Abstract: Systems and methods described herein relate to techniques that allow for multiple parties to jointly generate or jointly agree upon the parameters for generation of a smart contract, such as a verification key. Execution of the smart contract may be performed by a third party, for example, a worker node on a blockchain network. Techniques described herein may be utilised as part of a protocol in which parties of a smart contract share powers of a secret in a manner that allows each party to determine an identical common reference string, agree on parameters for a smart contract agree and/or make proportionate contributions the smart contract, and combinations thereof. The smart contract may be published to a blockchain network (e.g., Bitcoin Cash). The protocol may be a zero-knowledge protocol.

Abstract: Method and apparatus for managing software containers in a computer network. A data storage device has a non-volatile memory (NVM) and a controller circuit. A portion of the NVM is allocated for use during deployment of a software container during which an application in the software container is executed by a processor of a virtual machine (VM) hypervisor. A unique session key is generated for the software container, and a token derived from the session key is supplied with each host access command issued to the data storage device during the deployment of the software container. The controller circuit validates each received host access command by determining the session key is valid and that a predetermined time period since deployment has not expired. The controller circuit is further configured to store in a session log a listing of all data blocks accessed in the NVM during the session.

Abstract: Methods aiding in proving shuffles of re-encryptions of ciphertexts and a mixnet employing such methods. A method for compacting ciphertexts includes encrypting a plaintext using an asymmetric key encryption scheme for a ciphertext, dividing the ciphertext into partial ciphertexts, encrypting each of the partial ciphertexts using the asymmetric key encryption scheme to obtain re-encrypted partial ciphertexts, creating hash exponents from a digest of a cryptographic hash function taking the partial ciphertexts, the re-encrypted partial ciphertexts and arbitrary salt values as argument of the cryptographic hash function, calculating a compacted ciphertext by multiplying all of the partial ciphertexts exponentiated by a respective one of the plurality of hash exponents, and calculating a compacted re-encrypted ciphertext by multiplying all of the re-encrypted partial ciphertexts exponentiated by a respective one of the hash exponents.

Abstract: closed circuit television (CCTV) image data distribution processing apparatus includes a CCTV image data receiver configured to receive CCTV image data from a CCTV camera, an encryption processor configured to perform encryption-processing on the CCTV image data, a data splitter configured to split the CCTV image data into chunk data, an index processor configured to perform index-processing on the chunk data with an index generated through the encryption, and a controller configured to distribute and store the index-processed chunk data in a plurality of storage servers corresponding to corresponding indexes, respectively, or to decode chunk data to restore original CCTV image data when receiving the chunk data stored in the storage server.

Abstract: There is provided an encryption device that is secure against a side channel attack, and can suppress a processing load. The encryption device includes a data encryption part in which at least part of a plurality of round functions for successively performing encryption processing on an input value is tabulated to be encrypted using a white-box model in which input/output values of the round function is able to be recognized from the outside. Each of the round functions includes a tabulated encryption function for encrypting an input value using a black-box model in which the input/output values are able to be recognized from the outside and an intermediate value is not able to be recognized from the outside, and the encryption function is updated with a random number.

Abstract: Techniques for calculating a hash value of a single secure array of memory blocks in a sequential set of dice. The array can be defined by a set of address-size pairs. Each pair provides a pointer by including an address of a memory block and a size of the block. The hash value can be calculated by: for each die that is not the last die, partially applying a hash function, without final padding, to the memory blocks of the secure array in the die to generate a partial digest. And, for the last die, fully applying the hash function, with the final padding, to the memory blocks of the secure array in the last die to generate the hash value of the secure array, which can include adding an accumulation of partial digests to data from the last die as a basis for the generation of the hash value.

Abstract: A computer-implemented method is for providing processed data. In an embodiment, the method includes receiving, by a first encryption entity, first plaintext data including a matrix of numbers; determining, by the first encryption entity, an encryption key including an integer matrix; homomorphically encrypting, by the first encryption entity, the first plaintext data based on a matrix multiplication of the first plaintext data and the encryption key, to generate first encrypted data; sending, by the first encryption entity, the first encrypted data to a processing entity; receiving, by a decryption entity, encrypted processed data from the processing entity, the encrypted processed data being based on the first encrypted data; decrypting, by the decryption entity, the encrypted processed data based on a matrix multiplication of the processed data and an inverse of the encryption key, to generate processed data; and providing, by the decryption entity, the processed data.

