Patents by Inventor Olivier Savry
Olivier Savry has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230281305Abstract: A method including generating an initialization vector, then producing a new mask using the generated initialization vector and using a secret key, masking a datum to be written to an internal cache memory using the constructed new mask, to obtain a masked datum, storing, in a given word of the internal cache memory, the masked datum and the generated initialization vector, and unmasking the masked datum, this including extracting the initialization vector contained in the word, reconstructing the mask using the extracted initialization vector and using the secret key, then unmasking the masked datum using the new mask thus reconstructed.Type: ApplicationFiled: January 26, 2023Publication date: September 7, 2023Applicant: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESInventors: Olivier SAVRY, Ezinam-Bertrand TALAKI
-
Patent number: 11651086Abstract: A method for executing a computer program, wherein when a microprocessor writes a block of No bytes of a datum of a block of cleartext data stored in an unencrypted memory, a security module switches a validity indicator associated with this block of No bytes to an active state wherein it indicates that this block of bytes is valid, and each time a block of No bytes of a datum of the block of cleartext data is loaded by the microprocessor from the unencrypted memory, the hardware security module verifies whether the validity indicator associated with this block of No bytes is in its active state and, if such is the case, processing, by the microprocessor, of this block of No bytes is permitted, and, if such is not the case, processing, by the microprocessor, of this block of No bytes is forbidden.Type: GrantFiled: December 2, 2020Date of Patent: May 16, 2023Assignee: Commissariat a l'Energie Atomique et aux Energies AlternativesInventors: Olivier Savry, Thomas Hiscock
-
Publication number: 20220358206Abstract: This method comprises: for each datum Di, computing a code Ci using a relationship Ci=Qa (Di)=P o Fa (Di), where: P is a predetermined function, Fa is a function defined by the following relationship: Fa(Di)=Tat o . . . o Tar o . . . o Ta1 o Ta0 (Di), Tar is a conditional transposition, configured by a secret parameter ar, that permutes two blocks B1r and B2r of bits of the datum Di on the basis of the value of the parameter ar, computing a code Cres-t using the following relationship: Cres-t=C1 & C2 & . . . &Cn, where C1 to Cn, are the codes associated with data D1 to Dn combined with one another by a Boolean operation D1&D2& . . . &Dn, where the “&” symbol designates the Boolean operation.Type: ApplicationFiled: March 23, 2022Publication date: November 10, 2022Applicant: Commissariat à l'Energie Atomique et aux Energies AlternativesInventors: Gaëtan LEPLUS, Olivier SAVRY
-
Publication number: 20220357927Abstract: This microprocessor is configured to compute a code C1, used to detect an execution fault, using a relationship Ci=P o F?(Di), where: F?(Di)=E0 o . . . o Eq o . . . o ENbE?1(Di), Eq(x)=T?m,q o . . . o T?j,q o . . . o T?1,q o T?0,q(X), and T?j,q is a conditional transposition, configured by a secret parameter ?j,q, that permutes two blocks of bits B2j+1,q and B2j,q of the variable x only when the parameter aj,q is equal to a first value, the blocks B2j+1,q and B2j,q of all of the transpositions T?j,q of the stage Eq being different from one another and not overlapping and the blocks B2j+1,q and B2j,q are placed within one and the same block of greater size permuted by a transposition of the higher stage Eq+1.Type: ApplicationFiled: March 23, 2022Publication date: November 10, 2022Applicant: Commissariat à l'Energie Atomique et aux Energies AlternativesInventors: Gaëtan LEPLUS, Olivier SAVRY
-
Publication number: 20220357944Abstract: A method for executing a machine code using a microprocessor includes, after an operation of decoding a current loaded instruction, constructing a mask from the signals generated by an instruction decoder in response to decoding of the current loaded instruction by the decoder. The constructed mask varies as a function of the current loaded instruction. Subsequently, before an operation of decoding a next loaded instruction, the next loaded instruction is unmasked using the constructed mask.Type: ApplicationFiled: March 23, 2022Publication date: November 10, 2022Applicant: Commissariat à l'Energie Atomique et aux Energies AlternativesInventors: Gaëtan LEPLUS, Olivier SAVRY
-
