466 results about "Side channel attack" patented technology

An elliptic curve cryptography method which generates a public key for use in a communication encryption using an elliptic curve, including: changing a number of a secret key (d) of (k) bits to an odd number; encoding the secret key to yield an encoded secret key (d) in which a most significant bit (MSB) is (1) and a rest positional number is (1) or (−1); and computing the public key (Q=Dp) by multiplying the encoded secret key (d) by a predetermined point (P) on the elliptic curve by a scalar multiplication.

Embodiments of an invention for protecting a secure boot process against side channel attacks are disclosed. In one embodiment, an apparatus includes cryptography hardware, a non-volatile memory, a comparator, and control logic. The cryptography hardware is to operate during a first boot process. The non-volatile memory includes a storage location in which to store a count of tampered boots. The comparator is to perform a comparison of the count of tampered boots to a limit. The control logic is to, based on the first comparison, transfer control of the apparatus from the first boot process to a second boot process.

A system for encrypted communication with external entities is configured to frustrate side channel attacks attempting to determine an encryption key. The system has a device with an encryption key stored in memory, an external entity with identity data for transmission to the device to initiate communication such that in response the device applies a one way function to the encryption key and the identity data to generate a variant key used to authenticate communications between the device and the external entity. The device is configured to limit the number of times the encryption key is allowed to be retrieved from the first memory to a pre-determined threshold.

Provided is a side channel attack tolerance evaluation device capable of evaluating the propriety of the estimation of an encryption algorism, processing timing, and determination of a processing sequence of the encryption algorism using side channel information. The side channel attack tolerance evaluation device, which performs evaluation of tolerance to a side channel attack by using side channel information leaking from an encryption device, is provided with a storage unit (character data storage device), a measurement unit (side channel information measurement device), and a processing unit (side channel attack tolerance evaluation unit). The storage unit stores side channel information that has been previously acquired by executing a predetermined encryption algorithm in an encryption device or information obtained by applying predetermined processing to the side channel information. The measurement unit measures the side channel information generated from an encryption device to be evaluated. The processing unit calculates a correlation value between the side channel information acquired by the measurement unit and character data stored in the storage unit to determine the propriety of tolerance of the encryption device to be evaluated to the side channel attack.

A side channel attack utilizes information gained from the physical implementation of a cryptosystem. Software and hardware-based systems and methods for preventing side channel attacks are presented. Cryptographic hardware may introduce dummy operations to compensate for conditional math operations in certain functions such as modular exponentiation. Cryptographic hardware may also introduce random stalls of the data path to introduce alterations in the power profile for the operation. A cryptographic function may be mapped to a micro code sequence having a plurality of instructions. Firmware in the cryptosystem may alter the micro code sequence by altering the order of instructions, add dummy operations in the micro code sequence, break the micro code sequence into multiple sub micro code sequences and / or change the register location for source and destination operands used in the sequence. These alterations are designed to randomly change the timing and power profile of the requested function.

The invention discloses a resisting method of a circuit on the side channel attack based on the pseudo-operation, and belongs to the technical field of computer security. A round secret key sequence is composed by m pseudo-round secret keys and one real-round secret key to conduct the first round SMS4 encrypting calculation, a second round SMS4 encrypting calculation is conducted on the result of the first round SMS4 encrypting calculation with the participation of the real-round secret key, and a ciphertext is acquired. According to the resisting method of the circuit on the side channel attack based on the pseudo-operation, the position of the generated first round SMS4 encrypting calculation is random, and an attacker cannot align with a power-consumption curve, so that the attack cannot be realized; in addition, compared with an unprotected circuit, the energy consumption cannot exceed the two times of the original energy consumption.