Abstract: Described herein are technologies for application authentication and/or data encryption without stored pre-shared keys. In one resource controller, a processing device receives an application identifier (ID) from the application. The processing device provides a current nonce responsive to the application ID and provides the application access to the system resource responsive to determining that a hash of a current key received from the application equals a current tag. The current key is generated by the application based on code of the application and the current nonce. The current tag was previously provided from the application to the resource controller. The current tag can also be hashed by the application using the current key.

Abstract: A media storage device includes a media security controller circuit and a memory to store data that relates to a media item to be rendered by a rendering device. The media security controller circuit sends a message to the rendering device that causes the rendering device to obtain a portion of data from memory of the media storage device and provide it to the media security controller circuit. The portion is received and transformed by the media security controller circuit. The media security controller circuit sends the transformed portion to the rendering device.

Abstract: A media storage device includes a media security controller circuit and a memory to store data that relates to a media item to be rendered by a rendering device. The media security controller circuit sends a message to the rendering device that causes the rendering device to obtain a portion of data from memory of the media storage device and provide it to the media security controller circuit. The portion is received and transformed by the media security controller circuit. The media security controller circuit sends the transformed portion to the rendering device.

Abstract: An indication of a key generation function may be received from a server. A random value may be received based on a volatile memory of a device. A cryptographic key may be generated based on the key generation function from the server and the random value that is based on the volatile memory of the device. The cryptographic key may be stored at a non-volatile memory of the device.

Abstract: A media storage device includes a media security controller circuit and a memory to store data that relates to a media item to be rendered by a rendering device. The media security controller circuit sends a message to the rendering device that causes the rendering device to obtain a portion of data from memory of the media storage device and provide it to the media security controller circuit. The portion is received and transformed by the media security controller circuit. The media security controller circuit sends the transformed portion to the rendering device.

Abstract: An encrypted sequence that includes an authentication key may be received. A base key stored at a device may be identified and the encrypted sequence may be decrypted with the base key to obtain the authentication key. A challenge value may be received and the authentication key may be combined with the challenge value to generate a device ephemeral key. An authentication result may be generated for the device based on a combination of the device ephemeral key and the challenge value. Furthermore, the authentication result may be transmitted to a mobile network to authenticate the device.

Abstract: A media storage device includes a media security controller circuit and a memory to store data that relates to a media item to be rendered by a rendering device. The media security controller circuit sends a message to the rendering device that causes the rendering device to obtain a portion of data from memory of the media storage device and provide it to the media security controller circuit. The portion is received and transformed by the media security controller circuit. The media security controller circuit sends the transformed portion to the rendering device.

Abstract: A media storage device includes a media security controller and a memory to store data that relates to a media item to be rendered by a rendering device. The media security controller sends a message in response to the rendering device reading an authorization file. The message being for the rendering device to read a portion of data from the memory and to provide the portion of data to the media security controller. The media security controller receives the portion of the data from the rendering device, trans forms the portion of the data, and sends the transformed portion of the data to the rendering device.

Abstract: A base key that is stored at a mobile device may be received. A first dynamic key that is based on the base key may be generated. First transaction data corresponding to a first transaction associated with the mobile device may be received. Furthermore, the first dynamic key may be updated to generate a second dynamic key based on a combination of the first dynamic key and the first transaction data corresponding to the first transaction. Authentication of a second transaction associated with the mobile device may be requested based on the second dynamic key.

Abstract: A random number generating system for generating a sequence of random numbers comprising a memory, the memory being writable, volatile and configured such that the memory contains an at least partially random memory content upon each powering-up of the memory, an instantiating unit configured for seeding the random number generating system with a seed dependent upon the at least partially random memory content, the sequence of random numbers being generated in dependence upon the seed, and an over-writing unit configured for over-writing at least part of the memory with random numbers generated by the random number generating system in dependence upon the seed.

Abstract: In systems for establishing a cryptographic key depending on a physical uncloneable function (PUF) it may be a problem that internal information correlated with the cryptographic key is leaked to the outside of the system via a side-channel. To mitigate this problem a cryptographic system for reproducibly establishing a cryptographic key is presented. The system comprises a physical system comprising a physical, at least partially random, configuration of components from which an initial bit-string is derived. An error corrector corrects deviations occurring in the initial bit-string. Through the use of randomization the error corrector operates on a randomized data. Information leaking through a side channel is thereby reduced. After error correction a cryptographic key may be derived from the initial bit-string.

Abstract: A media storage device includes a media security controller and a memory to store data that relates to a media item to be rendered by a rendering device. The media security controller sends a message in response to the rendering device reading an authorization file. The message being for the rendering device to read a portion of data from the memory and to provide the portion of data to the media security controller. The media security controller receives the portion of the data from the rendering device, trans forms the portion of the data, and sends the transformed portion of the data to the rendering device.

