Patents by Inventor Christopher Goris
Christopher Goris has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20250150096Abstract: This document discloses techniques, apparatuses, and systems for secure multi-rail control for sparsely encoded signals. Integrated circuits (ICs) may transmit various signals to manage interactions between circuit components of the IC. These critical signals are common targets for malicious attacks because, when altered, they can cause the IC to perform differently than is intended, and in some cases, bypass security measures. While various strategies may be used to protect against these attacks, modern circuit synthesis tools may optimize away these security measures, leaving the IC vulnerable to manipulation. In contrast, the secure multi-rail control for sparsely encoded signals described herein utilizes multiple rails to transmit sparsely encoded critical signals.Type: ApplicationFiled: December 2, 2022Publication date: May 8, 2025Applicant: Google LLCInventors: Pirmin Robert Vogel, Christopher Gori
-
Publication number: 20240193309Abstract: An apparatus with an integrated circuit (IC) chip can provide protection against attacks on a cryptographic coprocessor. An attacker can compromise a cryptographic coprocessor by, for instance, obtaining a private encryption key or instruction code. To combat these attacks, example implementations store information in encrypted form. The information may correspond to data, instruction code, or intermediate values located in state registers. To securely and quickly “erase” such stored information, the cryptographic coprocessor can change the encryption key. In other example implementations, random numbers are provided with two different levels of “randomness quality” that is appropriate for different types of procedures. A cryptographic coprocessor can include two registers that store randomized bits in accordance with the two different quality levels for rapid access during cryptographic operations.Type: ApplicationFiled: April 5, 2022Publication date: June 13, 2024Applicant: Google LLCInventors: Philipp Wagner, Gregory Andrew Chadwick, Timothy Jay Chen, Michael Stefano Fritz Schaffner, Christopher Gori, Rupert James Swarbrick
-
Publication number: 20240169098Abstract: This document discloses aspects of secure chip-wide communication. In some aspects, a host of a system generates integrity metadata for a command payload issued to a destination over an interconnect of the system. The integrity metadata can be generated based on respective values of bits that form the command payload, such as plaintext data bits. The destination validates the integrity of the command payload based on the integrity metadata before consuming the command payload. In some cases, the destination stores the integrity metadata with data of the command payload, which may be returned to the host along the data when requested. By so doing, the host and destinations of the system can use the integrity metadata to implement secure-chip wide communication, which may prevent fault injection attacks on the command payloads or response data during transit or at temporal storage locations within the system.Type: ApplicationFiled: April 7, 2022Publication date: May 23, 2024Applicant: Google LLCInventors: Timothy Jay Chen, Michael Stefano Fritz Schaffner, Christopher Gori, Eunchan Kim, Donald Shanahan Sanders, Miguel Angel Osorio Lozano
-
Patent number: 11972033Abstract: An IC chip can provide silicon root of trust (RoT) functionality. In described implementations, the IC chip includes a processor, an alert handler, and multiple peripheral devices, which generate alert indications. The alert handler processes the alert indications, which have security implications. The alert handler includes multiple alert receiver modules to communicate with the multiple peripheral devices. The alert handler also includes a controller, multiple accumulation units, multiple escalation timers, and multiple escalation sender modules. These components can be organized into a hierarchy of increasing escalation severity. In operation, the controller classifies an alert and flexibly implements an adaptable alert handler path that is established through the escalation components responsive to the classification and based on a source of the alert. A path can conclude with an escalation sender module commanding an escalation handler to implement a security countermeasure.Type: GrantFiled: October 31, 2020Date of Patent: April 30, 2024Assignee: Google LLCInventors: Scott D. Johnson, Timothy Jay Chen, Christopher Gori, Eunchan Kim, Michael Stefano Fritz Schaffner
-
Patent number: 11886717Abstract: This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.Type: GrantFiled: November 18, 2022Date of Patent: January 30, 2024Assignee: Google LLCInventors: Eunchan Kim, Michael Stefano Fritz Schaffner, Timothy Jay Chen, Christopher Gori, Ziv Hershman, Miguel Angel Osorio
-
