Abstract: An apparatus comprises an input register comprising an input polynomial, a processing datapath communicatively coupled to the input register comprising a plurality of compute nodes to perform a number theoretic transform (NTT) algorithm on the input polynomial to generate an output polynomial in NTT format. The plurality of compute nodes comprises at least a first butterfly circuit to perform a series of butterfly calculations on input data and a randomizing circuitry to randomize an order of the series of butterfly calculations.

Abstract: In one example an apparatus comprises a computer readable memory, hash logic to generate a message hash value based on an input message, signature logic to generate a signature to be transmitted in association with the message, the signature logic to apply a hash-based signature scheme to a private key to generate the signature comprising a public key, and accelerator logic to pre-compute at least one set of inputs to the signature logic. Other examples may be described.

Abstract: Embodiments are directed to countermeasures for side-channel attacks on protected sign and key exchange operations. An embodiment of storage mediums includes instructions for commencing a process including an elliptic curve scalar multiplication (ESM) operation including application of a secret scalar value; splitting the secret scalar value into two random scalar values; counting a number of leading ‘0’ bits in the scalar value and skipping the number of leading ‘0’ bits in processing; performing an ESM iteration for each bit of the secret scalar value beginning with a most significant ‘1’ bit of the scalar value including a Point Addition operation and a Point Double operation for each bit on randomized points; performing ESM operation dummy iterations equal to the number of leading ‘0’ bits; and returning an output result for the ESM operation.

Abstract: In one example an apparatus comprises an input register to receive at least a portion of a transport layer data packet, an encryption/decryption pipeline communicatively coupled to the input register, comprising a first section comprising a set of advanced encryption standard (AES) engines including at least a first AES engine to perform encryption and/or decryption operations on input data from the at least a portion of a transport layer data packet, a second AES engine to determine an authentication key, and a third AES engine to determine an authentication tag mask, a second section comprising a first set of Galois field multipliers comprising at least a first Galois field multiplier to compute a first multiple of the authentication key, a third section comprising a second set of Galois field multipliers to compute a first partial authentication tag, and a fourth section comprising a processing circuitry to compute a second partial authentication tag and a final authentication tag.

Abstract: Embodiments are directed to post quantum public key signature operation for reconfigurable circuit devices. An embodiment of an apparatus includes one or more processors; and a reconfigurable circuit device, the reconfigurable circuit device including a dedicated cryptographic hash hardware engine, and a reconfigurable fabric including logic elements (LEs), wherein the one or more processors are to configure the reconfigurable circuit device for public key signature operation, including mapping a state machine for public key generation and verification to the reconfigurable fabric, including mapping one or more cryptographic hash engines to the reconfigurable fabric, and combining the dedicated cryptographic hash hardware engine with the one or more mapped cryptographic hash engines for cryptographic signature generation and verification.

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed for anomaly detection and recovery. An apparatus to isolate a first controller in an autonomous vehicle includes a first controller to control a reference signal of the autonomous vehicle via a communication bus, a second controller to control the reference signal of the autonomous vehicle when the first controller is compromised, and a message neutralizer to neutralize messages transmitted by the first controller when the first controller is compromised, the neutralized messages to cause the first controller to become isolated from the communication bus.

Abstract: Systems, apparatuses, and methods to response to detected attacks in an autonomous system based on context of the autonomous system are described. In particular, the disclosure provides an intrusion detection system receiving contexts and contracts dictating particular response guide rails from a higher level components or stack on the autonomous system. The intrusion detection system is arranged to respond to attacks according to the contract without intervention by the higher level components or stack.

Abstract: Systems, apparatuses, and methods to response to distinguish a ghost target from an actual target based on radar signals is provided. In particular, the disclosure provides an intrusion detection system adapted to receive radar signals and distinguish a potential ghost target from a legitimate target based on a signal to noise ratio of the radar signals and a range to the ghost target and the legitimate target.

Abstract: Systems, apparatuses, and methods to identify bus-off and masquerade attacks against ECUs transmitting on a communication bus from behind a gateway coupled to the communication bus. The disclosure further describes systems, apparatuses, and methods to mitigate against bus-off attacks made against an ECU coupled to a communication bus through a gateway.

