公开(公告)号：US09092645B2

公开(公告)日：2015-07-28

申请号：US13994782

申请日：2011-12-05

申请人： Erdinc Ozturk ,  Vinodh Gopal ,  Gilbert M. Wolrich ,  Wajdi K. Feghali ,  James D. Guilford ,  Deniz Karakoyunlu ,  Martin G. Dixon ,  Kahraman D. Akdemir

发明人： Erdinc Ozturk ,  Vinodh Gopal ,  Gilbert M. Wolrich ,  Wajdi K. Feghali ,  James D. Guilford ,  Deniz Karakoyunlu ,  Martin G. Dixon ,  Kahraman D. Akdemir

IPC分类号： H04L29/00 ,  G06F21/71 ,  H04L9/30

CPC分类号： G06F21/71 ,  G06F7/723 ,  H04L9/3006 ,  H04L2209/12

摘要： In one embodiment, the present disclosure provides a method that includes segmenting an n-bit exponent e into a first segment et and a number t of k-bit segments ei in response to a request to determine a modular exponentiation result R, wherein R is a modular exponentiation of a generator base g for the exponent e and a q-bit modulus m, wherein the generator base g equals two and k is based at least in part on a processor configured to determine the result R; iteratively determining a respective intermediate modular exponentiation result for each segment ei, wherein the determining comprises multiplication, exponentiation and a modular reduction of at least one of a multiplication result and an exponentiation result; and generating the modular exponentiation result R=ge mod m based on, at least in part, at least one respective intermediate modular exponentiation result.

摘要翻译： 在一个实施例中，本公开提供了一种方法，其包括响应于确定模幂运算结果R的请求，将n位指数e分割成第一段et和数目t的k比特段ei，其中R是 指数e的发生器基数g和q位模数m的模幂运算，其中发生器基g等于2，并且k至少部分地基于被配置为确定结果R的处理器; 迭代地确定每个段ei的相应的中间模幂运算结果，其中所述确定包括相乘结果和求幂结果中的至少一个的乘法，乘法和模块化减少; 并且至少部分地基于至少一个相应的中间模幂运算结果来产生模幂运算结果R = ge mod m。

公开(公告)号：US20150082047A1

公开(公告)日：2015-03-19

申请号：US13994782

申请日：2011-12-05

申请人： Vinodh Gopal ,  Gilbert M. Wolrich ,  Wajdi K. Feghali ,  James D. Guilford ,  Deniz Karakoyunlu ,  Martin G. Dixon ,  Kahraman D. Akdemir

发明人： Erdinc Ozturk ,  Vinodh Gopal ,  Gilbert M. Wolrich ,  Wajdi K. Feghali ,  James D. Guilford ,  Deniz Karakoyunlu ,  Martin G. Dixon ,  Kahraman D. Akdemir

IPC分类号： G06F21/71 ,  H04L9/30

CPC分类号： G06F21/71 ,  G06F7/723 ,  H04L9/3006 ,  H04L2209/12

摘要： In one embodiment, the present disclosure provides a method that includes segmenting an n-bit exponent e into a first segment et and a number t of k-bit segments ei in response to a request to determine a modular exponentiation result R, wherein R is a modular exponentiation of a generator base g for the exponent e and a q-bit modulus m, wherein the generator base g equals two and k is based at least in part on a processor configured to determine the result R; iteratively determining a respective intermediate modular exponentiation result for each segment ei, wherein the determining comprises multiplication, exponentiation and a modular reduction of at least one of a multiplication result and an exponentiation result; and generating the modular exponentiation result R=ge mod m based on, at least in part, at least one respective intermediate modular exponentiation result.

摘要翻译： 在一个实施例中，本公开提供了一种方法，其包括响应于确定模幂运算结果R的请求，将n位指数e分割成第一段et和数目t的k比特段ei，其中R是 指数e的发生器基数g和q位模数m的模幂运算，其中发生器基g等于2，并且k至少部分地基于被配置为确定结果R的处理器; 迭代地确定每个段ei的相应的中间模幂运算结果，其中所述确定包括相乘结果和求幂结果中的至少一个的乘法，乘法和模块化减少; 并且至少部分地基于至少一个相应的中间模幂运算结果来产生模幂运算结果R = ge mod m。

公开(公告)号：US08930681B2

公开(公告)日：2015-01-06

申请号：US12963298

申请日：2010-12-08

申请人： James D. Guilford ,  Wajdi K. Feghali ,  Vinodh Gopal ,  Gilbert M. Wolrich ,  Erdinc Ozturk ,  Martin G. Dixon ,  Deniz Karakoyunlu ,  Kahraman D. Akdemir

