# NBS/DES algorithm

## Subclass of:

## 380 - Cryptography

## 380028000 - PARTICULAR ALGORITHMIC FUNCTION ENCODING

### Patent class list (only not empty are listed)

#### Deeper subclasses:

Class / Patent application number | Description | Number of patent applications / Date published |
---|---|---|

380029000 | NBS/DES algorithm | 64 |

20090168996 | DESCRAMBLER - According to one embodiment of the invention, the descrambler IC comprises a local memory to store a unique key and a plurality of process blocks. A first process block performs cryptographic operations on a first mating key generator using the unique key in order to produce a first key. A second process block uses the first key to perform cryptographic operations on a second mating key generator in order to produce a second key. Using the first key and the second key, a third process block decrypts a first encrypted descrambling key in order to recover a first descrambling key and a fourth process block decrypts a second encrypted descrambling key to recover a second descrambling key. The descrambler IC includes a descrambler to descramble the scrambled digital content using both the first descrambling key and the second descrambling key in order to produce digital content in a clear format. | 07-02-2009 |

20100002874 | INFORMATION PROCESSING APPARATUS AND METHOD - The present invention relates to an information apparatus and method suitable for use in upgrading control programs readily by a user. In step S | 01-07-2010 |

20100040226 | DEVICE, PROGRAM AND METHOD FOR GENERATING HASH VALUES - The invention aims to provide a hash function whose safety can be evaluated. To achieve this, a message that is input to a message blocking unit | 02-18-2010 |

20090279696 | SYSTEM AND METHOD OF PERFORMING AUTHENTICATION - Disclosed herein are systems, method and computer readable medium for providing authentication of an entity B by an entity A. In the method, entity A selects a value p, a range [a, b] and a granularity epsilon. Entity A sends p, [a, b], and epsilon to entity B. Entity B initializes a value y | 11-12-2009 |

20090279695 | ARRANGEMENT FOR AND METHOD OF PROTECTING A DATA PROCESSING DEVICE AGAINST E[LECTRO] M[AGNETIC] RADIATION ATTACKS - In order to further develop an arrangement for as well as a method of protecting at least one data processing device, in particular at least one embedded system, for example at least one chip card or smart card, against at least one attack, in particular against at least one E[lectro]M[agnetic] radiation attack, the data processing device comprising at least one integrated circuit carrying out calculations, in particular cryptographic operations, wherein E[lectro]M[agnetic] radiation attacks targeted on finding out a private key are to be securely averted, it is proposed to check said calculations with at least one F-proof. | 11-12-2009 |

20100246815 | APPARATUS AND METHOD FOR IMPLEMENTING INSTRUCTION SUPPORT FOR THE KASUMI CIPHER ALGORITHM - A processor including instruction support for implementing the Kasumi block cipher algorithm may issue, for execution, programmer-selectable instructions from a defined instruction set architecture (ISA). The processor may include a cryptographic unit that may receive instructions for execution. The instructions include one or more Kasumi instructions defined within the ISA. In addition, the Kasumi instructions may be executable by the cryptographic unit to implement portions of a Kasumi cipher that is compliant with 3 | 09-30-2010 |

20100246814 | APPARATUS AND METHOD FOR IMPLEMENTING INSTRUCTION SUPPORT FOR THE DATA ENCRYPTION STANDARD (DES) ALGORITHM - A processor including instruction support for implementing the Data Encryption Standard (DES) block cipher algorithm may issue, for execution, programmer-selectable instructions from a defined instruction set architecture (ISA). The processor may include a cryptographic unit that may receive instructions for execution. The instructions include one or more DES instructions defined within the ISA. In addition, the DES instructions may be executable by the cryptographic unit to implement portions of an DES cipher that is compliant with Federal Information Processing Standards Publication 46-3 (FIPS 46-3). In response to receiving a DES key expansion instruction defined within the ISA, the cryptographic unit may generate one or more expanded cipher keys of the DES cipher key schedule from an input key. | 09-30-2010 |

20100166176 | Elliptical polynomial-based message authentication code - The elliptic-polynomial based Message Authentication Code (MAC) provides MAC generation methods based on the elliptic polynomial discrete logarithm problem. It is well known that an elliptic polynomial discrete logarithm problem is a computationally “difficult” or “hard” problem. The methods use both an elliptic polynomial polynomial and its twist, even if the polynomial and its twist are not isomorphic. Since both the polynomial and its twist are used, multiple x- and y-coordinates can be used to embed bit strings into a point that satisfies the elliptic polynomial, and the embedding process is non-iterative, so that the time required to embed the bit string is independent of the bit string content. | 07-01-2010 |

