Abstract: Technologies disclosed herein provide cryptographic computing. An example method comprises executing a first instruction of a first software entity to receive a first input operand indicating a first key associated with a first memory compartment of a plurality of memory compartments stored in a first memory unit, and execute a cryptographic algorithm in a core of a processor to compute first encrypted contents based at least in part on the first key. Subsequent to computing the first encrypted contents in the core, the first encrypted contents are stored at a memory location in the first memory compartment of the first memory unit. More specific embodiments include, prior to storing the first encrypted contents at the memory location in the first memory compartment and subsequent to computing the first encrypted contents in the core, moving the first encrypted contents into a level one (L1) cache outside a boundary of the core.

Abstract: In one example a prover device comprises one or more processors, a computer-readable memory, and signature logic to store a first cryptographic representation of a first trust relationship between the prover device and a verifier device, the first cryptographic representation based on a pair of asymmetric hash-based multi-time signature keys, receive an attestation request message from the verifier device, the attestation request message comprising attestation data for the verifier device and a hash-based signature generated by the verifier device, and in response to the attestation request message, to verify the attestation data, verify the hash-based signature generated by the verifier device using a public key associated with the verifier device, generate an attestation reply message using a hash-based multi-time private signature key and send the attestation reply message to the verifier device. Other examples may be described.

Abstract: In one embodiment, a processor of a cryptographic computing system includes a register to store an encryption key and address generation circuitry to obtain a pointer representing a linear address to be accessed by a read or write operation, the pointer being at least partially encrypted, obtain the key from the register and a context value, decrypt the encrypted portion of the pointer using the key and the context value as a tweak input, and generate an effective address for use in the read or write operation based on an output of the decryption.

Abstract: Embodiments are directed to a digital signature verification engine for reconfigurable circuit devices. An embodiment of an apparatus includes one or more processors; and a reconfigurable circuit device, the reconfigurable circuit device including digital signal processing (DSP) blocks and logic elements (LEs), wherein the one or more processors are to configure the reconfigurable circuit device to operate as a signature verification engine for a bit stream, the signature verification engine including a hybrid multiplication unit, the hybrid multiplication unit combining a set of LEs and a set of the DSPs to multiply operands for signature verification.

Abstract: In one embodiment, a processor of a cryptographic computing system includes data cache units storing encrypted data and circuitry coupled to the data cache units. The circuitry accesses a sequence of cryptographic-based instructions to execute based on the encrypted data, decrypts the encrypted data based on a first pointer value, executes the cryptographic-based instruction using the decrypted data, encrypts a result of the execution of the cryptographic-based instruction based on a second pointer value, and stores the encrypted result in the data cache units. In some embodiments, the circuitry generates, for each cryptographic-based instruction, at least one encryption-based microoperation and at least one non-encryption-based microoperation. The circuitry also schedules the at least one encryption-based microoperation and the at least one non-encryption-based microoperation for execution based on timings of the encryption-based microoperation.

Abstract: In one example an apparatus comprises verification circuitry to receive, in a RSA/ECDSA processor, an input message, compute, in the RSA/ECDSA processor, a hash digest (d) for the message, and provide the hash digest as an input to a XMSS/LMS processor. Other examples may be described.

Abstract: In one example an apparatus comprises a computer-readable memory, signature logic to compute a message hash of an input message using a secure hash algorithm, process the message hash to generate an array of secret key components for the input message, apply a hash chain function to the array of secret key components to generate an array of signature components, the hash chain function comprising a series of even-index hash chains and a series of odd-index hash chains, wherein the even-index hash chains and the odd-index hash chains generate a plurality of intermediate node values and a one-time public key component between the secret key components and the signature components and store at least some of the intermediate node values in the computer-readable memory for use in one or more subsequent signature operations. Other examples may be described.

Abstract: In one embodiment, a processor includes circuitry to decode an instruction referencing an encoded data pointer that includes a set of plaintext linear address bits and a set of encrypted linear address bits. The processor also includes circuitry to perform a speculative lookup in a translation lookaside buffer (TLB) using the plaintext linear address bits to obtain physical address, buffer a set of architectural predictor state values based on the speculative TLB lookup, and speculatively execute the instruction using the physical address obtained from the speculative TLB lookup. The processor also includes circuitry to determine whether the speculative TLB lookup was correct and update a set of architectural predictor state values of the core using the buffered architectural predictor state values based on a determination that the speculative TLB lookup was correct.

Abstract: In one embodiment, a processor includes a memory hierarchy and a core. The core includes circuitry to access an encoded code pointer for a load instruction and perform a memory disambiguation (MD) lookup using a subset of address bits indicated by the encoded code pointer and context information indicated by one or more of the encoded code pointer or an encoded data pointer of the load instruction. The circuitry is further to determine, based on the MD lookup, that the load instruction is predicted to be independent from previous store instructions and forward the load instruction for out-of-order execution based on the determination.

