Abstract: Described herein are systems and methods that prevent against fault injection attacks. In various embodiments this is accomplished by taking advantage of the fact that an attacker cannot utilize a result that has been faulted to recover a secret. By using infective computation, an error is propagated in a loop such that the faulted value will provide to the attacker no useful information or information from which useful information may be extracted. Faults from a fault attack will be so large that a relatively large number of bits will change. As a result, practically no secret information can be extracted by restoring bits.

Abstract: Systems and methods are disclosed for secure debug architecture. For example, an integrated circuit (e.g., a processor) for executing instructions includes a processor core configured to execute instructions; a debug interface comprising two or more conductors with input/output drivers configured to, when enabled, transmit and receive signals between the processor core and an external host device via the two or more conductors; and wherein the integrated circuit is configured to: receive a request from a host device for access to the integrated circuit via the debug interface; responsive to the request, generate a random number; transmit the random number from the integrated circuit to the host device via the debug interface; receive, from the host device via the debug interface, input data that has been encrypted using the random number as a key; and decrypt the input data using the random number as a key.

Abstract: Described herein are systems and methods that prevent against fault injection attacks. In various embodiments this is accomplished by taking advantage of the fact that an attacker cannot utilize a result that has been faulted to recover a secret. By using infective computation, an error is propagated in a loop such that the faulted value will provide to the attacker no useful information or information from which useful information may be extracted. Faults from a fault attack will be so large that a relatively large number of bits will change. As a result, practically no secret information can be extracted by restoring bits.

Abstract: Described herein are systems and methods that prevent against fault injection attacks. In various embodiments this is accomplished by taking advantage of the fact that an attacker cannot utilize a result that has been faulted to recover a secret. By using infective computation, an error is propagated in a loop such that the faulted value will provide to the attacker no useful information or information from which useful information may be extracted. Faults from a fault attack will be so large that a relatively large number of bits will change. As a result, practically no secret information can be extracted by restoring bits.

Abstract: Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using known methods that exploit system vulnerabilities, including elliptic operation differentiation, dummy operation detection, lattice attacks, and first real operation detection. Various embodiments of the invention provide resistance against side-channel attacks, such as simple power analysis, caused by the detectability of scalar values from information leaked during regular operation flow that would otherwise compromise system security. In certain embodiments, system immunity is maintained by performing elliptic scalar operations that use secret-independent operation flow in a secure Elliptic Curve Cryptosystem.

Abstract: Presented are systems and methods for protecting secret data that is stored in memory to prevent unauthorized access and data manipulation. Various embodiments may be applied to hide or mask an RSA exponent used for public key cryptography and stored in a cryptographic hardware block that uses a non-erasable working memory for computations. In certain embodiments, masking RSA exponents is accomplished by a two-step process that combines a specifically calculated, random and secret value with the secret exponent. The random value is stored in an erasable memory, such that in case of attack, both the erasable memory and the non-erasable memory do not leak any embedded secrets. The additional expenditure of memory resources only insignificantly affects system performance.

Abstract: Systems and methods are disclosed for secure debug architecture. For example, an integrated circuit (e.g., a processor) for executing instructions includes a processor core configured to execute instructions; a debug interface comprising two or more conductors with input/output drivers configured to, when enabled, transmit and receive signals between the processor core and an external host device via the two or more conductors; and wherein the integrated circuit is configured to: receive a request from a host device for access to the integrated circuit via the debug interface; responsive to the request, generate a random number; transmit the random number from the integrated circuit to the host device via the debug interface; receive, from the host device via the debug interface, input data that has been encrypted using the random number as a key; and decrypt the input data using the random number as a key.

Abstract: Presented are software intellectual property (IP) protection systems and methods that prevent potential attackers as well as customers from having access to plain text versions of both library source code and binary code. Potential attackers are prevented from reusing the software on other platforms. The protection mechanism does not impact the functionality or the performance of the library itself and does not interfere with existing software update mechanisms or application developer tools, such as Joint Test Action Group (JTAG).

Abstract: The invention relates to methods of interleaving payload data and integrity control data in an external memory interfaced with a microcontroller to improve data integrity check, enhance data confidentiality and save internal memory. Data words are received for storing in the external memory. Each data word is used to generate a respective integrity word, while an associated logic address is translated to two physical addresses in the external memory, one for the data word and the other for the integrity word. The two physical addresses for the data and integrity words are interleaved in the external memory, and sometimes, in a periodic scheme. In particular, each data word may be associated to an integrity sub-word included in an integrity word having the same length with that of a data word. The external memory may have dedicated regions for the data words and the integrity words, respectively.

Abstract: Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using known methods that exploit system vulnerabilities, including elliptic operation differentiation, dummy operation detection, lattice attacks, and first real operation detection. Various embodiments of the invention provide resistance against side-channel attacks, such as simple power analysis, caused by the detectability of scalar values from information leaked during regular operation flow that would otherwise compromise system security. In certain embodiments, system immunity is maintained by performing elliptic scalar operations that use secret-independent operation flow in a secure Elliptic Curve Cryptosystem.

