Disclosed is a method and a system to execute the method to perform a first hashing operation to compute a first hash value, store the first hash value in a plurality of output registers, store a second message in a plurality of input registers, perform a first iteration of a second hashing operation, with an input to the second hashing operation including the second message and the first hash value, determine that a first portion of the second message, stored in a first register of the plurality of input registers, has been processed in course of the second hashing operation, and move a first portion of the first hash value stored in a first register of the plurality of output registers to the first register of the plurality of input registers.

Disclosed is a method and a system to execute the method to perform a first hashing operation to compute a first hash value, store the first hash value in a plurality of output registers, store a second message in a plurality of input registers, perform a first iteration of a second hashing operation, with an input to the second hashing operation including the second message and the first hash value, determine that a first portion of the second message, stored in a first register of the plurality of input registers, has been processed in course of the second hashing operation, and move a first portion of the first hash value stored in a first register of the plurality of output registers to the first register of the plurality of input registers.

A secret computation system is a secret computation system for performing computation while keeping data concealed, and comprises a cyphertext generation device that generates cyphertext by encrypting the data, a secret computation device that generates encrypted basic statistics by performing secret computation of predetermined basic statistics using the cyphertext while keeping the cyphertext concealed, and a computation device that generates decrypted basic statistics by decrypting the encrypted basic statistics and performs predetermined computation using the decrypted basic statistics.

A physically unclonable function (PUF) includes a bit cell that includes a latch and a switch to selectively couple the latch to a supply voltage node. A first transmission gate couples a first bit line to a first internal node of the latch and a second transmission gate couples a second bit line to a second internal node of the latch. A digital to analog converter (DAC) circuit is selectively coupled to the first internal node through the first bit line and the first transmission gate and to the second internal node through the second bit line and the second transmission gate, to thereby precharge the latch before the first bit cell is read. The latch regenerates responsive to the switch being closed to connect the latch to the supply voltage node. The first and second bit lines are used to read the regenerated value of the latch.

A digital watermark system that realizes digital watermark for a cryptographic function, including a memory and a processor configured to take as input a security parameter and generate a watermark embedding key for embedding information representative of a watermark in a circuit that realizes the cryptographic function, and a watermark extraction key for extracting information representative of the watermark from a circuit in which a watermark is embedded; take as input a master private key used for the cryptographic function, the watermark embedding key, and information representative of a watermark, and generate a circuit in which the watermark is embedded and that realizes the cryptographic function; and take as input the watermark extraction key and the circuit in which the watermark has been embedded, and extract information representative of a watermark from the circuit.

A secret share value [y]=[δx.sup.2+ax] is obtained through secure computation using a secret share value [x] of a real number x, and a secret share value [func(x)]=[y(ζy+b)+cx] of an elementary function approximation value z=func(x) of the real number x is obtained and output through secure computation using secret share values [x] and [y]. Here, x, y, and z are real numbers, a, b, c, δ, and ζ are real number coefficients, and a secret share value of .Math. is [.Math.].

A secret share value [y]=[δx.sup.2+ax] is obtained through secure computation using a secret share value [x] of a real number x, and a secret share value [func(x)]=[y(ζy+b)+cx] of an elementary function approximation value z=func(x) of the real number x is obtained and output through secure computation using secret share values [x] and [y]. Here, x, y, and z are real numbers, a, b, c, δ, and ζ are real number coefficients, and a secret share value of .Math. is [.Math.].

An apparatus, method, and system assess the trustworthiness of a design representation while maintaining its confidentiality and thwarting attempts at unauthorized access, misappropriation, and reverse engineering of confidential proprietary aspects of the design representation and/or its bit stream. A utility/tool is provided for trust assessment and verification of designs and/or bit streams. The utility/tool may be instantiated on a semiconductor device or implemented as a utility executable on a mobile computing device or other information processing system, apparatus, or network.

An apparatus, method, and system assess the trustworthiness of a design representation while maintaining its confidentiality and thwarting attempts at unauthorized access, misappropriation, and reverse engineering of confidential proprietary aspects of the design representation and/or its bit stream. A utility/tool is provided for trust assessment and verification of designs and/or bit streams. The utility/tool may be instantiated on a semiconductor device or implemented as a utility executable on a mobile computing device or other information processing system, apparatus, or network.

A method for verification of integrity and decryption of an encrypted message including ordered data blocks, the method performed by a cryptomodule and including storing or activating an integrity key; calculating an initial integrity code; generating a verification key and storing it; for each data block: storing the data block; updating an intermediate integrity code with the integrity key, the data block and the initial integrity code or the intermediate integrity code of the preceding data block; generating an authentication code using the verification key; deleting the data block; analysing the final integrity code; if the integrity is verified: storing or activating a decryption key specific to the encrypted message; for each data block: storing the data block; verifying the authenticity and the row of the data block using its authentication code; decrypting the data block with the decryption key; transmitting to the terminal the decrypted data block.