Patents by Inventor Santosh Ghosh

Santosh Ghosh has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20220078201
    Abstract: Various systems and methods for bus-off attack detection are described herein. An electronic device for bus-off attack detection and prevention includes bus-off prevention circuitry coupled to a protected node on a bus, the bus-off prevention circuitry to: detect a transmitted message from the protected node to the bus; detect a bit mismatch of the transmitted message on the bus; suspend further transmissions from the protected node while the bus is analyzed; determine whether the bit mismatch represents a bus fault or an active attack against the protected node; and signal the protected node indicating whether a fault has occurred.
    Type: Application
    Filed: November 17, 2021
    Publication date: March 10, 2022
    Inventors: Marcio Rogerio Juliato, Shabbir AHMED, Santosh GHOSH, Christopher GUTIERREZ, Manoj R. Sastry
  • Publication number: 20220075738
    Abstract: The disclosed embodiments generally relate to methods, systems and apparatuses to authenticate instructions on a memory circuitry. In an exemplary embodiment, the disclosure relates to a computing device (e.g., a memory protection engine) to protect integrity of one or more memory circuitry.
    Type: Application
    Filed: September 15, 2021
    Publication date: March 10, 2022
    Applicant: Intel Corporation
    Inventors: Santosh Ghosh, Kirk Yap, Siddhartha Chhabra
  • Patent number: 11240039
    Abstract: In one example an apparatus comprises a computer readable memory, a signature logic to generate a signature to be transmitted in association with a message, the signature logic to apply a hash-based signature scheme to the message using a private key to generate the signature comprising a public key, or a verification logic to verify a signature received in association with the message, the verification logic to apply the hash-based signature scheme to verify the signature using the public key, and an accelerator logic to apply a structured order to at least one set of inputs to the hash-based signature scheme. Other examples may be described.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: February 1, 2022
    Assignee: INTEL CORPORATION
    Inventors: Vikram Suresh, Sanu Mathew, Manoj Sastry, Santosh Ghosh, Raghavan Kumar, Rafael Misoczki
  • Publication number: 20220027288
    Abstract: Technologies for secure data transfer include a computing device having a processor, an accelerator, and a security engine, such as a direct memory access (DMA) engine or a memory-mapped I/O (MMIO) engine. The computing device initializes the security engine with an initialization vector and a secret key. During initialization, the security engine pre-fills block cipher pipelines and pre-computes hash subkeys. After initialization, the processor initiates a data transfer, such as a DMA transaction or an MMIO request, between the processor and the accelerator. The security engine performs an authenticated cryptographic operation for the data transfer operation. The authenticated cryptographic operation may be AES-GCM authenticated encryption or authenticated decryption. The security engine may perform encryption or decryption using multiple block cipher pipelines. The security engine may calculate an authentication tag using multiple Galois field multipliers. Other embodiments are described and claimed.
    Type: Application
    Filed: October 7, 2021
    Publication date: January 27, 2022
    Applicant: Intel Corporation
    Inventors: SANTOSH GHOSH, LUIS S. KIDA, RESHMA LAL
  • Publication number: 20220021517
    Abstract: Technologies for secure data transfer of MMIO data between a processor and an accelerator. A MIMO security engine includes a first block cipher pipeline to encrypt a count using a key; a first exclusive-OR (XOR) to generate a first XOR result of the encrypted count and a length multiplied by an authentication key; a second block cipher pipeline to encrypt (count+1) using the key; a second XOR to generate a second XOR result of plaintext data and the encrypted (count+1); a plurality of Galois field multipliers (GFMs) to perform Galois field multiplication on additional authenticated data (AAD), powers of the authentication key, and ciphertext data; and a plurality of exclusive-ORs (XORs) to combine results of the GFMs and the first XOR result to generate an authentication tag. Other embodiments are described and claimed.