20090161864 | BLOCK CIPHER ARIA SUBSTITUTION APPARATUS AND METHOD - A block cipher ARIA substitution apparatus, the apparatus includes a first Sbox operation unit for performing operations of a substitution box S | 06-25-2009 |

20090245510 | BLOCK CIPHER WITH SECURITY INTRINSIC ASPECTS - A block cipher or other cryptographic process intended to be efficiently implemented in hardware (circuitry) includes an s-box (substitution operation) which does not require a look up table, but may be implemented solely with Boolean logic operations (logic gates). Also provided is an associated key scheduling process. | 10-01-2009 |

20100220853 | Method and Apparatus for Compound Hashing Via Iteration - A method and apparatus for a system and process for generating a hashing value using any number of cryptographic hashing functions. The hashing process receives an input value to be hashed. The input value is cyptographically hashed and augmented. The augmented value is then cryptographically hashed. The process then iteratively applies a set of non-linear functions to these values. Each iteration maintaining a ‘left half’ and ‘right half.’ After the last iteration, the left and right portions are concatenated to form a hash value that is output. | 09-02-2010 |

20090207998 | DETERMINING UNIQUE MATERIAL IDENTIFIER NUMBERS USING CHECKSUM VALUES - A system and method for determining unique material identifier numbers using checksum values are disclosed herein. The system and method involves providing a set of data, loading the set of data into at least one processor, using at least one algorithm with at least one processor to calculate a checksum value based on the data content of the set of data, and using the checksum value as the unique material identifier number for the set of data. In some embodiments, at least one algorithm is a Message-Digest algorithm 5 (MD5) and/or a Secure Hash Algorithm (SHA) hash function. In one or more embodiments, the set of data may be a data set from a single digital picture file, a data set from a single digital audio file, and/or any data set generated by nature. | 08-20-2009 |

20090034719 | Des Hardware Throughput for Short Operations - A symmetric key cryptographic method is provided for short operations. The method includes batching a plurality of operation parameters ( | 02-05-2009 |

20090034718 | ENCRYPTION APPARATUS AND METHOD THEREFOR - A modified implementation of the Kasumi algorithm executes on a 32-bit processor using full 32-bit operations. The implementation comprises a series of four rounds, each round including an intermediate sub-function executed between two executions of an FL sub-function. The intermediate sub-function is functionally equivalent to two consecutive | 02-05-2009 |

20100086127 | EFFICIENT IMPLEMENTATION OF ARITHMETICAL SECURE HASH TECHNIQUES - An apparatus including an initialization circuit and a hash computation circuit. The initialization circuit may be configured to present a number of initialization values. The hash computation circuit may be configured to generate hash values for the message in response to the padded message blocks and the initialization values. The hash computation circuit generally performs a diagonal cut technique that simultaneously uses values from a plurality of different cycle rounds in a single cycle round analog. | 04-08-2010 |

20080285745 | Processor for Executing an Aes-Type Algorithm - A processor for executing a Rijndeal algorithm which applies a plurality of encryption rounds to a data block array in order to obtain an array of identical size, each round involving a key block array and a data block substitution table, wherein said processor comprises: a first input register ( | 11-20-2008 |

20080285746 | Computationally Asymmetric Cryptographic Systems; - This invention is generally concerned with methods, apparatus and computer program code for a computationally asymmetric hash function, in particular for use with symmetric cryptographic algorithms. We describe a method of determining a computationally asymmetric hash function value, the method including: receiving input data to be hashed; computing an asymmetric value from said input data, said asymmetric value being computable by two methods, a first method employing at least one first parameter and a second method employing at least one second parameter, computation of said asymmetric value by said second method being faster than by said first method; and determining a computationally asymmetric hash function value using said asymmetric value. We also describe methods of providing a computationally asymmetric electronic signature from a symmetric cryptographic signature. | 11-20-2008 |

20080285744 | Block Ciphering System, Using Permutations to Hide the Core Ciphering Function of Each Encryption Round - In a system ( | 11-20-2008 |

20080310623 | SECURING DIGITAL CONTENT SYSTEM AND METHOD - A system and method of encrypting digital content in a digital container and securely locking the encrypted content to a particular user and/or computer or other computing device is provided. The system uses a token-based authentication and authorization procedure and involves the use of an authentication/authorization server. This system provides a high level of encryption security equivalent to that provided by public key/asymmetric cryptography without the complexity and expense of the associated PKI infrastructure. The system enjoys the simplicity and ease of use of single key/symmetric cryptography without the risk inherent in passing unsecured hidden keys. The secured digital container when locked to a user or user's device may not open or permit access to the contents if the digital container is transferred to another user's device. The digital container provides a secure technique of distributing electronic content such as videos, text, data, photos, financial data, sales solicitations, or the like. | 12-18-2008 |

