公开(公告)号：US20240211268A1

公开(公告)日：2024-06-27

申请号：US18145801

申请日：2022-12-22

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Christoph Dobraunig ,  Manoj Sastry

IPC: G06F9/38 ,  G06F9/30

CPC classification number: G06F9/3885 ,  G06F9/3016 ,  G06F9/3802

Abstract: A method comprises fetching, by fetch circuitry, an encoded XOR3P instruction comprising at least one opcode, a first source identifier to identify a first register, a second source identifier to identify a second register, a third source identifier to identifier a third register, and a fourth source identifier to identify a fourth operand, wherein the first register is to store a first value, the second register is to store a second value, and the third register is to store a third value, decoding, by decode circuitry, the encoded XOR3PP instruction to generate a decoded XOR3PP instruction; and executing, by execution circuitry, the decoded XOR3PP instruction to determine a first rotational value and a second rotational value, perform a rotate operation on at least a portion of the first value based on the first rotational value to generate a rotated third value, perform an XOR operation on at least a portion of the first value, at least a portion of the second value, and the rotated third value to generate an XOR result, perform a rotate operation on the XOR result based on the second rotational value to generate a rotated XOR; and store the rotated XOR result.

公开(公告)号：US20240211253A1

公开(公告)日：2024-06-27

申请号：US18145744

申请日：2022-12-22

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Christoph Dobraunig ,  Manoj Sastry ,  Andrew H. Reinders ,  Regev Shemy ,  Qian Wang ,  Rotem Ohana Peretz ,  Wing Shek Wong ,  Wajdi Feghali

IPC: G06F9/30 ,  G06F9/38

CPC classification number: G06F9/30029 ,  G06F9/3016 ,  G06F9/3802

Abstract: A method comprises fetching, by fetch circuitry, an encoded parity instruction comprising at least one opcode, a first source identifier for a first source, a second source identifier for a second source, a third source identifier for a third source, and a destination identifier for a destination, decoding, by decode circuitry, the encoded parity instruction to generate a decoded parity instruction; and executing, by execution circuitry, the decoded parity instruction to retrieve operands representing a first register from the first source, a second register from the second source, a third register from the third source, and an index from the third source, perform an XOR operation of four words of data from the first register and single word of data from the second register in a position represented by the index to generate a parity value, and store the parity value in a the first register in a position represented by the index.

公开(公告)号：US11940888B2

公开(公告)日：2024-03-26

申请号：US17447600

申请日：2021-09-14

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Marcio Juliato ,  Manoj R. Sastry

IPC: G06F11/27 ,  G06F11/22 ,  H04L9/00 ,  H04L9/30 ,  H04L9/32

CPC classification number: G06F11/27 ,  G06F11/2236 ,  H04L9/004 ,  H04L9/3066 ,  H04L9/3252 ,  H04L2209/84

Abstract: A data processing system includes technology for detecting and tolerating faults. The data processing system comprises an electronic control unit (ECU) with a processing core and a fault-tolerant elliptic curve digital signature algorithm (ECDSA) engine. The fault-tolerant ECDSA engine comprises multiple verification state machines (VSMs). The data processing system also comprises nonvolatile storage in communication with the processing core and ECU software in the nonvolatile storage. The ECU software, when executed, enables the data processing system to operate as a node in a distributed data processing system, including receiving digitally signed messages from other nodes in the distributed data processing system. The ECU further comprises a known-answer built-in self-test unit (KA-BISTU). Also, the ECU software comprises fault-tolerant ECDSA engine (FTEE) management software which, when executed by the processing core, utilizes the KA-BISTU to periodically test the fault-tolerant ECDSA engine for faults. Other embodiments are described and claimed.

公开(公告)号：US11863569B2

公开(公告)日：2024-01-02

申请号：US17529020

申请日：2021-11-17

Applicant: Intel Corporation

Inventor： Marcio Rogerio Juliato ,  Shabbir Ahmed ,  Santosh Ghosh ,  Christopher Gutierrez ,  Manoj R. Sastry

IPC: H04L29/06 ,  H04L12/40 ,  H04L9/40

CPC classification number: H04L63/1416 ,  H04L12/40 ,  H04L12/40136 ,  H04L63/1466 ,  H04L2012/40215

Abstract: Various systems and methods for bus-off attack detection are described herein. An electronic device for bus-off attack detection and prevention includes bus-off prevention circuitry coupled to a protected node on a bus, the bus-off prevention circuitry to: detect a transmitted message from the protected node to the bus; detect a bit mismatch of the transmitted message on the bus; suspend further transmissions from the protected node while the bus is analyzed; determine whether the bit mismatch represents a bus fault or an active attack against the protected node; and signal the protected node indicating whether a fault has occurred.

公开(公告)号：US11838411B2

公开(公告)日：2023-12-05

申请号：US18068663

申请日：2022-12-20

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Luis Kida ,  Reshma Lal

IPC: H04L9/08 ,  H04L9/06

CPC classification number: H04L9/088 ,  H04L9/0618

Abstract: Technologies for secure data transfer of MMIO data between a processor and an accelerator. A MIMO security engine includes a first permutation cipher pipeline to defuse a count and a key into a permutation state; a first exclusive-OR (XOR) to generate ciphertext data from 64-bits of the new permutation state; and plaintext data; a concatenator to concatenate the plaintext data and additional authenticated data (AAD) to produce a concatenation result; a second XOR to generate an XOR result from the concatenation result and the latest permutation state; and a second permutation pipeline to generate an authentication tag of the XOR result and the key.

