(公告)号：US11533170B2

公开(公告)日：2022-12-20

申请号：US16368800

申请日：2019-03-28

申请人： Intel Corporation

发明人： Reouven Elbaz ,  Hooi Kar Loo ,  Poh Thiam Teoh ,  Su Wei Lim ,  Patrick D. Maloney ,  Santosh Ghosh

IPC分类号： H04L9/08 ,  G06F13/42 ,  H04L9/06 ,  H04L9/12 ,  H04L9/14

摘要： Methods, systems, and apparatuses associated with hardware mechanisms for link encryption are disclosed. In various embodiments, an interconnect interface is coupled to a processor core to interconnect a peripheral device to the processor core via a link established between the peripheral device and the interconnect interface. The interconnect interface is to select a cryptographic engine of a plurality of cryptographic engines instantiated in the interconnect interface for the link. The cryptographic engine is to symmetrically encrypt data to be transmitted through the link. In more specific embodiments, each of the plurality of cryptographic engines is instantiated for one of a request type on the link, a virtual channel on the link, or a request type within a virtual channel on the link.

公开(公告)号：US11516008B2

公开(公告)日：2022-11-29

申请号：US17133304

申请日：2020-12-23

申请人： Intel Corporation

发明人： Santosh Ghosh ,  Marcio Juliato ,  Manoj Sastry

IPC分类号： H04L9/08 ,  H04L9/06

摘要： A method comprises receiving an image of an update for a software module, a rate parameter, an index parameter, and a public key, generating a 32-byte aligned string, computing a state parameter using the 32-byte aligned string, generating a modified message representative, computing a Merkle Tree root node, and in response to a determination that the Merkle Tree root node matches the public key, forwarding, to a remote device, the image of the update for a software module, the state parameter; and the modified message representative.