Publication number: 20230177154Abstract: This document discloses techniques, apparatuses, and systems for sparse encodings for control signals. Integrated circuits (ICs) may transmit various signals to manage interactions between circuit components of the IC. These critical signals are common targets for malicious attacks because, when altered, they can cause the IC to perform differently than is intended, and in some cases, bypass security measures. To protect against these attacks, the sparse encodings for control signals described herein transmit critical signals with sparse encodings. Further, multiple rails may be used to transmit a single bit of the sparsely encoded critical signals across each rail. In this way, the techniques described herein may provide a scalable solution that may be adjusted differently based on each implementation.Type: ApplicationFiled: December 2, 2022Publication date: June 8, 2023Applicant: Google LLCInventors: Pirmin Robert Vogel, Christopher Gori
-
Publication number: 20230099564Abstract: This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.Type: ApplicationFiled: November 18, 2022Publication date: March 30, 2023Applicant: Google LLCInventors: Eunchan Kim, Michael Stefano Fritz Schaffner, Timothy Jay Chen, Christopher Gori, Ziv Hershman, Miguel Angel Osorio
-
Patent number: 11528126Abstract: This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.Type: GrantFiled: February 16, 2021Date of Patent: December 13, 2022Assignee: Google LLCInventors: Eunchan Kim, Michael Stefano Fritz Schaffner, Timothy Jay Chen, Christopher Gori, Ziv Hershman, Miguel Angel Osorio
-
Publication number: 20220292228Abstract: An IC chip can provide silicon root of trust (RoT) functionality. In described implementations, the IC chip includes a processor, an alert handler, and multiple peripheral devices, which generate alert indications. The alert handler processes the alert indications, which have security implications. The alert handler includes multiple alert receiver modules to communicate with the multiple peripheral devices. The alert handler also includes a controller, multiple accumulation units, multiple escalation timers, and multiple escalation sender modules. These components can be organized into a hierarchy of increasing escalation severity. In operation, the controller classifies an alert and flexibly implements an adaptable alert handler path that is established through the escalation components responsive to the classification and based on a source of the alert. A path can conclude with an escalation sender module commanding an escalation handler to implement a security countermeasure.Type: ApplicationFiled: October 31, 2020Publication date: September 15, 2022Applicant: Google LLCInventors: Scott D. Johnson, Timothy Jay Chen, Christopher Gori, Eunchan Kim, Michael Stefano Fritz Schaffner
-
Publication number: 20220263646Abstract: This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.Type: ApplicationFiled: February 16, 2021Publication date: August 18, 2022Applicant: Google LLCInventors: Eunchan Kim, Michael Stefano Fritz Schaffner, Timothy Jay Chen, Christopher Gori, Ziv Hershman, Miguel Angel Osorio
-
Patent number: 11342767Abstract: A multi-voltage charging terminal access port includes at least one housing, a first charging terminal within the housing and configured to receive a first charging voltage, a second charging terminal within the housing and configured to receive a second charging voltage that is different from the first charging voltage, a first movable cover plate mounted within the housing, the first movable cover plate including a first access hole and being movable between a first position in which the first access hole is laterally offset from the first charging terminal to obstruct access to the first charging terminal and a second position in which the first access hole is aligned with the first charging terminal to allow access to the first charging terminal.Type: GrantFiled: March 21, 2018Date of Patent: May 24, 2022Assignee: VOLVO TRUCK CORPORATIONInventors: Nicolas Preisig, Christopher Goris
-
Patent number: 11228422Abstract: Input signals may be received. Furthermore, a control signal controlling the implementation of a Differential Power Analysis (DPA) countermeasure may be received. One of the input signals may be transmitted as an output signal based on the control signal. A cryptographic operation may be performed based on the first output signal that is transmitted based on the control signal.Type: GrantFiled: January 3, 2020Date of Patent: January 18, 2022Assignee: Cryptography Research, Inc.Inventors: Christopher Gori, Pankaj Rohatgi
-
Publication number: 20200228306Abstract: Input signals may be received. Furthermore, a control signal controlling the implementation of a Differential Power Analysis (DPA) countermeasure may be received. One of the input signals may be transmitted as an output signal based on the control signal. A cryptographic operation may be performed based on the first output signal that is transmitted based on the control signal.Type: ApplicationFiled: January 3, 2020Publication date: July 16, 2020Inventors: Christopher Gori, Pankaj Rohatgi
-
Patent number: 10530566Abstract: Input signals may be received. Furthermore, a control signal controlling the implementation of a Differential Power Analysis (DPA) countermeasure may be received. One of the input signals may be transmitted as an output signal based on the control signal. A cryptographic operation may be performed based on the first output signal that is transmitted based on the control signal.Type: GrantFiled: April 21, 2016Date of Patent: January 7, 2020Assignee: Cryptography Research, Inc.Inventors: Christopher Gori, Pankaj Rohatgi
-
