Abstract: A prover chip uses a key multiplier value generated by a proof-of-work function from a challenge value, a random number, and elliptic curve cryptography (ECC) techniques to generate a one-time (or ephemeral) use private key. Similarly, a verifier chip uses the key multiplier value generated by an equivalent proof-of-work function, a public key received from the prover, and ECC techniques to derive a one-time use public key that corresponds to the ephemeral private key generated by the prover chip. The prover chip uses the ephemeral private key to sign the second challenge value and send this signed second challenge value to the verifier chip. The verifier verifies the value it receives using the one-time use public key and if the signature on the second challenge value is valid, authenticates the prover chip to a system.

Abstract: Technologies for detecting and classifying errors detected in pipelined hardware are described. One device includes a hardware pipeline with a set of pipeline stages. Error detection logic can detect an error in the hardware pipeline, and control logic can classify the error in one of the multiple categories based on a type of the error, a position of the first data in a data stream that triggered the error, and a position of a pipeline stage in which the error is detected. The control logic can perform an error-response action based on the error classification of the error.

Abstract: Described herein are technologies for application authentication and/or data encryption without stored pre-shared keys. In one resource controller, a processing device receives an application identifier (ID) from the application. The processing device provides a current nonce responsive to the application ID and provides the application access to the system resource responsive to determining that a hash of a current key received from the application equals a current tag. The current key is generated by the application based on code of the application and the current nonce. The current tag was previously provided from the application to the resource controller. The current tag can also be hashed by the application using the current key.

Abstract: A first device transmits a first message to a second device as part of a challenge-response protocol in order to authenticate the second device. A power limited power supply coupled to the second device limits power consumption by the second device during the second device's challenge-response protocol calculations. The first device measures a response time of the second device during the challenge-response protocol. The authentication of the second device is based on the response time of the second device while it has limited power consumption.

Abstract: Systems and methods for efficient computation of stream ciphers. An example system for implementing a stream cipher, may comprise: a sub-round computation circuit of a first type configured to perform a subset of transformations of a cipher computation round on a round input state, each transformation of the subset of transformations including at least one of: a bitwise addition operation, a bitwise exclusive disjunction operation, or a bitwise rotation operation. The sub-round computation circuit of the first type may comprise: one or more of sub-round computation circuits of a second type, wherein each sub-round computation circuit of the second type is configured to perform the subset of transformations of the cipher computation round on a respective part of the round input state.

Abstract: A block of data is provided from a verifier module to an authenticator module, the size of the block being correlated with one or more desired characteristics of the authenticator module. The verifier module receives a response from the authenticator module, the response comprising data result derived from a calculation involving the challenge value and the block of data. The verifier module verifies whether the response is indicative of the one or more desired characteristics of the authenticator module.

Abstract: Disclosed systems and techniques are directed to efficient integrity monitoring of computational operations using multiple memory arrays collectively representative of known events associated with the computational operations. Disclosed techniques include obtaining event identification value representative of a state of the computing device associated with execution of an operation on the computing device, obtaining memory pointers and selecting, based on the memory pointers, mapping values from multiple memory arrays, computing an event response value, and classifying the operation among a plurality of classes, based on the event response value.

Abstract: Aspects of the present disclosure involve a method, a system and a computer readable memory to generate and use prime numbers in cryptographic operations by determining one or more polynomial functions that have no roots modulo each of a predefined set of prime numbers, selecting one or more input numbers, generating a candidate number by applying one or more instances of the one or more polynomial functions to the one or more input numbers, determining that the candidate number is a prime number, and using the determined prime number to decrypt an input into the cryptographic operation.

Abstract: Systems and methods for protecting from external monitoring attacks cryptographic data processing operations involving computation of a universal polynomial hash function, such as GHASH function. An example method may comprise: receiving an input data block, an iteration result value, and a mask value; performing a non-linear operation to produce a masked result value, wherein a first operand of the non-linear operation is represented by a combination of the iteration result value and the input data block, and the second operand of the non-linear operation is represented by a secret hash value, and wherein one of the first operand or the second operand is masked using a mask value; determining, based on the mask value, a mask correction value; and producing a new iteration result value by applying the mask correction value to the masked result value.

Abstract: A container corresponding to executable code may be received. In response to receiving the container, a container manager resident in a memory of a computation environment may be executed to verify the container. The container manager may be verified by a boot loader of the computation environment. Permissions of the container to access the resources of a computation environment may be determined after the verification of the container by the container manager. Access to one or more resources of the computation environment may be provided by transferring control to the one or more resources from the container manager to the container based on the permissions of the container for the resources of the computation environment.

Abstract: Aspects of the present disclosure involve a method, a system and a computer readable memory to optimize performance of cryptographic operations by avoiding computations of inverse values during decryption of encrypted messages.

Abstract: A DMA system includes two or more DMA engines that facilitate transfers of data through a shared memory. The DMA engines may operate independently of each other and with different throughputs. A data flow control module controls data flow through the shared memory by tracking status information of data blocks in the shared memory. The data flow control module updates the status information in response to read and write operations to indicate whether each block includes valid data that has not yet been read or if the block has been read and is available for writing. The data flow control module shares the status information with the DMA engines via a side-channel interface to enable the DMA engines to determine which block to write to or read from.

Abstract: Disclosed are systems and techniques for enhanced protection of cryptographic key generation in cryptographic applications. In particular, described is a method and a system that performs the method of obtaining input numbers associated with a cryptographic application, generating masking matrix based on at least one random value, obtaining masked numbers using a matrix product of the MM and the input numbers, determining a greatest common divisor (GCD) of the masked numbers, identifying a GCD of the input numbers, and using the identified GCD to generate a cryptographic key.

Abstract: Aspects of the present disclosure involve a method to perform a cryptographic operation using a plurality of iterations, each of the plurality of iterations comprising: loading a first number corresponding to a difference between a first component of a first input working point on an elliptic curve and a first component of a second input working point on the elliptic curve, loading a second number corresponding to a difference between the first component of the first input working point and a first component of a third input working point on the elliptic curve, and determining a third number corresponding to a difference between a first component of a first output working point on the elliptic curve and the first component of the second input working point, wherein determining the third number comprises squaring a product of the first number and a first function of the second number.

Abstract: A first address bus may be located in an upper layer of an integrated circuit that is associated with a memory and a memory controller. The first address bus may receive a first portion of a memory address. A second address bus may be located in a lower layer of the integrated circuit where the second address bus is to receive a second portion of the memory address. Furthermore, a data bus may be located in an intermediate layer where the data bus is to receive data corresponding to the memory address from the memory and may transmit the data to the memory controller. The intermediate layer may be between the upper layer and the lower layer. A layout of the signals of the data bus may vertically overlap with a layout of signals of the first address bus and a layout of signals of the second address bus.

Abstract: A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.

Abstract: A container corresponding to executable code may be received. In response receiving the container, an assertion value may be stored in an assertion register. A final canary value may be generated based on a cycles combining a prior canary value and a mix value. A determination may be made as to whether the final canary value matches with the assertion value stored in the assertion register. In response to determining that the final canary value matches with the assertion value, one or more privilege registers may be programmed to provide access to hardware resources for the container corresponding to the executable user code.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

Abstract: A container corresponding to executable code may be received. The container may be executed in a secure computation environment by performing one or more operations specified by the executable code of the container. An instruction to terminate the executing of the container may be received from a high level operating system (HLOS) that is external to the secure computation environment. A determination may be made as to whether the container is associated with a preemption privilege and the executing of the container may be terminated after receiving the instruction from the HLOS based on the determination of whether the container is associated with the preemption privilege.