Patents by Inventor Joshua M. Jaffe
Joshua M. Jaffe has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11797683Abstract: A method for performing a security chip protocol comprises receiving, by processing hardware of a security chip, a message from a first device as part of performing the security chip protocol. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware determines a path through a key tree based at least in part on the message. The processing hardware derives a validator at least in part from the secret value using a sequence of entropy redistribution operations associated with the path through the key tree. The processing hardware exchanges the validator between the security chip and the first device as part of the security chip protocol in order to authenticate at least one of the security chip or the first device.Type: GrantFiled: July 21, 2021Date of Patent: October 24, 2023Assignee: Cryptography Research, Inc.Inventors: Paul C. Kocher, Pankaj Rohatgi, Joshua M. Jaffe
-
Publication number: 20220083665Abstract: A computing device includes a secure storage hardware to store a secret value and processing hardware comprising at least one of a cache or a memory. During a secure boot process the processing hardware loads untrusted data into at least one of the cache or the memory of the processing hardware, the untrusted data comprising an encrypted data segment and a validator, retrieves the secret value from the secure storage hardware, derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, verifies, using the validator, whether the encrypted data segment has been modified, and decrypts the encrypted data segment using a first decryption key derived from the initial key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.Type: ApplicationFiled: July 21, 2021Publication date: March 17, 2022Inventors: Paul C. Kocher, Pankaj Rohatgi, Joshua M. Jaffe
-
Patent number: 11074349Abstract: A method for device authentication comprises receiving, by processing hardware of a first device, a message from a second device to authenticate the first device. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware derives a validator from the secret value using a path through a key tree. The first device then sends the validator to the second device.Type: GrantFiled: January 4, 2019Date of Patent: July 27, 2021Assignee: CRYPTOGRAPHY RESEARCH, INC.Inventors: Paul C. Kocher, Pankaj Rohatgi, Joshua M. Jaffe
-
Patent number: 10902156Abstract: Methods and systems for masking certain cryptographic operations in a manner designed to defeat side-channel attacks are disclosed herein. Squaring operations can be masked to make squaring operations indistinguishable or less distinguishable from multiplication operations. In general, squaring operations are converted into multiplication operations by masking them asymmetrically. Additional methods and systems are disclosed for defeating DPA, cross-correlation, and high-order DPA attacks against modular exponentiation.Type: GrantFiled: August 12, 2019Date of Patent: January 26, 2021Assignee: RAMBUS INC.Inventor: Joshua M. Jaffe
-
Publication number: 20200110907Abstract: Methods and systems for masking certain cryptographic operations in a manner designed to defeat side-channel attacks are disclosed herein. Squaring operations can be masked to make squaring operations indistinguishable or less distinguishable from multiplication operations. In general, squaring operations are converted into multiplication operations by masking them asymmetrically. Additional methods and systems are disclosed for defeating DPA, cross-correlation, and high-order DPA attacks against modular exponentiation.Type: ApplicationFiled: August 12, 2019Publication date: April 9, 2020Applicant: Cryptography Research, Inc.Inventor: Joshua M. JAFFE
-
Publication number: 20190377879Abstract: A computing device includes a secure storage hardware to store a secret value and processing hardware comprising at least one of a cache or a memory. During a secure boot process the processing hardware loads untrusted data into at least one of the cache or the memory of the processing hardware, the untrusted data comprising an encrypted data segment and a validator, retrieves the secret value from the secure storage hardware, derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, verifies, using the validator, whether the encrypted data segment has been modified, and decrypts the encrypted data segment using a first decryption key derived from the initial key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.Type: ApplicationFiled: January 4, 2019Publication date: December 12, 2019Inventors: Paul C. Kocher, Pankaj Rohatgi, Joshua M. Jaffe
-
Patent number: 10423807Abstract: Methods and systems for masking certain cryptographic operations in a manner designed to defeat side-channel attacks are disclosed herein. Squaring operations can be masked to make squaring operations indistinguishable or less distinguishable from multiplication operations. In general, squaring operations are converted into multiplication operations by masking them asymmetrically. Additional methods and systems are disclosed for defeating DPA, cross-correlation, and high-order DPA attacks against modular exponentiation.Type: GrantFiled: March 26, 2018Date of Patent: September 24, 2019Assignee: CRYPTOGRAPHY RESEARCH, INC.Inventor: Joshua M. Jaffe
-
