Abstract: A device is suggested for processing input data including a hardware accelerator generating a first hash value based on a first portion of the input data and a second hash value based on a second portion of the input data, wherein the first hash value is generated based on a first configuration of the hardware accelerator and wherein the second hash value is generated based on a second configuration of the hardware accelerator. Also, a method for operating such device is provided.

Abstract: Embodiments of present disclosure relates to and systems to reduce propagation delays in hardware implementation of 3GPP confidentiality or standardized algorithm 128-EEA3 and 3GPP integrity algorithm 128-EIA3 using ZUC module. The reduction of the propagation delays is achieved by improving or optimizing secondary critical paths, which are subsequent to primary critical path, related to the 3GPP confidentiality or standardized algorithm 128-EEA3 and the 3GPP integrity algorithm 128-EIA3. Non-conventional modifications in the hardware implementation are proposed for the improvement or optimization.

Abstract: A non-transitory computer-readable recording medium stores a generation program for causing a computer to execute a process including: dividing a target content into a plurality of blocks so that head information of the target content is distributed to the blocks different from each other, according to a predetermined rule; generating a hash value corresponding to each of the plurality of divided blocks; generating an aggregation hash value by aggregating the generated hash values; and outputting the generated aggregation hash value.

Abstract: The invention relates to a method for determining an access right to a service, the method comprises: receiving a service request, generating at least one token, the at least one token being broadcast by at least one beacon device; receiving a message comprising at least data interpretable as a token, data from which the at least one beacon device is identifiable and data from which a position of the terminal device is derivable. By applying the received pieces of data it is possible to determine if an access to the service may be granted to the terminal device. The invention also relates to a network controller, a communication system and a computer program product.

Abstract: A method of generating a cryptographic algorithm includes generating at least one key table on the basis of a seed value; generating, by using a round tweak bit string and an input bit string that is input to one of input branches of a Feistel structure, a first transformation function converting the input bit string into a first random bit string having a length that extends beyond a length of the input bit string, generating a second transformation function converting a second random bit string generated by referencing the one or more key tables into a third random bit string having a length that is the same as the length of the input bit string, and generating a block cryptographic algorithm of a Feistel structure which includes a round function to which the one or more key tables, the first transformation function, and the second transformation function are applied.

Abstract: A method of generating a cryptographic algorithm according to one embodiment of the present disclosure includes generating one or more key tables on the basis of a seed value; generating a first transformation function that converts an input bit string, which is input to one of input branches of a Feistel structure, into a first random bit string having a length that extends beyond a length of the input bit string; generating a second transformation function that converts a second random bit string generated by referencing the one or more key tables into a third random bit string having a length that is the same as the length of the input bit string; and generating a block cryptographic algorithm of a Feistel structure which includes a round function to which the one or more key tables, the first transformation function, and the second transformation function are applied.

Abstract: Methods, systems, and devices for encrypting and decrypting data. In one implementation, an encryption method includes inputting plaintext into a recurrent artificial neural network, identifying topological structures in patterns of activity in the recurrent artificial neural network, wherein the patterns of activity are responsive to the input of the plaintext, representing the identified topological structures in a binary sequence of length L and implementing a permutation of the set of all binary codewords of length L. The implemented permutation is a function from the set of binary codewords of length L to itself that is injective and surjective.

Abstract: Authentication processing is provided which includes generating an authentication parameter as a function of a time-dependent input using a predetermined transformation having an inverse transformation. Multiple authentication modes are supported, with a bit-length of the time-dependent input of one authentication mode being different from a bit-length of the time-dependent input of another authentication mode. Generating the authentication parameter is dependent, in part, on whether the time-dependent input is of the one authentication mode or the other authentication mode, and includes performing multiple rounds of transformation of the time-dependent input. A time-dependent password including a character string is generated from the authentication parameter using another predetermined transformation having another inverse transformation. The time-dependent password is forwarded within the authentication system for authentication by an authenticator.

Abstract: A method for distributing an audiovisual content to a terminal is disclosed. The content is received by the terminal in the form of a succession of consecutive segments, each segment being distributed to the terminal following a transmission of a request by the terminal and being obtained by an application of a workflow to a portion of the content.

