A first input share value, a second input share value, and a third input share value may be received. The first input share value may be converted to a summation or subtraction between an input value and a combination of the second input share value and the third input share value. A random number value may be generated and combined with the second input share value and the third input share value to generate a combined value. Furthermore, a first output share value may be generated based on a combination of the converted first input share value, the combined value, and additional random number values.

Various approaches are disclosed to virtualizing intrusion detection and prevention. Disclosed approaches provide for an embedded system having a hypervisor that provides a virtualized environment supporting any number of guest OSes. The virtualized environment may include a security engine on an internal communication channel between the guest OS and a virtualized hardware interface (e.g., an Ethernet or CAN interface) to analyze network traffic to protect the guest OS from other guest OSes or other network components, and to protect those network components from the guest OS. The security engine may be on a different partition than the guest OS and the virtualized hardware interface providing the components with isolated execution environments that protect against malicious code execution. Each guest OS may have its own security engine customized for the guest OS to account for what is typical or expected traffic for the guest OS.

A first integrated circuit chip is assembled to a second integrated circuit chip with a back-to-back surface relationship. The back surfaces of the integrated circuit chips are attached to each other using one or more of an adhesive, solder or molecular bonding. The back surface of at least one the integrated circuit chips is processed to include at least one of a trench, a cavity or a saw cut.

A quantum-computing threats surveillance system for use in quantum communication environments is a quantum-surveillance technology which detects quantum computing threats based on free electron monitoring and entangled state measurement, and performs time-and-space analysis on quantum communication environments via making use of specific Fourier transforms, and then collaborate with a system of Lotka-Volterra competition models for variance analysis, so as to determine whether there is suspicious or potential quantum computing in a quantum communication environment. Furthermore, it can monitor different quantum-teleportation channels to achieve the effect of tracking specific quantum-computing behaviors for a long term.

A method for performing a secure function in a data processing system is provided. In accordance with one embodiment, the method includes generating and encoding an encryption key. The encoded encryption key may be encrypted in a key store in a trusted execution environment (TEE) of the data processing system. The encrypted encryption key may encrypted, stored, and decrypted in the key store in the TEE, but used in a white-box implementation to perform a secure function. The secure function may include encrypting a value in the white-box implementation for securing a monetary value on, for example, a smart card. In one embodiment, each time an encryption key or decryption key is used, it is changed to a new key. The method makes code lifting and rollback attacks more difficult for an attacker because the key is stored separately from, for example, a white-box implementation in secure storage.

A method for executing by a circuit a substitution operation such that an output data may be selected in a substitution table using an input data as an index. The substitution operation may be performed using a new masked substitution table. The input data may be combined by XOR operations with a new value of a first mask parameter, and the output data may be combined by XOR operations with a new value of a second mask parameter. The new masked substitution table may be generated by computing the new value of the first mask parameter by applying XOR operations to a previous value of the first mask parameter and to a first input mask, computing the new value of the second mask parameter by applying XOR operations to a previous value of the second mask parameter and to a second input mask, and generating the new masked substitution table using a previous masked substitution table and the first and second input masks.

An encryption apparatus comprises a memory configured to store a predetermined program on a general domain and a security domain; and a processor configured to perform an encryption process based on the program, wherein the program is configured to: generate encoding data by encoding input data on the security domain, generate encryption data by performing encryption for the encoding data through a whitebox encryption module on the general domain, and generate output data by encoding the encryption data on the security domain.

A method is provided for generating an output from an input according to a secret using a white-box implementation of a cryptographic function having a first operation, a second operation, and a third operation. The method applies the input to a first operation to generate a first intermediate result, applies the first intermediate result to a second operation to generate a second intermediate result, and applies the second intermediate result to a third operation to generate the output, wherein at least two of the first operation, the second operation, and the third operation is implemented by a plurality of interconnected logic elements, the interconnection of the plurality of logic elements being comprised of one of a non-algebraic interconnection of logic elements and an algebraic interconnection of logic elements having obfuscated boundaries between the at least one of the first operation, the second operation and the third operation.

A method of encrypting messages in clear with the aid of a secret key, the method of encryption implementing at least one substitution layer using a substitution table and a diffusion layer using a diffusion matrix, the substitution layer and/or the diffusion layer being configured in a dynamic manner by a control parameter obtained by combining the secret key with the output word from a counter and by performing a non-invertible transformation on the combination. The counter is incremented at least once between two successive plaintext messages. The configuration of the substitution layer is manifested by an identical permutation of bits of each element of the substitution table and the configuration of the diffusion layer is manifested by a permutation of the elements of the diffusion matrix.

A method for executing computer programs in a trusted execution environment of a device is disclosed. The method includes retrieving a genomic differentiation object corresponding to a computer program that comprises a set of encoded executable instructions. The method further includes modifying the genomic differentiation object based on genomic regulation instructions (GRI) to obtain a modified genomic differentiation object, wherein the GRI were used to encode the set of encoded executable instructions of the computer program. The method includes obtaining a first instruction that is to be executed from the first set of encoded executable instructions of the computer program; obtaining a first sequence from first metadata associated with the first encoded instruction; generating a genomic engagement factor (GEF) based on the first sequence and the modified genomic differentiation object; decoding the first encoded instruction using the GEF to obtain a first decoded instruction; and executing the first decoded instruction.