Patent number: 10262141Abstract: A computing device includes a secure storage hardware to store a secret value and processing hardware comprising at least one of a cache or a memory. During a secure boot process the processing hardware loads untrusted data into at least one of the cache or the memory of the processing hardware, the untrusted data comprising an encrypted data segment and a validator, retrieves the secret value from the secure storage hardware, derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, verifies, using the validator, whether the encrypted data segment has been modified, and decrypts the encrypted data segment using a first decryption key derived from the initial key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.Type: GrantFiled: December 30, 2016Date of Patent: April 16, 2019Assignee: Cryptography Research, Inc.Inventors: Paul C. Kocher, Pankaj Rohatgi, Joshua M. Jaffe
-
Publication number: 20180211065Abstract: Methods and systems for masking certain cryptographic operations in a manner designed to defeat side-channel attacks are disclosed herein. Squaring operations can be masked to make squaring operations indistinguishable or less distinguishable from multiplication operations. In general, squaring operations are converted into multiplication operations by masking them asymmetrically. Additional methods and systems are disclosed for defeating DPA, cross-correlation, and high-order DPA attacks against modular exponentiation.Type: ApplicationFiled: March 26, 2018Publication date: July 26, 2018Applicant: Cryptography Research, Inc.Inventor: JOSHUA M. JAFFE
-
Patent number: 9959429Abstract: Methods and systems for masking certain cryptographic operations in a manner designed to defeat side-channel attacks are disclosed herein. Squaring operations can be masked to make squaring operations indistinguishable or less distinguishable from multiplication operations. In general, squaring operations are converted into multiplication operations by masking them asymmetrically. Additional methods and systems are disclosed for defeating DPA, cross-correlation, and high-order DPA attacks against modular exponentiation.Type: GrantFiled: March 15, 2013Date of Patent: May 1, 2018Assignee: CRYPTOGRAPHY RESEARCH, INC.Inventor: Joshua M. Jaffe
-
Patent number: 9940463Abstract: A method for device authentication comprises receiving, by processing hardware of a first device, a message from a second device to authenticate the first device. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware derives a validator from the secret value using a path through a key tree, wherein the path is based on the message, wherein deriving the validator using the path through the key tree comprises computing a plurality of successive intermediate keys starting with a value based on the secret value and leading to the validator, wherein each successive intermediate key is derived based on at least a portion of the message and a prior key. The first device then sends the validator to the second device.Type: GrantFiled: August 30, 2017Date of Patent: April 10, 2018Assignee: Cryptography Research, Inc.Inventors: Paul Kocher, Pankaj Rohatgi, Joshua M. Jaffe
-
Publication number: 20180004957Abstract: A method for device authentication comprises receiving, by processing hardware of a first device, a message from a second device to authenticate the first device. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware derives a validator from the secret value using a path through a key tree, wherein the path is based on the message, wherein deriving the validator using the path through the key tree comprises computing a plurality of successive intermediate keys starting with a value based on the secret value and leading to the validator, wherein each successive intermediate key is derived based on at least a portion of the message and a prior key. The first device then sends the validator to the second device.Type: ApplicationFiled: August 30, 2017Publication date: January 4, 2018Inventors: Paul Kocher, Pankaj Rohatgi, Joshua M. Jaffe
-
Publication number: 20170177874Abstract: A computing device includes a secure storage hardware to store a secret value and processing hardware comprising at least one of a cache or a memory. During a secure boot process the processing hardware loads untrusted data into at least one of the cache or the memory of the processing hardware, the untrusted data comprising an encrypted data segment and a validator, retrieves the secret value from the secure storage hardware, derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, verifies, using the validator, whether the encrypted data segment has been modified, and decrypts the encrypted data segment using a first decryption key derived from the initial key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.Type: ApplicationFiled: December 30, 2016Publication date: June 22, 2017Inventors: Paul C. Kocher, Pankaj Rohatgi, Joshua M. Jaffe
-
Publication number: 20170099134Abstract: Information leaked from smart cards and other tamper resistant cryptographic devices can be statistically analyzed to determine keys or other secret data. A data collection and analysis system is configured with an analog-to-digital converter connected to measure the device's consumption of electrical power, or some other property of the target device, that varies during the device's processing. As the target device performs cryptographic operations, data from the A/D converter are recorded for each cryptographic operation. The stored data are then processed using statistical analysis, yielding the entire key, or partial information about the key that can be used to accelerate a brute force search or other attack.Type: ApplicationFiled: August 15, 2016Publication date: April 6, 2017Applicant: CRYPTOGRAPHY RESERACH, INC.Inventors: Paul C. KOCHER, Joshua M. JAFFE, Benjamin C. JUN