Abstract: A receiver apparatus and method for optimized decryption and despreading of a very low frequency (VLF) bitstream is disclosed. In embodiments, the receiver includes antenna elements for receiving a transmission security (TRANSEC) encoded bitstream associated with an uncertainty window size and a spread factor. The receiver includes cryptographic processors that, when the spread factor is sufficiently large, select key section numbers A and data section numbers B based on the window size and spread factor. The cryptographic processors generate an output sequence of correlation windows, each correlation window associated with a symbol of the bitstream, via pipelined sectional mirrored-key convolution based on a key section number A and data section number B chosen to optimize performance (e.g., processor performance, memory performance).

Abstract: A device is suggested for processing input data including a hardware accelerator generating a first hash value based on a first portion of the input data and a second hash value based on a second portion of the input data, wherein the first hash value is generated based on a first configuration of the hardware accelerator and wherein the second hash value is generated based on a second configuration of the hardware accelerator. Also, a method for operating such device is provided.

Abstract: The present invention relates to an encrypting/decrypting method for a multi-digit number and an encrypting/decrypting server.

Abstract: A method includes receiving, by a first microprocessor, a request of modification of a content of a first memory of the first microprocessor, the first memory being accessible only by the first microprocessor. The method includes accessing, by the first microprocessor, first data associated with the request and a signature generated from the first data with an asymmetric cipher algorithm. The first data and the signature are available in a second memory of a second microprocessor, and the first data is representative of a modification to be applied to the content of the first memory. The modification is representative of a modification of a set of services exposed by the first microprocessor. The method includes verifying, by the first microprocessor, authenticity of the first data based on the signature; and modifying the content of the first memory according to the first data, the modifying being conditioned by the verifying.

Abstract: Digital n-state switching devices are characterized by n-state switching tables with n greater than 4. N-state switching tables are transformed by a Finite Lab-transform (FLT) into an FLTed n-state switching table. Memory devices, processors and combinational circuits with inputs and an output are characterized by an FLTed n-state switching table and perform switching operations between physical states in accordance with an FLTed n-state switching table. The devices characterized by FLTed n-state switching tables are applied in cryptographic devices. The cryptographic devices perform standard cryptographic operations or methods that are modified in accordance with an FLT. One or more standard cryptographic methods are specified in Federal Information Processing Standard (FIPS) Publications. Security is improved by at least a factor n2.

Abstract: The disclosure discloses a method and apparatus for encrypting data, and a method and apparatus for decrypting data. The method for encrypting data includes: acquiring a to-be-encrypted data block; executing a first encryption on the to-be-encrypted data block to obtain a data ciphertext; executing a hash operation on the to-be-encrypted data block to obtain an index key; designating a last ciphertext block as a first target ciphertext block, and decrypting the first target ciphertext block to acquire an index value of the first target ciphertext block; executing a preset operation on the index value of the first target ciphertext block to obtain the index value of the to-be-encrypted data block, and executing a second encryption on the index value of the to-be-encrypted data block based on the index key to generate an index ciphertext; and combining the data ciphertext and the index ciphertext to generate a ciphertext block.

Abstract: A system and method for determining whether a cryptographic system is being observed for power consumption analysis in an attempt to decipher secret keys. The system comprises a first external connection to receive an input voltage, an internal voltage regulator with an external capacitor to produce the desired voltage for the cryptographic system. The internal voltage regulator typically includes a switch that passes current from the first external connection to the external capacitor. By monitoring the frequency at which the switch is activated, it is possible to detect that an external voltage is being applied to the external capacitor. This external voltage is typically used to perform SPA or DPA operations. Thus, the cryptographic system may cease performing any encryption or decryption operations if an external voltage is detected.

Abstract: Techniques are provided for implementing a parameter server within a networking infrastructure of a computing system to reduce the communication bandwidth and latency for performing communication synchronization operations of the parameter server. For example, a method includes executing a distributed deep learning (DL) model training process to train model parameters of a DL model using a plurality of worker nodes executing on one or more server nodes of a computing system, and executing a parameter server within a networking infrastructure of the computing system to aggregate local model parameters computed by the plurality of worker nodes and to distribute aggregated model parameters to the plurality of worker nodes using the networking infrastructure of the computing system.