发明人： James D. Guilford ,  Wajdi K. Feghali ,  Vinodh Gopal ,  Gilbert M. Wolrich ,  Erdinc Ozturk ,  Martin G. Dixon ,  Deniz Karakoyunlu ,  Kahraman D. Akdemir

IPC分类号： G06F9/38 ,  G06F9/30 ,  G06F9/48

CPC分类号： G06F9/3851 ,  G06F9/30109 ,  G06F9/4843

摘要： An embodiment may include circuitry to execute, at least in part, a first list of instructions and/or to concurrently process, at least in part, first and second buffers. The execution of the first list of instructions may result, at least in part, from invocation of a first function call. The first list of instructions may include at least one portion of a second list of instructions interleaved, at least in part, with at least one other portion of a third list of instructions. The portions may be concurrently carried out, at least in part, by one or more sets of execution units of the circuitry. The second and third lists of instructions may implement, at least in part, respective algorithms that are amenable to being invoked by separate respective function calls. The concurrent processing may involve, at least in part, complementary algorithms.

摘要翻译： 实施例可以包括至少部分地执行第一指令列表和/或至少部分地执行第一和第二缓冲器的电路。 第一指令列表的执行可以至少部分地由第一函数调用的调用产生。 第一指令列表可以包括至少部分地与第三指令列表的至少一个其他部分交织的第二指令列表的至少一部分。 这些部分可以至少部分地由电路的一个或多个执行单元同时执行。 第二和第三指令列表可以至少部分地实现适合于通过单独的各自的功能调用来调用的相应算法。 并行处理可以至少部分地涉及互补算法。

公开(公告)号：US20120151183A1

公开(公告)日：2012-06-14

申请号：US12963298

申请日：2010-12-08

申请人： James D. Guilford ,  Wajdi K. Feghali ,  Vinodh Gopal ,  Gilbert M. Wolrich ,  Erdinc Ozturk ,  Martin G. Dixon ,  Deniz Karakoyunlu ,  Kahraman D. Akdemir

发明人： James D. Guilford ,  Wajdi K. Feghali ,  Vinodh Gopal ,  Gilbert M. Wolrich ,  Erdinc Ozturk ,  Martin G. Dixon ,  Deniz Karakoyunlu ,  Kahraman D. Akdemir

IPC分类号： G06F9/38 ,  G06F9/46

CPC分类号： G06F9/3851 ,  G06F9/30109 ,  G06F9/4843

摘要： An embodiment may include circuitry to execute, at least in part, a first list of instructions and/or to concurrently process, at least in part, first and second buffers. The execution of the first list of instructions may result, at least in part, from invocation of a first function call. The first list of instructions may include at least one portion of a second list of instructions interleaved, at least in part, with at least one other portion of a third list of instructions. The portions may be concurrently carried out, at least in part, by one or more sets of execution units of the circuitry. The second and third lists of instructions may implement, at least in part, respective algorithms that are amenable to being invoked by separate respective function calls. The concurrent processing may involve, at least in part, complementary algorithms.

摘要翻译： 实施例可以包括至少部分地执行第一指令列表和/或至少部分地执行第一和第二缓冲器的电路。 第一指令列表的执行可以至少部分地由第一函数调用的调用产生。 第一指令列表可以包括至少部分地与第三指令列表的至少一个其他部分交织的第二指令列表的至少一部分。 这些部分可以至少部分地由电路的一个或多个执行单元同时执行。 第二和第三指令列表可以至少部分地实现适合于通过单独的各自的功能调用来调用的相应算法。 并行处理可以至少部分地涉及互补算法。

公开(公告)号：US09632782B2

公开(公告)日：2017-04-25

申请号：US13976274

申请日：2012-03-30

申请人： Kirk S. Yap ,  Gilbert M. Wolrich ,  James D. Guilford ,  Vinodh Gopal ,  Erdinc Ozturk ,  Sean M. Gulley ,  Wajdi K. Feghali ,  Martin G. Dixon

发明人： Kirk S. Yap ,  Gilbert M. Wolrich ,  James D. Guilford ,  Vinodh Gopal ,  Erdinc Ozturk ,  Sean M. Gulley ,  Wajdi K. Feghali ,  Martin G. Dixon

