Abstract: A method is described for verification of authenticity of a data source. The method includes generating a key and receiving a digital certificate. The key may be a private key of a key pair, and the digital certificate may be a qualified e-signature (QES) certificate that is tied to the data source and generated by an electronic identification, authentication and trust services (eIDAS). Using the digital certificate and the key, creating a signature certificate. The signature certificate may be stored in a secure element of a recording device. The recording device receives a data stream that may comprise one or more of audio, video, photo, or other sensor data. The data stream is signed with the signature certificate. A public key of the key pair may then be used to verify that the data stream originated at the data source.

Abstract: A method is described for verification of authenticity of a data source. The method includes generating a key and receiving a digital certificate. The key may be a private key of a key pair, and the digital certificate may be a qualified e-signature (QES) certificate that is tied to the data source and generated by an electronic identification, authentication and trust services (eIDAS). Using the digital certificate and the key, creating a signature certificate. The signature certificate may be stored in a secure element of a recording device. The recording device receives a data stream that may comprise one or more of audio, video, photo, or other sensor data. The data stream is signed with the signature certificate. A public key of the key pair may then be used to verify that the data stream originated at the data source.

Abstract: A method of accessing secure data on a user device, wherein authentication access of the user device is not available, including: receiving a request from a requester to access secure data in the user device; receiving authentication input from a user; authenticating a data input from the user using a control token; and providing access to secure data to the requester.

Abstract: A method is provided for securely provisioning a plurality of integrated circuits (ICs) manufactured by a first entity for use in a plurality of manufactured product types manufactured by a second entity. Each IC of the plurality of ICs includes a key pair and a unique identifier (UID). The first entity generates a plurality of key pairs that are not related to the plurality of ICs. A plurality of product types is received from the second entity. A plurality of certificates is generated by the first entity using the UIDs and the key pairs. The plurality of certificates is transferred from a first computer system of the first entity to a second computer system under physical control of the second entity. The second entity injects the plurality of ICs with selected certificates of the plurality of certificates. Unused certificates may be deleted from the second computer system.

Abstract: A REE can approve or deny authentication based on a sensor output signal and a secure element (SE) operatively coupled to the REE can detect a replay attack. A feature extractor produces a feature vector from the sensor output signal. The feature vector can be used to authenticate a user. Detecting the replay attack can include storing previous feature vectors, sending a security breached signal to the REE in response to determining that the feature vector equals one of the previous feature vectors, and storing the feature vector as one of the previous feature vectors. The REE can deny authentication in response to receiving the security breached signal.

Abstract: A data processing system and a method are provided for executing an obfuscated computer program. A function that computes an obfuscated address for each instruction of a plurality of instructions is provided. The function is factored into a first part and a second part. The first part is stored in a memory of the data processing system. The second part and a secret are stored in a secure element of the data processing system, where the secure element is relatively more secure than the memory. An instruction of the plurality of instructions is received in the data processing system. A processor of the data processing system computes an intermediate obfuscated address using the first part. The intermediate obfuscated address is provided to the secure element. An unobfuscated address is computed in the secure element using the intermediate obfuscated address, the second part, and the secret.

Abstract: A data processing system and a method are provided for recognizing a scanned biometric characteristic in the data processing system. The data processing system includes a biometric sensor, a rich execution environment (REE), and a secure element (SE). In one embodiment, during an enrollment operation, a random challenge is applied to scanned data to produce a biometric template that is stored. During subsequent validation operations, the SE determines if user data includes evidence of the random challenge before providing access to a secure application. Evidence of the random challenge indicates the user data was provided by the biometric sensor. In another embodiment, the sensor data is split between the REE and the SE and partially processed in the SE. The described embodiments prevent a replay attack from being conducted in communications between the REE and the SE.

Abstract: A method is provided for securely provisioning a plurality of integrated circuits (ICs) manufactured by a first entity for use in a plurality of manufactured product types manufactured by a second entity. Each IC of the plurality of ICs includes a key pair and a unique identifier (UID). The first entity generates a plurality of key pairs that are not related to the plurality of ICs. A plurality of product types is received from the second entity. A plurality of certificates is generated by the first entity using the UIDs and the key pairs. The plurality of certificates is transferred from a first computer system of the first entity to a second computer system under physical control of the second entity. The second entity injects the plurality of ICs with selected certificates of the plurality of certificates. Unused certificates may be deleted from the second computer system.

Abstract: Various embodiments relate to a method of producing a machine learning model with a fingerprint that maps an input value to an output label, including: selecting a set of extra input values, wherein the set of extra input values does not intersect with a set of training labeled input values for the machine learning model; selecting a first set of artificially encoded output label values corresponding to each of the extra input values in the set of extra input values, wherein the first set of artificially encoded output label values are selected to indicate the fingerprint of a first machine learning model; and training the machine learning model using a combination of the extra input values with associated first set of artificially encoded output values and the set of training labeled input values to produce the first learning model with the fingerprint.

Abstract: A data processing system and a method are provided for recognizing a scanned biometric characteristic in the data processing system. The data processing system includes a biometric sensor, a rich execution environment (REE), and a secure element (SE). In one embodiment, during an enrollment operation, a random challenge is applied to scanned data to produce a biometric template that is stored. During subsequent validation operations, the SE determines if user data includes evidence of the random challenge before providing access to a secure application. Evidence of the random challenge indicates the user data was provided by the biometric sensor. In another embodiment, the sensor data is split between the REE and the SE and partially processed in the SE. The described embodiments prevent a replay attack from being conducted in communications between the REE and the SE.

