Abstract: A system and method for generating pseudorandom numbers by initializing a counter value for a call-counter, sending a bit-wise form of the counter value from the counter to a mixing function, and mixing the counter value to generate the pseudorandom number. The mixing function may be a XOR tree, substitution-permutation, or double-mix Feistel. The pseudorandom number generator can operate by mixing the bits of the call-counter, repeatedly mixing its own output, or a combination thereof. The counter is incremented by a predetermined value. In order to provide backward secrecy, the pseudorandom number is processed by a one-way function or is hashed with a cryptographic hash function, and the result thereof is used as an input value for a subsequent cycle of the mixing function. Also, several mixing functions can be operated in parallel with their output XORed.

Abstract: A method of encrypting and authenticating messages in a communication system includes generating new keys by receiving a plurality of parameters including at least one of an initial key, a nonce, a sequence number, and a previous key. The method may include applying a mix function to generate a subsequent key based on the plurality of parameters for key rolling. The method may include encrypting and authenticating data using different subsequent keys.

Abstract: System and methods for generating round keys for a cryptographic operation are disclosed. The systems and method can use logic circuits that are operable to: obtain first inputs and second inputs; perform a bit-mixer operation on each of the first inputs and the second inputs; and generate round keys based on the performing. The first inputs include a plurality of equal sized subkeys from a key material that is divided into a plurality of equal sized key material sub-blocks, a cipher key and the second inputs include a random input, one or more previous round keys, a round number. The cryptographic operation includes a cipher, a hash function, or a stream generator. The bit-mixer operation includes an exclusive-OR (XOR) tree, a substitution-permutation network, or a double-mix Feistel network, or a Rotate-Add-XOR (RAX) construction.

Abstract: A method of providing security in a computer system includes dividing a block of data into initial left and right halves, and calculating updated left and right halves for each of a plurality of rounds. Calculating the updated left half includes applying a first function to an input left half to produce a first result, and mixing the first result with an input right half. Calculating the updated right half includes applying a second function to the input left half to produce a second result, and mixing the second result with a round key. The input left and right halves are the initial left and right halves for the first round, and thereafter the updated left and right halves for an immediately preceding round. And method may include producing a block of ciphertext with a key composed of the updated left and right halves for the last round.

Abstract: A method of providing security in a computer system includes performing a memory refresh of a window of memory locations in a memory, and in which each memory location stores a version value and a block of ciphertext. The version value may be updated with each write operation at a memory location; and the block of ciphertext may be produced with a key that changes with each write operation and from memory location to memory location. The memory refresh may include performing a periodic read operation followed by a corresponding write operation at each memory location. Between the read and write operations, the version value stored at the memory location may be compared with a chronologically earliest version value stored at any memory location of the window, and validity of the block of ciphertext stored at the memory location may be verified based on the comparison.

Abstract: A system and method for using mixing functions to generate and manipulate authentication keys based on the data being decrypted to mitigate the effect of side channel attacks based on differential power analysis (DPA). The mixing function may be based on a XOR tree, substitution-permutation networks, or double-mix Feistel networks. The mixing function uses some secret key material, which diversifies its behavior between different instantiations.

Abstract: A system and method for encoding data by providing data expansion and compression functions for arbitrary input and output lengths. The input is partitioned into groups of sequential bits. A subkey is selected from secret key material for each group of the input bits. A tree of XOR gates applies XOR operations between the subkeys to generate the output. The XOR gates are arranged in layers and all the XOR gates within a layer switch at about the same time. A compression function is performed if the input length is greater than or equal to the output length and an expansion function is performed if the input length is less than or equal to the output length. There is no statistical correlation between the input and the output. A nonlinear function can be applied to the output such as an invertible S-Box, non-invertible S-Box, or series of Rotate-Add-XOR operations.

Abstract: A system and method for providing a scrambled tweak mode of block cipher encryption for a device that mitigates the effect of side channel attacks based on differential power analysis (DPA). The scrambled tweak mode encryption engine creates noise at the start of the encryption process by obfuscating the counter value with the use of the very fast mixing function, such as a mixing function based on a XOR tree, substitution-permutation networks, or double-mix Feistel networks. The mixing function uses some secret key material, which diversifies its behavior between different instantiations. Because the counter values are scrambled and the mixing functions operate very fast in parallel hardware, the input of the block cipher is pseudorandom and groups of blocks can't be correlated.

Abstract: An apparatus can include at least one test circuit configured to determine if bits sampled at a sample frequency from at least one bit generator are random, and a circuit configured to adjust the sample frequency if the at least one test circuit determines that the sampled bits are not random. The apparatus can be a random number generator. A method may include sampling bits at a first sample frequency, and sampling bits at a second sample frequency if the sampled bits associated with the first sample frequency are not random.

Abstract: A method of protecting information in a data storage device is provided. The method includes receiving, in the data storage device, encrypted data via a host computer in which the data storage device is employed. The encrypted data is then decrypted, and re-encrypted, in the data storage device, either before storage or just before data is transferred back to the host computer. The decryption and re-encryption (transcription) is performed substantially independently of the host computer. In addition, a data storage device, readable by a computer system, for implementing the above method for protecting information is provided.