20080310622 | E-FUSES FOR STORING SECURITY VERSION DATA - Methods and devices that may be utilized in systems to dynamically update a security version parameter used to encrypt secure data are provided. The version may be maintained in persistent storage located on a device implementing the encryption, such as a system on a chip (SOC). The persistent storage does not require battery backing and, thus, the cost and complexity associated with conventional systems utilizing battery backed storage may be reduced. | 12-18-2008 |

20100142702 | Kasumi Cipher Executable Instructions and Circuitry - Logic circuitry and corresponding software instructions for performing functions within the FL function of a Kasumi cipher. An RLAX logic circuit includes a bit-wise AND function, a reorder bus, and a bit-wise exclusive-OR function for generating a destination word from corresponding logic functions of portions of first and second operands, in executing an RLAX program instruction. An RLOX logic circuit includes a bit-wise OR function, a reorder bus, and a bit-wise exclusive-OR function for generating a destination word from corresponding logic functions of portions of first and second operands, in executing an RLOX program instruction. Plural instances of the logic circuits can be implemented in parallel, to simultaneously operate upon plural data blocks. | 06-10-2010 |

20090052659 | METHOD AND APPARATUS FOR GENERATING AN ADVANCED ENCRYPTION STANDARD (AES) KEY SCHEDULE - An Advanced Encryption Standard (AES) key generation assist instruction is provided. The AES key generation assist instruction assists in generating round keys used to perform AES encryption and decryption operations. The AES key generation instruction operates independent of the size of the cipher key and performs key generation operations in parallel on four 32-bit words thereby increasing the speed at which the round keys are generated. This instruction is easy to use in software. Hardware implementation of this instruction removes potential threats of software (cache access based) side channel attacks on this part of the AES algorithm. | 02-26-2009 |

20080292099 | Two Non-Orthogonal States Quantum Cryptography Method and Apparatus with Inter-and Inter-Qubit Interference for Eavesdropper Detection - An apparatus and method for implementing a secure quantum cryptography system using two non-orthogonal states. For each qubit, the to emitter station prepares a quantum system in one of two non-orthogonal quantum states in the time-basis to code bit values. Intra- and inter-qubit interference is then used to reveal eavesdropping attempts. Witness states are used to help reveal attacks performed across the quantum system separation. | 11-27-2008 |

20090220073 | TRANSPARENT PROTOCOL INDEPENDENT DATA COMPRESSION AND ENCRYPTION - A network interface includes at least one physical memory, at least one client port, at least one processor accessing the at least one physical memory, and at least one network port. The client port receives data blocks which contain a quantity of bits from at least one first client computer system. The processor temporarily stores the data blocks in the at least one physical memory. The processor interacts with the physical memory and compresses the data blocks to reduce the quantity of bits. The processor further interacts with the physical memory such that the compressed data blocks are encrypted to produce encrypted frames. The at least one network port transmits the encrypted frames across a communication network. | 09-03-2009 |

20090257582 | Block-based stream encryption/decryption processing method - A block-based stream encryption/decryption processing method for applying a matrix architecture of diffusion algebra includes the steps of (a) selecting a private key and a pairing private key; (b) selecting a plaintext and multiplying the plaintext with the private key to produce a ciphertext; (c) multiplying the ciphertext with the pairing private key to obtain the plaintext; and (d) repeating the steps (b) and (c) to produce encrypted or decrypted block streams. | 10-15-2009 |

20100290617 | SECURE OUTSOURCED AGGREGATION WITH ONE-WAY CHAINS - Secure outsourced aggregation of data using one-way chains is discussed in this application. Each input data source such as a sensor generates a Verifiable Synopsis (“VS”) which includes sensor data, an Inflation Free Proof (“IFP”) generated using a cryptographic function and a Self-Authenticating Value (“SEAL”) chain generated using a one-way function. An aggregator takes a plurality VSs from multiple data sources and aggregates them together into one. Maximum value, top-k, count, count distinct, sum, average, and other aggregate functions may be used. Folded VS provides a concise proof that no value greater than the maximum value was reported by a sensor, thus providing a check against deflation of sensor data. Similarly, the cryptographic function of the IFP provides a mechanism to prevent inflation of the sensor data. Thus it becomes possible at a portal to verify that aggregated data has not been inflated or deflated by the aggregator. | 11-18-2010 |

