公开(公告)号：US20240061942A1

公开(公告)日：2024-02-22

申请号：US18496315

申请日：2023-10-27

Applicant: Intel Corporation

Inventor： Reuven Elbaum ,  Gyora Benedek ,  Avinash L. Varna ,  David Novick

IPC: G06F21/60 ,  H04L9/32

CPC classification number: G06F21/602 ,  H04L9/3236

Abstract: An apparatus is described including cryptography circuitry to generate authentication tags to provide integrity protection for plaintext and ciphertext.

公开(公告)号：US20190220602A1

公开(公告)日：2019-07-18

申请号：US16368647

申请日：2019-03-28

Applicant: Intel Corporation

Inventor： Xiaoyu Ruan ,  William A. Stevens, JR. ,  David Novick

IPC: G06F21/57 ,  G06F8/654 ,  G06F21/64

CPC classification number: G06F21/572 ,  G06F8/654 ,  G06F21/575 ,  G06F21/64

Abstract: Embodiments described herein enable independently recoverable security for processor and peripheral communication, enabling a processor without native non-volatile memory to generate and recover credentials in response to a firmware update. The processor and peripheral can each have credentials burned into secure fuses. The processor can derive a shared secret from the secure fuses using security attributes that are based on the security version number of firmware within the processor and the peripherals to which the processor is to security communicate. The processor and peripherals can generate ephemeral session keys from the shared secret and nonces. The ephemeral session keys can be used to secure communications between the processor and the peripherals.

公开(公告)号：US20210374256A1

公开(公告)日：2021-12-02

申请号：US17401459

申请日：2021-08-13

Applicant: Intel Corporation

Inventor： Reuven Elbaum ,  Gyora Benedek ,  Avinash L. Varna ,  David Novick

IPC: G06F21/60 ,  H04L9/32

Abstract: An apparatus is described including cryptography circuitry to generate authentication tags to provide integrity protection for plaintext and ciphertext.

公开(公告)号：US11030317B2

公开(公告)日：2021-06-08

申请号：US16368647

申请日：2019-03-28

Applicant: Intel Corporation

Inventor： Xiaoyu Ruan ,  William A. Stevens, Jr. ,  David Novick

IPC: G06F21/73 ,  G06F21/64 ,  G06F21/57 ,  G06F8/654 ,  G06F9/44 ,  G06F8/60

Abstract: Embodiments described herein enable independently recoverable security for processor and peripheral communication, enabling a processor without native non-volatile memory to generate and recover credentials in response to a firmware update. The processor and peripheral can each have credentials burned into secure fuses. The processor can derive a shared secret from the secure fuses using security attributes that are based on the security version number of firmware within the processor and the peripherals to which the processor is to security communicate. The processor and peripherals can generate ephemeral session keys from the shared secret and nonces. The ephemeral session keys can be used to secure communications between the processor and the peripherals.

公开(公告)号：US12299143B2

公开(公告)日：2025-05-13

申请号：US18496315

申请日：2023-10-27

Applicant: Intel Corporation

Inventor： Reuven Elbaum ,  Gyora Benedek ,  Avinash L. Varna ,  David Novick

IPC: G06F21/00 ,  G06F21/60 ,  H04L9/32

Abstract: An apparatus is described including cryptography circuitry to generate authentication tags to provide integrity protection for plaintext and ciphertext.

公开(公告)号：US11579897B2

公开(公告)日：2023-02-14

申请号：US17442541

申请日：2020-09-25

Applicant: Intel Corporation

Inventor： Katalin Klara Bartfai-Walcott ,  Arkadiusz Berent ,  Vasuki Chilukuri ,  Mark Baldwin ,  Vasudevan Srinivasan ,  Naresh Sehgal ,  David Novick ,  Bartosz Gotowalski

IPC: H04L9/40 ,  G06F9/445 ,  G06F21/10 ,  H04L9/32 ,  G06F11/30 ,  G06Q10/087 ,  G06Q30/04

Abstract: Methods, apparatus, systems and articles of manufacture (e.g., physical storage media) for software defined silicon security are disclosed. Example apparatus include a trusted agent determiner to (i) determine respective reputation scores associated with a plurality of agents in a mesh network, the plurality of agents associated with a plurality of semiconductor devices, respective ones of the semiconductor devices including circuitry configurable to provide one or more features, and (ii) select, based on the respective reputation scores, a first agent from the plurality of the agents to transmit a request to activate or deactivate at least one of the one or more features. Example apparatus also include an agent interface to, in response to the request, broadcast an activation or deactivation of the least one of the one or more features to the mesh network to cause the trusted agent determiner to update the reputation score of the first agent.

公开(公告)号：US11194933B2

公开(公告)日：2021-12-07

申请号：US16431153

申请日：2019-06-04

Applicant: Intel Corporation

Inventor： Yaacov Belenky ,  Gyora Benedek ,  Reuven Elbaum ,  David Novick ,  Elad Peer ,  Chaim Shen-Orr ,  Yonatan Shlomovich

IPC: H04L29/06 ,  G06F21/72 ,  H04L9/08 ,  G06F21/60 ,  G06F21/56 ,  H04L9/06 ,  H04L9/00

Abstract: The present disclosure is directed to systems and methods to protect against SCA and fault injection attacks through the use of a temporary or ephemeral key to cryptographically alter input data portions. Universal resistant block (URB) circuitry receives a seed data value and a at least one secret key data value and generates an ephemeral key output data value. Cryptographic circuitry uses the ephemeral key data value to transform an input data portion to produce an transformed output data portion. The use of an SCA or fault injection attack on the transformed output data portion will reveal only the ephemeral key data value and not the at least one secret key data value. Further, where a unique ephemeral key data value is used to transform each input data portion, an attacker cannot discover the ephemeral key in a piecemeal manner and must instead discover the complete ephemeral key data value—significantly increasing the difficulty of performing a successful SCA or fault injection attack.

公开(公告)号：US11816229B2

公开(公告)日：2023-11-14

申请号：US17401459

申请日：2021-08-13

Applicant: Intel Corporation

Inventor： Reuven Elbaum ,  Gyora Benedek ,  Avinash L. Varna ,  David Novick

IPC: G06F21/00 ,  G06F21/60 ,  H04L9/32

CPC classification number: G06F21/602 ,  H04L9/3236

Abstract: An apparatus is described including cryptography circuitry to generate authentication tags to provide integrity protection for plaintext and ciphertext.

公开(公告)号：US20220100823A1

公开(公告)日：2022-03-31

申请号：US17442541

申请日：2020-09-25

Applicant: Intel Corporation

Inventor： Katalin Klara Bartfai-Walcott ,  Arkadiusz Berent ,  Vasuki Chilukuri ,  Mark Baldwin ,  Vasudevan Srinivasan ,  Naresh Sehgal ,  David Novick ,  Bartosz Gotowalski

IPC: G06F21/10 ,  H04L9/32 ,  G06Q30/04 ,  G06Q10/08

Abstract: Methods, apparatus, systems and articles of manufacture (e.g., physical storage media) for software defined silicon security are disclosed. Example apparatus include a trusted agent determiner to (i) determine respective reputation scores associated with a plurality of agents in a mesh network, the plurality of agents associated with a plurality of semiconductor devices, respective ones of the semiconductor devices including circuitry configurable to provide one or more features, and (ii) select, based on the respective reputation scores, a first agent from the plurality of the agents to transmit a request to activate or deactivate at least one of the one or more features. Example apparatus also include an agent interface to, in response to the request, broadcast an activation or deactivation of the least one of the one or more features to the mesh network to cause the trusted agent determiner to update the reputation score of the first agent.