Some embodiments described herein include an apparatus having a processor communicatively coupled to a memory. The processor is configured to monitor, at a characteristic controller, a first characteristic of an electronic device. The processor is then configured to receive side-channel signature analysis of the electronic device from a signature analyzer. The processor is configured to determine if the first characteristic of the electronic device has changed or will change in a predefined period of time based on the side-channel signature analysis. The processor is then configured to adjust a second characteristic of the electronic device and/or filtering characteristics such that the side-channel signature analysis reflects predefined side-channel behavior.

In one example in accordance with the present disclosure, a method may include receiving, by a processor on a system on a chip (SoC), a request to encrypt a subset of data accessed by a process. The method may also include receiving, at a page encryption hardware unit of the SoC, a system call from an operating system on behalf of the process, to generate an encrypted memory page corresponding to the subset of data. The method may also include generating, by the page encryption hardware unit, an encryption/decryption key for the first physical memory address. The encryption/decryption key may not be accessible by the operating system. The method may also include encrypting, by the page encryption hardware unit, the subset of data to the physical memory address using the encryption/decryption key and storing, by the page encryption hardware unit, the encryption/decryption key in a key store.

An authentication and encryption protocol is provided that can be implemented within a single clock cycle of an integrated circuit chip while still providing unbreakable encryption. The protocol of the present invention is so small that it can co-exist on any integrated circuit chip with other functions, including a general purpose central processing unit, general processing unit, or application specific integrated circuits with other communication related functionality.

An authentication and encryption protocol is provided that can be implemented within a single clock cycle of an integrated circuit chip while still providing unbreakable encryption. The protocol of the present invention is so small that it can co-exist on any integrated circuit chip with other functions, including a general purpose central processing unit, general processing unit, or application specific integrated circuits with other communication related functionality.

A method for managing a request to pair a first item of equipment with a second item of equipment is implemented by a device for managing a pairing request. The managing device is configured to communicate with the first item of equipment via an optical communication channel. The managing method includes: reception, via the optical communication channel, of a pairing request including data representative of the identity of the first item of equipment; and if the pairing request is authorized, transmission, via the optical communication channel, of a security key to the first item of equipment to be used during communications between the first item of equipment and the second item of equipment once the items of equipment have been paired.

A secure element device that is configured to be cryptographically bound to a host device includes a secure element host key slot configured to store host key information that allows only the host device to control the secure element, a secure memory storing binding information, and limited functionality allowing the binding information to be read from the secure memory by the host device during a binding process. The binding information is cryptographically correlated with the host key information. The host key information is generated by the host device using the binding information read from the secure element and a secret key. The secure element device further includes general functionality only accessible to the host device using the host key information that is generated by the host device. The secure memory includes prevention measures impeding unauthorized entities from obtaining information from the secure memory.

In order to provide an information matching system achieving an information matching scheme that takes a lower cost and uses secure biometric information, the information matching system includes a concealment apparatus, a decryption apparatus, and a similarity calculating apparatus. The concealment apparatus transmits, to the similarity calculating apparatus, concealed information including information concealing obtained matching information by linear conversion using random numbers. The similarity calculating apparatus calculates, from obtained one or more pieces of registration information and the concealed information received from the concealment apparatus, a concealed similarity which is a value concealing a similarity between the matching information and the registration information, and to transmit the calculated concealed similarity to the decryption apparatus. The decryption apparatus calculates the similarity between the matching information and the registration information from the concealed similarity received from the similarity calculating apparatus, using the random numbers used by the concealment apparatus.

Unclonable function circuitry includes a plurality of pairs of phase-change memory cells in a virgin state, and sensing circuitry coupled to the plurality of pairs of phase-change memory cells in the virgin state. The sensing circuitry identifies a subset of the plurality of pairs of phase-change memory cells in the virgin state based on a reliability mask. Signs of differences of effective resistance values of the identified subset of the plurality of pairs of phase-change memory cells in the virgin state are sensed by the sensing circuitry. The sensing circuitry generates a string of bits based on the sensed signs of differences in the effective resistance values of the identified subset of the plurality of pairs of phase-change memory cells in the virgin state. Processing circuitry coupled to the unclonable function circuitry, in operation, executes one or more operations using the generated string of bits.

A secure random number that follows a binomial distribution is generated without performing successive communication. A secure computation apparatus (1.sub.i) generates a share [r].sub.i of a random number r that follows a binomial distribution. A parameter storage unit (10) stores a pseudorandom function PRF, at least one set of a key k.sub.A and a polynomial f.sub.A. A pseudorandom number generating unit (11) obtains a pseudorandom number p.sub.A for each of the keys k.sub.A by computing the pseudorandom function PRF(k.sub.A, a) using the keys k.sub.A. A bit counting unit (12) counts the number r.sub.A of 1s included in each pseudorandom number p.sub.A. A random number share generating unit (13) obtains the sum of products of the number r.sub.A of 1s and an output of the polynomial f.sub.A(i) corresponding to the number r.sub.A of 1s as the share [r].sub.i of the random number r.

Systems and methods for tokenization to support pseudonymization are provided herein. An example method includes receiving an input set, seeding a random number generator with one or more secret data, transposing the input set using a first random number/transposition parameter generated by the random number generator to create a transposed input set, transposing a token set using a second random number/transposition parameter generated by the random number generator to create a transposed token set, and generating a token by substituting transposed input set values with transposed token set values.