20130129083 | TAMPER-RESISTANT MEMORY INTEGRATED CIRCUIT AND ENCRYPTION CIRCUIT USING SAME - The present invention provides an integrated memory circuit applicable to an S-box of a cryptographic circuit, the integrated memory circuit having a row decoder, a column decoder, and a sense amplifier composed of a domino-RSL circuit, wherein data reading and data writing from/to memory cells of a memory cell array are performed via two complementary bit lines, and the transition probability of a signal line is equalized by input of random-number data supplied from a random-number generating circuit using an arbiter circuit. | 05-23-2013 |

20090097639 | AES ENCRYPTION/DECRYPTION CIRCUIT - This invention makes the number of cycles required for AES encryption or decryption by hardware smaller than before by reducing the difference among the summation of the signal processing time for each sub-block transformations in each clock cycle period. To do this, an encryption/decryption circuit includes a first AddRoundKey Transformation module, a second AddRoundKey Transformation module, a ShiftRows Transformation module, a SubBytes Transformation module, a MixColumns Transformation module, and a data holding unit, wherein in a cycle of encryption, the first AddRoundKey Transformation module and the second AddRoundKey Transformation module are executed using different Round Keys. | 04-16-2009 |

20090116640 | Distributed search methods for time-shifted and live peer-to-peer video streaming - Systems, devices and methods for supporting live and time-shifted video streaming via distributed search methods for registering and locating cached portions of video streams shared in peer-to-peer systems. | 05-07-2009 |

20110129085 | CRYPTOGRAPHIC DEVICE FOR IMPLEMENTING S-BOX - Provided is a cryptographic device implementing an S-Box of an encryption algorithm using a many-to-one binary function. The cryptographic device includes: arrays of first logic gates including I first logic gates which each receive 2 bits of an input signal; 2 | 06-02-2011 |

20100150341 | STORAGE SECURITY USING CRYPTOGRAPHIC SPLITTING - Methods and systems for securing data in a data storage network are disclosed. One method includes receiving at a secure storage appliance a block of data for storage on a volume, the volume associated with a plurality of shares distributed across a plurality of physical storage devices. The method further includes cryptographically splitting the block of data received by the secure storage appliance into a plurality of secondary data blocks, and cryptographically splitting the session key into a plurality of session key fragments. The method further includes encrypting each of the plurality of secondary data blocks with a different session key, each session key associated with at least one of the plurality of shares, and encrypting each of the plurality of session key fragments with a workgroup key associated with a source of the block of data. | 06-17-2010 |

20100098244 | SYSTEM AND METHOD FOR STREAM/BLOCK CIPHER WITH INTERNAL RANDOM STATES - Disclosed herein are systems, methods, and computer readable-media for performing data encryption and decryption using a stream or block cipher with internal random states. The method includes splitting the input data into a predetermined number of blocks and processing each block. The processing includes creating sub-blocks, permuting the sub-blocks, replacing bytes using a lookup table, rotating bits, performing expansion and combining sets of bits. The element of randomness employed in this process allows for the same input to yield the same output, with differing internal states. | 04-22-2010 |

20090086963 | Systems and Methods for Protecting the Anonymity of Entities - Systems and methods for protecting the anonymity of one or more entities comprising personalizing a reference associated with information about an entity using one or more codes associated with a viewing entity to generate a personalized reference with which to present the information to the viewing entity. | 04-02-2009 |

20110255688 | METHOD AND SYSTEM FOR MONITORING ONLINE COMPUTER NETWORK BEHAVIOR AND CREATING ONLINE BEHAVIOR PROFILES - A method and system for monitoring users on one or more computer networks, disassociating personally identifiable information from the collected data, and storing it in a database so that the privacy of the users is protected. In one embodiment, the system generates an anonymized identifier and associates that anonymized identifier with collected network data. An embodiment of the system may further anonymize data such as resource location identifiers, by identifying and removing personal information. | 10-20-2011 |

20090110189 | Apparatus and method for operating a symmetric cipher engine in cipher-block chaining mode - An apparatus is disclosed for operating a symmetric cipher engine (SCE) in cipher-block chaining (CBC) mode, the apparatus comprises a crypto operation hardware comprising said SCE, an XOR stage, an apparatus for storing a chaining value comprising a state register of said SCE, an input latch supplying said crypto operation hardware with data, and an output latch. The data may be reordered for decipher operations. Furthermore, a method is disclosed for operating a SCE in CBC mode, wherein the method involves a crypto operation hardware that comprises said SCE and an XOR stage supplied with data. The method may also comprise using a state register of said SCE to apply a chaining value. Said method may comprise reordering data supplied to said crypto operation hardware for decipher operations. | 04-30-2009 |