Publication number: 20220360424Abstract: A method for executing a function, secured by temporal desynchronization, includes when a first legitimate instruction is loaded, noting the opcode of this first legitimate instruction, then constructing a dummy instruction on the basis of this noted opcode, the dummy instruction thus constructed being identical to the first legitimate instruction except that its operands are different, then incorporating the dummy instruction thus constructed into a sequence of dummy instructions used to delay the time at which a second legitimate instruction is executed.Type: ApplicationFiled: March 11, 2022Publication date: November 10, 2022Applicant: Commissariat à l'Energie Atomique et aux Energies AlternativesInventors: Gaëtan LEPLUS, Olivier SAVRY
-
Patent number: 11461476Abstract: A method for executing a binary code including the execution of an indirect load instruction which provokes the reading of a data line associated with an address obtained from the content of a destination register, then the construction of an initialization vector from the content of this data line, then the loading of this constructed initialization vector in a microprocessor, then the execution of an indirect branch instruction which provokes a branch directly to a first encrypted instruction line of a following basic block whose address is obtained from the content of the same destination register, then the decryption of the cryptogram of each encrypted instruction line of the following basic block using the initialization vector loaded in the microprocessor.Type: GrantFiled: March 19, 2020Date of Patent: October 4, 2022Assignee: Commissariat a l'Energie Atomique et aux Energies AlternativesInventor: Olivier Savry
-
Publication number: 20220292182Abstract: A method for the execution of a binary code defining a data structure including a particular field to be read using a pointer, this method including writing, to the main memory, the value of the particular field associated with a first identifier of a pointer that points directly to this particular field, this identifier being determined from an identifier of the particular field that differs for all of the fields of the data structure that are adjacent to the particular field, and then constructing a pointer that points directly to this particular field, this construction including determining an identifier of this constructed pointer, and then checking that the identifier constructed in step b) corresponds to the identifier associated with this particular field in step a), and when these pointer identifiers do not match, triggering the signaling of an execution fault.Type: ApplicationFiled: February 14, 2022Publication date: September 15, 2022Applicant: Commissariat à l'Energie Atomique et aux Energies AlternativesInventors: Olivier SAVRY, Thomas HISCOCK
-
Publication number: 20220294634Abstract: A method for executing a computer program includes incorporating, into metadata of a block containing a line of code to be accessed using a pointer, a first pointer identifier associated with the line of code to be accessed, then obtaining a pointer including a first range of bits containing the address of the line of code to be accessed, and a different second range of bits containing a second pointer identifier, then verifying that the second pointer identifier contained in the obtained pointer corresponds to the first pointer identifier associated with the line of code to be accessed and contained in the metadata of the loaded block, and when the first and second pointer identifiers do not correspond, then the security module triggers signaling of an execution fault.Type: ApplicationFiled: February 14, 2022Publication date: September 15, 2022Applicant: Commissariat à l'Energie Atomique et aux Energies AlternativesInventors: Olivier Savry, Thomas Hiscock
-
Patent number: 11341282Abstract: A method for executing a binary code includes for each item of data to be recorded: executing an algorithm for constructing a data line containing a cryptogram of this item of data constructed using an initialization vector ivj associated with an address @j of the main memory using a relationship ivj=Fiv(@j), where the function Fiv, is a pre-programmed function that associates a different initialization vector ivj with each different address @j of a main memory, and then recording this constructed data line in the main memory at the address @j, where each instruction line of a basic block is constructed by executing the same construction algorithm as the one executed to construct the data line and using the same function Fiv, the item of data for this purpose being taken to be equal to the instruction masked using a mask associated with this basic block.Type: GrantFiled: May 5, 2020Date of Patent: May 24, 2022Assignee: Commissariat a l'Energie Atomique et aux Energies AlternativesInventor: Olivier Savry
-