Abstract: Memory access circuitry enforces ownership rights for memory regions. A given memory region is associated with an owner realm specified from multiple realms, each realm corresponding to a portion of at least one software process executed by processing circuitry. In response to a first variant of an exception return instruction the processing circuitry returns from processing of an exception while staying within the same realm. In response to a second variant of the exception return instruction the processing circuitry switches processing from a current realm to a destination realm.

Abstract: An electronic apparatus for managing data based on a block chain and a method therefor are provided. The electronic apparatus includes a communication interface, a memory, and a processor to receive a request for accessing data from an authenticated user, generate first block information regarding the request by including information on the request and at least one second block information related to the request from among a plurality of second block information stored in the memory, transmit the generated first block information to at least one of a plurality of external apparatuses constituting a block chain, and update the plurality of second block information stored in the memory based on the generated first block information. The plurality of second block information includes information on a block regarding a latest access history by category among a plurality of blocks included in block chain data shared by the plurality of external apparatuses.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for implementing service execution. One of the methods includes receiving a service request sent by a user by a service device. The service device determines a service execution policy that matches the service request based on a predetermined data analysis model and the service request by performing data analysis on a first-type blockchain transaction in a blockchain of each first-type blockchain network of at least two first-type blockchain networks. A service is executed by the service device for the service request based on the service execution policy.

Abstract: A method for secure transmission of a data stream between at least one sender and at least one recipient comprises packetizing the data stream into a plurality of data packets of data bits. Each data packet is split into at least two subpackets and the subpackets are encrypted with a one-time pad stored at the sender. The encrypted subpackets are transmitted to the receiver by transmitting one of the two encrypted subpackets over a first transmission path and transmitting another one of the two encrypted subpackets over a second transmission path wherein the first transmission path is different from the second transmission path. At the receiver, the encrypted subpackets are decrypted using an identical copy of the one-time pad stored at the receiver and the information of the data packet is restored from the at least two subpackets. Furthermore, a system for secure transmission is provided.

Abstract: A side-channel attack resistant circuit topology for performing logic functions. This topology includes combinatorial logic to perform the at least one logic function. A logic input selector alternately supplies, in response to a first timing reference signal, an input to the combinatorial logic with noise generating input values and valid input values. A first latch input selector alternately supplies, in response to the first timing reference signal, a first memory element input with noise generating input values and valid logic output values. The valid logic output values are received from the combinatorial logic. A first memory element latches the valid logic output values in response to a second timing reference signal.

Abstract: A message authenticator generation apparatus (10) generates a message authenticator using a block cipher E having a block size n. A hash function unit (21) calculates a hash value w with a hash function h having an output length longer than n bits, taking as input a message M. A post-processing unit (22) performs calculations using the block cipher E on the hash value w calculated by the hash function unit (21), so as to calculate a message authenticator T not larger than the block size n for the message M.

Abstract: Provided is a data management system capable of properly managing data to undergo masking processing in the secondary use of data. This data storage management system is equipped with a storage unit which stores masked data of real data at a first point in time, and a data control unit which extracts data of a storage area that has not been masked from update data based on first information representing a masked storage area in the masked data and second information representing a masked storage area in the masked data of update data, which is data obtained by updating the real data from the first point in time to a second point in time, extracts data of the masked storage area, from which the same masked data has been removed, from the masked data of the update data, and generates the extracted data as difference data.

Abstract: A method for mutual authentication between user equipment and a communications network. The network includes a mobility management entity and a home subscriber server. The method, implemented by the user equipment, includes: receiving an authentication challenge having an token based on a first index and a first authentication message calculated by the home subscriber server and based on a first sequence number; checking that a condition of a set is true, the set including: the first sequence number is the same as a second sequence number stored in the user equipment, and the first sequence number is the same as a preceding value of the second sequence number and the first index is higher than a second index stored in the client equipment; and calculating and sending, when a condition is true, an authentication result and an authentication message, based on the preceding value of the second sequence number.