Abstract: A system and method for providing a scrambled counter mode encryption for a device that mitigates the effect of side channel attacks based on differential power analysis (DPA). The scrambled counter mode encryption engine creates noise at the start of the encryption process by obfuscating the counter value with the use of the very fast mixing function, such as a mixing function based on a XOR tree, substitution-permutation networks, or double-mix Feistel networks. The mixing function uses some secret key material, which diversifies its behavior between different instantiations. Because the counter values are scrambled and the mixing functions operate very fast in parallel hardware, the input of the block cipher is pseudorandom and groups of blocks can't be correlated. The output of the block cipher is XORed with a plaintext message to obtain a cipher text message.

Abstract: Methods of securely authenticating a host to a storage system are provided. A series of authentication sessions are illustratively performed. Each of the authentication sessions includes the host transmitting an authentication request to the storage system. The storage system authenticates the host based at least in part upon a content of the authentication request. After each successful authentication of the host to the storage system, an encryption key that was utilized in encrypting the authentication request that was transmitted to the storage system is deleted. After each encryption key deletion, a new encryption key that is different than the previous key is optionally stored and is utilized in the next authentication session.

Abstract: A system and method for generating pseudorandom numbers by initializing a counter value for a call-counter, sending a bit-wise form of the counter value from the counter to a mixing function, and mixing the counter value to generate the pseudorandom number. The mixing function may be a XOR tree, substitution-permutation, or double-mix Feistel. The pseudorandom number generator can operate by mixing the bits of the call-counter, repeatedly mixing its own output, or a combination thereof. The counter is incremented by a predetermined value. In order to provide backward secrecy, the pseudorandom number is processed by a one-way function or is hashed with a cryptographic hash function, and the result thereof is used as an input value for a subsequent cycle of the mixing function. Also, several mixing functions can be operated in parallel with their output XORed.

Abstract: A system and method for using mixing functions to generate and manipulate authentication keys based on the data being decrypted to mitigate the effect of side channel attacks based on differential power analysis (DPA). The mixing function may be based on a XOR tree, substitution-permutation networks, or double-mix Feistel networks. The mixing function uses some secret key material, which diversifies its behavior between different instantiations.

Abstract: A system and method for providing a scrambled counter mode encryption for a device that mitigates the effect of side channel attacks based on differential power analysis (DPA). The scrambled counter mode encryption engine creates noise at the start of the encryption process by obfuscating the counter value with the use of the very fast mixing function, such as a mixing function based on a XOR tree, substitution-permutation networks, or double-mix Feistel networks. The mixing function uses some secret key material, which diversifies its behavior between different instantiations. Because the counter values are scrambled and the mixing functions operate very fast in parallel hardware, the input of the block cipher is pseudorandom and groups of blocks can't be correlated. The output of the block cipher is XORed with a plaintext message to obtain a cipher text message.

Abstract: A system and method for providing a scrambled tweak mode of block cipher encryption for a device that mitigates the effect of side channel attacks based on differential power analysis (DPA). The scrambled tweak mode encryption engine creates noise at the start of the encryption process by obfuscating the counter value with the use of the very fast mixing function, such as a mixing function based on a XOR tree, substitution-permutation networks, or double-mix Feistel networks. The mixing function uses some secret key material, which diversifies its behavior between different instantiations. Because the counter values are scrambled and the mixing functions operate very fast in parallel hardware, the input of the block cipher is pseudorandom and groups of blocks can't be correlated.

Abstract: A method of providing security in a computer system includes producing an output block of data from an input block of data, which may be performed by one or more logic circuits. The output block of data may be produced by a cipher that includes a plurality of parallel, different mixing functions and a combination function. In this regard, producing the output block of data includes applying the plurality of parallel, different mixing functions to the input block of data to produce a plurality of updated blocks of data, with each mixing function mapping the input block of data to a respective one of the plurality of updated blocks of data. And producing the output block of data includes combining the plurality of updated blocks of data in the combination function to produce the output block of data.

Abstract: A method of encrypting and authenticating messages in a communication system includes generating new keys by receiving a plurality of parameters including at least one of an initial key, a nonce, a sequence number, and a previous key. The method may include applying a mix function to generate a subsequent key based on the plurality of parameters for key rolling. The method may include encrypting and authenticating data using different subsequent keys.

Abstract: A system and method includes a processing unit connected with a memory, the processing unit configured to access data from the memory. A memory transaction unit is added between the processing unit and the memory. The memory transaction unit is configured to perform dummy read- and write-operations at random memory locations at random times and/or insert random delays before real accesses by the processing unit from the memory.

Abstract: Method and apparatus for writing data to a non-volatile memory device, such as a solid state drive (SSD). In accordance with various embodiments, a host write command is serviced by writing a newer copy of user data to a first selected empty physical location in a non-volatile memory, and by concurrently overwriting an older copy of said user data previously stored to a different, second selected occupied physical location of the non-volatile memory.