20090103718 | ENCRYPTION AND DECRYPTION METHODS - Encryption methods are provided. A data block is selected from a plurality of data blocks. A sentry block is determined. The selected data block is encrypted according to the sentry block to obtain a cipher text. The cipher text is used as the sentry block for encrypting the next data block. | 04-23-2009 |

20090103719 | Cryptographic processing apparatus and cryptographic processing method, and computer program - There is provided a highly secure cryptographic processing apparatus and method where an analysis difficulty is increased. In a Feistel type common key block encrypting process in which an SPN type F function having a nonlinear conversion section and a linear conversion section is repeatedly executed a plurality of rounds. The linear conversion process of an F function corresponding to each of the plurality of rounds is performed as a linear conversion process which employs an MDS (Maximum Distance Separable) matrix, and a linear conversion process is carried out which employs a different MDS matrix at least at each of consecutive odd number rounds and consecutive even number rounds. This structure makes it possible to increase the minimum number (a robustness index against a differential attack in common key block encryption) of the active S box in the entire encrypting function. | 04-23-2009 |

20100329450 | INSTRUCTIONS FOR PERFORMING DATA ENCRYPTION STANDARD (DES) COMPUTATIONS USING GENERAL-PURPOSE REGISTERS - Some embodiments of the present invention provide a processor, which includes a set of general-purpose registers and at least one execution unit. Each general-purpose register in the set of general-purpose registers is at least 64 bits wide, and the execution unit supports one or more Data Encryption Standard (DES) instructions. Specifically, the execution unit may support a permutation-rotation instruction for performing DES permutation operations and DES rotation operations. The execution unit may also support a round instruction to perform a DES round operation. Since the DES instructions use general-purpose registers instead of special-purpose registers to perform DES-specific operations, the processor's circuit complexity and area are reduced. Furthermore, in some embodiments, since the DES instructions require at most two operands, the number of bits required to specify the location of the operands are reduced, thereby enabling a larger number of instructions to be supported by the processor. | 12-30-2010 |

20080310624 | Encryption Apparatus and Method for Providing an Encrypted File System - An encryption apparatus and method for providing an encrypted file system are provided. The encryption apparatus and method of the illustrative embodiments uses a combination of encryption methodologies so as to reduce the amount of decryption and re-encryption that is necessary to a file in the Encrypted File System in the event that the file needs to be modified. The encryption methodologies are interleaved, or alternated, with regard to each block of plaintext. In one illustrative embodiment, Plaintext Block Chaining (PBC) and Cipher Block Chaining (CBC) encryption methodologies are alternated for encrypting a sequence of blocks of data. The encryption of a block of plaintext is dependent upon the plaintext or a cipher generated for the plaintext of a previous block of data in the sequence of blocks of data so that the encryption is more secure than known Electronic Code Book encryption methodologies. | 12-18-2008 |

20100027781 | METHOD AND APPARATUS FOR ENHANCING PERFORMANCE OF DATA ENCRYPTION STANDARD (DES) ENCRYPTION/DECRYPTION - A method and apparatus for increasing performance of Data Encryption Standard (DES) and Triple DES (3DES) cipher operation is provided. A critical path through a plurality of rounds in a multi-round cycle to perform a cipher operation is reduced by reducing the number of exclusive OR (XOR) operations in the critical path. An R state element is expanded to 48-bits and each round stage uses the 48-bit expanded R state element which results in a reduction of the number of XOR operations to one per round in the cipher operation plus one additional XOR operation per cipher operation. In addition logic organization is symmetric which further increases the overall performance of DES and 3DES. | 02-04-2010 |

20150043729 | INSTRUCTION AND LOGIC TO PROVIDE A SECURE CIPHER HASH ROUND FUNCTIONALITY - Instructions and logic provide secure cipher hashing algorithm round functionality. Some embodiments include a processor comprising: a decode stage to decode an instruction for a secure cipher hashing algorithm, the first instruction specifying a source data, and one or more key operands. Processor execution units, are responsive to the decoded instruction, to perform one or more secure cipher hashing algorithm round iterations upon the source data, using the one or more key operands, and store a result of the instruction in a destination register. One embodiment of the instruction specifies a secure cipher hashing algorithm round iteration using a Feistel cipher algorithm such as DES or TDES. In one embodiment a result of the instruction may be used in generating a resource assignment from a request for load balancing requests across the set of processing resources. | 02-12-2015 |

