Patents by Inventor Chaim Shen-Orr
Chaim Shen-Orr has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11645185Abstract: Micro-architectural fault detectors are described. An example of storage mediums includes instructions for receiving one or more micro instructions for scheduling in a processor, the processor including one or more processing resources; and performing fault detection in performance of the one or more micro instructions utilizing one or more of a first idle canary detection mode, wherein the first mode includes assigning at least one component as an idle canary detector to perform a canary process with an expected outcome, and a second micro-architectural redundancy execution mode, wherein the second mode includes replicating a first micro instruction to generate micro instructions for performance by a set of processing resources.Type: GrantFiled: September 25, 2020Date of Patent: May 9, 2023Assignee: INTEL CORPORATIONInventors: Reuven Elbaum, Chaim Shen-Orr, Assaf Admoni
-
Patent number: 11392698Abstract: The present disclosure is directed to systems and methods of detecting a side-channel attack detecting a translation lookaside buffer (TLB) miss on a virtual address lookup caused by the speculative execution of an instruction and determining that the physical memory address associated with the virtual address lookup contains a privileged object or a secret object. Range register circuitry determines whether the physical memory address is located in an address range containing privileged objects or secret objects. Performance monitoring counter (PMC) circuitry generates an interrupt in response to receipt of information indicative of the TLB miss and information indicative that the physical memory address contains a privileged object or a secret object. The PMC circuitry causes the storage of information associated with the speculatively executed instruction causing the virtual address lookup.Type: GrantFiled: March 15, 2019Date of Patent: July 19, 2022Assignee: Intel CorporationInventors: Chaim Shen-Orr, Baruch Chaikin, Ahmad Yasin, Reuven Elbaum
-
Publication number: 20220100629Abstract: Micro-architectural fault detectors are described. An example of storage mediums includes instructions for receiving one or more micro instructions for scheduling in a processor, the processor including one or more processing resources; and performing fault detection in performance of the one or more micro instructions utilizing one or more of a first idle canary detection mode, wherein the first mode includes assigning at least one component as an idle canary detector to perform a canary process with an expected outcome, and a second micro-architectural redundancy execution mode, wherein the second mode includes replicating a first micro instruction to generate micro instructions for performance by a set of processing resources.Type: ApplicationFiled: September 25, 2020Publication date: March 31, 2022Applicant: Intel CorporationInventors: Reuven Elbaum, Chaim Shen-Orr, Assaf Admoni
-
Patent number: 11194933Abstract: The present disclosure is directed to systems and methods to protect against SCA and fault injection attacks through the use of a temporary or ephemeral key to cryptographically alter input data portions. Universal resistant block (URB) circuitry receives a seed data value and a at least one secret key data value and generates an ephemeral key output data value. Cryptographic circuitry uses the ephemeral key data value to transform an input data portion to produce an transformed output data portion. The use of an SCA or fault injection attack on the transformed output data portion will reveal only the ephemeral key data value and not the at least one secret key data value. Further, where a unique ephemeral key data value is used to transform each input data portion, an attacker cannot discover the ephemeral key in a piecemeal manner and must instead discover the complete ephemeral key data value—significantly increasing the difficulty of performing a successful SCA or fault injection attack.Type: GrantFiled: June 4, 2019Date of Patent: December 7, 2021Assignee: Intel CorporationInventors: Yaacov Belenky, Gyora Benedek, Reuven Elbaum, David Novick, Elad Peer, Chaim Shen-Orr, Yonatan Shlomovich
-
Patent number: 10489308Abstract: Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized privileged code sections in virtual memory address space, are described. In an example, a computing system includes electronic operations for detecting unauthorized attempts to access kernel virtual memory pages via trap entry detection, with operations including: generating a trap page with a physical memory address; assigning a phantom page at an open location in the privileged portion of the virtual memory address space; generating a plurality of phantom page table entries corresponding to an otherwise-unmapped privileged virtual memory region; placing the trap page in physical memory and placing the phantom page table entry in a page table map; and detecting an access to the trap page via the phantom page table entry, to trigger a response to a potential attack.Type: GrantFiled: June 29, 2017Date of Patent: November 26, 2019Assignee: Intel CorporationInventors: Uri Bear, Gyora Benedek, Baruch Chaikin, Jacob Jack Doweck, Reuven Elbaum, Dimitry Kloper, Elad Peer, Chaim Shen-orr, Yonatan Shlomovich
-
