Patents by Inventor Reuven Elbaum

Reuven Elbaum has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20220100629
    Abstract: Micro-architectural fault detectors are described. An example of storage mediums includes instructions for receiving one or more micro instructions for scheduling in a processor, the processor including one or more processing resources; and performing fault detection in performance of the one or more micro instructions utilizing one or more of a first idle canary detection mode, wherein the first mode includes assigning at least one component as an idle canary detector to perform a canary process with an expected outcome, and a second micro-architectural redundancy execution mode, wherein the second mode includes replicating a first micro instruction to generate micro instructions for performance by a set of processing resources.
    Type: Application
    Filed: September 25, 2020
    Publication date: March 31, 2022
    Applicant: Intel Corporation
    Inventors: Reuven Elbaum, Chaim Shen-Orr, Assaf Admoni
  • Publication number: 20220083651
    Abstract: Protection of authentication tag computation against power and electromagnetic side-channel attacks is described. An example of one or more storage mediums includes instructions for performing a process for calculation of an authentication tag for a data encryption operation, including generating one or more random values; receiving multiple data blocks for calculation, and performing calculation utilizing the received data blocks and the one or more random values to generate intermediate values; performing a data accumulation operation to accumulate random values in calculation of the data blocks; and calculating the authentication tag based at least in part on the generated intermediate values and the accumulated random values.
    Type: Application
    Filed: September 17, 2020
    Publication date: March 17, 2022
    Applicant: Intel Corporation
    Inventors: Santosh Ghosh, Avinash L. Varna, Reuven Elbaum, Manoj Sastry
  • Publication number: 20220029838
    Abstract: The disclosure generally provides methods, systems and apparatus to construct a Physically Unclonable Function (PUF) value for an electronic package based on the package's internal components and their interconnects. In one embodiment, the package is a System-On-Chip (SOC) having a plurality of dielets and a plurality of interconnect connecting the dielets. Each of the dielets and each of the interconnects (at one or more locations) may define an entropy source. each entropy source may have an entropy value. Each entropy source communicates an initial entropy value to a PUF aggregator. The PUF aggregator receives and/or aggregates the various entropies from the various entropy sources to construct the native SOC PUF value. The native SOC PUF value defines the authentic PUF value of the SOC at SOC release. Any deviation from the native SOC PUF value may be deemed a security breach of the SOC.
    Type: Application
    Filed: September 22, 2021
    Publication date: January 27, 2022
    Applicant: Intel Corporation
    Inventors: Uri Bear, Reuven Elbaum, Elad Peer
  • Patent number: 11194933
    Abstract: The present disclosure is directed to systems and methods to protect against SCA and fault injection attacks through the use of a temporary or ephemeral key to cryptographically alter input data portions. Universal resistant block (URB) circuitry receives a seed data value and a at least one secret key data value and generates an ephemeral key output data value. Cryptographic circuitry uses the ephemeral key data value to transform an input data portion to produce an transformed output data portion. The use of an SCA or fault injection attack on the transformed output data portion will reveal only the ephemeral key data value and not the at least one secret key data value. Further, where a unique ephemeral key data value is used to transform each input data portion, an attacker cannot discover the ephemeral key in a piecemeal manner and must instead discover the complete ephemeral key data value—significantly increasing the difficulty of performing a successful SCA or fault injection attack.
    Type: Grant
    Filed: June 4, 2019
    Date of Patent: December 7, 2021
    Assignee: Intel Corporation
    Inventors: Yaacov Belenky, Gyora Benedek, Reuven Elbaum, David Novick, Elad Peer, Chaim Shen-Orr, Yonatan Shlomovich
  • Publication number: 20210374256
    Abstract: An apparatus is described including cryptography circuitry to generate authentication tags to provide integrity protection for plaintext and ciphertext.
    Type: Application
    Filed: August 13, 2021
    Publication date: December 2, 2021
    Applicant: Intel Corporation
    Inventors: Reuven Elbaum, Gyora Benedek, Avinash L. Varna, David Novick
  • Publication number: 20210020775
    Abstract: In one embodiment, memory cell includes a control gate, a floating gate, a substrate comprising a source region and a drain region, a first isolator between the control gate and floating gate, and a second isolator between the floating gate and the substrate. The memory cell is configured to have a retention time that is within a statistical window around a selected lifespan. The selected lifespan may be less than ten years, such as, for example, less than one year, less than one month, or less than one week.
    Type: Application
    Filed: September 25, 2020
    Publication date: January 21, 2021
    Applicant: Intel Corporation
    Inventors: Uri Bear, Elad Peer, Elena Sidorov, Rami Sudai, Reuven Elbaum, Steve J. Brown
  • Patent number: 10489308
    Abstract: Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized privileged code sections in virtual memory address space, are described. In an example, a computing system includes electronic operations for detecting unauthorized attempts to access kernel virtual memory pages via trap entry detection, with operations including: generating a trap page with a physical memory address; assigning a phantom page at an open location in the privileged portion of the virtual memory address space; generating a plurality of phantom page table entries corresponding to an otherwise-unmapped privileged virtual memory region; placing the trap page in physical memory and placing the phantom page table entry in a page table map; and detecting an access to the trap page via the phantom page table entry, to trigger a response to a potential attack.