-
Patent number: 9576133Abstract: A device includes storage hardware to store a secret value and processing hardware coupled to the storage hardware. The processing hardware is to receive an encrypted data segment with a validator and derive a decryption key using the secret value and a plurality of entropy distribution operations. The processing hardware is further to verify, using the received validator, that the encrypted data segment has not been modified. The processing hardware is further to decrypt the encrypted data segment using the decryption key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.Type: GrantFiled: June 11, 2015Date of Patent: February 21, 2017Assignee: Cryptography Research, Inc.Inventors: Paul C. Kocher, Pankaj Rohatgi, Joshua M. Jaffe
-
Patent number: 9569623Abstract: A computing device includes a secure storage hardware to store a secret value and processing hardware comprising at least one of a cache or a memory. During a secure boot process the processing hardware loads untrusted data into at least one of the cache or the memory of the processing hardware, the untrusted data comprising an encrypted data segment and a validator, retrieves the secret value from the secure storage hardware, derives an initial key based at least in part on an identifier associated with the encrypted data segment and the secret value, verifies, using the validator, whether the encrypted data segment has been modified, and decrypts the encrypted data segment using a first decryption key derived from the initial key to produce a decrypted data segment responsive to verifying that the encrypted data segment has not been modified.Type: GrantFiled: February 9, 2015Date of Patent: February 14, 2017Assignee: Cryptography Research, Inc.Inventors: Paul C. Kocher, Pankaj Rohatgi, Joshua M. Jaffe
-
Patent number: 9569628Abstract: To prevent piracy, audiovisual content is encrypted prior to transmission to consumers. A low-cost, high-security cryptographic rights module (such as a smartcard) enables devices such as players/displays to decode such content. Security-critical functions may be performed by the cryptographic module in a manner that allows security compromises to be addressed by upgrading or replacing cryptographic modules, thereby avoiding the need to replace or modify other (typically much higher-cost) components. The security module contains cryptographic keys, which it uses to process rights enablement messages (REMs) and key derivation messages (KDMs). From a REM and KDM, the security module derives key data corresponding to content, uses public key and/or symmetric cryptography to re-encrypt the derived key data for another device, and provides the re-encrypted key data to the decoding device. The decoding device then uses cryptographic values derived from the re-encrypted key data to decrypt the content.Type: GrantFiled: March 23, 2006Date of Patent: February 14, 2017Assignee: Cryptography Research, Inc.Inventors: Paul C. Kocher, Benjamin C. Jun, Joshua M. Jaffe
-
Patent number: 9571289Abstract: Methods and devices disclosed herein use techniques to resist glitch attacks when computing discrete-log based signatures. The methods and systems described herein replace the random nonce in conventional signature systems with a pseudorandom nonce derived in a deterministic way from some internal state information, such as a secret key or a counter, such that the nonce is not repeated. The methods and systems described herein may also use tests to verify that a glitch has not occurred or been introduced.Type: GrantFiled: November 11, 2013Date of Patent: February 14, 2017Assignee: Cryptography Research, Inc.Inventor: Joshua M Jaffe
-
Patent number: 9419790Abstract: Information leaked from smart cards and other tamper resistant cryptographic devices can be statistically analyzed to determine keys or other secret data. A data collection and analysis system is configured with an analog-to-digital converter connected to measure the device's consumption of electrical power, or some other property of the target device, that varies during the device's processing. As the target device performs cryptographic operations, data from the A/D converter are recorded for each cryptographic operation. The stored data are then processed using statistical analysis, yielding the entire key, or partial information about the key that can be used to accelerate a brute force search or other attack.Type: GrantFiled: November 3, 2014Date of Patent: August 16, 2016Assignee: Cryptography Research, Inc.Inventors: Paul C. Kocher, Joshua M. Jaffe, Benjamin C. Jun
-
Patent number: 9367693Abstract: A bitstream for configuration of a programmable logic device is received, the bitstream comprising a data segment and authentication data associated with the data segment. The programmable logic device computes a hash of the data segment. The programmable logic device compares the computed hash of the data segment with the authentication data. Configuration of the programmable logic device halts responsive to a determination that the computed hash of the data segment does not match the authentication data. Configuration of the programmable logic device using the data segment continues responsive to a determination that the computed hash of the data segment matches the authentication data.Type: GrantFiled: June 26, 2015Date of Patent: June 14, 2016Assignee: Cryptography Research, Inc.Inventors: Paul C. Kocher, Pankaj Rohatgi, Joshua M. Jaffe