Abstract: A method is provided for detecting interference in a radar system. The method includes transmitting, by a transmitter of the radar system, a sequence of radar pulses at a regular interval with a rest period following each radar pulse of the sequence of radar pulses. The transmitter is disabled during each rest period. A receiver is enabled to receive reflected radar pulses from a target during the rest period following each radar pulse of the sequence of radar pulses. Some of the radar pulses are selected to be omitted and not transmitted. The receiver is still enabled during the rest periods following the omitted transmission pulses. Any reflected pulses received during the rest periods following the omitted transmission pulses may be an indication of a targeted interference of the radar system. In another embodiment, a radar system is provided.

Abstract: One example securely updates an integrated circuit to mitigate undesirable modifications and this involves an application circuit accessing an external network while a (e.g., nonvolatile) program memory is write protected; and a reset-boot circuit resetting and booting the application circuit while access to the external network is disabled, and causing an update for the application circuit. In response to an indication that an update is downloaded for installation, the downloaded update is installed in the memory while access to the external network is disabled, and execution of the reset mode is permitted after the update is installed. Also, a retrieval module may download, in response to an indication that an update is not downloaded, an update provided via the external network while the memory is write-protected and thereby permitting execution of the reset mode after the update is downloaded.

Abstract: Various embodiments relate to a method and system for resuming a secure communication session with a server by a device, including: sending a message to the server requesting the resumption of a secure communication session; receiving from the server a server identifier, a server nonce, and a salt; determining that the device has a shared key with the server based upon the server identifier; determining that the received salt is valid; calculating a salted identifier based upon the shared key and the salt; sending the salted identifier to the server; and resuming the secure communication session with the server.

Abstract: A device and methods are described that comprise at least one host application and a rich execution environment. At least one interface is operably coupled to the REE for communicating with a remote server. A security sub-system comprises a security monitoring and control circuit coupled to the REE and connectable to the remote server via the REE and the at least one interface. The security monitoring and control circuit comprises an analytics circuit configured to detect an anomaly following a compromisation of the device. The security monitoring and control circuit is arranged to treat the REE as an untrusted component and in response to a detection of a compromisation of the REE or a component in the device that is accessible by the REE by the analytics circuit, the security monitoring and control circuit is configured to re-establish a secure connection to the remote server that tunnels through the REE and at least partially removes the compromisation from the device.

Abstract: A method for managing an anonymous e-cash transaction includes receiving a request to withdraw a payment coin, generating a combination of random attributes for the payment coin, creating the payment coin based on the combination of attributes, and issuing the payment coin in exchange for a first asset. Each attribute of the combination of attributes may represent a different portion of a total value of the payment coin. A partially spent value of the payment coin may be based on a revealed subset of the combination of attributes. The method further includes creating a refund coin based on the combination of attributes and spending the refund coin to issue a refund having a value corresponding to an unspent portion of the payment coin. Each attribute of the combination of attributes of the refund coin may represent a different portion of a total value of the refund coin.

Abstract: Various embodiments relate to a method and system for resuming a secure communication session with a server by a device, including: sending a message to the server requesting the resumption of a secure communication session; receiving from the server a server identifier, a server nonce, and a salt; determining that the device has a shared key with the server based upon the server identifier; determining that the received salt is valid; calculating a salted identifier based upon the shared key and the salt; sending the salted identifier to the server; and resuming the secure communication session with the server.

Abstract: Various embodiments relate to a method and system for resuming a secure communication session with a server by a device, including: sending a message to the server requesting the resumption of a secure communication session; receiving from the server a server identifier, a server nonce, and a salt; determining that the device has a shared key with the server based upon the server identifier; determining that the received salt is valid; calculating a salted identifier based upon the shared key and the salt; sending the salted identifier to the server; and resuming the secure communication session with the server.

Abstract: A chip for securing storage of information includes a manager to access a pointer and a cipher engine to decrypt stored data. The pointer includes a first area and a second area. The first area includes an address indicating a storage location of the data and the second area includes a safety tag. The cipher engine decrypts the data output from the storage location based on a key and the safety tag in the second area of the pointer. These and other operations may be performed based on metadata that indicate probabilities that a correct safety tag was used to decrypt the data. In another embodiment, the manager may be replaced with an L1 cache.

Abstract: A method is provided for authenticating one device to another device. In the method, a first device proves to a second device that a first credential comprising multiple first attributes is valid. The second device proves to the first device that a second credential comprising multiple second attributes is valid. The first device reveals a first attribute of the multiple first attributes to the second device. The second device verifies the first attribute and decides whether to continue revealing attributes. If continuing, the second device reveals to the first device a first attribute of the multiple second attributes. The first device verifies the first attribute of the multiple second attributes. The first device decides whether to continue revealing attributes. Attributes can be revealed until one of the first or second devices end the method or until no attributes of the multiple first and second attributes remain to be revealed.

Abstract: Various embodiments relate to a method and system for resuming a secure communication session with a server by a device, including: sending a message to the server requesting the resumption of a secure communication session; receiving from the server a server identifier, a server nonce, and a salt; determining that the device has a shared key with the server based upon the server identifier; determining that the received salt is valid; calculating a salted identifier based upon the shared key and the salt; sending the salted identifier to the server; and resuming the secure communication session with the server.

