A method, apparatus, and system for assigning the execution of a cryptography and/or compression operation on a data segment to either a central processing unit (CPU) or a hardware cryptography/compression accelerator is disclosed. In particular, a data segment on which a cryptography and/or compression operation is to be executed is received. Status information relating to a CPU and a hardware cryptography/compression accelerator is determined. Whether the operation is to be executed on the CPU or on the hardware accelerator is determined based at least in part on the status information. In response to determining that the operation is to be executed on the CPU, the data segment is forwarded to the CPU for execution of the operation. On the other hand, in response to determining that the operation is to be executed on the hardware accelerator, the data segment is forwarded to the hardware accelerator for execution of the operation.

A method, apparatus, and system for assigning the execution of a cryptography and/or compression operation on a data segment to either a central processing unit (CPU) or a hardware cryptography/compression accelerator is disclosed. In particular, a data segment on which a cryptography and/or compression operation is to be executed is received. Status information relating to a CPU and a hardware cryptography/compression accelerator is determined. Whether the operation is to be executed on the CPU or on the hardware accelerator is determined based at least in part on the status information. In response to determining that the operation is to be executed on the CPU, the data segment is forwarded to the CPU for execution of the operation. On the other hand, in response to determining that the operation is to be executed on the hardware accelerator, the data segment is forwarded to the hardware accelerator for execution of the operation.

Various techniques provide systems and methods for facilitating truly random bit generation. In one example, a method includes receiving a first truly random bit stream in a first memory that includes a plurality of memory cells. Each of the plurality of memory cells stores a respective one bit of the first truly random bit stream. The method further includes generating, by a logic circuit, each bit of a second truly random bit stream based on a respective pair of bits of the first truly random bit stream. The method further includes storing the second truly random bit stream in a second memory. Related methods and devices are also provided.

Various techniques provide systems and methods for facilitating truly random bit generation. In one example, a method includes receiving a first truly random bit stream in a first memory that includes a plurality of memory cells. Each of the plurality of memory cells stores a respective one bit of the first truly random bit stream. The method further includes generating, by a logic circuit, each bit of a second truly random bit stream based on a respective pair of bits of the first truly random bit stream. The method further includes storing the second truly random bit stream in a second memory. Related methods and devices are also provided.

According to various aspects, a delay-based physical unclonable function (PUF) device is provided. According to one embodiment, the PUF device includes circuitry for generating output bits of entropy by comparing, or racing, a plurality of PUF cells. A PUF cell is a building block of the PUF device. For example, the PUF device may include two identically designed circuits with only process related variations and each circuit can be a PUF cell. According to another aspect, if PUF cells with same history of winning or losing are being compared in a race, adversaries cannot predict the outcome of the current race based on previous race results. Accordingly, systems and methods are described herein for generating multiple rounds of races based on the previous rounds of races. Thus, one PUF cell can be used in multiple pairwise comparisons while maximal entropy is extracted.

According to various aspects, a delay-based physical unclonable function (PUF) device is provided. According to one embodiment, the PUF device includes circuitry for generating output bits of entropy by comparing, or racing, a plurality of PUF cells. A PUF cell is a building block of the PUF device. For example, the PUF device may include two identically designed circuits with only process related variations and each circuit can be a PUF cell. According to another aspect, if PUF cells with same history of winning or losing are being compared in a race, adversaries cannot predict the outcome of the current race based on previous race results. Accordingly, systems and methods are described herein for generating multiple rounds of races based on the previous rounds of races. Thus, one PUF cell can be used in multiple pairwise comparisons while maximal entropy is extracted.

An apparatus for sharing data according to one embodiment includes a first combined data generator configured to generate first combined data by combining target data to be shared and a random bit string, a data encryptor configured to generate a ciphertext for the first combined data, a key encryptor configured to generate one or more ciphertexts for a decryption key of the ciphertext for the first combined data using one or more public keys, a second combined data generator configured to generate second combined data by combining the ciphertext for the first combined data, the one or more ciphertexts for the decryption key, and the random bit string, and a data discloser configured to disclose the second combined data to one or more entities to share the target data to be shared.

An apparatus for sharing data according to one embodiment includes a first combined data generator configured to generate first combined data by combining target data to be shared and a random bit string, a data encryptor configured to generate a ciphertext for the first combined data, a key encryptor configured to generate one or more ciphertexts for a decryption key of the ciphertext for the first combined data using one or more public keys, a second combined data generator configured to generate second combined data by combining the ciphertext for the first combined data, the one or more ciphertexts for the decryption key, and the random bit string, and a data discloser configured to disclose the second combined data to one or more entities to share the target data to be shared.

A fast cryptographic hash of an input file using multiplication and permutation operations in a parallel processing environment. An example method includes updating an internal state for each of a plurality of packets, the packets being read from an input file. Updating the state for a packet can include injecting the packet into an internal state, mixing the bits of the internal state using multiplication, and shuffling the result of the multiplication so that bits with highest quality are permuted to locations that will propagate most widely in a next multiplication operation. The method also includes performing a reduction on the internal state and repeating the update of the internal state, the reduction, and the injecting a second time. The method may further include finalizing the internal state and storing a portion of the final internal state as a cryptographic hash of the input file.

A fast cryptographic hash of an input file using multiplication and permutation operations in a parallel processing environment. An example method includes updating an internal state for each of a plurality of packets, the packets being read from an input file. Updating the state for a packet can include injecting the packet into an internal state, mixing the bits of the internal state using multiplication, and shuffling the result of the multiplication so that bits with highest quality are permuted to locations that will propagate most widely in a next multiplication operation. The method also includes performing a reduction on the internal state and repeating the update of the internal state, the reduction, and the injecting a second time. The method may further include finalizing the internal state and storing a portion of the final internal state as a cryptographic hash of the input file.