Abstract: A method and apparatus for performing a secure boot of a computer system is disclosed. A computer system according to the disclosure includes an auxiliary processor and a main processor. The boot process includes initially booting the auxiliary processor. The auxiliary processor includes a non-volatile memory storing boot code for the main processor. The auxiliary processor may perform a verification of the boot code. Subsequent to verifying the boot code, the main processor may be released from a reset state. Once the main processor is no longer in the reset state, the boot code may be provided thereto. Thereafter, the boot procedure may continue with the main processor executing the boot code.

Abstract: Systems and methods for initial provisioning through shared Proofs of Knowledge (PoKs) and crowdsourced identification are provided. In some embodiments, a method of sharing a PoK between a first Relying Party (RP) server and a second RP server includes receiving, by the first RP server, a request from a client device by a user for sharing the PoK. The method also includes causing, by the first RP server, the PoK to be provided to the client device and receiving, by the second RP server, a request from the client device to use the shared PoK for authentication of the user. In this way, the user may be provided additional convenience by allowing the reuse of the shared PoK. Also, depending on the number of RP servers that accept the shared PoK, the user may also be provided a degree of crowdsourced identification.

Abstract: A first network node (100; 200) is configured to, —compute a first shared key (245) to protect confidentiality from the first identity of the second network node and the local key material to protect confidentiality of the first network node, —compute a second shared key (246) to protect integrity from the second identity of the second network node and the local key material to protect integrity of the first network node, —encrypt a message using the first shared key, and —compute a first message authentication code over the message using the second shared key.

Abstract: An integrated circuit is provided with a modular multiplication circuit. The modular multiplication circuit includes an input multiplier for computing the product of two input signals, truncated multipliers for computing another product based on a modulus value and the product, and a subtraction circuit for computing a difference between the two products. An error correction circuit uses the difference to look up an estimated quotient value and to subtract out an integer multiple of the modulus value from the difference in a single step, wherein the integer multiple is equal to the estimated quotient value. A final adjustment stage is used to remove any remaining residual estimation error.

Abstract: A processor or system includes a processor core to execute a set of instructions to determine that a memory encryption mode is enabled. The memory encryption mode is to cause data stored to memory to be encrypted and data retrieved from the memory to be decrypted. The processor core is further to determine that a debug mode has been enabled and, responsive to a determination that the debug mode has been enabled, generate a second encryption key different than a first encryption key employed before reboot of a computing system. The processor core is further to transmit the second encryption key to a cryptographic engine for use in encryption and decryption of the data according to the memory encryption mode.

Abstract: A method for processing an encryption is provided. The method for processing an encryption includes the steps of linearly transforming a homomorphic encryption for an approximate message including an error, performing an approximate modulus operation for the linearly transformed homomorphic encryption by using a multi-degree polynomial set such that input values within a predetermined range are approximate to an integer point, and linearly transforming the homomorphic encryption which was approximately modulus operated into a form of encryption.

Abstract: Systems and methods may be used for establishing a link between user identifiers of different systems without disclosing specific user identifying information. One method includes generating a matching relationship based on double encrypted one or more first data sets of a first party system and double encrypted one or more second data sets of a second party system. The matching relationship indicates one or more links between match keys associated with the first party system and the match keys associated with the third party system. The method includes assigning bridge identifiers for user identifiers associated with the first party system and the user identifiers associated with the third party system based on the matching relationship.

Abstract: Shannon's equivocation, the conditional entropy of key or message with respect to a specific ciphertext, is the primary indicator of the security of any secrecy system, in that when key equivocation H E (K) or message equivocation H E (M) attain log 0 (or 1) under a brute-force attack, the system is compromised and has no security. We propose a simplistic equivocation definition of security which distinguishes between “secure/unsolvable” and “insecure/solvable” encipherments.

Abstract: A logic circuit for quantum-resistant cryptoprocessing. The logic circuit includes a first plurality of multiplexers, a second plurality of multiplexers, a plurality of AND gates, a third plurality of multiplexers, a plurality of shift registers, a plurality of inverters, a fourth plurality of multiplexers, a plurality of adders, a plurality of XOR gates, a fifth plurality of multiplexers, and a plurality of parallel outputs.

Abstract: A device can (i) store public keys Ss and Sn for a network and (ii) record private key sd. A network can record a corresponding private keys ss and sn. The device can (i) generate a device ephemeral PKI key pair (Ed, ed) and (ii) send public key Ed to the network. The device can receive an ephemeral public key Es from the network. The device can calculate values for A: an elliptic curve point addition over Ss, Sn, and Es, and B: (sd+ed) mod n. The device can input values for X and Y into an elliptic curve Diffie Hellman key exchange (ECDH) in order to determine a mutually derived shared secret X5, where the network can also derive shared secret X5. The device can (i) use X5 to derive a key K2 and (ii) decrypt a ciphertext from the network using key K2.