    Type: Grant
    Filed: June 29, 2017
    Date of Patent: November 26, 2019
    Assignee: Intel Corporation
    Inventors: Uri Bear, Gyora Benedek, Baruch Chaikin, Jacob Jack Doweck, Reuven Elbaum, Dimitry Kloper, Elad Peer, Chaim Shen-orr, Yonatan Shlomovich
  • Publication number: 20190286853
    Abstract: The present disclosure is directed to systems and methods to protect against SCA and fault injection attacks through the use of a temporary or ephemeral key to cryptographically alter input data portions. Universal resistant block (URB) circuitry receives a seed data value and a at least one secret key data value and generates an ephemeral key output data value. Cryptographic circuitry uses the ephemeral key data value to transform an input data portion to produce an transformed output data portion. The use of an SCA or fault injection attack on the transformed output data portion will reveal only the ephemeral key data value and not the at least one secret key data value. Further, where a unique ephemeral key data value is used to transform each input data portion, an attacker cannot discover the ephemeral key in a piecemeal manner and must instead discover the complete ephemeral key data value—significantly increasing the difficulty of performing a successful SCA or fault injection attack.
    Type: Application
    Filed: June 4, 2019
    Publication date: September 19, 2019
    Inventors: Yaacov Belenky, Gyora Benedek, Reuven Elbaum, David Novick, Elad Peer, Chaim Shen-Orr, Yonatan Shlomovich
  • Publication number: 20190213330
    Abstract: The present disclosure is directed to systems and methods of detecting a side-channel attack detecting a translation lookaside buffer (TLB) miss on a virtual address lookup caused by the speculative execution of an instruction and determining that the physical memory address associated with the virtual address lookup contains a privileged object or a secret object. Range register circuitry determines whether the physical memory address is located in an address range containing privileged objects or secret objects. Performance monitoring counter circuitry receives information indicative of the TLB miss and information indicative that the physical memory address contains a privileged object or a secret object. The PMC circuitry generates an interrupt in response to receipt of information indicative of the TLB miss and information indicative that the physical memory address contains a privileged object or a secret object.
    Type: Application
    Filed: March 15, 2019
    Publication date: July 11, 2019
    Applicant: Intel Corporation
    Inventors: CHAIM SHEN-ORR, BARUCH CHAIKIN, AHMAD YASIN, REUVEN ELBAUM
  • Publication number: 20190004972
    Abstract: Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized privileged code sections in virtual memory address space, are described. In an example, a computing system includes electronic operations for detecting unauthorized attempts to access kernel virtual memory pages via trap entry detection, with operations including: generating a trap page with a physical memory address; assigning a phantom page at an open location in the privileged portion of the virtual memory address space; generating a plurality of phantom page table entries corresponding to an otherwise-unmapped privileged virtual memory region; placing the trap page in physical memory and placing the phantom page table entry in a page table map; and detecting an access to the trap page via the phantom page table entry, to trigger a response to a potential attack.
    Type: Application
    Filed: June 29, 2017
    Publication date: January 3, 2019
    Inventors: Uri Bear, Gyora Benedek, Baruch Chaikin, Jacob Jack Doweck, Reuven Elbaum, Dimitry Kloper, Elad Peer, Chaim Shen-orr, Yonatan Shlomovich
  • Patent number: 10090025
    Abstract: In one embodiment, an integrated circuit comprises a volatile memory including a plurality of memory cells, a detector to detect one or more in-specification conditions, and a discharger, external to the volatile memory, to discharge electric charge stored in the integrated circuit, including electric charge stored in the volatile memory, unless the detector detects the one or more conditions.
    Type: Grant
    Filed: October 13, 2016
    Date of Patent: October 2, 2018
    Assignee: Cisco Technology, Inc.
    Inventor: Reuven Elbaum
  • Publication number: 20180108386
    Abstract: In one embodiment, an integrated circuit comprises a volatile memory including a plurality of memory cells, a detector to detect one or more in-specification conditions, and a discharger, external to the volatile memory, to discharge electric charge stored in the integrated circuit, including electric charge stored in the volatile memory, unless the detector detects the one or more conditions.
    Type: Application
    Filed: October 13, 2016
    Publication date: April 19, 2018
    Inventor: Reuven ELBAUM
  • Patent number: 9135453
    Abstract: A method for data transfer includes receiving a control signal triggering a transfer of a secret value into an element (24) of a circuit (20). In response to the control signal, a dummy value (42, 50) and the secret value are inserted in succession into the element of the circuit.