20130064362 | PRESERVATION OF ENCRYPTION - An apparatus, method, system and computer-readable medium are provided for preserving an encryption of data when confronted by an attack, such as a side channel analysis (SCA) attack based on a statistical analysis. In some embodiments, hardware, software, and/or firmware associated with an encryption calculation may be exercised or accessed during a background operation when an actual or real operation is not taking place. During the background operation, dummy values for data and one or more keys may be input to the hardware. A switching between the real operation and the background operation may take place seamlessly such that measurement of a physical characteristic associated with the hardware is indistinguishable in terms of when the real and background operations are active. In this manner, the secrecy of a key used in connection with the real operation may be preserved. | 03-14-2013 |

20090010427 | Check Authorization System and Method - A device is provided that includes a monetary instrument having a surface, and a magnetic ink character recognition (MICR) line coupled to that surface. The MICR line includes an ABA number, a customer account number, and a one-way hash value. The one-way hash value is output from a hashing process using input including the ABA number, the customer account number, together with a personal identification code and a key that are not included on the MICR line. A method is also provided that authenticates a monetary instrument by comparing a computed one-way hash value with a one-way hash value that is located in the MICR line of the monetary instrument. At the point-of-sale, the MICR line data is scanned and the personal identification code obtained from the customer. The scanned data and the personal identification code are transmitted to a check verifier that provides a check verification status. | 01-08-2009 |

20090010426 | System and method for providing load balanced secure media content and data delivery in a distributed computing environment - A system and method for providing load balanced secure media content and data delivery ( | 01-08-2009 |

20090080647 | Method and System for Usage of Block Cipher Encryption - A block cipher system for encrypting a plurality of blocks from plaintext to ciphertext, each of the blocks being associated with a constant root key, the system including an encryption key module to determine an input key for each of blocks based on a function having a plurality of inputs including the root key and an initialization vector, for a first one of the blocks, and the plaintext of at least one of the blocks which was previously encrypted and the root key, for the blocks other than the first block, and an encryption module to encrypt each of the blocks based on the input key determined for each of the blocks, respectively. Related apparatus and methods also included. | 03-26-2009 |

20090003592 | Content delivery system, delivery server, terminal, and content delivery method - Disclosed herein is a content delivery system which may include a delivery server for delivering content data, a terminal for downloading the content data, and a network. The delivery server may include, an encryption section, and a delivery section. The terminal may include a reception section. The terminal or the delivery server may include an interruption point recording section. The delivery server may include an interruption point acquisition section. Based on the interruption point information, the delivery section may start delivery of one or more of the encrypted blocks that remain to be delivered. | 01-01-2009 |

20090074181 | Method and device for executing crytographic calculation - The invention concerns a method for executing cryptographic calculation in an electronic component, based on a specific cryptographic algorithm including at least one secret key operation ( | 03-19-2009 |

20100054461 | SYSTEMS AND METHODS FOR IMPLEMENTING BLOCK CIPHER ALGORITHMS ON ATTACKER-CONTROLLED SYSTEMS - Systems and methods for an implementation of block cipher algorithms (e.g., AES) use lookup tables to obscure key information, increasing difficulty for those with privileged access to a system performing the AES algorithm to obtain such key information. The implementation encodes round key information into a first plurality of tables (T1), which when used for lookup operations also complete SubBytes operations, and output state in an encoded format. A Shiftrows operation is performed arithmetically on the state output from the T1 table lookups. A second plurality of tables (T2) are used to perform a polynomial multiplication portion of MixColumns to state from Shiftrows, and an XOR portion of MixColumns is performed arithmetically on the columns outputted from using the T2 tables. Encoding from the T1 tables is made to match a decoding built into the T2 tables. Subsets of the T1 tables use the same T2 tables, reducing a memory footprint for the T2 tables. Multiple AES keys can be embedded in different sets of T1 tables that encode for the same set of T2 tables. | 03-04-2010 |

20090147947 | DIGITAL-ENCRYPTION HARDWARE ACCELERATOR - An electronic device for encrypting and decrypting data blocks of a message having n data blocks in accordance with the data encryption standard (DES) is provided. The electronic device has a first data processing channel having a first processing stage for performing encryption and decryption of data blocks of a predefined length, and a first input data buffer coupled to a data input and to the first processing stage, and a second data processing channel having a second processing stage for performing encryption and decryption of data blocks, a second data input buffer coupled to an output of the first processing stage and to the second processing stage. The electronic device also has a control stage (FSM) for controlling the first processing stage and the second processing stage, so as to perform an encryption or decryption step with the second processing stage on an encrypted/decrypted data block output from the first processing stage. The control stage is adapted to control the first processing stage to perform data encryption or decryption according to the data encryption standard on each block and to control the second processing stage to compute a message authentication code over the encrypted or decrypted message received from the first processing stage block-by-block. | 06-11-2009 |