Abstract: Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using known methods that exploit system vulnerabilities, including elliptic operation differentiation, dummy operation detection, lattice attacks, and first real operation detection. Various embodiments of the invention provide resistance against side-channel attacks, such as sample power analysis, caused by the detectability of scalar values from information leaked during regular operation flow that would otherwise compromise system security. In certain embodiments, system immunity is maintained by performing elliptic scalar operations that use secret-independent operation flow in a secure Elliptic Curve Cryptosystem.

Abstract: Described herein are systems and methods that prevent against fault injection attacks. In various embodiments this is accomplished by taking advantage of the fact that an attacker cannot utilize a result that has been faulted to recover a secret. By using infective computation, an error is propagated in a loop such that the faulted value will provide to the attacker no useful information or information from which useful information may be extracted. Faults from a fault attack will be so large that a relatively large number of bits will change. As a result, practically no secret information can be extracted by restoring bits.

Abstract: Presented are low-cost secure systems and methods that protect cryptographic systems against attacks that seek to exploit the shortcomings of common software-based erasure mechanisms. Various embodiments, protect an Elliptic-Curve Cryptography (ECC) secret from fault attacks. This may be accomplished, for example, by not exposing ECC secrets from the Modular Arithmetic Accelerator (MAA) memory after a Destructive Reset Source (DRS).

Abstract: Presented are software IP protection systems and methods that prevent potential attackers as well as customers from having access to plain text versions of both library source code and binary code. Potential attackers are prevented from reusing the software on other platforms. The protection mechanism does not impact the functionality or the performance of the library itself and does not interfere with existing software update mechanisms or application developer tools, such as JTAG.

Abstract: Presented are systems and methods for protecting secret data that is stored in memory to prevent unauthorized access and data manipulation. Various embodiments may be applied to hide or mask an RSA exponent used for public key cryptography and stored in a cryptographic hardware block that uses a non-erasable working memory for computations. In certain embodiments, masking RSA exponents is accomplished by a two-step process that combines a specifically calculated, random and secret value with the secret exponent. The random value is stored in an erasable memory, such that in case of attack, both the erasable memory and the non-erasable memory do not leak any embedded secrets. The additional expenditure of memory resources only insignificantly affects system performance.

Abstract: Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using known methods that exploit system vulnerabilities, including elliptic operation differentiation, dummy operation detection, lattice attacks, and first real operation detection. Various embodiments of the invention provide resistance against side-channel attacks, such as sample power analysis, caused by the detectability of scalar values from information leaked during regular operation flow that would otherwise compromise system security. In certain embodiments, system immunity is maintained by performing elliptic scalar operations that use secret-independent operation flow in a secure Elliptic Curve Cryptosystem.

Abstract: Embodiments of the invention prevent unauthorized access to electronic systems by providing an enclosure with improved intrusion detection around sensitive areas of a secured electronic system. Certain embodiments eliminate the need for constant battery power and yet provide uninterrupted high-security supervision at the device perimeter such that even following a power down event it is possible to determine whether a device has been tampered with, so that appropriate action can be taken. This is especially useful in applications in which batteries are not acceptable.

Abstract: Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using known methods that exploit system vulnerabilities, including elliptic operation differentiation, dummy operation detection, lattice attacks, and first real operation detection. Various embodiments of the invention provide resistance against side-channel attacks, such as sample power analysis, caused by the detectability of scalar values from information leaked during regular operation flow that would otherwise compromise system security. In certain embodiments, system immunity is maintained by performing elliptic scalar operations that use secret-independent operation flow in a secure Elliptic Curve Cryptosystem.

Abstract: The present invention relates to key management in a secure microcontroller, and more particularly, to systems, devices and methods of automatically and transparently employing logic or physical address based keys that may also be transferred using dedicated buses. A cryptographic engine translates a logic address to at least one physical address, and processes a corresponding data word based on at least one target key. The target key is selected from a plurality of keys based on the logic or physical address. A universal memory controller stores each processed data word in the corresponding physical address within a memory. Each key is associated with a memory region within the memory, and therefore, the logic or physical address associated with a memory region may be used to automatically identify the corresponding target key. A dedicated secure link may be used to transport key request commands and the plurality of keys.

Abstract: Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using known methods that exploit system vulnerabilities, including elliptic operation differentiation, dummy operation detection, lattice attacks, and first real operation detection. Various embodiments of the invention provide resistance against side-channel attacks, such as sample power analysis, caused by the detectability of scalar values from information leaked during regular operation flow that would otherwise compromise system security. In certain embodiments, system immunity is maintained by performing elliptic scalar operations that use secret-independent operation flow in a secure Elliptic Curve Cryptosystem.