Abstract: Systems, methods, and devices for offloading network data to a datastore. A system includes routing chip hardware and an asynchronous object manager in communication with the routing chip hardware. The asynchronous object manager is configurable to execute instructions stored in non-transitory computer readable storage media. The instructions include asynchronously receiving a plurality of objects from one or more producers. The instructions include identifying one or more dependencies between two or more of the plurality of objects. The instructions include reordering the plurality of objects according to the one or more dependencies. The instructions include determining whether the one or more dependencies is resolve. The instructions include, in response to determining the one or more dependencies is resolved, calling back an application and providing one or more of the plurality of objects to the application.

Abstract: The present disclosure relates to systems and methods for using multicomputer data transferring to active contactless communication. In one example, such a system may include at least one memory storing instructions and at least one processor configured to execute the instructions to perform one or more operations, the operations including: receiving a transaction associated with a merchant on a list of merchants stored in the at least one memory; determining, based on the merchant, a remote server associated with the merchant; assembling a data packet including an identifier of the contactless card and an identifier of the transaction; transmitting the data packet to the determined server across one or more computer networks; receiving confirmation from the determined sever in response to the data packet; and transmitting the confirmation to a user device associated with the transaction.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for using audio watermarks with key phrases. One of the methods includes receiving, by a playback device, an audio data stream; determining, before the audio data stream is output by the playback device, whether a portion of the audio data stream encodes a particular key phrase by analyzing the portion using an automated speech recognizer; in response to determining that the portion of the audio data stream encodes the particular key phrase, modifying the audio data stream to include an audio watermark; and providing the modified audio data stream for output.

Abstract: A method for implementing a secure multiparty computation protocol between a plurality of parties for a multiparty computation includes performing an offline phase of an SPDZ protocol for each of the parties participating in the multiparty computation. A secret share redistribution phase is then performed wherein the secret shares of the parties are redistributed to a subset of the parties. A secret share recombination phase is performed during which the subset of the parties recombines the redistributed secret shares to recover the secret shares of the parties not in the subset. An online phase of the SPDZ protocol is then performed during which the function is computed with respect to the private inputs of the parties and using the secret shares of all the parties.

Abstract: Multiple elements are efficiently read from a secured array. A secure text array <a>=(<a[0]>, . . . , <a[n?1]>) where an array a=(a[0], . . . , a[n?1]) having a size of n is secured, secure text <x> of an integer x that is equal to or higher than 0 and less than n, and in integers i0, . . . , im-1 that are equal to or higher than 0 and less than n are input into an input part 11. A secure shift part 12 secure-shifts the secure text array <a> by <x> to obtain a secure text array <a?>=(<a?[0]>, . . . , <a?[n?1]>) where an array a?=(a?[0], . . . , a?[n?1]) obtained by shifting leftward the array a by x is secured. An array generation part 13 generates a secure text array <b>=(<a?[i0]>, . . . , <a?[im-1]>) from the secure text array <a?>.

Abstract: Disclosed are an information encryption method and device. A particular embodiment of the method comprises: acquiring customer information, wherein the customer information comprises an item number and a telephone number; selecting a random salt corresponding to the current date from a pre-generated random salt list, wherein the random salt list is used for storing a date and a random salt; using an irreversible encryption algorithm to encrypt the item number and the random salt corresponding to the current date so as to generate a first ciphertext; generating, based on the first ciphertext, a digital second ciphertext; and using the second ciphertext to process the telephone number so as to generate a first encrypted telephone number. This embodiment prevents private customer information from being leaked.

Abstract: A computer-implemented method for error-correction-encoding and encrypting of a file is provided. The file is split into at least two blocks. The first block is encrypted using a given encryption key. The encrypted first block is encoded twice using a first and second forward error correction code of the first block. Each subsequent block is encrypted by performing an algebraic operation. The encrypted block is encoded twice using a first and second forward error correction code for this block, wherein a cryptographic indexing function provides a set of indices used by the second forward error correction code to produce the second encoded chunk. The first encoded chunks of each encrypted block are outputted. The computer-implemented method enables secure transmission of a file content between low power devices.

