Abstract: In one embodiment, memory cell includes a control gate, a floating gate, a substrate comprising a source region and a drain region, a first isolator between the control gate and floating gate, and a second isolator between the floating gate and the substrate. The memory cell is configured to have a retention time that is within a statistical window around a selected lifespan. The selected lifespan may be less than ten years, such as, for example, less than one year, less than one month, or less than one week.

Abstract: Methods and apparatus relating to techniques to provide secure remote debugging are described. In an embodiment, a debugging entity generates and transmits a host token to a device via an interface. The interface provides encrypted communication between the debugging entity and the device. The debugging entity generates a session key based at least in part on the host token and a device token. The debugging entity transmits an acknowledgement signal to the device after generation of the session key to initiate a debug session. The debugging entity transmits a debug unlock key to the device to cause the device to be unlocked for the debug session. Other embodiments are also disclosed and claimed.

Abstract: An apparatus is described including cryptography circuitry to generate authentication tags to provide integrity protection for plaintext and ciphertext.

Abstract: An apparatus is described including cryptography circuitry to generate authentication tags to provide integrity protection for plaintext and ciphertext.

Abstract: Protection of authentication tag computation against power and electromagnetic side-channel attacks is described. An example of one or more storage mediums includes instructions for performing a process for calculation of an authentication tag for a data encryption operation, including generating one or more random values; receiving multiple data blocks for calculation, and performing calculation utilizing the received data blocks and the one or more random values to generate intermediate values; performing a data accumulation operation to accumulate random values in calculation of the data blocks; and calculating the authentication tag based at least in part on the generated intermediate values and the accumulated random values.

Abstract: Micro-architectural fault detectors are described. An example of storage mediums includes instructions for receiving one or more micro instructions for scheduling in a processor, the processor including one or more processing resources; and performing fault detection in performance of the one or more micro instructions utilizing one or more of a first idle canary detection mode, wherein the first mode includes assigning at least one component as an idle canary detector to perform a canary process with an expected outcome, and a second micro-architectural redundancy execution mode, wherein the second mode includes replicating a first micro instruction to generate micro instructions for performance by a set of processing resources.

Abstract: The present disclosure is directed to systems and methods of detecting a side-channel attack detecting a translation lookaside buffer (TLB) miss on a virtual address lookup caused by the speculative execution of an instruction and determining that the physical memory address associated with the virtual address lookup contains a privileged object or a secret object. Range register circuitry determines whether the physical memory address is located in an address range containing privileged objects or secret objects. Performance monitoring counter (PMC) circuitry generates an interrupt in response to receipt of information indicative of the TLB miss and information indicative that the physical memory address contains a privileged object or a secret object. The PMC circuitry causes the storage of information associated with the speculatively executed instruction causing the virtual address lookup.

Abstract: Micro-architectural fault detectors are described. An example of storage mediums includes instructions for receiving one or more micro instructions for scheduling in a processor, the processor including one or more processing resources; and performing fault detection in performance of the one or more micro instructions utilizing one or more of a first idle canary detection mode, wherein the first mode includes assigning at least one component as an idle canary detector to perform a canary process with an expected outcome, and a second micro-architectural redundancy execution mode, wherein the second mode includes replicating a first micro instruction to generate micro instructions for performance by a set of processing resources.

Abstract: Protection of authentication tag computation against power and electromagnetic side-channel attacks is described. An example of one or more storage mediums includes instructions for performing a process for calculation of an authentication tag for a data encryption operation, including generating one or more random values; receiving multiple data blocks for calculation, and performing calculation utilizing the received data blocks and the one or more random values to generate intermediate values; performing a data accumulation operation to accumulate random values in calculation of the data blocks; and calculating the authentication tag based at least in part on the generated intermediate values and the accumulated random values.

Abstract: The disclosure generally provides methods, systems and apparatus to construct a Physically Unclonable Function (PUF) value for an electronic package based on the package's internal components and their interconnects. In one embodiment, the package is a System-On-Chip (SOC) having a plurality of dielets and a plurality of interconnect connecting the dielets. Each of the dielets and each of the interconnects (at one or more locations) may define an entropy source. each entropy source may have an entropy value. Each entropy source communicates an initial entropy value to a PUF aggregator. The PUF aggregator receives and/or aggregates the various entropies from the various entropy sources to construct the native SOC PUF value. The native SOC PUF value defines the authentic PUF value of the SOC at SOC release. Any deviation from the native SOC PUF value may be deemed a security breach of the SOC.