Abstract: In one example an apparatus comprises one or more processors, and signature logic to receive a first plurality of state variables for use in a secure hash signature operation, compute a second plurality of operations from the first plurality of state variables to generate a corresponding second plurality of outputs, receive a signature key to be used in a secure hash operation, divide the signature key into a third plurality of chunks, implement, in a pseudo-random order, a fourth plurality of add operations to add the second plurality of outputs to the third plurality of chunks to update the first plurality of state variables. Other examples may be described.

Abstract: In one example an apparatus comprises a computer readable memory, hash logic to generate a message hash value based on an input message, signature logic to generate a signature to be transmitted in association with the message, the signature logic to apply a hash-based signature scheme to a private key to generate the signature comprising a public key, and accelerator logic to pre-compute at least one set of inputs to the signature logic. Other examples may be described.

Abstract: A method comprising executing, by a core of a processor, a first instruction requesting access to a parameter associated with data for storage in a main memory coupled to the processor, the first instruction including a reference to the parameter, a reference to a wrapping key, and a reference to an encrypted encryption key, wherein execution of the first instruction comprises decrypting the encrypted encryption key using the wrapping key to generate a decrypted encryption key; requesting transfer of the data between the main memory and the processor core; and performing a cryptographic operation on the parameter using the decrypted encryption key.

Abstract: In one example an apparatus comprises a computer readable memory, an XMSS operations logic to manage XMSS functions, a chain function controller to manage chain function algorithms, a secure hash algorithm-2 (SHA2) accelerator, a secure hash algorithm-3 (SHA3) accelerator, and a register bank shared between the SHA2 accelerator and the SHA3 accelerator. Other examples may be described.

Abstract: Embodiments are directed to post quantum public key signature operation for reconfigurable circuit devices. An embodiment of an apparatus includes one or more processors; and a reconfigurable circuit device, the reconfigurable circuit device including a dedicated cryptographic hash hardware engine, and a reconfigurable fabric including logic elements (LEs), wherein the one or more processors are to configure the reconfigurable circuit device for public key signature operation, including mapping a state machine for public key generation and verification to the reconfigurable fabric, including mapping one or more cryptographic hash engines to the reconfigurable fabric, and combining the dedicated cryptographic hash hardware engine with the one or more mapped cryptographic hash engines for cryptographic signature generation and verification.

Abstract: In one example an apparatus comprises verification circuitry to store an object image in a computer readable memory external to an XMSS verifier circuitry and verify the object image by repeating operations to receive, in a local memory of the XMSS verifier circuitry, a fixed-sized block of data from the object image and process the fixed-sized block of data to compute the signature verification. Other examples may be described.

Abstract: In one example an apparatus comprises signature circuitry to receive input variables comprising a value (X), a start index (i), a number of steps (s), a seed (SEED) and a memory address (ADRS) to store one or more context variables, and implement a loop for a multi-stage calculation of a Winternitz one-time signature (WOTS), wherein one or more WOTS hash functions are computed in each stage of the multi-stage calculation. Other examples may be described.

Abstract: In one embodiment, a processor includes a memory hierarchy that stores encrypted data, tracking circuitry that tracks an execution context for instructions executed by the processor, and cryptographic computing circuitry to encrypt/decrypt data that is stored in the memory hierarchy. The cryptographic computing circuitry obtains context information from the tracking circuitry for a load instruction to be executed by the processor, where the context information indicates information about branch predictions made by a branch prediction unit of the processor, and decrypts the encrypted data using a key and the context information as a tweak input to the decryption.

Abstract: Embodiments are directed to homomorphic encryption for machine learning and neural networks using high-throughput Chinese remainder theorem (CRT) evaluation. An embodiment of an apparatus includes a hardware accelerator to receive a ciphertext generated by homomorphic encryption (HE) for evaluation, decompose coefficients of the ciphertext into a set of decomposed coefficients, multiply the decomposed coefficients using a set of smaller modulus determined based on a larger modulus, and convert results of the multiplying back to an original form corresponding to the larger modulus.

Abstract: Embodiments are directed to low circuit depth homomorphic encryption evaluations. An embodiment of an apparatus includes a hardware accelerator to receive a ciphertext generated by homomorphic encryption (HE) for evaluation, determine two coefficients of the ciphertext for HE evaluation, input the two coefficients as a first operand and a second operand to a pipeline multiplier for low circuit depth HE evaluation, perform combinatorial multiplication between the first operand and portions of the second operand, accumulate results of the combinatorial multiplication at each stage of the pipeline multiplier, and perform reduction with Mersenne prime modulus on a resulting accumulated output of the combinatorial multipliers of the pipeline multiplier.

Abstract: In one example an apparatus comprises a computer readable memory, a signature logic to generate a signature to be transmitted in association with a message, the signature logic to apply a hash-based signature scheme to the message using a private key to generate the signature comprising a public key, or a verification logic to verify a signature received in association with the message, the verification logic to apply the hash-based signature scheme to verify the signature using the public key, and an accelerator logic to apply a structured order to at least one set of inputs to the hash-based signature scheme. Other examples may be described.