Abstract: Systems and methods for effectively protecting data against differential fault analysis involved in Rivest, Shamir, and Adleman (“RSA”) cryptography using the Chinese Remainder Theorem (“CRT”) are described herein. A CRT RSA component facilitates modular exponentiation of a received message, and a verification component reconstructs the received message. An exponentiation component performs a first modular exponentiation and a second modular exponentiation of the received message. A recombination component performs a recombination step utilizing CRT computation as a function of the first and second modular exponentiations. A modular exponentiation component performs first and second public exponent derivations as a function of a private exponent. The verification component can reconstructs the received message as a function of the first and second public exponent derivations. The verification component calculates the received message utilizing Chinese Remainder Theorem computation.

Abstract: Systems and/or methods that facilitate secure electronic communication of data are presented. A cryptographic component facilitates securing data associated with messages in accordance with a cryptographic protocol. The cryptographic component includes a randomized exponentiation component that facilitates decryption of data and generation of digital signatures by exponentiating exponents associated with messages. An exponent is divided into more than one subexponent at an exponent bit that corresponds to a random number. Exponentiation of the first subexponent can be performed based on a left-to-right-type of exponentiation algorithm, and exponentiation of the second subexponent can be performed based on a right-to-left square-and-multiply-type of exponentiation algorithm. The final value is based on the exponentiations of the subexponents and can be decrypted data or a digital signature, which can be provided as an output.

Abstract: Systems, devices and/or methods that facilitate mutual authentication for processor and memory pairing are presented. A processor and a suitably equipped memory can be provided with a shared secret to facilitate mutual authentication. In addition, the memory can be configured to verify that the system operating instructions have not been subjected to unauthorized alterations. System integrity can be ensured according to the disclosed subject matter by mutual authentication of the processor and memory and verification of the authenticity of system operating instructions at or near each system power up. As a result, the disclosed subject matter can facilitate relatively low complexity assurance of system integrity as a replacement or supplement to conventional techniques.

Abstract: A random number generating system for generating a sequence of random numbers comprising a memory, the memory being writable, volatile and configured such that the memory contains an at least partially random memory content upon each powering-up of the memory, an instantiating unit configured for seeding the random number generating system with a seed dependent upon the at least partially random memory content, the sequence of random numbers being generated in dependence upon the seed, and an over-writing unit configured for over-writing at least part of the memory with random numbers generated by the random number generating system in dependence upon the seed.

Abstract: A computing device for obtaining a first cryptographic key during an enrollment phase, the computing device comprising a key generator for generating the first cryptographic key in dependence upon a seed, the computing device being configured for storing the first cryptographic key on a storage of the computing device for later cryptographic use of the first cryptographic key on the computing device during a usage phase coming after the enrollment phase wherein, the computing device further comprises a physically unclonable function, the key generator being configured for deriving the seed from an output of the physically unclonable function, and an encryption module for encrypting the first cryptographic key using a second cryptographic key derived from the output of the physically unclonable function, the computing device being configured for storing the first cryptographic key on the storage in encrypted form.

Abstract: Systems and methods that facilitate securing data associated with a memory from security breaches are presented. A memory component includes nonvolatile memory, and a secure memory component (e.g., volatile memory) used to store information such as secret information related to secret processes or functions (e.g., cryptographic functions). A security component detects security-related events, such as security breaches or completion of security processes or functions, associated with the memory component and in response to a security-related event, the security component can transmit a reset signal to the secure memory component to facilitate efficiently erasing or resetting desired storage locations in the secure memory component in parallel and in a single clock cycle to facilitate data security. A random number generator component can facilitate generating random numbers after a reset based on a change in scrambler keys used by a scrambler component to descramble data read from the reset storage locations.

Abstract: In systems for establishing a cryptographic key depending on a physical uncloneable function (PUF) it may be a problem that internal information correlated with the cryptographic key is leaked to the outside of the system via a side-channel. To mitigate this problem a cryptographic system for reproducibly establishing a cryptographic key is presented. The system comprises a physical system comprising a physical, at least partially random, configuration of components from which an initial bit-string is derived. An error corrector corrects deviations occurring in the initial bit-string. Through the use of randomization the error corrector operates on a randomized data. Information leaking through a side channel is thereby reduced. After error correction a cryptographic key may be derived from the initial bit-string.

Abstract: Systems and/or methods that facilitate secure electronic communication of data are presented. A cryptographic component facilitates data encryption, data decryption, and/or generation of digital signatures, associated with messages. The cryptographic component includes a randomized exponentiation component that facilitates decryption of data and/or generation of digital signatures by exponentiating exponents associated with messages. A random number is generated and utilized to randomize the value of a message. After an exponentiation is performed on the randomized message value, intermediate results can be analyzed to determine if there was error in the exponentiation. If there was no error in the exponentiation, a final value of the exponentiation is determined and provided as output as decrypted data or a digital signature; if there is error, an “error” output can be provided.