Abstract: Techniques, supported by corresponding apparatuses and methods, are disclosed for monitoring execution of software in a trusted environment and generating path signatures which are characteristic of the behaviour of the software. Multiple approximate nearest neighbour searching hash tables are generated in dependence on such path signatures and on attribute information defining behavioural classifications for the path signatures. Later execution of the software in a non-trusted environment is monitoring and an observed path signature characteristic of the behaviour of the software is generated. This observed path signature is queried against the multiple approximate nearest neighbour searching hash tables and a behavioural classification is determined in dependence on hash collision-based similarity between the observed path signature and the content of the multiple approximate nearest neighbour searching hash tables.

Abstract: Systems, mechanisms and processes are provided to allow law-enforcement officials, when encountering the potential use of prepaid payment cards in the furtherance of a crime or in relation to criminal activities, to (1) attempt to check the balances on such prepaid payment cards, including the ability to perform aggregate balance checks on a group of such prepaid cards, (2) attempt to freeze the funds on such prepaid payment cards, and/or (3) attempt to seize the funds on such prepaid payment cards.

Abstract: A device, device initialisation and method of installing a delta update of executable code on a device, the method comprising: generating an unrelocation table based upon a symbol table and a relocation table associated with relocatable code by: identifying an entry in the relocation table that references a symbol in the symbol table; and storing in the unrelocation table the relocated address of the identified entry in the relocation table; generating a first executable program code based upon the symbol table, the relocation table, and the relocatable code; and storing the first executable program code and the unrelocation table on the device.

Abstract: A computer-processor-implemented data processing method comprises: a computer processor executing instances of one or more processing functions, each instance of a processing function having an associated function-call identifier; and in response to initiation of execution by the computer processor of a given processing function instance configured to modify one or more pointers of a partitioned acyclic data structure: the computer processor storing the function-call identifier for that processing function instance in a memory at a storage location associated with the partitioned acyclic data structure; for a memory location which stores data representing a given pointer of the partitioned acyclic data structure, the computer processor defining a period of exclusive access to at least that memory location by applying and subsequently releasing an exclusive tag for at least that memory location; and the computer processor selectively processing the given pointer during the period of exclusive access in depende

Abstract: A method of generating an output differential firmware update. Differential firmware update characteristic data is sent from a trusted execution environment (TEE) to an authorizing entity. The differential firmware update characteristic data indicates at least one characteristic associated with generation of the output differential firmware update within the TEE. The TEE obtains a key from the authorizing entity, and is thereby authorized by the authorizing entity to generate the output differential firmware update. The TEE obtains an encrypted version of a firmware portion of the firmware. The encrypted version of the firmware portion is decrypted using the key to obtain a decrypted version of the firmware portion. The output differential firmware update is generated using the decrypted version of the firmware portion.

Abstract: Techniques are described for debugging node devices. A node device may be connected to a host device for debugging purposes. A debugger, providing debug functionality, such as a debugging web application, may run on a remote server and be accessed via a web browser running at the host device, to debug the node device. Alternatively, the debugging web application may execute in the web browser running at the host device to debug the node device. In another alternative, the debugging web application may execute at a gateway device provided between the node device and the host device. In all cases the debugging web application is controlled via a debug user interface running at the web browser. Consequently, a user of the host device is not required to install a debugger at the host device in order to debug a node device.

Abstract: A method of generating an output differential firmware update. Differential firmware update characteristic data is sent from a trusted execution environment (TEE) to an authorizing entity. The differential firmware update characteristic data indicates at least one characteristic associated with generation of the output differential firmware update within the TEE. The TEE obtains a key from the authorizing entity, and is thereby authorized by the authorizing entity to generate the output differential firmware update. The TEE obtains an encrypted version of a firmware portion of the firmware. The encrypted version of the firmware portion is decrypted using the key to obtain a decrypted version of the firmware portion. The output differential firmware update is generated using the decrypted version of the firmware portion.

Abstract: A method of remotely updating a firmware application stored in a memory of a device includes: obtaining state data indicative of a first partial firmware image stored in a first portion of the memory and corresponding to a base portion of the application; obtaining offset data for locating a second portion of the memory contiguously following the first portion of the memory; obtaining a second partial firmware image for appending to the first partial firmware image and corresponding to an updated auxiliary portion of the application; generating a differential update comprising at least part of the second partial firmware image; generating, using the state data and the generated second partial firmware image, firmware hash data corresponding to a composite firmware image comprising the second partial firmware image appended to the first partial firmware image; and transmitting the differential update and the generated firmware hash data to the device.

Abstract: A machine-implemented method for transactional modification of content in solid state storage, comprising receiving a delta data structure comprising at least one delta targeting at least one data block; copying a first data block targeted by the at least one delta from the first data block's home location into a non-volatile store; first modifying a first flag of a plurality of flags stored in the delta data structure following copying of the first data block; reading the first data block into memory; modifying the first data block in memory according to the delta to produce a ready-to-write data block; erasing a target location to create an empty block; writing the ready-to-write data block to the target location; and recording in the delta data structure that the first data block has been modified.