Abstract: A method of exchanging a combined cryptographic key between a first node and a second node, the first node and the second node being connected through a first communication and a second communication network, wherein the first communication network is a quantum communication network wherein information is encoded on weak light pulses; and the first node and the second node being configured to: exchange one or more first cryptographic keys on the first communication network; exchange one or more second cryptographic keys using the second communication network; and form the combined cryptographic key by combining the one or more first cryptographic keys and the one or more second cryptographic keys, such that the first node and the second node share knowledge of the combined cryptographic key.

Abstract: Systems, methods, and apparatuses relating to performing hashing operations on packed data elements are described.

Abstract: A first lawful interception (LI) function transmits, to a second LI function in a virtualized network function, VNF, a request for random number generator, RNG, data, characterizing a random number generator in the second LI function. The RNG data is tested, resulting in a randomness test result that is indicative of randomness of numbers generated by the RNG in the second LI function. If the randomness is below a first threshold, mitigation takes place of any undesired effect associated with the randomness being less than the threshold value. A corresponding method is performed by the second LI function, receiving the request for RNG data, obtaining and transmitting the RNG data to the first LI function. Verification can thereby be made whether a LI function in a VNF has a proper level of entropy source for use by its cryptographic operations and, if not, perform mitigation.

Abstract: A hybrid method and system for data encryption significantly reduces the computational cost of encryption and reduces the cost of the processors needed to perform encryption and decryption.

Abstract: Aspects of the invention provide a system and method for effecting a transfer of goods in a transaction. Mobile communication devices held by parties to a transaction deliver geographic location information to a server, which coordinates data, including verification token data broadcast by one of said devices, so as to authenticate the identities of the parties to the transfer once the parties or devices are within a specified short-range to conduct said transfer.

Abstract: An authentication method includes an enrolment stage comprising: receiving fuzzy data from a noisy authentication factor and fixed authentication data; generating a secret string independently from the received fuzzy data and the received fixed authentication data; deriving metadata from the fuzzy data and the secret string and helper data from the secret string and metadata; encrypting the helper data using the fixed authentication data as encryption key; outputting the encrypted helper data as public data, and an authentication stage including receiving the public data output during the enrolment stage, decrypting the received public data using the fixed authentication data as decryption key, recovering the helper data and the metadata from the decrypted public data, reproducing the secret string using the further fuzzy data and the recovered metadata, validating the reproduced secret string using the recovered helper data, and releasing the reproduced secret string if the validating yields a positive outco

Abstract: Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using known methods that exploit system vulnerabilities, including elliptic operation differentiation, dummy operation detection, lattice attacks, and first real operation detection. Various embodiments of the invention provide resistance against side-channel attacks, such as simple power analysis, caused by the detectability of scalar values from information leaked during regular operation flow that would otherwise compromise system security. In certain embodiments, system immunity is maintained by performing elliptic scalar operations that use secret-independent operation flow in a secure Elliptic Curve Cryptosystem.

Abstract: A method and protocol for determining linear combinations of a first and second point for an elliptic curve cryptography scheme, including determining a first scalar multiplication of the first point with a first scalar, the first scalar multiplication including performing iteratively in relation to the value of the first scalar either one of: doubling of the first point in Jacobian projective coordinates; or mixed addition with the first point in affine coordinates; determining a combination point by adding the second point to the resultant of the first scalar multiplication; obtaining an affine coordinate representation of the combination point; determining a second scalar multiplication of the combination point with a second scalar, the second scalar multiplication including performing iteratively in relation to the value of the second scalar either one of: doubling of the combination point in Jacobian projective coordinates; or mixed addition with the combination point in affine coordinates.

Abstract: In general, this disclosure describes encryption engines that shuffle data segments during decryption. By shuffling the data and using the resulting random permutation for decryption, the engines of this disclosure obfuscate hardware performance information that attackers might access and use in a side channel attack. In one example, an apparatus includes a decryption engine configured to select, for each round of multiple rounds for decrypting the block of encrypted data, a permutation of inputs to the decryption engine from multiple permutations of the inputs. The inputs include encrypted data segments of the block of encrypted data and an inverse cipher key segment, and the selected permutation of the inputs is different for at least two of the rounds. The decryption engine is further configured to iteratively compute a decrypted data segment across the plurality of rounds based on the respective selected permutation of the inputs for each round.

