Abstract: A prover chip uses a key multiplier value generated by a proof-of-work function from a challenge value, a random number, and elliptic curve cryptography (ECC) techniques to generate a one-time (or ephemeral) use private key. Similarly, a verifier chip uses the key multiplier value generated by an equivalent proof-of-work function, a public key received from the prover, and ECC techniques to derive a one-time use public key that corresponds to the ephemeral private key generated by the prover chip. The prover chip uses the ephemeral private key to sign the second challenge value and send this signed second challenge value to the verifier chip. The verifier verifies the value it receives using the one-time use public key and if the signature on the second challenge value is valid, authenticates the prover chip to a system.

Abstract: Techniques for providing secure cross-host memory sharing are described herein. A memory buffer device having processing circuitry is to receive a first request from a first initiator to share a region of memory associated with the memory buffer device with a second initiator. The processing circuitry may identify a first passcode associated with the first initiator. The processing circuitry may receive a second request from the second initiator to access the region of memory. The second request includes a second passcode. The processing circuitry may authenticate the second request using the first passcode and the second passcode. Responsive to authentication of the second request, the processing circuitry may generate a mapping between a host physical address space associated with the second initiator and a physical memory address space associated with the region of memory to enable the second initiator to access the region of memory.

Abstract: Aspects of the present disclosure involve a method and a system to perform a cryptographic operation that involves a number theoretic transformation of a first vector to a second vector by obtaining components of the first vector, performing a plurality of iterations that each include determining a plurality of output values, wherein each of the plurality of output values is a linear combination of two or more input values, the input values into a first iteration being the components of the first vector and the output values of the last iteration being representative of components of the second vector, and wherein one or more of the output values of at least one iteration are randomized by multiplying at least one input value by a random number, and determining, based on the output values of the last of the plurality of iterations, the components of the second vector.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

Abstract: Disclosed aspects and implementations are directed to systems and techniques for protecting cryptographic operations against side-channel attacks. In one example, polynomials associated with secret data and public data defined on a working domain having a first dimension are mapped to an auxiliary domain having a larger second dimension. The mapped polynomials are masked using masking polynomials associated with a kernel of a homomorphism transformation from the auxiliary domain to the working domain. One or more computations are then performed on the masked polynomials in the auxiliary domain and an output is transformed from the auxiliary domain to the working domain.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

Abstract: Aspects and implementations are directed to systems and techniques for protecting cryptographic operations against side-channel attacks by masking a ciphertext data using one or more masks randomly sampled from a null space associated with a tensor representation of a secret data and generating a plaintext data using the masked ciphertext data.

Abstract: A value corresponding to a physical variation of a device may be received. Furthermore, helper data associated with the physical variation of the device may be received. A result data may be generated based on a combination of the value corresponding to the physical variation of the device and the helper data. An error correction operation may be performed on the result data to identify one or more code words associated with the error correction operation. Subsequently, a target data may be generated based on the one or more code words.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

Abstract: A value corresponding to a physical variation of a device may be received. Furthermore, helper data associated with the physical variation of the device may be received. A result data may be generated based on a combination of the value corresponding to the physical variation of the device and the helper data. An error correction operation may be performed on the result data to identify one or more code words associated with the error correction operation. Subsequently, a target data may be generated based on the one or more code words.

Abstract: A random number generator selects addresses while a ‘scoreboard’ bank of registers (or bits) tracks which addresses have already been output (e.g., for storing or retrieval of a portion of the data.) When the scoreboard detects an address has already been output, a second address which has not been used yet is output rather than the randomly selected one. The second address may be selected from nearby addresses that have not already been output.

Abstract: An asymmetric key cryptographic system is used to generate a cryptographic certificate for authenticating a memory module. This certificate is generated based on information, readable by the authenticator (e.g., host system), from at least one device on the memory module that is not read in order to obtain the certificate. For example, the certificate for authenticating a module may be stored in the nonvolatile memory of a serial presence detect device. The certificate itself, however, is based at least in part on information read from at least one other device on the memory module. Examples of this other device include a registering clock driver, DRAM device(s), and/or data buffer device(s). In an embodiment, the information read from a device (e.g., DRAM) may be based on one or more device fingerprint(s) derived from physical variations that occur naturally, and inevitably, during integrated circuit manufacturing.

Abstract: Technologies for modal encryption are described. One memory buffer device includes a compression block and an in-line memory encryption (IME) block. The compression block can output compressed data. The IME block can encrypt uncompressed data at a first granularity and encrypt the compressed data at a second granularity, wherein the second granularity is larger than the first granularity.

Abstract: Aspects of the present disclosure involve implementations that may be used to protect neural network models against adversarial attacks by obfuscating neural network operations and architecture. Obfuscation techniques include obfuscating weights and biases of neural network nodes, obfuscating activation functions used by neural networks, as well as obfuscating neural network architecture by introducing dummy operations, dummy nodes, and dummy layers into the neural networks.

Abstract: Aspects of the present disclosure involve a method, a system and a computer readable memory to perform a secure update of a target device, including communicating an update instruction to the target device, generating one or more data values using the update instruction, generating a first authentication value using the data value(s), receiving a second authentication value from the target device, wherein the second authentication value is generated by the target device in response to the update instruction, and determining whether the secure update has been successful based on a comparison of the first authentication value and the second authentication value.

Abstract: A method of and system for gate-level masking of secret data during a cryptographic process is described. A mask share is determined, wherein a first portion of the mask share includes a first number of zero-values and a second number of one-values, and a second portion of the mask share includes the first number of one-values and the second number of zero-values. Masked data values and the first portion of the mask share are input into a first portion of masked gate logic, and the masked data values and the second portion of the mask share are input into a second portion of the masked gate logic. A first output from the first portion of the masked gate logic and a second output from the second portion of the masked gate logic are identified, wherein either the first output or the second output is a zero-value.

Abstract: A cryptographic accelerator (processor) retrieves data blocks for processing from a memory. These data blocks arrive and are stored in an input buffer in the order they were stored in memory (or other known order)—typically sequentially according to memory address (i.e., in-order.) The processor waits until a certain number of data blocks are available in the input buffer and then randomly selects blocks from the input buffer for processing. This randomizes the processing order of the data blocks. The processing order of data blocks may be randomized within sets of data blocks associated with a single read transaction, or across sets of data blocks associated with multiple read transactions.

Abstract: Disclosed are memory encryption systems and methods that rotate encryption keys for robust resistance against side-channel-analysis (SCA)-based attacks on communication paths between an encryption engine within a trust boundary and an external memory component. A key data structure has a plurality of keys that are used to encrypt a plurality of memory blocks in the external memory. The memory blocks encrypted with the oldest key of the key data structure are identified. Encrypted data is read from the identified memory blocks. The encrypted data is decrypted from the identified memory blocks. The data is then re-encrypted using the selected key that is newer than the oldest key, and re-written to the identified memory blocks.

Abstract: Technologies for detecting an error using a message authentication code (MAC) associated with cache line data and differentiating the error as having been caused by an attack on memory or a MAC verification failure caused by an ECC escape. One memory buffer device includes an in-line memory encryption (IME) circuit to generate the MACs and verify the MACs. Upon a MAC verification failure, the memory buffer device can analyze at least one of the historical MAC verification failures or historical ECC-corrected errors over time to determine if the error is caused by an attack on memory.