-
公开(公告)号:US11750369B2
公开(公告)日:2023-09-05
申请号:US17405016
申请日:2021-08-17
发明人: You-Tun Teng , Wen-Long Chin
CPC分类号: H04L9/0631 , G06F21/72 , G06F7/523 , H04L2209/122
摘要: A single round advanced encryption standard circuit module includes a substitution byte/inverse substitution byte unit, configured to substitute elements of an input state array to generate an output state array and to respectively generate a first state array, a plurality of second state arrays, a third state array, a plurality of fourth state arrays and the output state array according to a first tier circuit unit, a second tier circuit unit, a third tier circuit unit, a fourth tier circuit unit and a fifth tier circuit unit; wherein the first state array, the plurality of second state arrays, the third state array and the plurality of fourth state arrays are represented by register-transfer level codes; wherein the substitution byte/inverse substitution byte unit is implemented by composite field arithmetic of sharing operators and operands.
-
公开(公告)号:US09996708B2
公开(公告)日:2018-06-12
申请号:US14751995
申请日:2015-06-26
申请人: Intel Corporation
发明人: Sudhir K. Satpathy , Sanu K. Mathew , Kirk S. Yap , Vinodh Gopal
CPC分类号: G06F21/74 , G06F21/73 , G06F2221/2107 , G09C1/00 , H04L9/0631 , H04L2209/122
摘要: A processing system includes a processing core and a hardware accelerator communicatively coupled to the processing core. The hardware accelerator includes a data register having a plurality of data bits and a key register having a plurality of key bits. The hardware accelerator also includes a data mode selector module to select one of an encrypt mode or a decrypt mode for processing the plurality of data bits. The hardware accelerator further includes a key mode selector module to select one of the encrypt mode or the decrypt mode for processing the plurality of key bits.
-
公开(公告)号:US20180068137A1
公开(公告)日:2018-03-08
申请号:US15810884
申请日:2017-11-13
CPC分类号: G06F21/87 , G09C1/00 , H01L23/57 , H04L9/002 , H04L9/10 , H04L2209/12 , H04L2209/122
摘要: To provide for a physical security mechanism that forms a complete envelope of protection around the cryptographic module to detect and respond to an unauthorized attempt at physical access, a tamper sensing encapsulant generally encapsulates the cryptographic module. The tamper sensing encapsulant includes a first shape actuation layer associated with an electrically conductive first trace element and a second shape actuation layer associated with an electrically conductive second trace element. The first shape actuation layer is positioned against the second shape actuation layer such that the first trace element and the second trace element do not physically touch at an operating temperature of the cryptographic module and do physically touch when the first shape actuation layer and the second shape actuation layer are thermally loaded. Upon first trace element and the second trace element touching, a circuit is formed that disables the cryptographic module.
-
公开(公告)号:US09846187B2
公开(公告)日:2017-12-19
申请号:US14708315
申请日:2015-05-11
发明人: Valery Teper
CPC分类号: G01R27/2605 , G06F21/75 , G06F21/755 , G06F21/85 , G09C1/00 , H01L23/576 , H04L9/003 , H04L9/10 , H04L2209/12 , H04L2209/122
摘要: An electronic circuit with protection against eavesdropping, including a first circuit element embedded in the electronic circuit, a second circuit element embedded in the electronic circuit, one or more connection lines between the first circuit element and the second circuit element, a first monitoring unit in the first circuit element for measuring capacitance of at least one of the connection lines between the first circuit element and the second circuit element, wherein the first monitoring unit is configured to identify changes in capacitance of the connection lines and to initiate actions to prevent eavesdropping in response to identifying changes.
-
公开(公告)号:US20170092157A1
公开(公告)日:2017-03-30
申请号:US14865358
申请日:2015-09-25
申请人: INTEL CORPORATION
CPC分类号: G09C1/00 , G06F21/602 , H04L9/0618 , H04L9/0631 , H04L2209/122 , H04L2209/125
摘要: This disclosure is directed to a multiple input cryptographic engine. In general, an cryptographic engine consistent with the present disclosure may improve on existing systems that generate encrypted data (e.g., ciphertext) from decrypted input data (e.g., plaintext), or that conversely generate decrypted data from encrypted data, in that a second input may be received into the cryptographic engine while a first input is still being processed, allowing multiple inputs to be processed concurrently. An example device may include an input interface to receive data into the device, an output interface to output data from the device and cryptographic circuitry. The cryptographic circuitry may be configured encrypt/decrypt data received via the input interface into encrypted/decrypted data while also converting a least a portion of a second input received via the input interface into second encrypted/decrypted data. The encrypted/decrypted data may then be output via the output interface.
-
公开(公告)号:US09590805B1
公开(公告)日:2017-03-07
申请号:US14580956
申请日:2014-12-23
申请人: EMC Corporation
发明人: Sean F. Parkinson
CPC分类号: H04L9/0819 , G09C1/00 , H04L9/003 , H04L9/3066 , H04L9/3247 , H04L2209/122 , H04L2209/24 , H04L2209/72
摘要: A method includes receiving a first input value and a second input value, and obtaining a set of pre-computed values, wherein each pre-computed value is computed as the first input value multiplied by a given multiple in a set of multiples comprising powers of 2. A cryptographic process is performed to generate a cryptographic value based on the first and second input values, and one or more of the pre-computed values, wherein the cryptographic value that is generated is usable to generate a secure message or digital signature. The cryptographic process includes performing an iterative scalar multiplication process in which each step of the iterative scalar multiplication process is performed using a single point add operation to multiply a bit of the second input value with one of the pre-computed values in the set of pre-computed values.
