-
公开(公告)号:US09515818B2
公开(公告)日:2016-12-06
申请号:US14487872
申请日:2014-09-16
Applicant: Apple Inc.
Inventor: Bruno Kindarji , Mathieu Ciet , Benoit Chevallier-Mames , Thomas Icart , Augustin J. Farrugia
CPC classification number: H04L9/0618 , H04L9/0637 , H04L2209/04 , H04L2209/043 , H04L2209/16 , H04L2209/24
Abstract: Some embodiments provide a method for performing a block cryptographic operation that includes a plurality of rounds. The method receives a message that includes several blocks. The method selects a set of the blocks. The set has a particular number of blocks. The method applies a cryptographic operation to the selected set of blocks. A particular round of the cryptographic operation for a first block in the set is performed after a later round than the particular round for a second block in the set, while a different particular round for the first block is performed before an earlier round than the different particular round for the second block. In some embodiments, at least two rounds for the first block are performed one after the other without any intervening rounds for any other blocks in the set.
Abstract translation: 一些实施例提供了一种用于执行包括多个轮次的块密码操作的方法。 该方法接收包含几个块的消息。 该方法选择一组块。 该集合具有特定数量的块。 该方法对所选择的块集合应用加密操作。 在集合中的第一块的特定轮次的加密操作在对于集合中的第二块的特定轮次之后的轮次之后执行,而在第一块之前的不同的特定轮次在比不同的前一轮之前执行 特别是第二块。 在一些实施例中,用于第一块的至少两个轮次一个接一个地执行,而对于该组中的任何其他块,没有任何中间轮。
-
公开(公告)号:US20150363580A1
公开(公告)日:2015-12-17
申请号:US14306713
申请日:2014-06-17
Applicant: Apple Inc.
Inventor: Pierre Betouin , Augustin J. Farrugia , Benoit Chevallier-Mames , Bruno Kindarji , Cédric Tessier , Jean-Baptiste Aviat , Mathieu Ciet , Thomas Icart
CPC classification number: G06F21/14 , G06F2221/0748
Abstract: The fake cryptographic layer obfuscation technique can be used to lure an attacker into expending reverse engineering efforts on sections of code the attacker would normally ignore. To do this the obfuscation technique can identify sections of code that are likely to be of lesser interest to the attacker and disguise them as higher value sections. This can be achieved by transforming a lower value section of code to include code patterns, constants, or other characteristics known to exist in sections of code of higher value, such as cryptographic routines. To transform a code section, the obfuscation technique can use one or more program modifications including control flow modifications, constant value adjustments to simulate well-known cryptographic scalars, buffer extensions, fake characteristic table insertion, debug-like information insertion, derivation function-code generation linking, and/or cryptographic algorithm specific instruction insertion.
Abstract translation: 伪造的加密层混淆技术可以用来诱骗攻击者在攻击者通常忽略的代码段上花费逆向工程的努力。 为此,混淆技术可以识别可能对攻击者感兴趣的代码段,并将其伪装成较高的值段。 这可以通过将代码的较低值部分转换为包括已知存在于较高值的代码部分中的代码模式,常量或其他特性来实现,例如加密例程。 为了转换代码部分,混淆技术可以使用一个或多个程序修改,包括控制流修改,常数值调整以模拟公知的加密标量,缓冲区扩展,伪特征表插入,类似调试的信息插入,导出函数代码 生成链接和/或加密算法特定指令插入。
-
23.发明申请公开(公告)号:US20150349951A1
公开(公告)日:2015-12-03
申请号:US14291591
申请日:2014-05-30
Applicant: Apple Inc.
Inventor: Augustin J. Farrugia , Benoit Chevallier-Mames , Bruno Kindarji , Mathieu Ciet , Thomas Icart
IPC: H04L9/06
CPC classification number: H04L9/0631 , G06F9/30007 , G09C1/00 , H04L2209/16 , H04L2209/603 , H04L2209/76
Abstract: Some embodiments provide for an improved method for performing AES cryptographic operations. The method applies a look up table operation that includes several operations embedded within look up tables. The embedded operations include a permutation operation to permute several bytes of AES state, a multiplication operation to apply a next round's protection to the AES state, an affine function and an inverse affine function to conceal the multiplication operation, and an inverse permutation operation to remove a previous round's protection. Some embodiments provide for an optimized method for efficiently performing such protected AES operations. The method alternates rounds of AES processing between software processing (e.g. processing by a CPU, performed according to software instructions) and hardware processing (e.g. processing by cryptographic ASIC).