20140328483 | METHOD FOR PRODUCING A HARDWARE DEVICE AND HARDWARE DEVICE - A method for producing a hardware device, in particular a trusted platform module for the execution of at least one cryptographic algorithm, the hardware device corresponding to a real-time class, i.e., it fulfils specifiable run-time requirements for real-time applications, wherein the method comprises preparing at least one cryptographic algorithm in the manner of a program code; determining a maximum/longest execution time (WCET) for the algorithm, producing a tamper-proof hardware module, which is configured to execute the algorithm, and assigning the hardware module to a real-time class depending on the maximum/longest execution time (WCET). | 11-06-2014 |

20100316215 | METHOD OF SHARING A STRONG SECRET BETWEEN TWO PARTIES, ONE OF WHOM HAS LITTLE PROCESSING POWER - The invention relates to a method of sharing a strong secret F between two parties (A, B) previously sharing a weak secret F, this method of sharing combining a symmetric algorithm and an asymmetric algorithm, and consisting in using a fixed exponent e of small size, and in encrypting not the exponent e, but the modulus n, by means of the weak secret f. | 12-16-2010 |

20080253561 | Common-Key Block Encryption Device Common-Key Block Encryption Method, and Common-Key Block Encryption Program - Disclosed is a common-key block encryption device including first Feistel-type hash means that divides a plain text into a PA block and a PB block and adds the PB block, which is compressed by a hash function, and the PA block to generate a unit block intermediate text; unit block encryption means that encrypts the unit block intermediate text to generate a unit block intermediate cipher text; pseudorandom number generation means that generates an intermediate random number based on the unit block intermediate cipher text; addition means that adds the intermediate random number and the PB block and outputs an addition result; second Feistel-type hash means that outputs a result that is a combination of a second addition result, generated based on the addition result compressed by a hash function and the unit block intermediate cipher text, and the addition result; and cipher text output means that outputs the output result as a cipher text. | 10-16-2008 |

20090262925 | Method for designing a secure hash function and a system thereof - A system and method for designing a secure hash function is provided. Both of which have been designed for secure hash functionality, Secure Hash Algorithm (SHA-3) using pre processing (MP) methods and to help reduce hash collisions. It is a one way hash function which is a combination of message pre-processing which is a bijective function and the cipher block chaining mode (CBC). | 10-22-2009 |

20090214026 | METHOD AND APPARATUS FOR OPTIMIZING ADVANCED ENCRYPTION STANDARD (AES) ENCRYPTION AND DECRYPTION IN PARALLEL MODES OF OPERATION - The throughput of an encryption/decryption operation is increased in a system having a pipelined execution unit. Different independent encryptions (decryptions) of different data blocks may be performed in parallel by dispatching an AES round instruction in every cycle. | 08-27-2009 |

20090097638 | INFORMATION PROCESSING APPARATUS - Three registers are provided in an input register section and each register stores 8 bytes of input packet data upon performing an encryption process or an authorization value creation process on input packet data. Creation of an authorization value using a first EXOR circuit and an AES circuit is performed on the data stored in the first two registers. Then, encryption is performed on the input packet data using the first EXOR circuit and the AES circuit on the data stored in the last two registers. The encrypted data is stored in the last two registers, then the data in the input register section are shifted by 16 bytes. The 16 bytes of data that are a continuation of the input packet data and are repeatedly stored in the last two registers. | 04-16-2009 |

20110176674 | COUNTERMEASURE METHOD AND DEVICE FOR PROTECTING DATA CIRCULATING IN AN ELECTRONIC COMPONENT - The present disclosure relates to a countermeasure method in an integrated circuit comprising at least one first logic circuit and at least one first input register supplying the first logic circuit with a datum, the method comprising steps of introducing a random datum into each first input register of the first logic circuit and of the first logic circuit reading the random datum in each first input register, then of introducing a datum to be processed into each first input register, and of the first logic circuit processing the datum in each first input register. | 07-21-2011 |

20100104095 | Novel Hash Function With Provable Resistance To Differential Attacks - A system and method for coding data to help resist differential attacks. Data in m columns may be initialized to an initialized value. One new column of data may be mixed with a new input word and input to an advanced mixer. The advanced mixer may include linear mixing having indexed bytes and performing of exclusive-OR operation and transposing. An output of the advanced mixer may be a new m column state. A value of m could be 0 through 30. The value of m may have a preferred range of 27 through 36. Systems to implement the foregoing method are also described. | 04-29-2010 |