Abstract: A method is provided for authenticating one device to another device. In the method, a first device proves to a second device that a first credential comprising multiple first attributes is valid. The second device proves to the first device that a second credential comprising multiple second attributes is valid. The first device reveals a first attribute of the multiple first attributes to the second device. The second device verifies the first attribute and decides whether to continue revealing attributes. If continuing, the second device reveals to the first device a first attribute of the multiple second attributes. The first device verifies the first attribute of the multiple second attributes. The first device decides whether to continue revealing attributes. Attributes can be revealed until one of the first or second devices end the method or until no attributes of the multiple first and second attributes remain to be revealed.

Abstract: A system and method for accessing a tagged global variable in software, including: randomly generating tags for global variables in the software; tagging the global variables with the random tags; creating a pointer to each global variable with the random tags in unused bits of the pointer wherein the pointer points to the associated global variable; accessing one global variable indirectly using the tagged pointer; determining whether tag on the accessed global variable matches the tag on the accessed pointer; and indicating a fault when the tag on the accessed global variable does not match the tag on the accessed pointer.

Abstract: A system and method for accessing a tagged global variable in software, including: randomly generating tags for global variables in the software; tagging the global variables with the random tags; creating a pointer to each global variable with the random tags in unused bits of the pointer wherein the pointer points to the associated global variable; accessing one global variable indirectly using the tagged pointer; determining whether tag on the accessed global variable matches the tag on the accessed pointer; and indicating a fault when the tag on the accessed global variable does not match the tag on the accessed pointer.

Abstract: A device and methods are described that comprise at least one host application and a rich execution environment. At least one interface is operably coupled to the REE for communicating with a remote server. A security sub-system comprises a security monitoring and control circuit coupled to the REE and connectable to the remote server via the REE and the at least one interface. The security monitoring and control circuit comprises an analytics circuit configured to detect an anomaly following a compromisation of the device. The security monitoring and control circuit is arranged to treat the REE as an untrusted component and in response to a detection of a compromisation of the REE or a component in the device that is accessible by the REE by the analytics circuit, the security monitoring and control circuit is configured to re-establish a secure connection to the remote server that tunnels through the REE and at least partially removes the compromisation from the device.

Abstract: A method for managing an anonymous e-cash transaction includes receiving a request to withdraw a payment coin, generating a combination of random attributes for the payment coin, creating the payment coin based on the combination of attributes, and issuing the payment coin in exchange for a first asset. Each attribute of the combination of attributes may represent a different portion of a total value of the payment coin. A partially spent value of the payment coin may be based on a revealed subset of the combination of attributes. The method further includes creating a refund coin based on the combination of attributes and spending the refund coin to issue a refund having a value corresponding to an unspent portion of the payment coin. Each attribute of the combination of attributes of the refund coin may represent a different portion of a total value of the refund coin.

Abstract: A chip for securing storage of information includes a manager to access a pointer and a cipher engine to decrypt stored data. The pointer includes a first area and a second area. The first area includes an address indicating a storage location of the data and the second area includes a safety tag. The cipher engine decrypts the data output from the storage location based on a key and the safety tag in the second area of the pointer. These and other operations may be performed based on metadata that indicate probabilities that a correct safety tag was used to decrypt the data. in another embodiment, the manager may be replaced with an L1 cache.

Abstract: A data processing system and method for protecting a memory from unauthorized accesses are provided. The data processing system includes a system bus, a memory coupled to the system bus through a memory controller, and a processing core including a cache system. The memory controller is coupled to the system bus for controlling accesses to the memory that are requested by the processing core. A memory protection circuit uses one or more memory safety violation (MSV) indicators stored in out-of-bounds areas of the memory for detecting when the processing core attempts to access an out-of-bounds area of the memory. The processing core generates an error signal, such as an interrupt, when an attempt to access the out-of-bounds area is detected. The out-of-bounds area may be an unallocated area of the memory. The MSV indicator may be written to the memory by executing a flush instruction of the cache system, and may include the same number of bits as a cache line of the cache system.

Abstract: A data processing system and method for protecting a memory from unauthorized accesses are provided. The data processing system includes a system bus, a memory coupled to the system bus through a memory controller, and a processing core including a cache system. The memory controller is coupled to the system bus for controlling accesses to the memory that are requested by the processing core. A memory protection circuit is coupled to the system bus and to the processing core. The memory protection circuit uses one or more memory safety violation (MSV) indicators stored in out-of-bounds areas of the memory for detecting when the processing core attempts to access an out-of-bounds area of the memory. The processing core generates an error signal, such as an interrupt, when an attempt to access the out-of-bounds area is detected. The out-of-bounds area may be an unallocated area of the memory.

Abstract: A computing system using low-fat pointers, including: a memory configured to be accessed by the low-fat pointers; a processing core configured to access the memory; an interrupt controller configured to receive interrupts and to communicate interrupts to processes running on the processing core; and a memory safety peripheral configured to receive a pointer request, wherein the pointer is a low-fat pointer and to verify that the pointer request is within required memory bounds.

Abstract: A computing system using low-fat pointers, including: a memory configured to be accessed by the low-fat pointers; a processing core configured to access the memory; an interrupt controller configured to receive interrupts and to communicate interrupts to processes running on the processing core; and a memory safety peripheral configured to receive a pointer request, wherein the pointer is a low-fat pointer and to verify that the pointer request is within required memory bounds