Abstract: An Attack Resilient Computation Circuit (ARCC) in an integrated circuit (IC) includes a first computation stage, a second computation stage, and security circuitry. The first computation stage is configured to process one or more signals so as to produce one or more outputs, the first computation stage having multiple signal propagation paths. The second computation stage is configured to receive and process the outputs of the first computation stage. The security circuitry is configured to generate a synchronization signal indicating that propagation of the signals in the first computation stage has completed, and to inhibit the second processing stage from processing the outputs of the first processing stage for a time interval derived from the synchronization signal.

Abstract: A method includes providing one or more signals to an electronic device for performing a test procedure that involves programming a One-Time Programmable (OTP) memory in the electronic device. A verification is made as to whether connection of the one or more signals to the electronic device is stable, by performing a sequence of one or more iterations, each iteration including (i) determining, from among a set of scratchpad addresses in the OTP memory, an address that is available for programming, (ii) writing a test value to the address, and then (iii) reading the test value from the address. If the read test value differs from the written test value, re-tuning of the connection of the one or more signals is initiated. Only when the connection is verified as stable by the sequence of iterations, the OTP memory is programmed in accordance with the test procedure.

Abstract: In one embodiment, a processing device includes a symmetric block cipher configured to encrypt plaintext blocks yielding respective ciphertext blocks, obfuscation circuitry configured to obfuscate the respective ciphertext blocks responsively to an obfuscation secret yielding respective obfuscated ciphertext blocks and an interface to send the respective obfuscated ciphertext blocks to at least one remote processing device. In one embodiment, the processing device provides side-channel attack protection within a symmetric key scheme by data obfuscation and by changing encryption/decryption keys using key manipulation so that different blocks or group of blocks of data are encrypted/decrypted using respective encryption/decryption keys.

Abstract: An electronic circuit for Random Number Generation (RNG) includes multiple inverters, a contention-current generator, and digitization circuitry. The multiple inverters are connected to one another in a ring and configured to generate an oscillating signal. The contention-current generator is connected to a node at which an output of an inverter of the ring drives an input of a subsequent inverter of the ring with a drive current. The contention-current generator includes at least a buffer configured to drive the node, at least while a voltage at the node transitions between opposite logic states, with a contention current that opposes the drive current and is weaker than the drive current. The digitization circuitry is configured to generate a sequence of random numbers by sampling the oscillating signal generated in the ring.

Abstract: This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.

Abstract: An apparatus for protecting a processor includes an input interface and protection circuitry. The input interface is configured to monitor code instructions that are processed by the processor. One or more of the code instructions include one or more error-detection bits. The protection circuitry is configured to detect one or more errors in the program code using the error-detection bits, and to initiate responsive actions in response to detecting the errors, while accounting for exception events occurring in the processor.

Abstract: An electronic circuit includes a driving cell, one or more driven cells and one or more inverters. The driving cell has two or more inputs and at least one output and is configured to toggle the output between first and second logic states in response to the inputs. Each driven cell has two or more inputs, of which at least one input is configured to be driven by the output of the driving cell. The one or more inverters are placed in a signal network that connects the driving cell to the driven cells. The inverters are configured to balance, over the signal network, (i) a first capacitive load charged by electrical currents caused by transitions from the first logic state to the second logic state and (ii) a second capacitive load charged by electrical currents caused by transitions from the second logic state to the first logic state.

Abstract: An apparatus for protecting a processor includes an input interface and protection circuitry. The input interface is configured to monitor code instructions that are processed by the processor, one or more of which code instructions including one or more error-detection bits. The protection circuitry is configured to detect an error in the program code using the error-detection bits, and to initiate a responsive action in response to detecting the error.

Abstract: An integrated circuit includes signal-source circuitry (SSC), an SSC power supply circuit (SSC-PS) and a digitization circuit. The SSC is configured to generate an output signal, which is guaranteed to meet specified electrical parameters provided that a supply voltage to the SSC is within a specified operating voltage range. The SSC-PS is configured to power the SSC with a reduced voltage that is below the specified operating voltage range, thereby causing the output signal to be noisy. The digitization circuit is configured to digitize the noisy output signal so as to generate a respective sequence of random numbers.

Abstract: An Integrated Circuit (IC) includes a non-volatile memory (NVM) and secure power-up circuitry. The NVM is configured to store an operational state of the IC. The secure power-up circuitry is configured to (i) during a power-up sequence of the IC, perform a first readout of the operational state from the NVM while a supply voltage of the IC is within a first voltage range, (ii) if the operational state read from the NVM in the first readout is a state that permits access to a sensitive resource of the IC, verify that the supply voltage is within a second voltage range, more stringent than the first voltage range, and then perform a second readout of the operational state from the NVM, and (iii) initiate a responsive action in response to a discrepancy between the operational states read from the NVM in the first readout and in the second readout.

