公开(公告)号：US10025559B2

公开(公告)日：2018-07-17

申请号：US15442322

申请日：2017-02-24

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Ibrahima Diop ,  Yanis Linge ,  Pierre-Yvan Liardet

IPC: G06F7/58 ,  G06F7/72 ,  G06F21/72

Abstract: A method of protecting a modular exponentiation calculation on a first number and an exponent, modulo a first modulo, executed by an electronic circuit using a first register or memory location and a second register or memory location, successively including, for each bit of the exponent: generating a random number; performing a modular multiplication of the content of the first register or memory location by that of the second register or memory location, and placing the result in one of the first and second registers or memory locations selected according to the state of the bit of the exponent; performing a modular squaring of the content of one of the first and second registers or memory locations selected according to the state of the exponent, and placing the result in this selected register or memory location, the multiplication and squaring operations being performed modulo the product of the first modulo by said random number.

公开(公告)号：US20180060040A1

公开(公告)日：2018-03-01

申请号：US15442322

申请日：2017-02-24

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Ibrahima Diop ,  Yanis Linge ,  Pierre-Yvan Liardet

IPC: G06F7/72 ,  G06F7/58

CPC classification number: G06F7/723 ,  G06F7/58 ,  G06F7/722 ,  G06F21/72 ,  G06F2207/7247

Abstract: A method of protecting a modular exponentiation calculation on a first number and an exponent, modulo a first modulo, executed by an electronic circuit using a first register or memory location and a second register or memory location, successively including, for each bit of the exponent: generating a random number; performing a modular multiplication of the content of the first register or memory location by that of the second register or memory location, and placing the result in one of the first and second registers or memory locations selected according to the state of the bit of the exponent; performing a modular squaring of the content of one of the first and second registers or memory locations selected according to the state of the exponent, and placing the result in this selected register or memory location, the multiplication and squaring operations being performed modulo the product of the first modulo by said random number.

公开(公告)号：US11265145B2

公开(公告)日：2022-03-01

申请号：US16281881

申请日：2019-02-21

Applicant: STMICROELECTRONICS (ROUSSET) SAS

Inventor： Yanis Linge ,  Thomas Ordas ,  Pierre-Yvan Liardet

IPC: H04L9/06 ,  H04L9/00

Abstract: The disclosure concerns implementing, by a cryptographic circuit, a set of substitution operations of a cryptographic process involving a plurality of substitution tables. For each set of substitution operations of the cryptographic process, a series of sets of substitution operations are performed. One set of the series is a real set of substitution operations corresponding to the set of substitution operations of the cryptographic process. One or more other sets are dummy sets of substitution operations, each dummy set being based on a different permutation of said substitution tables.

公开(公告)号：US09558375B2

公开(公告)日：2017-01-31

申请号：US14671019

申请日：2015-03-27

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Pierre-Yvan Liardet ,  Yannick Teglia ,  Jerome Tournemille

IPC: G06F21/75 ,  G06F21/72 ,  H04L9/00

CPC classification number: G06F21/75 ,  G06F21/72 ,  G06F2221/2105 ,  H04L9/004

Abstract: A device includes one or more registers and circuitry. The circuitry subjects a key having a number of bits to a first function which takes a selection value into account, generating a result having a number of bits which is twice the number of bits of the key, and stores the result in the one or more registers. In response to a call for the key, the circuitry subjects the result stored in the one or more registers to a second function which takes the selection value into account to generate a response having a same value as the key.

Abstract translation: 设备包括一个或多个寄存器和电路。 该电路将具有多个比特的密钥作为考虑到选择值的第一功能，产生具有该密钥比特数的两倍的比特数的结果，并将该结果存储在一个或多个 注册 响应于对键的调用，电路对存储在一个或多个寄存器中的结果进行考虑到选择值的第二函数，以产生具有与该键相同的值的响应。

公开(公告)号：US10977365B2

公开(公告)日：2021-04-13

申请号：US16041077

申请日：2018-07-20

Applicant: STMICROELECTRONICS (ROUSSET) SAS

Inventor： Ibrahima Diop ,  Yanis Linge ,  Pierre-Yvan Liardet

IPC: G06F21/00 ,  G06F21/55 ,  G06F21/60 ,  G06F7/72 ,  H04L9/00 ,  G06F21/72

Abstract: An iterative calculation is performed on a first number and a second number, while protecting the iterative calculation against side-channel attacks. For each bit of the second number, successively, an iterative calculation routine of the bit of the second number is determined. The determination is made independent of a state of the bit. The determined iterative calculation routine of the bit is executed. A result of the iterative calculation is generated based on a result of the execution of the determined iterative calculation routine of a last bit of the second number.