IPC分类号： G06F9/30 ,  G06F21/60 ,  H04L9/06 ,  H04L9/32

CPC分类号： G06F9/3016 ,  G06F9/30007 ,  G06F9/30036 ,  G06F9/30058 ,  G06F9/30098 ,  G06F9/30145 ,  G06F9/3802 ,  G06F9/384 ,  G06F12/0875 ,  G06F12/0897 ,  G06F12/1027 ,  G06F15/8007 ,  G06F21/602 ,  G06F2212/452 ,  G06F2212/68 ,  H04L9/0643 ,  H04L9/3239 ,  H04L2209/125

摘要： A processor includes an instruction decoder to receive a first instruction to process a secure hash algorithm 2 (SHA-2) hash algorithm, the first instruction having a first operand associated with a first storage location to store a SHA-2 state and a second operand associated with a second storage location to store a plurality of messages and round constants. The processor further includes an execution unit coupled to the instruction decoder to perform one or more iterations of the SHA-2 hash algorithm on the SHA-2 state specified by the first operand and the plurality of messages and round constants specified by the second operand, in response to the first instruction.

公开(公告)号：US20140237218A1

公开(公告)日：2014-08-21

申请号：US13992728

申请日：2011-12-19

申请人： Vinodh Gopal ,  Gilbert M. Wolrich ,  Erdinc Ozturk ,  James D. Guilford ,  Kirk S. Yap ,  Sean M. Gulley ,  wajdi K. Feghali ,  Martin G. Dixon

发明人： Vinodh Gopal ,  Gilbert M. Wolrich ,  Erdinc Ozturk ,  James D. Guilford ,  Kirk S. Yap ,  Sean M. Gulley ,  wajdi K. Feghali ,  Martin G. Dixon

IPC分类号： G06F9/30

CPC分类号： G06F9/3001 ,  G06F9/30036 ,  G06F9/30101 ,  G06F9/3893

摘要： A multiply-and-accumulate (MAC) instruction allows efficient execution of unsigned integer multiplications. The MAC instruction indicates a first vector register as a first operand, a second vector register as a second operand, and a third vector register as a destination. The first vector register stores a first factor, and the second vector register stores a partial sum. The MAC instruction is executed to multiply the first factor with an implicit second factor to generate a product, and to add the partial sum to the product to generate a result. The first factor, the implicit second factor and the partial sum have a same data width and the product has twice the data width. The most significant half of the result is stored in the third vector register, and the least significant half of the result is stored in the second vector register.

摘要翻译： 乘法和累加（MAC）指令允许有效执行无符号整数乘法。 MAC指令表示作为第一操作数的第一向量寄存器，作为第二操作数的第二向量寄存器和作为目的地的第三向量寄存器。 第一向量寄存器存储第一因子，第二向量寄存器存储部分和。 执行MAC指令以将第一因子与隐式第二因子相乘以生成乘积，并将部分和添加到乘积以生成结果。 第一个因素，隐含的第二个因子和部分和具有相同的数据宽度，产品的数据宽度是两倍。 结果的最大一半存储在第三向量寄存器中，结果的最低有效半存储在第二向量寄存器中。

公开(公告)号：US20140006753A1

公开(公告)日：2014-01-02

申请号：US13995453

申请日：2011-12-22

申请人： Vinodh Gopal ,  Gilbert M. Wolrich ,  Kirk S. Yap ,  James D. Guilford ,  Erdinc Ozturk ,  Sean M. Gulley ,  Wajdi K. Feghali ,  Martin G. Dixon

发明人： Vinodh Gopal ,  Gilbert M. Wolrich ,  Kirk S. Yap ,  James D. Guilford ,  Erdinc Ozturk ,  Sean M. Gulley ,  Wajdi K. Feghali ,  Martin G. Dixon

IPC分类号： H04L9/28

CPC分类号： H04L9/0631 ,  G06F9/30007 ,  G06F9/3001 ,  G06F9/30036 ,  H04L9/0643

摘要： A method is described. The method includes iteratively performing for each position in a result matrix stored in a third register, multiplying a value at a matrix position stored in a first register with a value at a matrix position stored in a second register to obtain a first multiplicative value, where the positions in the first register and the second register are determined by the position in the result matrix and performing an exclusive or (XOR) operation with the first multiplicative value and a value stored at a result matrix position stored in the third register to obtain a result value.