Abstract: A method for executing a polymorphic machine code, wherein: for each branching address at which a base block of a flow of generated instructions starts, the microprocessor automatically adds, in the generated flow of instructions, a renewal instruction suitable, when it is executed, for triggering the renewal of an initialization vector of a module for decryption by flow with a specific value associated with this branching address, then a flow encryption module encrypts the flow of instructions as it is generated and, during this encryption, each base block is encrypted using a specific value associated with the branching address at which it starts. Only the instruction flow encrypted in this way is recorded in the main memory. During execution of the encrypted instruction flow, the added renewal instructions are executed as they are encountered.

Abstract: Various embodiments are generally directed to techniques of generating a unique biometric key, hashing and salting the key, and storing it. Embodiments include techniques to analyze biological information associated with a user and determine one or more biological characteristics from the analyzed information. The biological characteristics may be used to generate a character string unique to the user, which may be used to generate the biometric key based on a cryptographic algorithm. The hash values, salt values, or the hash function may be changed at a predetermined interval.

Abstract: Method and system for cryptographic transformation of a structured data set. The structured data set is partitioned into a first subset and a plurality of further subsets for encryption in parallel. The subsets are divided into a plurality of blocks of predetermined size. A first block for each subset is identified as well as a location of each further block in said subset relative to said first block of its subset. Cryptographic transformation of the data subsets is performed using a key according to a block chain process and an offset value for the first block of each subset from the first block of the first subset is logged. The process allows a block chain to be broken into part way in the chain. The process may allow different partitioning to be used for decryption than was used for encryption, thereby allowing parallel processing on varying numbers of computational cores.

Abstract: One example method and correspond apparatus extracts a model of a computer application during load time and stores the model of the computer application in a database. This example method and corresponding apparatus also inserts instructions into the computer application to collect data at runtime. This example method and corresponding apparatus then analyzes the data collected at runtime against the stored model of the computer application to detect one or more security events and tracks the one or more security events using a state machine.

Abstract: A method of and apparatus for executing a cryptographic cipher is described. The method includes acts of receiving a first finite field of data and key value represented by a first encryption standard including a first and second operation, transforming the first finite field of data and key value into a second finite field of data and key value represented by a second encryption standard, transforming the first operation and the second operation into a first modified operation and a second modified operation represented by the second encryption standard, executing the first modified operation on the second finite field of data and key value to generate a third finite field of data, executing the second modified operation on the third finite field of data to generate a fourth finite field of data, which is transformed into a fifth finite field of data represented by the first encryption standard.

Abstract: A method of encryption and decryption of data over a network using an artificial neural network installed on each node of the network. The data protection elements—encryption keys, encryption algorithms, and encryption obfuscation—are generated or selected, respectively, at a new instance of communication across the network and no data protection elements are transmitted across the network. The artificial neural network is trained on a blockchain with the addition of each new block to the blockchain and is used to generate a finite set of encryption keys at each node simultaneously. Such encryption keys, encryption algorithms and encryption obfuscation are associated with the neural network on each node and are then used for decryption of the transmitted data.

Abstract: A matching apparatus generates a random number and transmits second encrypted data obtained by performing an operation of first encrypted data of each of first values related to a first binary vector encrypted and the random number to a matching request apparatus; transmits third encrypted data obtained by performing an operation of the second encrypted data and elements of a matching target second binary vector; based on a second value related to the first binary vector encrypted with the encryption key, the encrypted data and the random number, generates and transmits encrypted data and transmits the generated data to a verification apparatus as a query; and determines whether a count number of mismatched elements between the second binary vector and the first binary vector is less than or equal to a predetermined number based on values obtained by decrypting the encrypted data in the query.

Abstract: Generation of a cryptographic key using one of multiple possible entropy generation components that may provide input entropy. A key generation component provides an interface that exposes one or more characteristics for input entropy to be used to generate a cryptographic key. For applications that are more sensitive to improper key discovery, higher degrees of input entropy may be used to guard against key discovery. During key generation, the key generation component connects with an appropriate entropy generation component via the interface. For instance, the entropy generation component may be selected or adjusted so that it does indeed provide the input entropy meeting the characteristics described by the interface. The key generation component receives the input entropy via the interface, and then uses the input entropy to generate the cryptographic key.

Abstract: Techniques are provided for protection of private keys in message signing based on elliptic curve cryptography. One method comprises obtaining a private key to generate a signature for a message; selecting a random integer as an internal private key in a predefined range based on an elliptic curve order; computing an internal public key as an elliptic curve point using a scalar multiply operation based on (i) the internal private key blinded using a random blinding value, (ii) an elliptic curve base point, and (iii) an inverse value for the random blinding value added to a result of the scalar multiply operation; generating a first signature portion based on the elliptic curve point; generating a second signature portion based on an inverse of the selected random integer generated from a message-dependent value and the first signature portion; and forming a signed message using the first and second signature portions.