Patent number: 11232194Abstract: A method for executing a binary code of a secure function includes obtaining a pointer containing: a first range of bits containing the address of a line of code, and a second, different range of bits containing an identifier of the pointer, storing the line of code, this line of code containing a first integrity tag constructed or encrypted using the identifier of the pointer, loading the line of code from the address contained in the first range of bits of the pointer, verifying the integrity of the loaded line of code by constructing a second integrity tag using the identifier of the pointer contained in the second range of bits of the pointer used to load it.Type: GrantFiled: July 1, 2020Date of Patent: January 25, 2022Assignee: Commissariat a l'Energie Atomique et aux Energies AlternativesInventor: Olivier Savry
-
Patent number: 11157659Abstract: A method for executing a polymorphic machine code, wherein: for each branching address at which a base block of a flow of generated instructions starts, the microprocessor automatically adds, in the generated flow of instructions, a renewal instruction suitable, when it is executed, for triggering the renewal of an initialization vector of a module for decryption by flow with a specific value associated with this branching address, then a flow encryption module encrypts the flow of instructions as it is generated and, during this encryption, each base block is encrypted using a specific value associated with the branching address at which it starts. Only the instruction flow encrypted in this way is recorded in the main memory. During execution of the encrypted instruction flow, the added renewal instructions are executed as they are encountered.Type: GrantFiled: December 14, 2017Date of Patent: October 26, 2021Assignee: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESInventors: Damien Courousse, Thomas Hiscock, Olivier Savry
-
Patent number: 11144470Abstract: Method for managing a cache memory comprising: the transformation of a received set address in order to find a word in the cache memory, into a transformed set address by means of a bijective transformation function, the selection of one or more line tags stored in the cache memory at the transformed set address. in which: the transformation function is parameterized by a parameter q such that the transformed set address obtained depends both on the received set address and on the value of this parameter q, and for all the non-zero values of the parameter q, the transformation function permutes at least 50% of the set addresses, and during the same execution of the process, a new value of the parameter q is repeatedly generated for modifying the transformation function.Type: GrantFiled: December 16, 2019Date of Patent: October 12, 2021Assignee: Commissariat A L'Energie Atomique et aux Energies AlternativesInventors: Thomas Hiscock, Mustapha El Majihi, Olivier Savry
-
Publication number: 20210173946Abstract: A method for executing a computer program, wherein when a microprocessor writes a block of No bytes of a datum of a block of cleartext data stored in an unencrypted memory, a security module switches a validity indicator associated with this block of No bytes to an active state wherein it indicates that this block of bytes is valid, and each time a block of No bytes of a datum of the block of cleartext data is loaded by the microprocessor from the unencrypted memory, the hardware security module verifies whether the validity indicator associated with this block of No bytes is in its active state and, if such is the case, processing, by the microprocessor, of this block of No bytes is permitted, and, if such is not the case, processing, by the microprocessor, of this block of No bytes is forbidden.Type: ApplicationFiled: December 2, 2020Publication date: June 10, 2021Applicant: Commissariat a l'Energie Atomique et aux Energies AlternativesInventors: Olivier SAVRY, Thomas HISCOCK
-
Patent number: 11003593Abstract: A method for managing a cache memory, including executing first and second processes, when the second process modifies the state of the cache memory, updating the value of an indicator associated with this second process, and comparing the value of this indicator to a predefined threshold and, when this predefined threshold is exceeded, detecting an abnormal use of the cache memory by the second process, in response to this detection, modifying pre-recorded relationships in order to associate with the identifier of the second process a value of a parameter q different from the value of the parameter q associated with the first process so that, after this modification, when the received address of a word to be read is the same for the first and second processes, then the set addresses used to read this word from the cache memory are different.Type: GrantFiled: January 16, 2020Date of Patent: May 11, 2021Assignee: Commissariat a l'Energie Atomique et aux Energies AlternativesInventors: Thomas Hiscock, Mustapha El Majihi, Olivier Savry
-