Abstract: This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.

Abstract: A device including a network interface, a memory and a processor. The network interface is configured to communicate with a verifier over a communication network. The memory is configured to store multiple layers of mutable code, the layers identifiable by respective measurements. The processor is configured to generate, for a given boot cycle, a nonce associated uniquely with the given boot cycle, to receive a challenge from the verifier for attestation of a given layer of the mutable code, to calculate an attestation key based on (i) a Unique Device Secret (UDS) stored securely in the device, (ii) a measurement of the given layer taken by another layer, and (iii) the nonce generated for the given boot cycle, to calculate a response for the challenge, by signing the challenge using the attestation key, and to send the response to the verifier for verification of the given layer.

Abstract: In one embodiment, a processing device includes a symmetric block cipher configured to encrypt plaintext blocks yielding respective ciphertext blocks, obfuscation circuitry configured to obfuscate the respective ciphertext blocks responsively to an obfuscation secret yielding respective obfuscated ciphertext blocks and an interface to send the respective obfuscated ciphertext blocks to at least one remote processing device. In one embodiment, the processing device provides side-channel attack protection within a symmetric key scheme by data obfuscation and by changing encryption/decryption keys using key manipulation so that different blocks or group of blocks of data are encrypted/decrypted using respective encryption/decryption keys.

Abstract: A method for provisioning an electronic device includes providing a semiconductor wafer on which multiple integrated circuit (IC) chips have been fabricated. Each chip includes a secure memory and programmable logic, which is configured to store at least two keys in the secure memory and to compute digital signatures over data using the at least two keys. A respective first key is provisioned into the secure memory of each of the chips via electrical probes applied to contact pads on the semiconductor wafer. After dicing of the wafer, a respective second key is provisioned into the secure memory of each of the chips via contact pins of the chips. A respective provisioning report is received from each of the chips with a digital signature computed by the logic using both of the respective first and second keys. The provisioning is verified based on the digital signature.

Abstract: This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.

Abstract: A security device includes a bus interface and circuitry. The bus interface is coupled to a bus connecting between a host device and a peripheral device. The circuitry is configured to receive, via the bus interface, a clock signal of the bus, and to produce a delayed clock signal relative to the clock signal. The circuitry is further configured to monitor, using the clock signal, transactions communicated between the host device and the peripheral device, in response to identifying a given transaction, of which a portion is expected to be delayed by a predefined time delay relative to the clock signal, to sample the portion of the given transaction using the delayed clock signal, and in response to identifying, based on the sampled portion, that the given transaction violates a security policy, to apply a security action.

Abstract: A method for provisioning an electronic device includes providing a semiconductor wafer on which multiple integrated circuit (IC) chips have been fabricated. Each chip includes a secure memory and programmable logic, which is configured to store at least two keys in the secure memory and to compute digital signatures over data using the at least two keys. A respective first key is provisioned into the secure memory of each of the chips via electrical probes applied to contact pads on the semiconductor wafer. After dicing of the wafer, a respective second key is provisioned into the secure memory of each of the chips via contact pins of the chips. A respective provisioning report is received from each of the chips with a digital signature computed by the logic using both of the respective first and second keys. The provisioning is verified based on the digital signature.

Abstract: A self-correcting memory system comprising an integrated circuit including memory and memory content authentication functionality, which is operative to compare content to be authenticated to a standard and to output “authentic” if the content to be authenticated equals the standard and “non-authentic” otherwise; and error correction functionality which is operative to apply at least one possible correction to at least one erroneous word entity in said memory, yielding a possibly correct word entity, call said authentication for application to the possibly correct word entity, and if the authentication's output is “authentic”, to replace said erroneous word entity in said memory, with said possibly correct word entity thereby to yield error correction at a level of confidence derived from the level of confidence associated with the authentication.

Abstract: This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.

Abstract: In one embodiment, a secure chip apparatus, includes a memory to store an encrypted value E and a one-way function output-value H, which is an output value of a one-way function computed with a nonce N as input, an interface to transfer data with an external device, and chip security circuitry to lock a portion of the chip apparatus from use, receive an unlock request from an unlocking hardware security module (HSM) via the interface, provide the encrypted value E to the HSM responsively to the unlock request, receive a value N? from the HSM, the value N? being a decrypted value of the encrypted value E, compute a one-way function output-value H? responsively to the value N?, compare the value H? to the value H, and unlock the portion of the chip apparatus for use responsively to a match between the value H? and the value H.