    Type: Application
    Filed: June 8, 2021
    Publication date: January 20, 2022
    Applicant: Intel Corporation
    Inventors: Santosh Ghosh, Luis Kida, Reshma Lal
  • Publication number: 20220014363
    Abstract: Combined post-quantum security utilizing redefined polynomial calculation is described. An example of an apparatus includes a first circuit for key encapsulation operation; a second circuit for digital signature operation; and a NTT (Number Theoretic Transform) multiplier circuit, wherein the NTT multiplier circuit provides for polynomial multiplication for both the first circuit and the second circuit, wherein the apparatus is to remap coefficients of polynomials for the first circuit to a prime modulus for the second circuit, and perform polynomial multiplication for the first circuit utilizing the remapped coefficients of the polynomials for the first circuit.
    Type: Application
    Filed: September 24, 2021
    Publication date: January 13, 2022
    Applicant: Intel Corporation
    Inventors: Andrea Basso, Santosh Ghosh, Manoj Sastry
  • Publication number: 20220012334
    Abstract: A low-latency digital-signature with side-channel security is described. An example of an apparatus includes a coefficient multiplier circuit to perform polynomial multiplication, the coefficient multiplier circuit providing Number Theoretic Transform (NTT) and INTT (Inverse NTT) processing; and one or more accessory operation circuits coupled with the coefficient multiplier circuit, each of the one or more accessory operation circuits to perform a computation based at least in part on a result of an operation of the NTT/INTT coefficient multiplier circuit, wherein the one or more accessory operation circuits are to receive results of operations of the NTT/INTT coefficient multiplier circuit prior to the results being stored in a memory.
    Type: Application
    Filed: September 24, 2021
    Publication date: January 13, 2022
    Applicant: Intel Corporation
    Inventors: Santosh Ghosh, Andrea Basso, Manoj Sastry
  • Publication number: 20220012188
    Abstract: Technologies disclosed herein provide one example of a system that includes processor circuitry and integrity circuitry. The processor circuitry is to receive a first request associated with an application to perform a memory access operation for an address range in a memory allocation of memory circuitry. The integrity circuitry is to determine a location of a metadata region within a cacheline that includes at least some of the address range, identify a first portion of the cacheline based at least in part on a first data bounds value stored in the metadata region, generate a first integrity value based on the first portion of the cacheline, and prevent the memory access operation in response to determining that the first integrity value does not correspond to a second integrity value stored in the metadata region.
    Type: Application
    Filed: September 24, 2021
    Publication date: January 13, 2022
    Applicant: Intel Corporation
    Inventors: David M. Durham, Michael LeMay, Santosh Ghosh, Sergej Deutsch
  • Patent number: 11223483
    Abstract: In one example an apparatus comprises a computer-readable memory, signature logic to compute a message hash of an input message using a secure hash algorithm, process the message hash to generate an array of secret key components for the input message, apply a hash chain function to the array of secret key components to generate an array of signature components, the hash chain function comprising a series of even-index hash chains and a series of odd-index hash chains, wherein the even-index hash chains and the odd-index hash chains generate a plurality of intermediate node values and a one-time public key component between the secret key components and the signature components and store at least some of the intermediate node values in the computer-readable memory for use in one or more subsequent signature operations. Other examples may be described.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: January 11, 2022
    Assignee: INTEL CORPORATION
    Inventors: Rafael Misoczki, Vikram Suresh, Santosh Ghosh, Manoj Sastry, Sanu Mathew, Raghavan Kumar
  • Patent number: 11222127
    Abstract: A microcoded processor instruction may invoke a number of microinstructions to perform a round of a SHA3 operation using a circuit that includes a first stage circuit to perform a set of first bitwise XOR operations on a set of five input blocks to yield first intermediate output blocks; perform a set of second bitwise XOR operations on a first intermediate block and a rotation of another first intermediate block to yield second intermediate blocks; and perform a set of third bitwise XOR operations on a second intermediate block and an input block to yield third intermediate blocks. The circuit further includes a second stage circuit to rotate bits within each of the third intermediate blocks to yield a set of fourth intermediate blocks, and a third stage circuit to perform an affine mapping on bits within each of the fourth intermediate blocks to yield a set of output blocks.