公开(公告)号：US11792004B2

公开(公告)日：2023-10-17

申请号：US17478579

申请日：2021-09-17

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Manoj Sastry

IPC: H04L9/30 ,  G06F7/487 ,  G06F7/53 ,  H04L9/08

CPC classification number: H04L9/3026 ,  G06F7/4876 ,  G06F7/53 ,  H04L9/0869 ,  H04L9/3093

Abstract: Polynomial multiplication for side-channel protection in cryptography is described. An example of an apparatus includes one or more processors to process data; a memory to store data; and polynomial multiplier circuitry to multiply a first polynomial by a second polynomial, the first polynomial and the second polynomial each including a plurality of coefficients, the polynomial multiplier circuitry including a set of multiplier circuitry, wherein the polynomial multiplier circuitry is to select a first coefficient of the first polynomial for processing, and multiply the first coefficient of the first polynomial by all of the plurality of coefficients of the second polynomial in parallel using the set of multiplier circuits.

公开(公告)号：US11770262B2

公开(公告)日：2023-09-26

申请号：US17568919

申请日：2022-01-05

Applicant: Intel Corporation

Inventor： Rafael Misoczki ,  Vikram Suresh ,  Santosh Ghosh ,  Manoj Sastry ,  Sanu Mathew ,  Raghavan Kumar

IPC: H04L9/08 ,  H04L9/00 ,  H04L9/32

CPC classification number: H04L9/3247 ,  H04L9/085 ,  H04L9/0852 ,  H04L9/50

Abstract: In one example an apparatus comprises a computer-readable memory, signature logic to compute a message hash of an input message using a secure hash algorithm, process the message hash to generate an array of secret key components for the input message, apply a hash chain function to the array of secret key components to generate an array of signature components, the hash chain function comprising a series of even-index hash chains and a series of odd-index hash chains, wherein the even-index hash chains and the odd-index hash chains generate a plurality of intermediate node values and a one-time public key component between the secret key components and the signature components and store at least some of the intermediate node values in the computer-readable memory for use in one or more subsequent signature operations. Other examples may be described.

公开(公告)号：US11704297B2

公开(公告)日：2023-07-18

申请号：US17868467

申请日：2022-07-19

Applicant: Intel Corporation

Inventor： Michael E. Kounavis ,  Santosh Ghosh ,  Sergej Deutsch ,  Michael LeMay ,  David M. Durham

IPC: G06F16/22 ,  G06F16/2457 ,  G06F16/2455 ,  G06F9/38 ,  G06F21/60 ,  G06F21/62 ,  H03M13/00

CPC classification number: G06F16/2255 ,  G06F9/3885 ,  G06F16/24552 ,  G06F16/24573 ,  G06F21/602 ,  G06F21/6218 ,  H03M13/6516

Abstract: Embodiments are directed to collision-free hashing for accessing cryptographic computing metadata and for cache expansion. An embodiment of an apparatus includes one or more processors to: receive a physical address; compute a set of hash functions using a set of different indexes corresponding to the set of hash functions, wherein the set of hash functions combine additions, bit-level reordering, bit-linear mixing, and wide substitutions, wherein the plurality of hash functions differ in the bit-linear mixing; access a plurality of cache units utilizing the set of hash functions; read different sets of the plurality of cache units in parallel, where a set of the different sets is obtained from each cache unit of the plurality of cache units; and responsive to the physical address being located one of the different sets, return cache line data of the set corresponding to the set of the cache unit having the physical address.

公开(公告)号：US20230185905A1

公开(公告)日：2023-06-15

申请号：US18066913

申请日：2022-12-15

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Avinash L. Varna ,  Reuven Elbaum ,  Manoj Sastry

IPC: G06F21/55

CPC classification number: G06F21/55 ,  G06F2221/034

Abstract: Protection of authentication tag computation against power and electromagnetic side-channel attacks is described. An example of one or more storage mediums includes instructions for performing a process for calculation of an authentication tag for a data encryption operation, including generating one or more random values; receiving multiple data blocks for calculation, and performing calculation utilizing the received data blocks and the one or more random values to generate intermediate values; performing a data accumulation operation to accumulate random values in calculation of the data blocks; and calculating the authentication tag based at least in part on the generated intermediate values and the accumulated random values.

公开(公告)号：US20230117518A1

公开(公告)日：2023-04-20

申请号：US18068663

申请日：2022-12-20

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Luis Kida ,  Reshma Lal

IPC: H04L9/08 ,  H04L9/06

Abstract: Technologies for secure data transfer of MMIO data between a processor and an accelerator. A MIMO security engine includes a first permutation cipher pipeline to defuse a count and a key into a permutation state; a first exclusive-OR (XOR) to generate ciphertext data from 64-bits of the new permutation state; and plaintext data; a concatenator to concatenate the plaintext data and additional authenticated data (AAD) to produce a concatenation result; a second XOR to generate an XOR result from the concatenation result and the latest permutation state; and a second permutation pipeline to generate an authentication tag of the XOR result and the key.