Abstract: Technologies disclosed herein provide one example of a system that includes processor circuitry and integrity circuitry. The processor circuitry is to receive a first request associated with an application to perform a memory access operation for an address range in a memory allocation of memory circuitry. The integrity circuitry is to determine a location of a metadata region within a cacheline that includes at least some of the address range, identify a first portion of the cacheline based at least in part on a first data bounds value stored in the metadata region, generate a first integrity value based on the first portion of the cacheline, and prevent the memory access operation in response to determining that the first integrity value does not correspond to a second integrity value stored in the metadata region.

Abstract: In one example an apparatus comprises processing circuitry to measure a statistical distance between a marginal distribution of a coordinate of a potential signature (z) over a first interval and a uniform distribution over the first interval and use the statistical distance to determine one or more thresholds of a rejection sampling operation in a lattice-based digital signature algorithm. Other examples may be described.

Abstract: A system and method for generating, from a permutation of a first input state, a first output state, a first rate and a first capacity, the first rate including a first portion of the first output state and the first capacity including a second portion of the first output state; storing the first output state; generating a first block of ciphertext data of a first packet from XORing the first rate and a first block of plaintext data of the first packet; generating a permutation of a value of the first block of ciphertext data of the first packet concatenated with the first capacity, and generating a second block of ciphertext data of the first packet from XOR of the permutation of the value of the first block of ciphertext data of the first packet concatenated with the first capacity.

Abstract: In one embodiment, a processor includes a cache and a core. The core includes an execution unit and cryptographic computing circuitry to encrypt plaintext data output by the execution unit and store the encrypted data in the cache and decrypt encrypted data accessed from the cache and provide the decrypted data to the execution unit for processing. The encryption and decryption are based on both a stream cipher and a block cipher. In some embodiments, the encryption is based on providing an output of the stream cipher to the block cipher and the decryption is based on providing an output of the block cipher to the stream cipher.

Abstract: A data processing system includes technology for detecting and tolerating faults. The data processing system comprises an electronic control unit (ECU) with a processing core and a fault-tolerant elliptic curve digital signature algorithm (ECDSA) engine. The fault-tolerant ECDSA engine comprises multiple verification state machines (VSMs). The data processing system also comprises nonvolatile storage in communication with the processing core and ECU software in the nonvolatile storage. The ECU software, when executed, enables the data processing system to operate as a node in a distributed data processing system, including receiving digitally signed messages from other nodes in the distributed data processing system. The ECU further comprises a known-answer built-in self-test unit (KA-BISTU). Also, the ECU software comprises fault-tolerant ECDSA engine (FTEE) management software which, when executed by the processing core, utilizes the KA-BISTU to periodically test the fault-tolerant ECDSA engine for faults.

Abstract: In one example an apparatus comprises a computer readable memory, an XMSS operations logic to manage XMSS functions, a chain function controller to manage chain function algorithms, a secure hash algorithm-2 (SHA2) accelerator, a secure hash algorithm-3 (SHA3) accelerator, and a register bank shared between the SHA2 accelerator and the SHA3 accelerator. Other examples may be described.

Abstract: Systems, apparatus, methods, and techniques for functional safe execution of encryption operations are provided. A fault tolerant counter and a complementary pair of encryption flows are provided. The fault tolerant counter may be based on a gray code counter and a hamming distance checker. The complementary pair of encryption flows have different implementations. The output from the complementary pair of encryption flows can be compared, and where different, errors generated.

Abstract: In one example an apparatus comprises receive, in a processing platform, an input request from a remote device comprising a digital signature signing or verify function and determine a selected digital signature scheme for the request based at least in part on a determination of whether the processing platform is to apply a signing function or a verify function to the input request. Other examples may be described.

Abstract: In one example an apparatus comprises a first input node to receive a first input, a second input node to receive a control signal, a polynomial multiplication circuitry to perform a polynomial multiplication function using the first input as an element of a digital signature protocol, the polynomial multiplication function comprising a plurality of polynomial multiplication operations, the polynomial multiplication function performed in a security mode determined by the control signal, the security mode comprising one of a first mode in which no side-channel protection is provided to the polynomial multiplication operation or a second mode in which a shuffling-based side-channel protection is provided to the polynomial multiplication operation. Other examples may be described.

Abstract: In one example an apparatus comprises a first input node to receive a first input, a second input node to receive a control signal, a polynomial multiplication circuitry to perform a polynomial multiplication operation using the first input in a security mode determined by the control signal, the security mode comprising one of a first mode in which no side-channel protection is provided to the polynomial multiplication operation, a second mode in which a shuffling-based side-channel protection is provided to the polynomial multiplication operation, a third mode in which a masking or splitting side-channel protection is provided to the polynomial multiplication operation, or a fourth mode in which a masking and shuffling based side-channel protection is provided to the polynomial multiplication operation. Other examples may be described.

Abstract: Various examples relate to an apparatus, device, method, and computer program for determining an integrity of a generated cryptographic signature. The apparatus is to generate, before generating the cryptographic signature, redundancy information of at least one cryptographic secret being used for generating the cryptographic signature, generate the cryptographic signature using the at least one cryptographic secret, compare, after generating the cryptographic signature, the redundancy information and the at least one cryptographic secret to determine whether the redundancy information matches the at least one cryptographic secret, and use the cryptographic signature if the redundancy information matches the at least one cryptographic secret.