    Type: Grant
    Filed: August 27, 2012
    Date of Patent: September 15, 2015
    Assignee: CISCO TECHNOLOGY INC.
    Inventors: Chaim Shen-Orr, Yonatan Shlomovich, Reuven Elbaum, Zvi Shkedy, Lior Amarilio, Yigal Shapiro, Uri Bear
  • Patent number: 9081990
    Abstract: An electronic device (22, 48, 50) includes an array (26) of memory cells, which are configured to store data values. One or more sense amplifiers (40) have respective inputs for receiving signals from the memory cells and are configured to output the data values corresponding to the received signals. Switching circuitry (36, 52) is coupled between the array of the memory cells and the sense amplifiers and is configured to receive an indication of a temporal pattern and to route the signals from the memory cells among the inputs of the sense amplifiers in accordance with the temporal pattern.
    Type: Grant
    Filed: November 16, 2011
    Date of Patent: July 14, 2015
    Assignee: CISCO TECHNOLOGY, INC
    Inventors: Reuven Elbaum, Zvi Shkedy, Lior Amarilio, Uri Bear, Yonatan Shlomovich, Chaim D. Shen-Orr, Yigal Shapiro
  • Patent number: 8913745
    Abstract: A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time.
    Type: Grant
    Filed: August 5, 2013
    Date of Patent: December 16, 2014
    Assignee: Cisco Technology Inc.
    Inventors: Chaim Shen-Orr, Zvi Shkedy, Reuven Elbaum, Yonatan Shlomovich, Yigal Shapiro, Yaacov Belenky, Yaakov (Jordan) Levy, Reuben Sumner, Itsik Mantin
  • Patent number: 8760954
    Abstract: An integrated circuit device (20, 60) includes a plurality of memory cells (22), which are configured to store data. Multiple P-N junctions (24) are arranged so that a single, respective P-N junction is disposed in proximity to each memory cell and is configured to emit optical radiation during readout from the memory cell with a wavelength matching an emission wavelength of the memory cell.
    Type: Grant
    Filed: February 19, 2012
    Date of Patent: June 24, 2014
    Assignee: Cisco Technology Inc.
    Inventors: Lior Amarilio, Uri Bear, Reuven Elbaum, Yigal Shapiro, Chaim D. Shen-Orr, Yonatan Shlomovich, Zvi Shkedy
  • Publication number: 20140143883
    Abstract: A method for data transfer includes receiving a control signal triggering a transfer of a secret value into an element (24) of a circuit (20). In response to the control signal, a dummy value (42, 50) and the secret value are inserted in succession into the element of the circuit.
    Type: Application
    Filed: August 27, 2012
    Publication date: May 22, 2014
    Applicant: Cisco Technology Inc.
    Inventors: Chaim Shen-Orr, Yonatan Shlomovich, Reuven Elbaum, Zvi Shkedy, Lior Amarilio, Yigal Shapiro, Uri Bear
  • Publication number: 20140009995
    Abstract: An integrated circuit device (20, 60) includes a plurality of memory cells (22), which are configured to store data. Multiple P-N junctions (24) are arranged so that a single, respective P-N junction is disposed in proximity to each memory cell and is configured to emit optical radiation during readout from the memory cell with a wavelength matching an emission wavelength of the memory cell.
    Type: Application
    Filed: February 19, 2012
    Publication date: January 9, 2014
    Applicant: Cisco Technology Inc.
    Inventors: Lior Amarilio, Uri Bear, Reuven Elbaum, Yigal Shapiro, Chain D. Shen-Orr, Yonatan Shlomovich, Zvi Shkedy
  • Publication number: 20130326632
    Abstract: A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time.
    Type: Application
    Filed: August 5, 2013
    Publication date: December 5, 2013
    Inventors: Chaim Shen-Orr, Zvi Shkedy, Reuven Elbaum, Yonatan Shlomovich, Yigal Shapiro, Yaacov Belenky, Yaakov (Jordan) Levy, Reuben Sumner, Itsik Mantin
  • Publication number: 20130305372
    Abstract: An electronic device (22, 48, 50) includes an array (26) of memory cells, which are configured to store data values. One or more sense amplifiers (40) have respective inputs for receiving signals from the memory cells and are configured to output the data values corresponding to the received signals. Switching circuitry (36, 52) is coupled between the array of the memory cells and the sense amplifiers and is configured to receive an indication of a temporal pattern and to route the signals from the memory cells among the inputs of the sense amplifiers in accordance with the temporal pattern.
    Type: Application
    Filed: November 16, 2011
    Publication date: November 14, 2013
    Applicant: NDS Limited
    Inventors: Reuven Elbaum, Zvi Shkedy, Lior Amarilio, Uri Bear, Yonatan Shlomovich, Chaim D. Shen-Orr, Yigal Shapiro