    Type: Grant
    Filed: December 10, 2019
    Date of Patent: January 11, 2022
    Assignee: Intel Corporation
    Inventors: Santosh Ghosh, Michael LeMay, Manoj R. Sastry, David M. Durham
  • Publication number: 20220006645
    Abstract: An apparatus includes a first integrated circuit disposed on a first die, a second integrated circuit disposed on a second die, an interconnect to provide a communication connection between the first die and the second die. The first die comprises a processing circuitry to generate a first message authentication code (MAC) tag using a first message data to be communicated from the first die to the second die and a first cryptographic key, and transmit the first message data and the first MAC tag to the second die via the interconnect.
    Type: Application
    Filed: September 21, 2021
    Publication date: January 6, 2022
    Applicant: Intel Corporation
    Inventor: Santosh Ghosh
  • Publication number: 20220006630
    Abstract: An apparatus comprises an input register comprising an input polynomial, a processing datapath communicatively coupled to the input register comprising a plurality of compute nodes to perform a number theoretic transform (NTT) algorithm on the input polynomial to generate an output polynomial in NTT format. The plurality of compute nodes comprises at least a first butterfly circuit to perform a series of butterfly calculations on input data and a randomizing circuitry to randomize an order of the series of butterfly calculations.
    Type: Application
    Filed: September 21, 2021
    Publication date: January 6, 2022
    Applicant: Intel Corporation
    Inventors: Santosh Ghosh, Andrea Basso, Dumitru-Daniel Dinu, Avinash L. Varna, Manoj Sastry
  • Publication number: 20220006611
    Abstract: An apparatus comprises an input register comprising an input polynomial, a processing datapath communicatively coupled to the input register comprising a plurality of compute nodes to perform an incomplete number theoretic transform (NTT) algorithm on the input polynomial to generate an output polynomial in NTT format, the plurality of compute nodes comprising at least a first NTT circuit comprising a single butterfly circuit to perform a series of butterfly calculations on input data; and a randomizing circuitry to randomize an order of the series of butterfly calculations.
    Type: Application
    Filed: September 21, 2021
    Publication date: January 6, 2022
    Applicant: Intel Corporation
    Inventors: Santosh Ghosh, Andrea Basso, Dumitru-Daniel Dinu, Avinash L. Varna, Manoj Sastry
  • Patent number: 11218320
    Abstract: In one example an apparatus comprises a computer readable memory, hash logic to generate a message hash value based on an input message, signature logic to generate a signature to be transmitted in association with the message, the signature logic to apply a hash-based signature scheme to a private key to generate the signature comprising a public key, and accelerator logic to pre-compute at least one set of inputs to the signature logic. Other examples may be described.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: January 4, 2022
    Assignee: INTEL CORPORATION
    Inventors: Vikram Suresh, Sanu Mathew, Manoj Sastry, Santosh Ghosh, Raghavan Kumar, Rafael Misoczki
  • Patent number: 11216594
    Abstract: Embodiments are directed to countermeasures against hardware side-channel attacks on cryptographic operations. An embodiment of an apparatus includes multiple crypto cores; and a current source including multiple current source blocks, the current source blocks including a respective current source block associated with each of the crypto cores, and wherein the current sources blocks are switchable to switch on a current source block associated with each active core of the multiple crypto cores and to switch off a current source associated with each inactive core of the multiple cryptographic cores.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: January 4, 2022
    Assignee: INTEL CORPORATION
    Inventors: Santosh Ghosh, Debayan Das, Carlos Tokunaga, Avinash L. Varna, Joseph Friel
  • Publication number: 20210409188
    Abstract: Embodiments are directed to countermeasures for side-channel attacks on protected sign and key exchange operations. An embodiment of storage mediums includes instructions for commencing a process including an elliptic curve scalar multiplication (ESM) operation including application of a secret scalar value; splitting the secret scalar value into two random scalar values; counting a number of leading ‘0’ bits in the scalar value and skipping the number of leading ‘0’ bits in processing; performing an ESM iteration for each bit of the secret scalar value beginning with a most significant ‘1’ bit of the scalar value including a Point Addition operation and a Point Double operation for each bit on randomized points; performing ESM operation dummy iterations equal to the number of leading ‘0’ bits; and returning an output result for the ESM operation.