Abstract: Various systems and methods for bus-off attack detection are described herein. An electronic device for bus-off attack detection and prevention includes bus-off prevention circuitry coupled to a protected node on a bus, the bus-off prevention circuitry to: detect a transmitted message from the protected node to the bus; detect a bit mismatch of the transmitted message on the bus; suspend further transmissions from the protected node while the bus is analyzed; determine whether the bit mismatch represents a bus fault or an active attack against the protected node; and signal the protected node indicating whether a fault has occurred.

Abstract: Some aspects of the present disclosure relate to an apparatus comprising interface circuitry and processor circuitry to write data bits to a memory, by applying a diffusion function on the data bits to calculate diffused data bits, calculating error correcting code (ECC) bits based on the data bits or based on the diffused data bits, applying a diffusion function on the ECC bits to calculate diffused ECC bits, storing the diffused ECC bits in an ECC portion of the memory, and storing the data bits or the diffused data bits in a data portion of the memory.

Abstract: The technology described herein includes a first plurality of bijection diffusion function circuits to diffuse data bits into diffused data bits and store the diffused data bits into a memory; an error correcting code (ECC) generation circuit to generate ECC bits for the data bits; and a second plurality of bijection diffusion function circuits to diffuse the ECC bits into diffused ECC bits and store the diffused ECC bits into the memory.

Abstract: Technologies for secure data transfer of MMIO data between a processor and an accelerator. A MIMO security engine includes a first permutation cipher pipeline to defuse a count and a key into a permutation state; a first exclusive-OR (XOR) to generate ciphertext data from 64-bits of the new permutation state; and plaintext data; a concatenator to concatenate the plaintext data and additional authenticated data (AAD) to produce a concatenation result; a second XOR to generate an XOR result from the concatenation result and the latest permutation state; and a second permutation pipeline to generate an authentication tag of the XOR result and the key.

Abstract: A method comprises fetching, by fetch circuitry, an encoded butterfly instruction comprising an opcode, a first source identifier, a second source identifier, a third source identifier, and two destination identifiers, decoding, by decode circuitry, the decoded butterfly instruction to generate a decoded butterfly instruction, and executing, by execution circuitry, the decoded butterfly instruction to retrieve operands representing a first input polynomial-coefficient from the first source, a second input polynomial-coefficient from the second source, and a primitive nth root of unity from the third source, perform, in an atomic fashion, a butterfly operation to generate a first output polynomial-coefficient and a second output polynomial-coefficient, and store the first output coefficient and the second output coefficient in a register file accessible to the execution circuitry.

Abstract: Polynomial multiplication for side-channel protection in cryptography is described. An example of an apparatus includes one or more processors to process data; a memory to store data; and polynomial multiplier circuitry to multiply a first polynomial by a second polynomial, the first polynomial and the second polynomial each including a plurality of coefficients, the polynomial multiplier circuitry including a set of multiplier circuitry, wherein the polynomial multiplier circuitry is to select a first coefficient of the first polynomial for processing, and multiply the first coefficient of the first polynomial by all of the plurality of coefficients of the second polynomial in parallel using the set of multiplier circuits.

Abstract: In one example a prover device comprises one or more processors, a computer-readable memory, and signature logic to store a first cryptographic representation of a first trust relationship between the prover device and a verifier device, the first cryptographic representation based on a pair of asymmetric hash-based multi-time signature keys, receive an attestation request message from the verifier device, the attestation request message comprising attestation data for the verifier device and a hash-based signature generated by the verifier device, and in response to the attestation request message, to verify the attestation data, verify the hash-based signature generated by the verifier device using a public key associated with the verifier device, generate an attestation reply message using a hash-based multi-time private signature key and send the attestation reply message to the verifier device. Other examples may be described.

Abstract: Embodiments are directed to homomorphic encryption for machine learning and neural networks using high-throughput Chinese remainder theorem (CRT) evaluation. An embodiment of an apparatus includes a hardware accelerator to receive a ciphertext generated by homomorphic encryption (HE) for evaluation, decompose coefficients of the ciphertext into a set of decomposed coefficients, multiply the decomposed coefficients using a set of smaller modulus determined based on a larger modulus, and convert results of the multiplying back to an original form corresponding to the larger modulus by performing a reverse Chinese remainder theorem (CRT) transform on the results of multiplying the decomposed coefficients.

Abstract: A method comprises fetching, by fetch circuitry, an encoded vectorized AND-XOR instruction comprising an opcode, a first source identifier, a second source identifier, a third source identifier, and a destination identifier, decoding, by decode circuitry, the decoded vectorized AND-XOR instruction to generate a decoded vectorized AND-XOR instruction, and executing, by execution circuitry, the decoded vectorized AND-XOR instruction to retrieve operands representing a product coefficient at an index position from the first source, a coefficient of a first polynomial from the second source, and a coefficient of a second polynomial from the third source, perform, in an atomic fashion, a vectorized AND-XOR operation to generate updated value of the product coefficient, and store the product coefficient of the output polynomial in a register file accessible to the execution circuitry.