Abstract: A method and device for generating a shared session secret with forward secrecy between a first device and a second device. The first and second devices perform mutual authentication. The first and second devices establish a first shared secret using a key encapsulation mechanism with a long-term cryptographic key pair of the devices. The first and second devices generate an ephemeral cryptographic key pair comprising an ephemeral public key and an ephemeral private key, respectively, and transfer the ephemeral public key of the device to the other device using the first shared secret. The first and second devices then establish a second shared secret using the key encapsulation mechanism with the ephemeral public keys of the first device and the second device. The second shared secret is used as a temporary shared session secret.

Abstract: A method comprises fetching, by fetch circuitry, an encoded XOR3P instruction comprising at least one opcode, a first source identifier to identify a first register, a second source identifier to identify a second register, a third source identifier to identifier a third register, and a fourth source identifier to identify a fourth operand, wherein the first register is to store a first value, the second register is to store a second value, and the third register is to store a third value, decoding, by decode circuitry, the encoded XOR3PP instruction to generate a decoded XOR3PP instruction; and executing, by execution circuitry, the decoded XOR3PP instruction to determine a first rotational value and a second rotational value, perform a rotate operation on at least a portion of the first value based on the first rotational value to generate a rotated third value, perform an XOR operation on at least a portion of the first value, at least a portion of the second value, and the rotated third value to generate

Abstract: A processor, a system, a machine readable medium, and a method.

Abstract: A digital signature verification unit or other apparatus of an aspect includes cryptographic hash circuitry to generate cryptographic hashes and multi-scheme hash-based digital signature verification circuitry coupled with the cryptographic hash circuitry. The multi-scheme hash-based digital signature verification circuitry is to use the cryptographic hash circuitry to verify digital signatures according to only one of a plurality of hash-based digital signature verification schemes at a time, the plurality of hash-based digital signature verification schemes including a first hash-based digital signature verification scheme and a second hash-based digital signature verification scheme. Other apparatus, methods, and systems are disclosed.

Abstract: The technology described herein includes a first plurality of bijection diffusion function circuits to diffuse data bits into diffused data bits and store the diffused data bits into a memory; an error correcting code (ECC) generation circuit to generate ECC bits for the data bits; and a second plurality of bijection diffusion function circuits to diffuse the ECC bits into diffused ECC bits and store the diffused ECC bits into the memory.

Abstract: A method of detecting epithelial cancer is described that includes the steps of: (a) determining the level of beta defensin 3 (BD-3) and beta defensin 2 (BD-2) in a suspect sample obtained from a subject; (b) comparing the level of BD-3 to BD-2 determined in the suspect sample to obtain a suspect BD-3/BD-2 ratio, (c) comparing the suspect BD-3/BD-2 ratio to a healthy BD-3/BD-2 ratio to obtain a diagnostic BD-3/BD-2 ratio; and (d) characterizing the subject as having epithelial cancer if the diagnostic BD-3/BD-2 ratio is greater than 1. A microfluidic device for detecting epithelial cancer using the diagnostic BD-3/BD-2 ratio is also described.

Abstract: A method comprises fetching, by fetch circuitry, an encoded XOR3PP instruction comprising at least one opcode, a first source identifier to identify a first register, a second source identifier to identify a second register, a third source identifier to identifier a third register, and a fourth source identifier to identify a fourth operand, wherein the first register is to store a first value, the second register is to store a second value, and the third register is to store a third value, decoding, by decode circuitry, the encoded XOR3PP instruction to generate a decoded XOR3PP instruction; and executing, by execution circuitry, the decoded XOR3PP instruction to determine a first rotational value and a second rotational value, perform a rotate operation on at least a portion of the first value based on the first rotational value to generate a rotated third value, perform an XOR operation on at least a portion of the first value, at least a portion of the second value, and the rotated third value to generate

Abstract: Circuitry and methods for implementing one or more Keccak permutation instructions are described. In certain examples, a hardware processor (e.g.

Abstract: Kyber is a secure key encapsulation mechanism (KEM) for secure key exchange. Performance overhead associated with use of Kyber for secure key exchange is reduced by computing multiple coefficients of different polynomials for independent operations in parallel and localizing them in memory for fast access for polynomial multiplications used in key generation, encapsulation, and decapsulation allowing for parallelization of Keccak calls.