Abstract: The present invention relates to a method to intrinsically protect a computer program having a driving value dedicated to handle sensitive data, said driving value comprising a plurality of N computation units to perform computations using sensitive data and susceptible to let sensitive data leak, each unit having V possible values, said method comprising a step of unrolling k parts of P units, with P>1 and P<N and N?P*k, by rewriting them in an equivalent sequence of computations protecting the sensitive data, said unrolling step resulting in a plurality of V{circumflex over (?)}P possible parts of P units, said method further comprising the step of introducing, in the finally executed computer program, instructions to dynamically execute the driving value by selecting, at end of each executed part, the next part to be executed among the possible parts.

Abstract: A method and system of authenticating a user are provided. A request for a resource is received by a server, from a user device. A predefined number is received from the user device. A first number and a second number are created. The first number is sent to the user device. A first discrete logarithm is determined based on a challenge code and the first number and sent to the user device. A first pass code is calculated via a second discrete logarithm based on the first discrete logarithm, the predefined number, and the first number. A second pass code based on the second discrete logarithm, is received from the user device. The first pass code is compared to the second pass code. Upon determining that the first pass code is identical to the second pass code, the user device is allowed access a resource associated with the computing device.

Abstract: Methods and systems are disclosed for providing Near Field Communications. In certain embodiments, an Android mobile operating system based mobile device is configured with software that, when executed by one or more processors, determines whether the mobile device is to perform an NFC communication with a contactless payment terminal (CPT) using a secure element associated with an NFC controller included in the mobile device. Based on the determination, the mobile device is configured to execute software that performs communications with the CPT using the NFC controller.

Abstract: Presented are systems and methods for protecting secret data that is stored in memory to prevent unauthorized access and data manipulation. Various embodiments may be applied to hide or mask an RSA exponent used for public key cryptography and stored in a cryptographic hardware block that uses a non-erasable working memory for computations. In certain embodiments, masking RSA exponents is accomplished by a two-step process that combines a specifically calculated, random and secret value with the secret exponent. The random value is stored in an erasable memory, such that in case of attack, both the erasable memory and the non-erasable memory do not leak any embedded secrets. The additional expenditure of memory resources only insignificantly affects system performance.

Abstract: In one aspect, a first device includes at least one processor and storage accessible to the at least one processor. The storage includes instructions executable by the at least one processor to receive password input from a second device and to determine whether the password input indicates at least one predetermined character and at least one dynamic character that conforms to at least one preestablished parameter. The instructions are also executable to permit a login via the first device responsive to a determination that the password input indicates the at least one predetermined character and at least one dynamic character that conforms to the at least one preestablished parameter.

Abstract: According to an embodiment, an information processor includes a memory and one or more hardware processors coupled to the memory. The one or more hardware processors are configured to function as a calculating unit, a determining unit, and a generating unit. The calculating unit is configured to calculate a key length. The determining unit is configured to determine a block size corresponding to a unit of processing in key generation and an outputtable size indicating the size of a key outputtable by the key generation. The generating unit is configured to generate a key having the key length by a hash operation using a matrix having a size determined by the block size and the outputtable size.

Abstract: Systems, apparatuses, and methods related to a computer system having a processor and a main memory storing scrambled data are described. The processor may have a cache, a register, an execution unit, and an unscrambler. The processor can load the scrambled data into the cache; and the unscrambler may convert the scrambled data into unscrambled data just in time for the register or the execution unit during instruction execution. The unscrambled data can be an instruction, an address, or an operand of an instruction. Unscrambling can be performed just before loading the data item in a scrambled form from the cache into the register in an unscrambled form, or after the data item leaves the register in the scrambled form as input to the execution unit in the unscrambled form. The unscrambled data and the scrambled data may have the same set of bits arranged in different orders.

Abstract: An encryption key may be generated based on personalized unit data associated with a software download recipient, for example, a secure processor. In some aspects, the secure processor may generate a decryption key based on its personalized unit data, and a software download may be performed between the software provider and the secure processor using the generated encryption keys. The secure processor may then decrypt and load the software for execution. The encryption and decryption key generation may also be based on a sequence number or other data indicating one or more previous software downloads at the secure processor. Using the sequence number or other data, sequences of multiple encryption and/or decryption keys may be generated to support multiple software downloads to a secure processor.