Abstract: Plaintext data is encrypted and decrypted using a symmetric encryption algorithm that generates a sequence of pseudorandom values from a cryptographic key. A portion of the sequence of pseudorandom values is discarded. For example, in an embodiment, each value in the sequence of pseudorandom values is truncated by a number of bits. Encryption and decryption is performed by combining plaintext or ciphertext with the truncated sequence of pseudorandom values. In an embodiment, the combination is made by performing a bitwise exclusive or operation between the truncated pseudorandom values and the plaintext or ciphertext. In an embodiment, a number of bits discarded from each value is encoded into a message authentication code which is provided with any resulting ciphertext.

Abstract: Operational n-state digital gates execute Finite Lab-transformed (FLT) n-state switching functions or n-state switching function tables to process n-state signals provided on at least 2 inputs to generate an n-state signal on an output, with n>2, n>3 and n>64. The FLT is an enhancement of a computer architecture. Cryptographic apparatus and methods apply circuits that are characterized by FLT-ed addition and multiplication over finite field GF(n) or by addition and multiplication modulo-n that are modified in accordance with reversible n-state inverters, and are no longer characterized by known operations. Known cryptographic methods executed with novel n-state digital gates include encryption/decryption, public key generation, message digest and Elliptic Curve Cryptography wherein one n-state switching function is replaced by an FLT'ed n-state switching function.

Abstract: A novel code signing system, computer readable media, and method are provided. The code signing method includes receiving a code signing request from a requestor in order to gain access to one or more specific application programming interfaces (APIs). A digital signature is provided to the requestor. The digital signature indicates authorization by a code signing authority for code of the requestor to access the one or more specific APIs. In one example, the digital signature is provided by the code signing authority or a delegate thereof. In another example, the code signing request may include one or more of the following: code, an application, a hash of an application, an abridged version of the application, a transformed version of an application, a command, a command argument, and a library.

Abstract: Presented are software intellectual property (IP) protection systems and methods that prevent potential attackers as well as customers from having access to plain text versions of both library source code and binary code. Potential attackers are prevented from reusing the software on other platforms. The protection mechanism does not impact the functionality or the performance of the library itself and does not interfere with existing software update mechanisms or application developer tools, such as Joint Test Action Group (JTAG).

Abstract: Embodiments of the invention are directed to passing a plurality of communications directly from a merchant to a payment processing network. A first communication may include payment information in an authorization request, while a second transaction may include non-payment transaction data. The communications may be linked with a transaction identifier. In other embodiments, a capture file process is disclosed where capture files are generated by the payment processing network, and transactions are subsequently cleared and settled.

Abstract: A method of manufacturing an apparatus and a method of constructing an integrated circuit are provided. The method of manufacturing an apparatus includes forming the apparatus on a wafer or a package with at least one other apparatus, wherein the apparatus comprises a polynomial generator, a first matrix generator, a second matrix generator, a third matrix generator, and a convolution generator; and testing the apparatus, wherein testing the apparatus comprises testing the apparatus using one or more electrical to optical converters, one or more optical splitters that split an optical signal into two or more optical signals, and one or more optical to electrical converters.

Abstract: A transaction system performs a transaction for a purchase of goods or services. Information about a purchase of goods or services is displayed on a display of a transaction device. The transaction device receives from a user, primary identification data which comprises biometric data that identifies the user. The transaction device receives from the user, secondary identification data which identifies the user. The secondary identification data is in addition to the primary identification data, and the secondary identification is of a different type than the primary identification data. A primary biometric identification parameters database is accessed to verify identification of the user. A secondary identification parameters database is accessed to confirm identification of the user.

Abstract: A Cryptographic Unit (CU) of a microcontroller, the CU including a first accelerator configured to generate first encrypted output data based on input data; and a second accelerator which is configured to be diversely implemented with respect to the first accelerator, and is configured to generate second encrypted output data based on the input data; and a comparator configured to compare a first comparator data obtained from the generation of the first encrypted output data with a second comparator data obtained from the generation of the second encrypted output data, and if the comparison indicates that the first and second comparator data differ, output an event signal pertaining to an event in a safety domain or a security domain.

