Abstract: If a secure element accesses a resource that is separate from the secure element, conducting a secure transaction can be inefficient in terms of power or time. Power usage is inefficient if the resource is never permitted to sleep, and transaction time is inefficient if the resource is permitted to sleep, and the user experiences a delay. To enable dual efficiency, a resource entity is permitted to be powered down. The resource entity is then powered up speculatively by an activation controller. The activation controller predicts an upcoming secure transaction based on sensor output, such as a position fix or a detected electromagnetic field. Based on monitored sensor output, the activation controller issues an activation signal to power up the secure element or the resource entity prior to initiation of the upcoming secure transaction. Thus, power can be conserved without introducing a transaction-processing latency.

Abstract: This document describes a secure element that leverages the resources of a computer system to perform specialized functions using sensitive information. The secure element securely stores sensitive information on flash memory of the computer system. In response to a request requiring use of sensitive information, the secure element loads a security application and sensitive information from the computer system. By leveraging external resources, the secure element may flexibly accommodate increasing resource requirements of the computer system and be used in a wide range of computer systems.

Abstract: This document describes methods and systems that use an undefined lifecycle state identifier to manage security of a system-on-chip (SoC) integrated circuit (IC) device. As part of the described techniques, the SoC IC device may include a first set of logic integrated circuitry that determines that a first combination of bit values fails to correspond to a known lifecycle state identifier. The first set of logic integrated circuitry may then provide, to a second set of logic integrated circuitry, a second combination of bit values that corresponds to the undefined lifecycle state identifier. The second set of logic integrated circuitry may then place the SoC IC device into an undefined lifecycle state.

Abstract: Techniques and apparatuses are described that implement the secure external data storage. A computing system may include a system-on-chip as a main processing complex and one or more secure elements that execute specialized functions related to sensitive information. While the secure element may use an external flash for storage for performance reasons, storing sensitive information on an external flash may expose the sensitive information if the external flash is ever compromised. The disclosed techniques and apparatuses provide an integrated secure element, of a system-on-chip, which leverages a secure channel with a secure flash to manage a cryptographic key for securing sensitive information stored on an unsecured external flash to prevent the exposure of sensitive information.

Abstract: Various features pertain to defending a smartphone processor or other device from a transient fault attack. In one example, the processor is equipped to detect transient faults using a fault detection system and to adaptively adjust a control parameter in response to the transient faults, where the control parameter controls a physical operation of the processor (such as by gating its clock signal) or a functional operation of the fault detection system (such as a particular Software Fault Sensor (SFS) employed to detect transient faults). In some examples, in response to each newly detected fault, the detection system is controlled to consume more processor time to become more aggressive in detecting additional faults. This serves to quickly escalate fault detection in response to an on-going attack to promptly detect the attack so that the device can be disabled to prevent loss of sensitive information, such as security keys or passcodes.

Abstract: A method, apparatus, and system for utilizing a register virtualization mapping to improve defense against return-oriented programming-based attacks is disclosed. A register virtualization mapping, which is bijection between nominal registers and physical registers, is generated for a subroutine call when the subroutine call is detected. The register virtualization mapping is applied to instructions within the subroutine call. The register virtualization mapping is stopped for the subroutine call at the return of the subroutine call.

Abstract: One embodiment of seamless device configuration between a network device and an access point sends a device credential associated with the network device to the access point before the network device communicates with the access point. The device credential can be used to verify the identity of the network device and can authenticate the network device with the access point without requiring user interaction. Another embodiment can incorporate a central authority maintaining a database of network devices, access points and associated users. The central authority can determine when one or more network devices can seamlessly be configured for use with a particular access point. The central authority can send the device credential associated with the one or more network devices to the access point before the network device communicates with the access point.

Abstract: Techniques for providing data protection in an integrated circuit are provided. A method according to these techniques includes maintaining an anti-replay counter value in a volatile memory of the integrated circuit, the anti-replay counter value being associated with data stored in an off-chip, non-volatile memory in which the integrated circuit is configured to store the data, monitoring an external power source, and writing the anti-replay counter value to a programmable read-only memory of the integrated circuit responsive to a loss of power to the integrated circuit from the external power source.

Abstract: Techniques for maintaining an anti-replay counter (ARC) for providing data protection in an integrated circuit are provided. A method according to these techniques includes determining a static baseline value based on an ARC value stored in a programmable read-only memory of the integrated circuit, determining the ARC value based on the static baseline value and a transient component, and storing the ARC value in a volatile memory of the integrated circuit.

Abstract: Device provisioning (e.g., enrollment, configuration, and/or authentication) of a client device with a network device may be improved. A client device may receive a first nonce and a network public key associated with the network device. The client device may generate a second nonce and provide the second nonce with an authentication request having at least a portion that is derived from a shared key. The shared key may be based on the first nonce, the second nonce, the network public key, and a client private key. A configurator device may assist in the transfer of nonces or keys. Following the authentication process, the client device may be configured for use with the network device to gain access to other network resources. In this manner, permission to gain access to the network device can be transparent to the user, often without the user having to enter codes or passwords.