Abstract translation: 一些实施例提供了用于执行AES加密操作的改进方法。 该方法应用查询表操作,其中包含嵌入在查找表中的多个操作。 嵌入式操作包括将AES状态置换几个字节的置换操作,将下一轮的保护应用于AES状态的乘法运算,用于隐藏乘法运算的仿射函数和反向仿射函数以及用于去除的逆置换操作 前一轮的保护。 一些实施例提供了用于有效执行这种受保护的AES操作的优化方法。 该方法在软件处理(例如,CPU的处理,根据软件指令执行)和硬件处理(例如通过加密ASIC的处理)之间交替进行AES处理。
-
24.发明申请公开(公告)号:US20140165030A1
公开(公告)日:2014-06-12
申请号:US13707437
申请日:2012-12-06
Applicant: APPLE INC.
Inventor: Benoit Chevallier-Mames , Mathieu Ciet , Thomas Icart , Bruno Kindarji , Augustin J. Farrugia
IPC: G06F9/44
CPC classification number: G06F21/14
Abstract: A method and an apparatus for receiving a first source code having a code block to update the first source code with multiple copies of the code block to protect against correlation attacks are described. The code block can perform one or more operations for execution based on the first source code. The operations can be performed via a random one of the copies of the code block. A second source code based on the updated first source code can be generated to be executed by a processor to produce an identical result as the first source code.
Abstract translation: 描述了一种用于接收具有代码块的第一源代码的方法和装置,用于更新具有代码块的多个副本的第一源代码以防止相关攻击。 代码块可以执行一个或多个基于第一源代码执行的操作。 可以通过代码块的副本中的随机的一个执行操作。 可以生成基于更新的第一源代码的第二源代码以由处理器执行以产生与第一源代码相同的结果。
-
公开(公告)号:US12001579B1
公开(公告)日:2024-06-04
申请号:US17302539
申请日:2021-05-05
Applicant: Apple Inc.
Inventor: Benoit Chevallier-Mames , Thomas Icart , Mathieu Ciet , Oliver J. Hunt , Yannick Sierra , Gokul Thirumalai , Roberto Garcia
IPC: H04L9/40 , G06F16/174 , G06F21/62 , H04L9/08 , H04L9/14 , H04L9/30 , H04L9/32 , H04L51/04 , H04L51/08 , H04L67/1095 , H04L67/1097 , H04W12/02 , H04W12/04
CPC classification number: G06F21/6227 , G06F16/1752 , G06F21/6218 , H04L9/0847 , H04L9/14 , H04L9/30 , H04L9/3242 , H04L9/3247 , H04L9/3273 , H04L51/04 , H04L51/08 , H04L63/0428 , H04L63/0478 , H04L63/065 , H04L63/123 , H04L63/126 , H04L67/1095 , H04L67/1097 , H04W12/02 , H04W12/04
Abstract: Data items such as files or database records associated with particular applications (such as messaging applications and other applications) can be stored in one or more remote locations, such as a cloud storage system, and synchronized with other devices. The remote storage can be configured such that each application executing on a client device can only view data items stored at the remote location to which the application has permission to access. An access manager on each client device enforces application specific access policies. Storage at the remote location can be secured for each application associated with a user or user account, for example, using isolated containers. The cloud storage of data can be anonymized and anonymous group data can be stored in the cloud storage.
-
Patent Agency Ranking
公开(公告)号:US11321095B2
公开(公告)日:2022-05-03
申请号:US16663621
申请日:2019-10-25
Applicant: Apple Inc.
Inventor: Steven A. Myers , Jeffry E. Gonion , Yannick L. Sierra , Thomas Icart
Abstract: Techniques are disclosed relating to protecting branch prediction information. In various embodiments, an integrated circuit includes branch prediction logic having a table that maintains a plurality of entries storing encrypted target address information for branch instructions. The branch prediction logic is configured to receive machine context information for a branch instruction having a target address being predicted by the branch prediction logic, the machine context information including a program counter associated with the branch instruction. The branch prediction logic is configured to use the machine context information to decrypt encrypted target address information stored in one of the plurality of entries identified based on the program counter. In some embodiments, the branch prediction logic decrypts the encrypted target address information by performing a cipher to encrypt the machine context information and performing a Boolean exclusive-OR operation of the encrypted machine context information and the encrypted target address information.