摘要翻译: 一种方法包括接收第一输入值和第二输入值,以及获得一组预先计算的值,其中每组预先计算的值被计算为乘以一组倍数的给定倍数的第一输入值, 执行密码处理以基于第一和第二输入值以及一个或多个预先计算的值来生成密码值,其中所生成的加密值可用于生成安全消息或数字签名。 加密过程包括执行迭代标量乘法过程,其中使用单点加法运算来执行迭代标量乘法处理的每个步骤,以将第二输入值的位乘以该组预先计算的值之一 计算值。
-
公开(公告)号:US20170061832A1
公开(公告)日:2017-03-02
申请号:US14752873
申请日:2015-06-27
申请人: Intel Corporation
发明人: SANTOSH GHOSH , LI ZHAO , MANOJ R. SASTRY
CPC分类号: G09C1/00 , H04L9/0631 , H04L2209/122
摘要: One embodiment provides an apparatus. The apparatus includes a lightweight cryptographic engine (LCE), the LCE is optimized and has an associated throughput greater than or equal to a target throughput.
摘要翻译: 一个实施例提供一种装置。 该装置包括轻量级加密引擎(LCE),LCE被优化并且具有大于或等于目标吞吐量的相关联吞吐量。
-
公开(公告)号:US20170061162A1
公开(公告)日:2017-03-02
申请号:US14830171
申请日:2015-08-19
申请人: Altera Corporation
发明人: Robert Groza
CPC分类号: G06F21/72 , G06F21/76 , G09C1/00 , H04L9/0637 , H04L2209/12 , H04L2209/122 , H04L2209/125
摘要: Systems and methods are discussed herein for reusing hardware for encryption and authentication, where the hardware has a fixed input bandwidth, and where the hardware has the same bandwidth for a different input bandwidth. In order to accomplish this mechanism, systems and methods are provided herein for processing invalid data that appears within streams of valid data. Systems and methods are also provided herein for authentication mechanisms that require more than one data cycle to complete.
摘要翻译: 本文将讨论用于重新使用硬件进行加密和认证的系统和方法,其中硬件具有固定的输入带宽,并且硬件对于不同的输入带宽具有相同的带宽。 为了实现这一机制,本文提供了用于处理出现在有效数据流内的无效数据的系统和方法。 本文还提供了需要多于一个数据周期来完成的认证机制的系统和方法。
-
公开(公告)号:US20160344555A1
公开(公告)日:2016-11-24
申请号:US14716570
申请日:2015-05-19
申请人: NXP B.V.
发明人: Bernd Elend
IPC分类号: H04L9/32
CPC分类号: H04L9/3247 , G06F21/606 , G06F21/71 , H04L9/32 , H04L12/40032 , H04L63/123 , H04L63/162 , H04L2012/40215 , H04L2012/40273 , H04L2209/122 , H04L2209/84
摘要: Aspects of the present disclosure are directed to communicating on a communication bus in accordance with a message-based signal protocol. One or more messages are generated with a data field, in which a portion of the data field is reserved for a signature. The signature has a bit length corresponding to a bit length of the reserved portion of the data field. The signature is coded in the portion of the data field reserved for the signature, and at least one message is transmitted with the signature coded therein. Each message received on the communication bus and having a signature coded in a data field therein is authenticated based on the signature, and processed by removing the signature from the data field and decoding the message with the signature removed.
摘要翻译: 本公开的方面旨在根据基于消息的信号协议在通信总线上进行通信。 使用数据字段生成一个或多个消息,其中数据字段的一部分被保留用于签名。 签名具有对应于数据字段的保留部分的位长度的位长度。 签名被编码在为签名保留的数据字段的部分中,并且至少一个消息被发送,其中签名被编码。 在通信总线上接收的具有在其中的数据字段中编码的签名的每个消息基于签名进行认证,并且通过从数据字段中移除签名并且将该签名消除来对该消息进行解码来进行处理。
-
公开(公告)号:US20150304114A1
公开(公告)日:2015-10-22
申请号:US14372799
申请日:2013-01-21
申请人: GEMALTO SA
发明人: Philippe PROUST , Claude BARRAL
CPC分类号: H04L9/3278 , G06K9/00577 , G06K19/073 , G06K19/086 , G06K2009/0059 , H04L2209/122
摘要: The invention is a method for authenticating a device which comprises a chip and a body carrying the chip. The body comprises a graphical security feature. The method comprises the steps of: running a first physical unclonable function for generating a first response representative of the chip, extracting a first reference from the graphical security feature, authenticating the device by checking that said first response and first reference are linked by a preset mathematical function. The extracting step and the authenticating step are carried out by a machine distinct from the device.
摘要翻译: 本发明是一种认证装置的方法,该装置包括一个芯片和一个承载芯片的机体。 身体包括图形安全功能。 该方法包括以下步骤:运行用于生成表示芯片的第一响应的第一物理不可克隆功能,从图形安全特征提取第一参考,通过检查所述第一响应和第一参考是否被预设链接来认证该设备 数学函数。 提取步骤和认证步骤由与装置不同的机器进行。
-
-
-
-
-
-
-
-
-
搜索结果
363 条记录 (耗时 0.017 秒)