Abstract: The present disclosure is directed to systems and methods to protect against SCA and fault injection attacks through the use of a temporary or ephemeral key to cryptographically alter input data portions. Universal resistant block (URB) circuitry receives a seed data value and a at least one secret key data value and generates an ephemeral key output data value. Cryptographic circuitry uses the ephemeral key data value to transform an input data portion to produce an transformed output data portion. The use of an SCA or fault injection attack on the transformed output data portion will reveal only the ephemeral key data value and not the at least one secret key data value. Further, where a unique ephemeral key data value is used to transform each input data portion, an attacker cannot discover the ephemeral key in a piecemeal manner and must instead discover the complete ephemeral key data value—significantly increasing the difficulty of performing a successful SCA or fault injection attack.

Abstract: An apparatus is described including cryptography circuitry to generate authentication tags to provide integrity protection for plaintext and ciphertext.

Abstract: In one embodiment, memory cell includes a control gate, a floating gate, a substrate comprising a source region and a drain region, a first isolator between the control gate and floating gate, and a second isolator between the floating gate and the substrate. The memory cell is configured to have a retention time that is within a statistical window around a selected lifespan. The selected lifespan may be less than ten years, such as, for example, less than one year, less than one month, or less than one week.

Abstract: Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized privileged code sections in virtual memory address space, are described. In an example, a computing system includes electronic operations for detecting unauthorized attempts to access kernel virtual memory pages via trap entry detection, with operations including: generating a trap page with a physical memory address; assigning a phantom page at an open location in the privileged portion of the virtual memory address space; generating a plurality of phantom page table entries corresponding to an otherwise-unmapped privileged virtual memory region; placing the trap page in physical memory and placing the phantom page table entry in a page table map; and detecting an access to the trap page via the phantom page table entry, to trigger a response to a potential attack.

Abstract: The present disclosure is directed to systems and methods to protect against SCA and fault injection attacks through the use of a temporary or ephemeral key to cryptographically alter input data portions. Universal resistant block (URB) circuitry receives a seed data value and a at least one secret key data value and generates an ephemeral key output data value. Cryptographic circuitry uses the ephemeral key data value to transform an input data portion to produce an transformed output data portion. The use of an SCA or fault injection attack on the transformed output data portion will reveal only the ephemeral key data value and not the at least one secret key data value. Further, where a unique ephemeral key data value is used to transform each input data portion, an attacker cannot discover the ephemeral key in a piecemeal manner and must instead discover the complete ephemeral key data value—significantly increasing the difficulty of performing a successful SCA or fault injection attack.

Abstract: The present disclosure is directed to systems and methods of detecting a side-channel attack detecting a translation lookaside buffer (TLB) miss on a virtual address lookup caused by the speculative execution of an instruction and determining that the physical memory address associated with the virtual address lookup contains a privileged object or a secret object. Range register circuitry determines whether the physical memory address is located in an address range containing privileged objects or secret objects. Performance monitoring counter circuitry receives information indicative of the TLB miss and information indicative that the physical memory address contains a privileged object or a secret object. The PMC circuitry generates an interrupt in response to receipt of information indicative of the TLB miss and information indicative that the physical memory address contains a privileged object or a secret object.

Abstract: Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized privileged code sections in virtual memory address space, are described. In an example, a computing system includes electronic operations for detecting unauthorized attempts to access kernel virtual memory pages via trap entry detection, with operations including: generating a trap page with a physical memory address; assigning a phantom page at an open location in the privileged portion of the virtual memory address space; generating a plurality of phantom page table entries corresponding to an otherwise-unmapped privileged virtual memory region; placing the trap page in physical memory and placing the phantom page table entry in a page table map; and detecting an access to the trap page via the phantom page table entry, to trigger a response to a potential attack.

Abstract: In one embodiment, an integrated circuit comprises a volatile memory including a plurality of memory cells, a detector to detect one or more in-specification conditions, and a discharger, external to the volatile memory, to discharge electric charge stored in the integrated circuit, including electric charge stored in the volatile memory, unless the detector detects the one or more conditions.

Abstract: In one embodiment, an integrated circuit comprises a volatile memory including a plurality of memory cells, a detector to detect one or more in-specification conditions, and a discharger, external to the volatile memory, to discharge electric charge stored in the integrated circuit, including electric charge stored in the volatile memory, unless the detector detects the one or more conditions.

Abstract: A method for data transfer includes receiving a control signal triggering a transfer of a secret value into an element (24) of a circuit (20). In response to the control signal, a dummy value (42, 50) and the secret value are inserted in succession into the element of the circuit.