Abstract: A system includes at least two buses including a first bus and a second bus, an encryption and decryption system corresponding to each bus, at least one signal processing module corresponding to each bus, and a bus converter coupled between the first bus and the second bus. According to the system provided in embodiments of the present invention, because data transmitted on a bus is encrypted data, even though an attacker obtains bus data by means of a probe attack, it is quite difficult to break a key, and an anti-attack capability of the system can be improved.

Abstract: A method and apparatus for reducing a variable number of pre-key bits to a fix key size is disclosed. The resulting key is used with a symmetric block cipher to descramble content. By being able to directly adapt a large and variable number of bits, it is possible to use cryptographic algorithms that were not thought possible, such as the output of modem public key and hashing functions, in order to create a key to directly use with a symmetric block cipher. Some or all of the pre-key bits may be used in the creation of the key.

Abstract: A method for compiling a matrix-product program into an obfuscated-matrix-product program includes receiving a plurality of matrices that form the matrix-product program, randomly generating a set of independent and invertible tensor-product matrices, randomly generating a set of independent and invertible linear-transform matrices, and generating a dynamic-fence-generation gadget by processing at least one of the plurality of matrices, the set of tensor-product matrices and the set of linear-transform matrices. The dynamic-fence-generation gadget is an obfuscated version of computer program represented by the plurality of matrices.

Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.

Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.

Abstract: Examples relate to Input/Output (I/O) data encryption and decryption. In an example, an encryption/decryption engine on an Integrated Circuit (IC) of a computing device obtains at least one plaintext data. Some examples determine, by the encryption/decryption engine, whether the at least one plaintext data is to be sent to a memory in the computing device or to an I/O device. Some examples apply, when the at least one plaintext data is to be sent to the I/O device and by the encryption/decryption engine, an encryption primitive of a block cipher encryption algorithm to the at least one plaintext data to create output encrypted data, wherein an initialization vector that comprises a random number is applied to the encryption primitive.

Abstract: A secure point-of-sale (POS) portal architecture for delivering multiple services is provided. According to one exemplary aspect of the architecture, a number of services offered by various parties are integrated for delivery to merchants. The parties offering the services include, for example, payment processors and merchant acquirers and other external value-added service providers. The integrated services, in turn, are offered to merchants and/or their respective customers via one or more POS devices and its supporting system infrastructure at the merchant locations. The integrated services include, for example, acceptance of multiple payment instruments, payment processing, user dialog management, sales promotion and customer support, loyalty programs, back office processing, receipt capture, employee training, risk management, dispute resolution, system security, system administration etc.

Abstract: The present disclosure relates to a method, in a mobility function (MF) node. The method comprises receiving (S1) information about a mapping to a property, of each of a plurality of radio bearers of a radio device for carrying data traffic between the radio device and a first radio access network (RAN). The method also comprises determining (S2) based on the received (S1) information, that at least one of the radio bearers can be handed over to a second RAN. The method also comprises initiating (S3) a handover command to the radio device instructing the radio device to hand over the at least one radio bearer to the second RAN.

Abstract: The present invention relates to a method for symmetrical encryption or decryption of a data block from a secret key (K), the method comprising steps of: permutation (100) of at least one portion of the secret key (K) by means of a first permutation table (PC1?) so as to produce initial data, execution of several iterations, an iteration comprising steps of: rotation (102) of data dependent on the initial data so as to produce shifted data, permutation (104) of the shifted data by means of a second permutation table (PC2?) so as to produce a round key, execution of a plurality of encryption rounds (200) from the data block, an encryption round (200) using one of the round keys, generation of at least one of the permutation tables (PC1?, PC2?), the generation comprising determination of at least one function (F, G) variable from one encryption or decryption to another, composition of said function (F, G) with a predetermined permutation table (PC1, PC2), application of the inverse of said function (F,

Abstract: Embodiments for a database connector are disclosed. The database connector can encrypt data from an application before storing the data in the database using attribute-based encryption (ABE). The database connector can also decrypt data retrieved from the database using an ABE private key before sending the data to the application. The database connector can generate a logical attribute statement for encryption of data from the application based on attributes, logical relations, and/or relational operators received from the application, directly from a user, or imbedded within rules governing logical attribute statement genesis.