20120087492 | EXECUTION UNIT FOR PERFORMING THE DATA ENCRYPTION STANDARD - Described is an execution unit for performing at least part of the Data Encryption Standard that includes a Left Half input; a Key input; and a Table input, as well as a first group of transistors configured to receive the Table input, perform a table look-up, and output data. The execution unit further includes a first exclusive-or operator having two inputs and an output that is configured to receive the Left Half input and the Key input. The execution unit also includes a second exclusive-or operator having two inputs and an output that is configured to receive the data output by the first group of transistors and to receive the output of the first exclusive-or operator. The execution unit also includes a third exclusive-or operator having two inputs and an output that is configured to receive the Left Half input and the data output by the first group of transistors. | 04-12-2012 |

20090028326 | Methods and apparatus performing hash operations in a cryptography accelerator - Methods and apparatus are provided for implementing a cryptography accelerator for performing operations such as hash operations. The cryptography accelerator recognizes characteristics associated with input data and retrieves an instruction set for processing the input data. The instruction set is used to configure or control components such as MD5 and SHA-1 hash cores, XOR components, memory, etc. By providing a cryptography accelerator with access to multiple instruction sets, a variety of hash operations can be performed in a configurable cryptographic accelerator. | 01-29-2009 |

20110091034 | Secure Method for Cryptographic Computation and Corresponding Electronic Component - The secure method for cryptographic computation comprises processing of an input datum (D) by a cryptographic computation tool involving at least one encryption key (K) and at least one generated item of secret information, so as to provide an output datum (DC). The generation of the said at least one item of secret information (ST) comprises processing of the said input datum by at least one operator (OPS) having at least one secret characteristic. | 04-21-2011 |

20080317244 | EXECUTION UNIT FOR PERFORMING THE DATA ENCRYPTION STANDARD - An execution unit adapted to perform at least a portion of the Data Encryption Standard. The execution unit includes a Left Half input; a Key input; and a Table input. The execution unit also includes a first group of transistors configured to receive the Table input, perform a table look-up, and output data. The execution unit further includes a first exclusive-or operator having two inputs and an output. The first exclusive-or operator is configured to receive the Left Half input and the Key input. The execution unit also includes a second exclusive-or operator having two inputs and an output. The second exclusive-or operator is configured to receive the data output by the first group of transistors and to receive the output of the first exclusive-or operator. The execution unit also includes a third exclusive-or operator having two inputs and an output. The third exclusive-or operator is configured to receive the Left Half input and the data output by the first group of transistors. | 12-25-2008 |

20080317243 | LOW COMPLEXITY ENCRYPTION METHOD FOR CONTENT THAT IS CODED BY A RATELESS CODE - A method and apparatus is disclosed herein for a low complexity method of securing content that is coded by a rateless code whereby it is noted that it is sufficient to encrypt only a subset of the ratelessly coded packets. In one embodiment, the method comprises performing rateless coding on a first set of blocks of data to produce ratelessly encoded blocks of data and performing encryption on a subset of the ratelessly encoded blocks of data based on a degree value for each of the ratelessly encoded blocks of data. | 12-25-2008 |

20080292100 | NON-LINEAR DATA CONVERTER, ENCODER AND DECODER - According to an aspect of the present invention, there is provided a non-linear data converter including: first to fourth converters that each performs a respective converting process on an input bit string to output respective output bit string; a generator that generates a random number bit string; and a selector that selects any one of the output bit strings from the first to fourth converters based on the random number bit string. Each of the converting processes is equivalent to performing a first mask process, a non-linear conversion predetermined for an encoding or a decoding and a second mask process. | 11-27-2008 |

20150104011 | PRESERVATION OF ENCRYPTION - An apparatus, method, system and computer-readable medium are provided for preserving an encryption of data when confronted by an attack, such as a side channel analysis (SCA) attack based on a statistical analysis. In some embodiments, hardware, software, and/or firmware associated with an encryption calculation may be exercised or accessed during a background operation when an actual or real operation is not taking place. During the background operation, dummy values for data and one or more keys may be input to the hardware. A switching between the real operation and the background operation may take place seamlessly such that measurement of a physical characteristic associated with the hardware is indistinguishable in terms of when the real and background operations are active. In this manner, the secrecy of a key used in connection with the real operation may be preserved. | 04-16-2015 |