Abstract: A data processing system and a method are provided for recognizing a scanned biometric characteristic in the data processing system. The data processing system includes a biometric sensor, a rich execution environment (REE), and a secure element (SE). In one embodiment, during an enrollment operation, a random challenge is applied to scanned data to produce a biometric template that is stored. During subsequent validation operations, the SE determines if user data includes evidence of the random challenge before providing access to a secure application. Evidence of the random challenge indicates the user data was provided by the biometric sensor. In another embodiment, the sensor data is split between the REE and the SE and partially processed in the SE. The described embodiments prevent a replay attack from being conducted in communications between the REE and the SE.

Abstract: A data processing system and a method are provided for recognizing a scanned biometric characteristic in the data processing system. The data processing system includes a biometric sensor, a rich execution environment (REE), and a secure element (SE). In one embodiment, during an enrollment operation, a random challenge is applied to scanned data to produce a biometric template that is stored. During subsequent validation operations, the SE determines if user data includes evidence of the random challenge before providing access to a secure application. Evidence of the random challenge indicates the user data was provided by the biometric sensor. In another embodiment, the sensor data is split between the REE and the SE and partially processed in the SE. The described embodiments prevent a replay attack from being conducted in communications between the REE and the SE.

Abstract: A method is provided for authenticating a device in a system having a blockchain. The method includes executing a one-side authentication of the device. The results of the one-side authentication are submitted to the blockchain at a first blockchain node of a plurality of blockchain nodes. The one-side authentication is later verified at a second blockchain node of the plurality of blockchain nodes. The device may be a tag in a radio frequency identification (RFID) system.

Abstract: A method is provided for authenticating a device in a system having a blockchain. The method includes executing a one-side authentication of the device. The results of the one-side authentication are submitted to the blockchain at a first blockchain node of a plurality of blockchain nodes. The one-side authentication is later verified at a second blockchain node of the plurality of blockchain nodes. The device may be a tag in a radio frequency identification (RFID) system.

Abstract: Various embodiments relate to a method of producing a machine learning model with a fingerprint that maps an input value to an output label, including: selecting a set of extra input values, wherein the set of extra input values does not intersect with a set of training labeled input values for the machine learning model; selecting a first set of artificially encoded output label values corresponding to each of the extra input values in the set of extra input values, wherein the first set of artificially encoded output label values are selected to indicate the fingerprint of a first machine learning model; and training the machine learning model using a combination of the extra input values with associated first set of artificially encoded output values and the set of training labeled input values to produce the first learning model with the fingerprint.

Abstract: A portion of a reprogrammable storage device is used to implement permanent data storage. The storage device includes a plurality of electrically erasable memory elements and a controller. The plurality of electrically erasable memory elements are configured to store data. Each memory element is programmable a number of write cycles before reaching a write failure state. The controller is coupled to the plurality of memory elements. The controller includes a receiver and a write engine. The receiver receives an instruction to drive a selected memory element to the write failure state. The write engine repeatedly writes a data value, in a plurality of write operations, to the selected memory element until the write failure state of the selected memory element is established.

Abstract: A proximity check ensures that a card is physically close to the reader device in order to inhibit relay attacks. The proximity check makes relay attacks more difficult because an additional channel must be intercepted and/or spoofed or relayed. This solution can be used for any kind of short-range communication, including Near Field Communications (NFC).

Abstract: A portion of a reprogrammable storage device is used to implement permanent data storage. The storage device includes a plurality of electrically erasable memory elements and a controller. The plurality of electrically erasable memory elements are configured to store data. Each memory element is programmable a number of write cycles before reaching a write failure state. The controller is coupled to the plurality of memory elements. The controller includes a receiver and a write engine. The receiver receives an instruction to drive a selected memory element to the write failure state. The write engine repeatedly writes a data value, in a plurality of write operations, to the selected memory element until the write failure state of the selected memory element is established.

Abstract: A program is obfuscated by reordering its instructions. Original instruction addresses are mapped to target addresses in an irregular way, with position dependent address steps between the addresses of logically successive instructions. Preferably pseudo-random address steps are used, for example with address steps that have mutually opposite sign with equal frequency. The data processing device has an instruction flow control unit that updates instruction addresses according the position dependent address steps. The instruction flow control unit may comprise a circuit that contains secret information, which is not normally accessible from the outside, to control the updates. A lookup table may be used for example, with address steps, successor addresses or mapped address values. In an embodiment the mapping of original instruction addresses to target addresses may be visualized by means of a path (36) along points in an n-dimensional array, where n is greater than one.

Abstract: Pairing is achieved between a host communications device and a peripheral communications device, in order to establish an ad hoc wireless or wired network. A device identification, relating uniquely to the peripheral device, is displayed on the host device. In order to accept the pairing, the user confirms that the device identification displayed on the host device matches that printed on the peripheral device, and then completes the pairing procedure by pressing a key on the peripheral device, or, if Near Field Communication (NFC) techniques are implemented in the devices, by placing the peripheral device in contact with, or sufficiently close to, the host device. Thus, secure pairing is achieved, without requiring a complex user interface on the peripheral device.