Patent number: 9853974Abstract: Systems and methods for implementing access control by systems-on-chip (SoCs). An example SoC may comprise an access control unit employed to: receive a message comprising an access control data item; validate the message using a value of a message digest function of contents of the message and a value of a state variable reflecting a state of communications between the access control unit and a programming agent that has initiated the message, wherein the value of the state variable is derived from a previous value of the message digest function calculated within a current communication session between the access control unit and the programming agent; update the state variable using the value of the message digest function of the contents of the message; and control, using the access control data item, access by an initiator device to a target device.Type: GrantFiled: July 28, 2015Date of Patent: December 26, 2017Assignee: Cryptography Research, Inc.Inventors: Craig E. Hampel, Jean-Michel Cioranesco, Rodrigo Portella do Canto, Guilherme Ozari de Almeida, Christopher Gori
-
Publication number: 20160315760Abstract: Input signals may be received. Furthermore, a control signal controlling the implementation of a Differential Power Analysis (DPA) countermeasure may be received. One of the input signals may be transmitted as an output signal based on the control signal. A cryptographic operation may be performed based on the first output signal that is transmitted based on the control signal.Type: ApplicationFiled: April 21, 2016Publication date: October 27, 2016Inventors: Christopher Gori, Pankaj Rohatgi
-
Patent number: 9436848Abstract: A computing device receives a feature name or key name for an integrated circuit comprising a security manager core and an additional component. At least one of a) the additional component is associated with the key name or b) a feature provided by the additional component is associated with the feature name. The computing device receives a specified number of bits associated with the feature name or the key name, and maps the feature name to a feature address space or the key name to a key interface of the security manager core based at on the specified number of bits. The computing device generates at least one hardware description logic (HDL) module based on the mapping, wherein the at least one HDL module is usable to configure the security manager core for delivery of payloads associated with the feature name or the key name to the additional component.Type: GrantFiled: May 28, 2014Date of Patent: September 6, 2016Assignee: CRYPTOGRAPHY RESEARCH, INC.Inventors: Daniel Beitel, Lauren Gao, Christopher Gori, Paul Carl Kocher, Ambuj Kumar, Andrew John Leiserson
-
Publication number: 20160028728Abstract: Systems and methods for implementing access control by systems-on-chip (SoCs). An example SoC may comprise an access control unit employed to: receive a message comprising an access control data item; validate the message using a value of a message digest function of contents of the message and a value of a state variable reflecting a state of communications between the access control unit and a programming agent that has initiated the message, wherein the value of the state variable is derived from a previous value of the message digest function calculated within a current communication session between the access control unit and the programming agent; update the state variable using the value of the message digest function of the contents of the message; and control, using the access control data item, access by an initiator device to a target device.Type: ApplicationFiled: July 28, 2015Publication date: January 28, 2016Inventors: Craig E. Hampel, Jean-Michel Cioranesco, Rodrigo Portella do Canto, Guilherme Ozari de Almeida, Christopher Gori
-
Publication number: 20140359755Abstract: A computing device receives a feature name or key name for an integrated circuit comprising a security manager core and an additional component. At least one of a) the additional component is associated with the key name or b) a feature provided by the additional component is associated with the feature name. The computing device receives a specified number of bits associated with the feature name or the key name, and maps the feature name to a feature address space or the key name to a key interface of the security manager core based at on the specified number of bits. The computing device generates at least one hardware description logic (HDL) module based on the mapping, wherein the at least one HDL module is usable to configure the security manager core for delivery of payloads associated with the feature name or the key name to the additional component.Type: ApplicationFiled: May 28, 2014Publication date: December 4, 2014Applicant: Cryptography Research, Inc.Inventors: Daniel Beitel, Lauren Gao, Christopher Gori, Paul Carl Kocher, Ambuj Kumar, Andrew John Leiserson
-
Patent number: 6698888Abstract: A subjective ophthalmic refractor of a type comprising a ring-shaped cylinder power scale having an internal gear actuated by a scale drive gear connected to a cylinder power adjustment knob of the refractor is improved by providing a bearing insert within the cylinder power scale. The bearing insert includes radially and axially facing annular bearing surfaces extending about a substantial portion of the scale, and a cut-out region allowing space necessary for the scale drive gear.Type: GrantFiled: May 1, 2002Date of Patent: March 2, 2004Assignee: Reichert, Inc.Inventor: Christopher Goris