Abstract: Methods and apparatus, including computer program products, are provided for securing data in a multi-tenant cloud-based system. In some implementations, there is provided a method. The method may include requesting access to at least one encrypted data element; obtaining, in response to the requesting, a long bit stream assigned to a client associated with the requested access; generating a key to decrypt the at least one data element, the key generated by selecting, based on a permutation, portions of the long bit stream; and decrypting, based on the generated key, the at least one data element. Related systems, methods, and articles of manufacture are also disclosed.

Abstract: A method for validating an interaction is disclosed. A first interaction cryptogram can be generated by a first device using information about a first party to the interaction and a second party to the interaction. A second interaction cryptogram can be generated by a second device also using information about the first party to the interaction and the second party to the interaction. Verifying each cryptogram can validate that the interaction details have not been changed, and that both the first party and second party legitimately authorized the interaction.

Abstract: System and methods for generating round keys for a cryptographic operation are disclosed. The systems and method can use logic circuits that are operable to: obtain first inputs and second inputs; perform a bit-mixer operation on each of the first inputs and the second inputs; and generate round keys based on the performing the bit-mixer operation. The first inputs include a plurality of equal sized subkeys from a key material that is divided into a plurality of equal sized key material sub-blocks, a cipher key and the second inputs include a random input, one or more previous round keys, a round number. The cryptographic operation includes a cipher, a hash function, or a stream generator. The bit-mixer operation includes an exclusive-OR (XOR) tree, a substitution-permutation network, or a double-mix Feistel network, or a Rotate-Add-XOR (RAX) construction.

Abstract: A CPU package includes an encryption and decryption module disposed in a communication path between an instruction path of a processor core and a data register that is externally accessible through a debug port, and a key store accessible to the module. The module is configured to encrypt and store data in the data register for each of a plurality of processes being handled in the instruction path, wherein data owned by each process is encrypted and decrypted by the module using an encryption key assigned to the process. The key store is configured to store the encryption key assigned to each of a plurality of processes, wherein the key store is inaccessible outside the CPU package. The data is only decrypted for a requesting process having a process identifier that matches the process identifier stored in the processor data structure along with the requested data.

Abstract: Technologies for dynamically protecting memory of the mobile compute device include a main memory, a location sensor that produces sensor data indicative of a present location of the mobile compute device, a sensor hub communicatively coupled to the location sensor, and a security engine communicatively coupled to the sensor hub. The sensor hub determines a present location security zone of the mobile compute device based on the present location of the mobile compute device and a geofence policy, which maps locations to location security zones. The security engine encrypts the main memory of the mobile compute device and determines whether the present location security zone has changed relative to a most-previous location security zone of the mobile compute device. If the present location security zone has changed to a safe zone, the security engine decrypts the main memory.

Abstract: The disclosure provides for two or more devices that securitize transmission(s) transmitted to and received from these devices comprising at least one executable coded cipher key(s), at least one executable coded encryption key (ECEK) device that encrypts transmission(s) that uses executable cipher coded key(s), and at least one executable coded decryption key (ECDK) device that decrypts transmission(s) and that also uses at least one executable coded cipher key(s), such that transmission(s) are sent to an encrypter/decrypter memory that stores transmission(s) while the transmission(s) is encrypted and/or decrypted. When encryption/decryption is completed, the transmission(s) is sent to at least one transmitter such that encryption/decryption of the transmission(s) is controlled and manipulated by the executable coded cipher key(s), wherein the executable coded cipher key(s) remain in the computer memory long enough to achieve encryption/decryption completion.

Abstract: A secure computing device, including: a processor configured to carry out a secure operation; a memory in communication with the processer configured to store secure data; and a memory controller configured control storage of data in the memory and reading data from the memory, wherein the secure data is split into shares before being stored in the memory and wherein the memory controller is configured to: apply a masking storage transform (MST) to one of the shares to produce a masked share before storing the shares in the memory, wherein the MST is a permutation without a fixed point; apply an inverse MST to the masked share when reading the shares from the memory; and combine the read shares to reconstruct the secure data.