Abstract: An apparatus and method for configuring a wireless station for use within a wireless local area network are disclosed. In at least one exemplary embodiment, a pairwise master key is generated by the wireless station and an access point within the wireless local area network. The pairwise master key may be based, at least in part, on a transient identity key pair of the wireless station. The transient identity key pair may be generated by the wireless station in response to receiving a message from the access point. In some embodiments, a public transient identity key of the transient identity key pair may be provided to additional access points to enable the wireless station to authenticate with the additional access points.

Abstract: Certain aspects of the present disclosure generally relate to wireless communications and, more particularly, to ultra low power paging frames for wake up and discovery. One example apparatus for wireless communications generally includes at least one interface configured to obtain a frame via a first radio and a second radio, wherein the interface receives a frame from another apparatus via the second radio while the first radio is in a first power state; and a processing system configured to take one or more actions based on a command field included in the frame.

Abstract: Aspect may relate to a device that comprises a sensor and a first secure processor. The sensor may receive an input and generate raw data from the input. The first secure processor may control a first execution environment to perform operations including receiving the raw data from the sensor. Further, the device may include a second processor to control a second execution environment to perform operations including: receiving the raw data; performing data processing to determine normalized data from the raw data and additional data; performing feature extraction to the normalized data to determine features; and sending the features to the first execution environment. The first execution environment may use the features to match the features with stored reference features to authenticate a user.

Abstract: Methods, systems, and devices for wireless communication are described for precursory client configuration for network access. A configurator station (STA) may receive, from a key management device, an identity key of a client STA and may receive, from the client STA, a network configuration probe that includes a first cryptographic value based at least in part on the identity key and a request for network access. The configurator STA may apply a cryptographic function to the identity key to generate a second cryptographic value. The configurator STA may configure the client STA to access a network based at least in part on a match between the first cryptographic value and the second cryptographic value.

Abstract: Techniques for mitigating the transitive data problem using a secure asset manager are provided. These techniques include generating a secure asset manager compliant application by tagging source code for the application with a data tag to indicate that a data element associated with the source code is a sensitive data element, accessing a policy file comprising transitive rules associated with the sensitive data element, and generating one or more object files for the application from the source code. These techniques also include storing a sensitive data element in a secure memory region managed by a secure asset manager, and managing the sensitive data element according to a policy associated with the sensitive data element by an application from which the sensitive data element originates, the policy defining transitive rules associated with the sensitive data element.

Abstract: Techniques for encrypting the data in the memory of a computing device are provided. An example method for protecting data in a memory according to the disclosure includes encrypting data associated with a store request using a memory encryption device of the processor to produce encrypted data. Encrypting the data includes: obtaining a challenge value, providing the challenge value to a physically unclonable function module to obtain a response value, and encrypting the data associated with the store request using the response value as an encryption key to generate the encrypted data. The method also includes storing the encrypted data and the challenge value associated with the encrypted data in the memory.

Abstract: Techniques for maintaining an anti-replay counter (ARC) for providing data protection in an integrated circuit are provided. A method according to these techniques includes determining a static baseline value based on an ARC value stored in a programmable read-only memory of the integrated circuit, determining the ARC value based on the static baseline value and a transient component, and storing the ARC value in a volatile memory of the integrated circuit.

Abstract: Techniques for providing data protection in an integrated circuit are provided. A method according to these techniques includes exchanging messages with an off-chip, non-volatile memory to securely initialize an anti-replay counter (ARC) value in the integrated circuit based on an ARC value stored in the off-chip, non-volatile memory, and maintaining the ARC value stored in the integrated circuit such that the ARC value stored in the integrated circuit remains synchronized with the ARC value stored in the off-chip, non-volatile memory.

Abstract: Techniques for providing data protection in an integrated circuit are provided. A method according to these techniques includes maintaining an anti-replay counter value in a volatile memory of the integrated circuit, the anti-replay counter value being associated with data stored in an off-chip, non-volatile memory in which the integrated circuit is configured to store the data, monitoring an external power source, and writing the anti-replay counter value to a programmable read-only memory of the integrated circuit responsive to a loss of power to the integrated circuit from the external power source.

Abstract: Various features pertain to defending a smartphone processor or other device from a transient fault attack. In one example, the processor is equipped to detect transient faults using a fault detection system and to adaptively adjust a control parameter in response to the transient faults, where the control parameter controls a physical operation of the processor (such as by gating its clock signal) or a functional operation of the fault detection system (such as a particular Software Fault Sensor (SFS) employed to detect transient faults). In some examples, in response to each newly detected fault, the detection system is controlled to consume more processor time to become more aggressive in detecting additional faults. This serves to quickly escalate fault detection in response to an on-going attack to promptly detect the attack so that the device can be disabled to prevent loss of sensitive information, such as security keys or passcodes.