-
公开(公告)号:US10164772B2
公开(公告)日:2018-12-25
申请号:US14291581
申请日:2014-05-30
Applicant: Apple Inc.
Inventor: Mathieu Ciet , Augustin J. Farrugia , Thomas Icart
IPC: H04L9/06
Abstract: The disclosed hash and message padding functions are based on the permutation composition problem. To compute a hash of a message using permutation composition based hashing, the message is split into equal size blocks. For each block, a permutation composition value is computed. The block permutation composition values are then combined through composition to generate an overall permutation composition value. The hash of the message is then based on the overall permutation composition value. To pad a message using permutation composition based padding, the message is split into equal size blocks. For each block, a permutation composition value is computed and the permutation composition value is added to the block. The padded blocks are then recombined to generate the padded message.
-
28.发明授权公开(公告)号:US09716586B2
公开(公告)日:2017-07-25
申请号:US15000223
申请日:2016-01-19
Applicant: Apple Inc.
Inventor: Benoit Chevallier-Mames , Mathieu Ciet , Thomas Icart , Bruno Kindarji , Augustin J. Farrugia
CPC classification number: H04L9/0637 , H04L9/0631 , H04L9/30 , H04L2209/24
Abstract: Methods, media, and systems for, in one embodiment, protecting one or more keys in an encryption and/or decryption process can use precomputed values in the process such that at least a portion of the one or more keys is not used or exposed in the process. In one example of a method, internal states of an AES encryption process are saved for use in a counter mode stream cipher operation in which the key used in the AES encryption process is not exposed or used.
-
公开(公告)号:US09692592B2
公开(公告)日:2017-06-27
申请号:US14866997
申请日:2015-09-27
Applicant: Apple Inc.
Inventor: Bruno Kindarji , Benoit Chevallier-Mames , Mathieu Ciet , Augustin J. Farrugia , Thomas Icart
CPC classification number: H04L9/0618 , H04L9/0631 , H04L9/14 , H04L63/1466 , H04L2209/16 , H04L2209/24 , H04L2209/34
Abstract: Some embodiments provide a method for performing an iterative block cipher. Line rotations and column rotations are combined to have a diversity of representations of the AES state. These protections can be performed either in static mode where the rotations are directly included in the code and the tables or in dynamic mode where the rotations are chosen randomly at execution time, depending on some entropic context variables. The two modes can also be advantageously combined together.
-
公开(公告)号:US20160119133A1
公开(公告)日:2016-04-28
申请号:US14291581
申请日:2014-05-30
Applicant: Apple Inc.
Inventor: Mathieu Ciet , Augustin J. Farrugia , Thomas Icart
IPC: H04L9/06
CPC classification number: H04L9/0643 , H04L2209/20
Abstract: The disclosed hash and message padding functions are based on the permutation composition problem. To compute a hash of a message using permutation composition based hashing, the message is split into equal size blocks. For each block, a permutation composition value is computed. The block permutation composition values are then combined through composition to generate an overall permutation composition value. The hash of the message is then based on the overall permutation composition value. To pad a message using permutation composition based padding, the message is split into equal size blocks. For each block, a permutation composition value is computed and the permutation composition value is added to the block. The padded blocks are then recombined to generate the padded message.
Abstract translation: 所公开的散列和消息填充功能基于置换组合问题。 为了使用基于散列组合的散列来计算消息的散列,消息被分割成相等大小的块。 对于每个块,计算置换组合值。 然后通过组合将块置换组合值组合以产生整体置换组合值。 然后,消息的散列基于整体排列组合值。 为了使用基于置换组合的填充来填充消息,消息被分割成相等的大小块。 对于每个块,计算置换组合值,并将置换组合值添加到块。 然后将填充的块重新组合以产生填充消息。
-
-
-
-
-
-
-
-
-
Search Results
32
records
(took 0.018 seconds)
