Abstract: Certain examples described herein relate to a co-processor that allows a processing unit to efficiently perform a cryptographic operation. The co-processor has an arithmetic unit that is configured to perform discrete binary arithmetic using bit sequences loaded from a memory. The co-processor may be configured for fast, low-power computation of certain functions that comprise low-level building blocks for the cryptographic operation. These functions may include Boolean logic and integer arithmetic. The co-processor has a set of control registers that are writable by the processing unit to control the co-processor. Addresses for one or more sources and destinations may be computed by the co-processor to allow for flexible operation. The co-processor may allow many advanced cryptographic operations to be rapidly computed, including those that are “post-quantum” secure.

Abstract: A key generation method is provided. A first peer obtains an ephemeral key from a second peer via a server. The first peer uses the ephemeral key to compute a ciphertext that encrypts a first parameter. The first peer uses the first parameter to generate a session key. The ciphertext is sent to the server by the first peer to allow the second peer to generate the session key. The key may be subsequently used for communication, such as by using a key management algorithm such as Double Rachet.

Abstract: Cryptographic methods and systems are described. Certain examples relate to performing cryptographic operations by updating a cryptographic state. The methods and systems may be used to provide cryptographic functions such as hashing, encryption, decryption and random number generation. In one example, a non-linear feedback shift register or expander sequence is defined. The non-linear feedback shift register or expander sequence has a plurality of stages to receive the cryptographic state, wherein at least one of the plurality of stages is updated as a non-linear function of one or more other stages. In certain examples, a cryptographic state is updated over a plurality of rounds. Examples adapted for authenticated encryption and decryption, hashing, and number generation are described.

Abstract: Certain examples described herein relate to secure update propagation. The examples present systems and methods to transmit data in the form of updates over a network and to ensure the authenticity of the updates. The examples use a set-homomorphic digital signature scheme to sign updates such that a combined digital signature may be used to verify a batch of updates in place of a set of individual digital signatures. The combined digital signature may be generated by aggregating individual digital signatures.