Abstract: Systems, apparatuses, and methods to response to distinguish a ghost target from an actual target based on radar signals and ranges determined from the radar signals. In particular, the disclosure provides an intrusion detection system receiving ranges and velocities for targets detected based on radar signals, determining a potential ghost target from the received velocities and confirming the potential ghost target based on estimated ranges and perturbations of the vehicle speed.

Abstract: In one example an apparatus comprises a computer readable memory, a signing facility comprising a plurality of hardware security modules, and a state synchronization manager comprising processing circuitry to select, from the plurality of hardware security modules, a set of hardware security modules to be assigned to a digital signature process, the set of hardware security modules comprising at least a first hardware security module and a second hardware module, and assign a set of unique state synchronization counter sequences to the respective set of hardware security modules, the set of state synchronization counter sequences comprising at least a first state synchronization counter sequence and a second state synchronization counter sequence. Other examples may be described.

Abstract: An embodiment of a semiconductor package apparatus may include technology to acquire location related information, acquire local area characteristic information, and verify the location related information based on the local area characteristic information. Other embodiments are disclosed and claimed.

Abstract: Systems, apparatuses, and methods to establish a mapping between message identifications for messages transmitted on a communication bus and electronic control units transmitting the messages is provided. In particular, retransmission of a low priority message onto the bus is forced such that the retransmitted low priority message overlaps with a higher priority message to determine whether the messages originated from the same ECU.

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed for anomaly detection and recovery. An apparatus to isolate a first controller in an autonomous vehicle includes a first controller to control a reference signal of the autonomous vehicle via a communication bus, a second controller to control the reference signal of the autonomous vehicle when the first controller is compromised, and a message neutralizer to neutralize messages transmitted by the first controller when the first controller is compromised, the neutralized messages to cause the first controller to become isolated from the communication bus.

Abstract: A method comprises maintaining, for at least one remote device, a security footprint and a verified version of a software stack for the remote device, generating an attestation initiation token that includes a nonce to be used to generate an XMSS signature for attestation of the remote device, sending the attestation initiation token to the remote device, receiving, from the remote device, a modified message representative including a hash of a current version of a software stack for the remote device and an indicator of a version number of the current version of the software stack for the remote device, validating the hash, and in response to a determination that the hash is valid, generating an XMSS signature using the security footprint and the current version of a software stack for the remote device and a security footprint for the apparatus.

Abstract: An apparatus comprises an input register comprising a state register and a parity field, a first round secure hash algorithm (SHA) datapath communicatively coupled to the state register, comprising a first section to perform a ? step of a SHA calculation, a second section to perform a ? step and a ? step of the SHA calculation, a third section to perform a ? step of the SHA calculation and a fourth section to perform a ? step of the SHA calculation.

Abstract: A method comprises receiving an image of an update for a software module, a rate parameter, an index parameter, and a public key, generating a 32-byte aligned string, computing a state parameter using the 32-byte aligned string, generating a modified message representative, computing a Merkle Tree root node, and in response to a determination that the Merkle Tree root node matches the public key, forwarding, to a remote device, the image of the update for a software module, the state parameter; and the modified message representative.

Abstract: A platform comprising numerous reconfigurable circuit components arranged to operate as primary and redundant circuits is provided. The platform further comprises security circuitry arranged to monitor the primary circuit for anomalies and reconfigurable circuit arranged to disconnect the primary circuit from a bus responsive to detection of an anomaly. Furthermore, the present disclosure provides for the quarantine, refurbishment and designation as redundant, the anomalous circuit.

Abstract: Systems, apparatuses, and methods to establish ground truth for an intrusion detection system using machine learning models to identify an electronic control unit transmitting a message on a communication bus, such as an in-vehicle network bus, are provided. Voltage signatures for overlapping message identification (MID) numbers are collapsed and trained on a single ECU label.

Abstract: Systems, apparatuses, and methods to accelerate classification of malicious activity by an intrusion detection system are provided. An intrusion detection system can speculate on classification of labels in a random forest model based on temporary and incomplete set of features. Additionally, an intrusion detection system can classify malicious context based on a set of committed nodes in the random forest model.