Abstract: Disclosed aspects and implementations are directed to systems and techniques for protecting cryptographic operations using change-of-variable transformation, from a first variable to a second variable, of a first polynomial obtained using an input into a cryptographic operation and a second polynomial obtained using a cryptographic key for the cryptographic operation, performing a joint operation using the transformed first polynomial and the transformed second polynomial, and computing an output of the cryptographic operation using an output of the joint operation.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

Abstract: Described are implementations directed to protecting secret data against adversarial attacks by obfuscating the secret data during storage and communication. Obfuscation techniques include, among other things, splitting secret data into a plurality of portions, performing rotation of secret data, splitting secret data into a plurality of shares, modifying shares of secret data in view of the values of the shares, and various other protection mechanisms.

Abstract: Disclosed systems and techniques involve low-latency multi-key encryption processing in which block keys are precomputed based on multiple cryptographic keys, stored, and then selected for encryption or decryption of data during run-time cryptographic operations. The block keys may be precomputed, for each cryptographic key, in such quantities that allow uninterrupted flow of encryption or decryption operations. Replacement block keys may be concurrently generated to replace the blocks being consumed and authentication values may be computed or updated. Various described techniques allow parallel processing for efficient low-latency block key generation and cryptographic operations.

Abstract: Aspects of the present disclosure involve a method and a system to perform the method to obtain a cryptographic output of a plurality of rounds of a cipher, by performing a plurality of modified rounds of the cipher, each of the modified rounds computing an unmasking transform, an operation of a respective round of the cipher, and a masking transform, the unmasking transform being an inverse of the masking transform of a previous round of the cipher.

Abstract: Technologies for modal encryption are described. One memory buffer device includes a compression block and an in-line memory encryption (IME) block. The compression block can output compressed data. The IME block can encrypt uncompressed data at a first granularity and encrypt the compressed data at a second granularity, wherein the second granularity is larger than the first granularity.

Abstract: A value corresponding to a physical variation of a device may be received. Furthermore, helper data associated with the physical variation of the device may be received. A result data may be generated based on a combination of the value corresponding to the physical variation of the device and the helper data. An error correction operation may be performed on the result data to identify one or more code words associated with the error correction operation. Subsequently, a target data may be generated based on the one or more code words.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

Abstract: Systems and methods for protecting cryptographic keys stored in a non-volatile memory. An example method may comprise: storing a device root key in a non-volatile memory; storing a volatile key in a volatile memory; storing a masked cryptographic key in the non-volatile memory, wherein the masked cryptographic key is produced by combining a cryptographic key and the device root key; storing a masked device root key in the non-volatile memory, wherein the masked root key is produced by combining the device root key and the volatile key; and erasing the device root key from the non-volatile memory.

Abstract: Disclosed systems and techniques involve low-latency multi-key encryption processing in which block keys are precomputed based on multiple cryptographic keys, stored, and then selected for encryption or decryption of data during run-time cryptographic operations. The block keys may be precomputed, for each cryptographic key, in such quantities that allow uninterrupted flow of encryption or decryption operations. Replacement block keys may be concurrently generated to replace the blocks being consumed and authentication values may be computed or updated. Various described techniques allow parallel processing for efficient low-latency block key generation and cryptographic operations.

Abstract: A prover chip uses a key multiplier value generated by a proof-of-work function from a challenge value, a random number, and elliptic curve cryptography (ECC) techniques to generate a one-time (or ephemeral) use private key. Similarly, a verifier chip uses the key multiplier value generated by an equivalent proof-of-work function, a public key received from the prover, and ECC techniques to derive a one-time use public key that corresponds to the ephemeral private key generated by the prover chip. The prover chip uses the ephemeral private key to sign the second challenge value and send this signed second challenge value to the verifier chip. The verifier verifies the value it receives using the one-time use public key and if the signature on the second challenge value is valid, authenticates the prover chip to a system.

Abstract: Techniques for providing secure cross-host memory sharing are described herein. A memory buffer device having processing circuitry is to receive a first request from a first initiator to share a region of memory associated with the memory buffer device with a second initiator. The processing circuitry may identify a first passcode associated with the first initiator. The processing circuitry may receive a second request from the second initiator to access the region of memory. The second request includes a second passcode. The processing circuitry may authenticate the second request using the first passcode and the second passcode. Responsive to authentication of the second request, the processing circuitry may generate a mapping between a host physical address space associated with the second initiator and a physical memory address space associated with the region of memory to enable the second initiator to access the region of memory.

Abstract: Aspects of the present disclosure involve a method and a system to perform a cryptographic operation that involves a number theoretic transformation of a first vector to a second vector by obtaining components of the first vector, performing a plurality of iterations that each include determining a plurality of output values, wherein each of the plurality of output values is a linear combination of two or more input values, the input values into a first iteration being the components of the first vector and the output values of the last iteration being representative of components of the second vector, and wherein one or more of the output values of at least one iteration are randomized by multiplying at least one input value by a random number, and determining, based on the output values of the last of the plurality of iterations, the components of the second vector.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

Abstract: Disclosed aspects and implementations are directed to systems and techniques for protecting cryptographic operations against side-channel attacks. In one example, polynomials associated with secret data and public data defined on a working domain having a first dimension are mapped to an auxiliary domain having a larger second dimension. The mapped polynomials are masked using masking polynomials associated with a kernel of a homomorphism transformation from the auxiliary domain to the working domain. One or more computations are then performed on the masked polynomials in the auxiliary domain and an output is transformed from the auxiliary domain to the working domain.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

Abstract: Aspects and implementations are directed to systems and techniques for protecting cryptographic operations against side-channel attacks by masking a ciphertext data using one or more masks randomly sampled from a null space associated with a tensor representation of a secret data and generating a plaintext data using the masked ciphertext data.

Abstract: A value corresponding to a physical variation of a device may be received. Furthermore, helper data associated with the physical variation of the device may be received. A result data may be generated based on a combination of the value corresponding to the physical variation of the device and the helper data. An error correction operation may be performed on the result data to identify one or more code words associated with the error correction operation. Subsequently, a target data may be generated based on the one or more code words.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.