Abstract: Aspects of the present disclosure relate to an apparatus comprising first interface circuitry to communicate with relying party circuitry, the first interface circuitry being configured to receive, from the relying party circuitry, an attestation request in respect of a processing operation requested by attester circuitry to be performed by the relying party circuitry; second interface circuitry to communicate with the attester circuitry, the second interface circuitry being configured to: transmit the attestation request to the attester circuitry; and receive, from the attester circuitry, evidence data associated with the processing operation, and third interface circuitry to communicate with verifier circuitry, the third interface circuitry being configured to: transmit the evidence data to the verifier circuitry; and receive, from the verifier circuitry, attestation result data indicative of a verification of the evidence data, wherein the first interface circuitry is configured to transmit the attestation

Abstract: Aspects of the present disclosure relate to an apparatus comprising secure enclave circuitry, and processing circuitry to execute computer program instructions. The computer program instructions correspond to an operation comprising accessing a cryptographic key, the key being stored in a hardware security module. Executing the computer program instructions comprises transmitting, to the secure enclave circuitry, computer program instructions corresponding to said operation. The secure enclave circuitry is configured to initiate communication with the hardware security module, perform, with the hardware security module, an attestation process in respect of said operation, and execute said operation.

Abstract: Apparatuses, systems, methods, and software are disclosed for authorization delegation. In a participant device a derivative key is generated in dependence on a received key. An authenticity check value for a delegation information block is generated in dependence on the delegation information block and the received key. The derivative key is derived in dependence on the delegation information block and the received key. An extended certificate chain is created comprising a received certificate chain appended with a local certificate, which comprises the delegation information block and the authenticity check value.

Abstract: A method of operation concealment for a cryptographic system includes randomly selecting which one of at least two cryptographic operation blocks receives a key to apply a valid operation to data and outputs a result that is used for subsequent operations. Noise can be added by operating the other of the at least two cryptographic operation blocks using a modified key. The modified key can be generated by mixing the key with a block-unique-identifier, a device secret, a slowly adjusting output of a counter, or a combination thereof. In some cases, noise can be added to a cryptographic system by transforming input data of the other cryptographic operation block(s) by mixing the input data with the block-unique-identifier, device secret, counter output, or a combination thereof. A cryptographic system with operation concealment can further include a distributed (across a chip) or interweaved arrangement of subblocks of the cryptographic operation blocks.

Abstract: A device for controlling electron flow is provided. The device comprises a cathode, an elongate electrical conductor embedded in a diamond substrate, an anode, and a control electrode provided on the substrate surface for modifying the electric field in the region of the end of the conductor. A method of manufacturing the device is also provided.

Abstract: Broadly speaking, the present techniques provide methods, apparatus and systems for monitoring operation of a device. More particularly, the present techniques provide methods for monitoring operation of a device based on a device firmware update that is associated with at least one power profile.

Abstract: A method for verifying the integrity of data in a message by a data processing device, the message comprising a plurality of packets, the method comprising: receiving, at the device from a first resource, a manifest associated with the message, the manifest comprising a plurality of group check values for the plurality of packets; receiving, at the device, from the first or a different resource, the message; generating a first progression of rolling hashes for the plurality of packets; deriving group check values from the first progression of rolling hashes for groups of the plurality of packets along one or more paths; verifying the integrity of the data in the message based on or in response to a determination that the derived group check values correspond to the plurality of group check values in the manifest.

Abstract: A processing system with a microarchitectural feature for mitigation of differential power analysis and electromagnetic analysis attacks can include a memory, a processor, and a mitigation response unit. The processor can include an instruction predictor that comprises a storage device for storing metadata associated with corresponding instruction blocks. The mitigation response unit is coupled to the instruction predictor to write and read the metadata associated with the corresponding instruction blocks. The mitigation response unit is configured to determine a mitigation technique for an instruction block based on an electromagnetic or power signature corresponding to execution of the instruction block and metadata associated with the instruction block.

Abstract: Aspects of the present disclosure relate to an apparatus comprising first interface circuitry to communicate with a first computing device and second interface circuitry to communicate with a second computing device. The first interface circuitry is configured to receive a handshake message from the first computing device. The second interface circuitry is configured to transmit the handshake message to the second computing device and to receive a handshake response message from the second computing device. The first interface circuitry is configured to transmit the handshake response message to the first computing device, whereby to establish a communication session between the first computing device and the second computing device.

Abstract: There is provided a cartridge sealing apparatus (1) comprising a sealing head (10) having a sealing surface (12), the sealing head being adapted in use to hold a sealing member (70) against a surface of a cartridge (100) by application of pressure to the sealing member at the sealing surface across a portion of the sealing member, a bonding layer being present between the sealing member and the cartridge thereby causing the sealing member (70) to seal the cartridge when held against the surface of the cartridge; and a cutting edge (20) arranged around the sealing head (10). The cutting edge is configured to move when the sealing member is held against the surface of the cartridge by the sealing head, from an unextended position, in which the cutting edge is located adjacent the sealing head, to an extended position, in which the cutting edge is adapted to cut the sealing member.

Abstract: Methods for delivering an authenticatable management activity to a group of remote devices in a networked computing environment is described herein. An authenticatable management activity may be any activity which requires internal state changes to be made at a remote device, such as software or firmware updates, system configuration operations, access control list update operations, file transfer operations, changes to user data etc., and which requires an operators approval of the activity before being performed. In addition to an operators approval of the activity, the management activity is required to be signed by an operator, such that the operator authorising the management activity is authenticated.