Abstract: Disclosed is a method for protecting message data. In the method, the message data is padded with padding bits generated based on a deterministic function performed on the message data. The padded message data is compressed to generate compressed data. A length of the compressed data is dependent on the padding bits. The compressed data is encrypted to generate encrypted message data.

Abstract: Techniques for providing countermeasures against physical attacks on the contents of off-chip memory are provided in which a pseudo-internal memory resistant to physical attack is used. The pseudo-internal memory is mapped to an address space such that the pseudo-internal memory appears to be on-chip memory to a processor or a system on a chip (SoC). A method for protecting sensitive data according to these techniques includes presenting, by a pseudo-internal memory module of a SoC, an address space as internal memory of the SoC, where the address space comprises memory located off-chip from the system on a chip, receiving a data write request at the pseudo-internal memory module from a component of the SoC, encrypting data associated with the data write request using the pseudo-internal memory module to generate encrypted data, and writing the encrypted data to the memory located off-chip from the SoC.

Abstract: Techniques for protecting contents of a stack associated with a processor are provided. The techniques include a method including receiving a store instruction from a software program being executed by the processor, the store instruction including control information associated with a subroutine, altering the control information to generate secured control information responsive to receiving the store instruction from the software program, storing the secured control information on the stack, receiving a load instruction from the software program; and responsive to receiving the load instruction from the software program, loading the secured control information from the stack, altering the secured control information to recover the control information, and returning the control information to the software program.

Abstract: One feature pertains to a mechanism to secure a data structure by using a computationally efficient algorithm. A plurality of keys and/or masks may be pre-generated upon boot-up or initiation of a session. An authentication code may be computed for each data structure (e.g., memory block or header block) by selecting a subset of the plurality of pre-generated keys and/or a mask from the plurality of pre-generated masks. The authentication code may be stored within the data structure for future verification of the integrity of the data structure. The keys and/or masks used for all authentication codes (e.g., for other data structures) may be selected from the same plurality of keys and/or masks during the same cycle or session.

Abstract: Techniques for protecting contents of a stack associated with a processor are provided. The techniques include a method including receiving a store instruction from a software program being executed by the processor, the store instruction including control information associated with a subroutine, altering the control information to generate secured control information responsive to receiving the store instruction from the software program, storing the secured control information on the stack, receiving a load instruction from the software program; and responsive to receiving the load instruction from the software program, loading the secured control information from the stack, altering the secured control information to recover the control information, and returning the control information to the software program.

Abstract: Techniques for encrypting data are provided that can be used to help prevent side-channel attacks on the cryptographic algorithms. An example method according to these techniques includes permuting an order of first intermediate data according to a predetermined permutation to produce permuted intermediate data. The first inter mediate data is output by one or more first stages of a cryptographic algorithm. The method also includes permuting a key to be used by one or more second stages of a cryptographic algorithm according to the predetermined permutation, applying the one or more second stages of a cryptographic algorithm to the permuted intermediate data to generate second intermediate data, the one or more second stages of the cryptographic algorithm using the permuted key, and permuting the second intermediate data according to an inverse permutation of the predetermined permutation to generate output.

Abstract: A method for authenticating a message by a wireless device is described. The wireless device obtains the input message. The wireless device generates a keystream. The wireless device computes a message authentication code using the keystream and a universal hash function. The universal hash function is computed using carryless multiplication.

Abstract: A wireless communication device is described. The wireless communication device includes a linear feedback shift register. The linear feedback shift register is initialized. The linear feedback shift register is a word based odd characteristic linear feedback shift register. The linear feedback shift register includes multiple 64-bit registers. A feedback function output is generated using the 64-bit registers. The feedback function output is placed into a highest register of the linear feedback shift register.

Abstract: A wireless communication device is described. The wireless communication device includes a linear feedback shift register. The linear feedback shift register is initialized. The linear feedback shift register is a word based odd characteristic linear feedback shift register. The linear feedback shift register includes multiple 64-bit registers. A feedback function output is generated using the 64-bit registers. The feedback function output is placed into a highest register of the linear feedback shift register.

Abstract: A method for authenticating a message by a wireless device is described. The wireless device obtains the input message. The wireless device generates a keystream. The wireless device computes a message authentication code using the keystream and a universal hash function. The universal hash function is computed using carryless multiplication.

Abstract: One feature pertains to a mechanism to secure a data structure by using a computationally efficient algorithm. A plurality of keys and/or masks may be pre-generated upon boot-up or initiation of a session. An authentication code may be computed for each data structure (e.g., memory block or header block) by selecting a subset of the plurality of pre-generated keys and/or a mask from the plurality of pre-generated masks. The authentication code may be stored within the data structure for future verification of the integrity of the data structure. The keys and/or masks used for all authentication codes (e.g., for other data structures) may be selected from the same plurality of keys and/or masks during the same cycle or session.

Abstract: Disclosed is a method for protecting message data. In the method, the message data is padded with padding bits generated based on a deterministic function performed on the message data. The padded message data is compressed to generate compressed data. A length of the compressed data is dependent on the padding bits. The compressed data is encrypted to generate encrypted message data.