Publication number: 20190286853Abstract: The present disclosure is directed to systems and methods to protect against SCA and fault injection attacks through the use of a temporary or ephemeral key to cryptographically alter input data portions. Universal resistant block (URB) circuitry receives a seed data value and a at least one secret key data value and generates an ephemeral key output data value. Cryptographic circuitry uses the ephemeral key data value to transform an input data portion to produce an transformed output data portion. The use of an SCA or fault injection attack on the transformed output data portion will reveal only the ephemeral key data value and not the at least one secret key data value. Further, where a unique ephemeral key data value is used to transform each input data portion, an attacker cannot discover the ephemeral key in a piecemeal manner and must instead discover the complete ephemeral key data value—significantly increasing the difficulty of performing a successful SCA or fault injection attack.Type: ApplicationFiled: June 4, 2019Publication date: September 19, 2019Inventors: Yaacov Belenky, Gyora Benedek, Reuven Elbaum, David Novick, Elad Peer, Chaim Shen-Orr, Yonatan Shlomovich
-
Publication number: 20190213330Abstract: The present disclosure is directed to systems and methods of detecting a side-channel attack detecting a translation lookaside buffer (TLB) miss on a virtual address lookup caused by the speculative execution of an instruction and determining that the physical memory address associated with the virtual address lookup contains a privileged object or a secret object. Range register circuitry determines whether the physical memory address is located in an address range containing privileged objects or secret objects. Performance monitoring counter circuitry receives information indicative of the TLB miss and information indicative that the physical memory address contains a privileged object or a secret object. The PMC circuitry generates an interrupt in response to receipt of information indicative of the TLB miss and information indicative that the physical memory address contains a privileged object or a secret object.Type: ApplicationFiled: March 15, 2019Publication date: July 11, 2019Applicant: Intel CorporationInventors: CHAIM SHEN-ORR, BARUCH CHAIKIN, AHMAD YASIN, REUVEN ELBAUM
-
Publication number: 20190004972Abstract: Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized privileged code sections in virtual memory address space, are described. In an example, a computing system includes electronic operations for detecting unauthorized attempts to access kernel virtual memory pages via trap entry detection, with operations including: generating a trap page with a physical memory address; assigning a phantom page at an open location in the privileged portion of the virtual memory address space; generating a plurality of phantom page table entries corresponding to an otherwise-unmapped privileged virtual memory region; placing the trap page in physical memory and placing the phantom page table entry in a page table map; and detecting an access to the trap page via the phantom page table entry, to trigger a response to a potential attack.Type: ApplicationFiled: June 29, 2017Publication date: January 3, 2019Inventors: Uri Bear, Gyora Benedek, Baruch Chaikin, Jacob Jack Doweck, Reuven Elbaum, Dimitry Kloper, Elad Peer, Chaim Shen-orr, Yonatan Shlomovich
-
Patent number: 9747471Abstract: A state sensitive device is described, the device including a state register which stores a record of the effective-state of the device, a mask field having a value which varies according to a value of the state register, and a processor which changes the value of the mask field to a new value of the mask field when there is a change in the value of the state register, wherein, the processor performs a state dependent calculation requiring the value of the mask field as an operand in the state dependent calculation which will yield an incorrect result if the value of the mask field does not properly correspond to the value of the state register. Related methods, systems and apparatus are also described.Type: GrantFiled: December 9, 2013Date of Patent: August 29, 2017Assignee: Cisco Technology, Inc.Inventors: Yaacov Belenky, Chaim Shen-Orr
-
Patent number: 9135453Abstract: A method for data transfer includes receiving a control signal triggering a transfer of a secret value into an element (24) of a circuit (20). In response to the control signal, a dummy value (42, 50) and the secret value are inserted in succession into the element of the circuit.Type: GrantFiled: August 27, 2012Date of Patent: September 15, 2015Assignee: CISCO TECHNOLOGY INC.Inventors: Chaim Shen-Orr, Yonatan Shlomovich, Reuven Elbaum, Zvi Shkedy, Lior Amarilio, Yigal Shapiro, Uri Bear
-
Patent number: 9045095Abstract: A secure wireless vehicle control system includes a power source installed in a vehicle and a plurality of electronic control units (ECUs) operative to control the operation of components of the vehicle, where each of the ECUs is connected to the power source via electrical wiring, configured with at least a communications unit for receiving security information via the electrical wiring, and also configured with a wireless transceiver operative to use the security information to secure wireless transmission. An ECU includes a wired connection to a vehicle's power source, a communications unit operative to at least receive security information via the wired connection, and a wireless transceiver operative to communicate with at least one other ECU, where the wireless transceiver is configured to use the security information to secure communications with the at least one other ECU.Type: GrantFiled: September 16, 2013Date of Patent: June 2, 2015Assignee: CISCO TECHNOLOGY INC.Inventors: Yaron Sella, Chaim Shen-Orr
-
Patent number: 8913745Abstract: A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time.Type: GrantFiled: August 5, 2013Date of Patent: December 16, 2014Assignee: Cisco Technology Inc.Inventors: Chaim Shen-Orr, Zvi Shkedy, Reuven Elbaum, Yonatan Shlomovich, Yigal Shapiro, Yaacov Belenky, Yaakov (Jordan) Levy, Reuben Sumner, Itsik Mantin
-