Patent number: 10942868Abstract: A method including the loading into registers of a microprocessor of a code line recorded at an address @j, and then calculating, with a securing hardware module, an initialization vector with the aid of a relation ivj=Fjv(@j), where @j is the address from which the code line was loaded, and then decrypting, with the securing hardware module, the code line loaded with the aid of the initialization vector calculated to obtain: a datum Dj of its cryptogram, and a first error-detecting code, and then verifying, with the securing hardware module and with the aid of the first error-detecting code obtained, whether there exists an error in the datum Dj or its cryptogram and, if such an error exists, triggering the signalling of an execution fault and, if such an error does not exist, inhibiting this signalling of an execution fault.Type: GrantFiled: September 13, 2018Date of Patent: March 9, 2021Assignee: Commissariat a l'energie atomique et aux energies alternativesInventor: Olivier Savry
-
Publication number: 20210004456Abstract: A method for executing a binary code of a secure function includes obtaining a pointer containing: a first range of bits containing the address of a line of code, and a second, different range of bits containing an identifier of the pointer, storing the line of code, this line of code containing a first integrity tag constructed or encrypted using the identifier of the pointer, loading the line of code from the address contained in the first range of bits of the pointer, verifying the integrity of the loaded line of code by constructing a second integrity tag using the identifier of the pointer contained in the second range of bits of the pointer used to load it.Type: ApplicationFiled: July 1, 2020Publication date: January 7, 2021Applicant: Commissariat a l'Energie Atomique et aux Energies AlternativesInventor: Olivier SAVRY
-
Publication number: 20200349294Abstract: A method for executing a binary code includes for each item of data to be recorded: executing an algorithm for constructing a data line containing a cryptogram of this item of data constructed using an initialization vector ivj associated with an address @j of the main memory using a relationship ivj=Fiv(@j), where the function Fiv, is a pre-programmed function that associates a different initialization vector ivj with each different address @j of a main memory, and then recording this constructed data line in the main memory at the address @j, where each instruction line of a basic block is constructed by executing the same construction algorithm as the one executed to construct the data line and using the same function Fiv, the item of data for this purpose being taken to be equal to the instruction masked using a mask associated with this basic block.Type: ApplicationFiled: May 5, 2020Publication date: November 5, 2020Applicant: Commissariat a l'Energie Atomique et aux Energies AlternativesInventor: Olivier SAVRY
-
Publication number: 20200302067Abstract: A method for executing a binary code including the execution of an indirect load instruction which provokes the reading of a data line associated with an address obtained from the content of a destination register, then the construction of an initialization vector from the content of this data line, then the loading of this constructed initialization vector in a microprocessor, then the execution of an indirect branch instruction which provokes a branch directly to a first encrypted instruction line of a following basic block whose address is obtained from the content of the same destination register, then the decryption of the cryptogram of each encrypted instruction line of the following basic block using the initialization vector loaded in the microprocessor.Type: ApplicationFiled: March 19, 2020Publication date: September 24, 2020Applicant: Commissariat a l'Energie Atomique et aux Energies AlternativesInventor: Olivier Savry
-
Publication number: 20200302068Abstract: A method for executing, with a microprocessor, a binary code, this method including executing a prologue of a function called by a microprocessor, this execution including encrypting a return address of the calling or called function and saving the return address thus encrypted in a call stack, this encryption being carried out using a first value that is not used when data are saved in the call stack by the called function and that is independent of the address at which the return address thus encrypted is saved in the call stack, then executing an epilogue of the function called by the microprocessor, this execution including decrypting, using the first value, the encrypted return address saved in the call stack, then branching to an instruction line identified by this decrypted return address.Type: ApplicationFiled: March 19, 2020Publication date: September 24, 2020Applicant: Commissariat a l'Energie Atomique et aux Energies AlternativesInventor: Olivier SAVRY