Abstract: An example of an apparatus may include first circuitry that is to be selectively locked and unlocked, second circuitry to process one or more tokens including an unlock token for the first circuitry, and hardware authentication circuitry to authenticate the unlock token for the first circuitry in response to a request from the second circuitry. The apparatus may further include hardware ungate circuitry to selectively gate and ungate one or more features of the first circuitry in response to an indication that the first circuitry is one of locked or unlocked. Other examples are disclosed and claimed.

Abstract: Techniques for attenuation and obfuscation to mitigate power and/or electromagnetic (EM) field attacks on encryption circuitry are described. In certain examples, a system includes a processor core; and an accelerator coupled to the processor core, the accelerator comprising: encryption circuitry, coupled to a power source, to encrypt data into encrypted data, time-domain obfuscation control circuitry to connect and disconnect one or more capacitors to the encryption circuitry during the encrypt to provide obfuscation across a time-domain to maintain a software observable power consumption of the accelerator to about a value, and signature attenuation control circuitry to selectively connect the encryption circuitry during the encrypt to a shunt to drain power to maintain the software observable power consumption of the accelerator at about the value.

Abstract: Techniques for improved Keccak execution resilient to physical side-channel attacks are described. In some examples, a Keccak round datapath includes a first path including a theta step, a rho step, a pi step, and an iota step to process a masked version of the 1600-bit input state, a second path including a theta step, a rho step, and a pi step to process a mask 1600-bit input state, and a masked chi step shared by the first path and second path.

Abstract: Techniques for Keccak permutation are described. In some examples, Keccak permutation is in response to a single instruction that includes one or more fields for source addressing information wherein the addressed source is to store an input 1600-bit state, one or more fields for destination addressing information that is to store an output 1600-bit state, a field for an identifier of a destination operand, and a field for an opcode, the opcode to indicate execution circuitry is to do perform an atomic Keccak permutation.

Abstract: Techniques for implementing a hardware engine for stateless hash-based signatures according to a SPHINCS+standard with encryption according to a SHA256 encryption standard are described. In certain examples, a system includes a processor core; and an accelerator coupled to the processor core, the accelerator comprising: one or more hash engine circuits, a coupling to allow for communication between the one or more hash engine circuits and a memory, and hash control circuitry to, for a request to perform a stateless hash-based signature operation on an input, cause performance of a one-time signature scheme function and a forest of random subsets function by the one or more hash engine circuits to generate a resultant.

Abstract: In one example an apparatus comprises a computer readable memory, an XMSS verification manager logic to manage XMSS verification functions, a one-time signature and public key generator logic, a chain function logic to implement chain function algorithms, a low latency SHA3 hardware engine, and a register bank communicatively coupled to the XMSS verification manager logic. Other examples may be described.

Abstract: A system and method of enhancing the trustworthiness of an artificial intelligence system include detecting whether a data element includes an existing data domain tag, processing the data element into a transformed data element, generating a data domain tag, where the data domain tag includes at least a data domain identifier and a timestamp, appending the data domain tag to the transformed data element, creating a signature for the transformed data element and the appended data domain tag using a private key, and creating another signature for the data domain tag using the private key.

Abstract: A method comprises receiving an image of an update for a software module, a rate parameter, an index parameter, and a public key, generating a 32-byte aligned string, computing a state parameter using the 32-byte aligned string, generating a modified message representative, computing a Merkle Tree root node, and in response to a determination that the Merkle Tree root node matches the public key, forwarding, to a remote device, the image of the update for a software module, the state parameter; and the modified message representative.

Abstract: Techniques are described for an instruction for a conditional rotate and XOR operation in a single instruction and triple input bitwise logical operations in a single instruction in an instruction set of a computing system.

Abstract: Key encapsulation implemented by random sample generator circuitry to generate a plurality of pseudorandom bitstreams; polynomial multiplier circuitry to multiply a plurality of polynomial coefficients; and a controller to power off the polynomial multiplier circuitry and power on the random sample generator circuitry to generate the plurality of pseudorandom bitstreams, and power off the random sample generator circuitry and power on the polynomial multiplier circuitry to multiple the plurality of polynomial coefficients.

Abstract: Techniques are described for an instruction for a conditional rotate and XOR operation in a single instruction and triple input bitwise logical operations in a single instruction in an instruction set of a computing system.