Publication number: 20140172188Abstract: A secure wireless vehicle control system includes a power source installed in a vehicle and a plurality of electronic control units (ECUs) operative to control the operation of components of the vehicle, where each of the ECUs is connected to the power source via electrical wiring, configured with at least a communications unit for receiving security information via the electrical wiring, and also configured with a wireless transceiver operative to use the security information to secure wireless transmission. An ECU includes a wired connection to a vehicle's power source, a communications unit operative to at least receive security information via the wired connection, and a wireless transceiver operative to communicate with at least one other ECU, where the wireless transceiver is configured to use the security information to secure communications with the at least one other ECU.Type: ApplicationFiled: September 16, 2013Publication date: June 19, 2014Inventors: Yaron SELLA, Chaim SHEN-ORR
-
Publication number: 20140164788Abstract: A state sensitive device is described, the device including a state register which stores a record of the effective-state of the device, a mask field having a value which varies according to a value of the state register, and a processor which changes the value of the mask field to a new value of the mask field when there is a change in the value of the state register, wherein, the processor performs a state dependent calculation requiring the value of the mask field as an operand in the state dependent calculation which will yield an incorrect result if the value of the mask field does not properly correspond to the value of the state register. Related methods, systems and apparatus are also described.Type: ApplicationFiled: December 9, 2013Publication date: June 12, 2014Inventors: Yaacov Belenky, Chaim Shen-Orr
-
Publication number: 20140143883Abstract: A method for data transfer includes receiving a control signal triggering a transfer of a secret value into an element (24) of a circuit (20). In response to the control signal, a dummy value (42, 50) and the secret value are inserted in succession into the element of the circuit.Type: ApplicationFiled: August 27, 2012Publication date: May 22, 2014Applicant: Cisco Technology Inc.Inventors: Chaim Shen-Orr, Yonatan Shlomovich, Reuven Elbaum, Zvi Shkedy, Lior Amarilio, Yigal Shapiro, Uri Bear
-
Patent number: 8732750Abstract: This invention discloses a method for displaying advertisements transmitted to a user unit, the method includes receiving, at the user unit, at least one advertisement tagged with a delay tag indicating whether display of the at least one advertisement can be delayed and only if the delay tag allows delaying display of the at least one advertisement, storing the at least one advertisement at the user unit, retrieving the at least one advertisement and displaying the at least one advertisement. A billing system for reporting a commercial broadcast to a multiplicity of users is also disclosed.Type: GrantFiled: December 22, 2010Date of Patent: May 20, 2014Assignee: Cisco Technology, Inc.Inventors: Reuven Wachtfogel, Jonathan Maissel, Moshe Kranc, David Richardson, Ezra Darshan, Ron Katz, Yossi Tsuria, Sam Michelson, Mika Krause, Steve Epstein, Moshe Shlissel, Doron Handelman, Shlomo Kipnis, Chaim Shen-Orr
-
Publication number: 20130326632Abstract: A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time.Type: ApplicationFiled: August 5, 2013Publication date: December 5, 2013Inventors: Chaim Shen-Orr, Zvi Shkedy, Reuven Elbaum, Yonatan Shlomovich, Yigal Shapiro, Yaacov Belenky, Yaakov (Jordan) Levy, Reuben Sumner, Itsik Mantin
-
Patent number: 8539596Abstract: A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time.Type: GrantFiled: May 21, 2009Date of Patent: September 17, 2013Assignee: Cisco Technology Inc.Inventors: Chaim Shen-Orr, Zvi Shkedy, Reuven Elbaum, Yonatan Shlomovich, Yigal Shapiro, Yaacov Belenky, Yaakov (Jordan) Levy, Reuben Sumner, Itsik Mantin
-
Patent number: 8041943Abstract: A method for enforcing use of certificate revocation lists in validating certificates, the lists being associated with a series of list generation indices such that each list is assigned one index which advances according to a time of generation of the list, the lists and the indices being cryptographically signed, the method including receiving one of the lists and an associated index as an identifier of the one list, checking the certificates against the list, associating each of the certificates, which have been checked against the list, with the index, receiving an enforcement generation index (EGI) associated with a latest list in use, storing the EGI as a last known EGI, and refusing performance of an action associated with a certificate if the one index of the one certificate is earlier in the series than the last known EGI. Related apparatus and methods are also included.Type: GrantFiled: October 3, 2006Date of Patent: October 18, 2011Assignee: NDS LimitedInventors: Chaim Shen-Orr, Yaacov (Jordan) Levy, Yaacov Belenky
-
Patent number: 7940930Abstract: A system for scrambling/descrambling packets of a stream of content, each packet having a must stay clear (MSC) section, the system including an input handler including a receiving module to receive the stream, a characteristic analyzer to analyze the stream in order to determine a data independent characteristic of each packet, and a scrambling /descrambling device operationally associated with the input handler, the scrambling/descrambling device including a receiving module to receive the data independent characteristic for each packet from the input handler, and an Initial Value module to determine an Initial Value for each packet as a function of the data independent characteristic of one of the packets being processed, wherein the scrambling/descrambling device is adapted to scramble and/or descramble the packets based on the Initial Value and a Control Word. Related apparatus and methods are included.Type: GrantFiled: March 22, 2006Date of Patent: May 10, 2011Assignee: NDS LimitedInventors: Chaim Shen-Orr, Eliphaz Hibshoosh, Yaacov Belenky, Yaakov (Jordan) Levy