摘要翻译： 描述了一种方法。 该方法包括对存储在第三寄存器中的结果矩阵中的每个位置迭代执行，将存储在第一寄存器中的矩阵位置处的值乘以存储在第二寄存器中的矩阵位置处的值，以获得第一乘法值，其中 第一寄存器和第二寄存器中的位置由结果矩阵中的位置确定，并且执行具有第一乘法值的异或（XOR）操作和存储在存储在第三寄存器中的结果矩阵位置处的值以获得 结果值。

公开(公告)号：US20130275722A1

公开(公告)日：2013-10-17

申请号：US13976184

申请日：2011-12-13

申请人： Kirk S. Yap ,  Gilbert M. Wolrich ,  James D. Guilford ,  Vinodh Gopal ,  Erdinc Ozturk ,  Sean M. Gulley ,  Wajdi K. Feghali ,  Martin G. Dixon

发明人： Kirk S. Yap ,  Gilbert M. Wolrich ,  James D. Guilford ,  Vinodh Gopal ,  Erdinc Ozturk ,  Sean M. Gulley ,  Wajdi K. Feghali ,  Martin G. Dixon

IPC分类号： G06F9/30

CPC分类号： G06F9/30145 ,  H04L9/0643 ,  H04L2209/122

摘要： A processor includes a plurality of registers, an instruction decoder to receive an instruction to process a KECCAK state cube of data representing a KECCAK state of a KECCAK hash algorithm, to partition the KECCAK state cube into a plurality of subcubes, and to store the subcubes in the plurality of registers, respectively, and an execution unit coupled to the instruction decoder to perform the KECCAK hash algorithm on the plurality of subcubes respectively stored in the plurality of registers in a vector manner.

摘要翻译： 处理器包括多个寄存器，指令解码器，用于接收处理表示KECCAK散列算法的KECCAK状态的数据的KECCAK状态立方体的指令，以将KECCAK状态立方体分割成多个子多维数据集，并存储子管道 分别在多个寄存器中，以及执行单元，其耦合到指令解码器，以向量方式分别存储在多个寄存器中的多个子区上执行KECCAK散列算法。

公开(公告)号：US20100332578A1

公开(公告)日：2010-12-30

申请号：US12459152

申请日：2009-06-26

申请人： Vinodh Gopal ,  Gilbert M. Wolrich ,  Wajdi K. Feghali ,  James D. Guilford ,  Erdinc Ozturk ,  Martin G. Dixon

发明人： Vinodh Gopal ,  Gilbert M. Wolrich ,  Wajdi K. Feghali ,  James D. Guilford ,  Erdinc Ozturk ,  Martin G. Dixon

IPC分类号： G06F7/52 ,  G06F12/08 ,  G06F7/50 ,  H04L9/30

CPC分类号： G06F7/72 ,  G06F12/0802 ,  G06F12/14 ,  G06F2207/7261

摘要： A time-invariant method and apparatus for performing modular reduction that is protected against cache-based and branch-based attacks is provided. The modular reduction technique adds no performance penalty and is side-channel resistant. The side-channel resistance is provided through the use of lazy evaluation of carry bits, elimination of data-dependent branches and use of even cache accesses for all memory references.

摘要翻译： 提供了一种用于执行防止基于高速缓存和基于分支的攻击的模块化降级的时不变方法和装置。 模块化还原技术不会增加性能损失，并且具有侧向通道阻抗。 通过使用进位位的惰性评估，消除数据相关分支以及对所有存储器引用使用甚至高速缓存访​​问来提供侧向通道电阻。

公开(公告)号：US09990201B2

公开(公告)日：2018-06-05

申请号：US12645383

申请日：2009-12-22

申请人： Vinodh Gopal ,  James D. Guilford ,  Wajdi K. Feghali ,  Erdine Ozturk ,  Gilbert M. Wolrich ,  Martin G. Dixon ,  Mark C. Davis ,  Sean P. Mirkes ,  Alexandre Farcy ,  Bret L. Toll ,  Maxim Loktyukhin

发明人： Vinodh Gopal ,  James D. Guilford ,  Wajdi K. Feghali ,  Erdine Ozturk ,  Gilbert M. Wolrich ,  Martin G. Dixon ,  Mark C. Davis ,  Sean P. Mirkes ,  Alexandre Farcy ,  Bret L. Toll ,  Maxim Loktyukhin

IPC分类号： G06F15/00 ,  G06F7/38 ,  G06F9/00 ,  G06F9/44 ,  G06F9/30

CPC分类号： G06F9/30094 ,  G06F9/30014

摘要： A method in one aspect may include receiving a multiply instruction. The multiply instruction may indicate a first source operand and a second source operand. A product of the first and second source operands may be stored in one or more destination operands indicated by the multiply instruction. Execution of the multiply instruction may complete without writing a carry flag. Other methods are also disclosed, as are apparatus, systems, and instructions on machine-readable medium.