    Type: Application
    Filed: June 24, 2020
    Publication date: December 30, 2021
    Applicant: Intel Corporation
    Inventors: Santosh Ghosh, Andrew H. Reinders, Joseph Friel, Avinash Laxmisha Varna, Manoj Sastry
  • Publication number: 20210406239
    Abstract: Embodiments are directed to collision-free hashing for accessing cryptographic computing metadata and for cache expansion. An embodiment of an apparatus includes one or more processors to compute a plurality of hash functions that combine additions, bit-level reordering, bit-linear mixing, and wide substitutions, wherein each of the plurality of hash functions differs in one of the additions, the bit-level reordering, the wide substitutions, or the bit-linear mixing; and access a hash table utilizing results of the plurality of hash functions.
    Type: Application
    Filed: June 25, 2020
    Publication date: December 30, 2021
    Applicant: Intel Corporation
    Inventors: Michael E. Kounavis, Santosh Ghosh, Sergej Deutsch, Michael LeMay, David M. Durham
  • Publication number: 20210399876
    Abstract: In one example an apparatus comprises an input register to receive at least a portion of a transport layer data packet, an encryption/decryption pipeline communicatively coupled to the input register, comprising a first section comprising a set of advanced encryption standard (AES) engines including at least a first AES engine to perform encryption and/or decryption operations on input data from the at least a portion of a transport layer data packet, a second AES engine to determine an authentication key, and a third AES engine to determine an authentication tag mask, a second section comprising a first set of Galois field multipliers comprising at least a first Galois field multiplier to compute a first multiple of the authentication key, a third section comprising a second set of Galois field multipliers to compute a first partial authentication tag, and a fourth section comprising a processing circuitry to compute a second partial authentication tag and a final authentication tag.
    Type: Application
    Filed: June 23, 2020
    Publication date: December 23, 2021
    Applicant: Intel Corporation
    Inventors: Santosh Ghosh, Manoj Sastry
  • Patent number: 11205017
    Abstract: Embodiments are directed to post quantum public key signature operation for reconfigurable circuit devices. An embodiment of an apparatus includes one or more processors; and a reconfigurable circuit device, the reconfigurable circuit device including a dedicated cryptographic hash hardware engine, and a reconfigurable fabric including logic elements (LEs), wherein the one or more processors are to configure the reconfigurable circuit device for public key signature operation, including mapping a state machine for public key generation and verification to the reconfigurable fabric, including mapping one or more cryptographic hash engines to the reconfigurable fabric, and combining the dedicated cryptographic hash hardware engine with the one or more mapped cryptographic hash engines for cryptographic signature generation and verification.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: December 21, 2021
    Assignee: INTEL CORPORATION
    Inventors: Vikram Suresh, Sanu Mathew, Rafael Misoczki, Santosh Ghosh, Raghavan Kumar, Manoj Sastry, Andrew H. Reinders
  • Patent number: 11201878
    Abstract: Various systems and methods for bus-off attack detection are described herein. An electronic device for bus-off attack detection and prevention includes bus-off prevention circuitry coupled to a protected node on a bus, the bus-off prevention circuitry to: detect a transmitted message from the protected node to the bus; detect a bit mismatch of the transmitted message on the bus; suspend further transmissions from the protected node while the bus is analyzed; determine whether the bit mismatch represents a bus fault or an active attack against the protected node; and signal the protected node indicating whether a fault has occurred.
    Type: Grant
    Filed: May 3, 2019
    Date of Patent: December 14, 2021
    Assignee: Intel Corporation
    Inventors: Marcio Rogerio Juliato, Shabbir Ahmed, Santosh Ghosh, Christopher Gutierrez, Manoj R. Sastry