公开(公告)号：US20180060566A1

公开(公告)日：2018-03-01

申请号：US15442303

申请日：2017-02-24

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Ibrahima Diop ,  Pierre-Yvan Liardet ,  Yanis Linge

IPC: G06F21/52 ,  G06F7/72 ,  G06F7/523

CPC classification number: G06F21/52 ,  G06F7/523 ,  G06F7/72 ,  G06F7/723 ,  G06F2207/7242 ,  G06F2221/032

Abstract: A method of protecting a modular calculation on a first number and a second number, executed by an electronic circuit, including the steps of: combining the second number with a third number to obtain a fourth number; executing the modular calculation on the first and fourth numbers, the result being contained in a first register or memory location; initializing a second register or memory location to the value of the first register or to one; and successively, for each bit at state 1 of the third number: if the corresponding bit of the fourth number is at state 1, multiplying the content of the second register or memory location by the inverse of the first number and placing the result in the first register or memory location, if the corresponding bit of the fourth number is at state 0, multiplying the content of the second register or memory location by the first number and placing the result in the first register or memory location.

公开(公告)号：US20190051643A1

公开(公告)日：2019-02-14

申请号：US16100796

申请日：2018-08-10

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Daniele Fronte ,  Pierre-Yvan Liardet ,  Alexandre Sarafianos

IPC: H01L27/02 ,  H01L23/00 ,  G01R31/28

Abstract: A circuit for protecting an integrated circuit against fault injection attacks includes an element including a dielectric which is destroyed, resulting in the occurrence of a short-circuit. The element is connected between two terminals that receive a power supply voltage of the integrated circuit.

公开(公告)号：US10998306B2

公开(公告)日：2021-05-04

申请号：US16100796

申请日：2018-08-10

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Daniele Fronte ,  Pierre-Yvan Liardet ,  Alexandre Sarafianos

IPC: H01L27/02 ,  G01R31/28 ,  H01L23/00

Abstract: A circuit for protecting an integrated circuit against fault injection attacks includes an element including a dielectric which is destroyed, resulting in the occurrence of a short-circuit. The element is connected between two terminals that receive a power supply voltage of the integrated circuit.

公开(公告)号：US10354063B2

公开(公告)日：2019-07-16

申请号：US15442303

申请日：2017-02-24

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Ibrahima Diop ,  Pierre-Yvan Liardet ,  Yanis Linge

IPC: G06F21/52 ,  G06F7/523 ,  G06F7/72

Abstract: A method of protecting a modular calculation on a first number and a second number, executed by an electronic circuit, including the steps of: combining the second number with a third number to obtain a fourth number; executing the modular calculation on the first and fourth numbers, the result being contained in a first register or memory location; initializing a second register or memory location to the value of the first register or to one; and successively, for each bit at state 1 of the third number: if the corresponding bit of the fourth number is at state 1, multiplying the content of the second register or memory location by the inverse of the first number and placing the result in the first register or memory location, if the corresponding bit of the fourth number is at state 0, multiplying the content of the second register or memory location by the first number and placing the result in the first register or memory location.

公开(公告)号：US20160308673A1

公开(公告)日：2016-10-20

申请号：US14671019

申请日：2015-03-27

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Pierre-Yvan Liardet ,  Yannick Teglia ,  Jerome Tournemille

IPC: H04L9/08

CPC classification number: G06F21/75 ,  G06F21/72 ,  G06F2221/2105 ,  H04L9/004

Abstract: A device includes one or more registers and circuitry. The circuitry subjects a key having a number of bits to a first function which takes a selection value into account, generating a result having a number of bits which is twice the number of bits of the key, and stores the result in the one or more registers. In response to a call for the key, the circuitry subjects the result stored in the one or more registers to a second function which takes the selection value into account to generate a response having a same value as the key.

Abstract translation: 设备包括一个或多个寄存器和电路。 该电路将具有多个比特的密钥作为考虑到选择值的第一功能，产生具有该密钥比特数的两倍的比特数的结果，并将该结果存储在一个或多个 注册 响应于对键的调用，电路对存储在一个或多个寄存器中的结果进行考虑到选择值的第二函数，以产生具有与该键相同的值的响应。