A secret value estimation device is provided for determining an estimate of at least one secret value used by at least one cryptographic mechanism implemented in a cryptographic system from a statistical distribution of a set of multivariate leakage traces determined by a leakage traces statistical distribution unit. Each leakage trace being a vector comprises a plurality of random values, the number of said random values being an integer number superior or equal to 1, the statistical distribution being a function of parametric linear combinations of a set of leakage model basis vectors representing a multivariate leakage model, the number of basis vectors being an integer number superior or equal to 1, and the linear combinations being defined by a matrix of real values.

A secret value estimation device is provided for determining an estimate of at least one secret value used by at least one cryptographic mechanism implemented in a cryptographic system from a statistical distribution of a set of multivariate leakage traces determined by a leakage traces statistical distribution unit. Each leakage trace being a vector comprises a plurality of random values, the number of said random values being an integer number superior or equal to 1, the statistical distribution being a function of parametric linear combinations of a set of leakage model basis vectors representing a multivariate leakage model, the number of basis vectors being an integer number superior or equal to 1, and the linear combinations being defined by a matrix of real values.

A security apparatus includes a receiver that receives a frame front at least one network, a parameter storage that stores at least one examination parameter defining a content of an examination on a frame, and processing circuitry that performs operations. The operations include judging whether a predetermined condition is satisfied for the frame received by the receiver. When the predetermined condition is satisfied, updating the stored at least one examination parameter, and when the predetermined condition is not satisfied, not updating the stored at least one examination parameter. The operations also include executing an examination, based on the stored at least one examination parameter, as to whether the frame received by the receiver is an attack frame, and performing a process depending on a result of the execution of the examination such that an influence of an attack frame on at least one electronic control unit is suppressed.

A security apparatus includes a receiver that receives a frame front at least one network, a parameter storage that stores at least one examination parameter defining a content of an examination on a frame, and processing circuitry that performs operations. The operations include judging whether a predetermined condition is satisfied for the frame received by the receiver. When the predetermined condition is satisfied, updating the stored at least one examination parameter, and when the predetermined condition is not satisfied, not updating the stored at least one examination parameter. The operations also include executing an examination, based on the stored at least one examination parameter, as to whether the frame received by the receiver is an attack frame, and performing a process depending on a result of the execution of the examination such that an influence of an attack frame on at least one electronic control unit is suppressed.

An indication of an operating mode of an asynchronous circuit may be received. A determination may be made as to whether the operating mode of the asynchronous circuit corresponds to a self-test of the asynchronous circuit. In response to determining that the operating mode of the asynchronous circuit corresponds to the self-test, a first clock signal may be provided to a first portion of a self-test component in a feedback path of the asynchronous circuit and a second clock signal may be provided to a second portion of the self-test component in the feedback path of the asynchronous circuit. Furthermore, a test value may be generated based on the first clock signal and the second clock signal.

An indication of an operating mode of an asynchronous circuit may be received. A determination may be made as to whether the operating mode of the asynchronous circuit corresponds to a self-test of the asynchronous circuit. In response to determining that the operating mode of the asynchronous circuit corresponds to the self-test, a first clock signal may be provided to a first portion of a self-test component in a feedback path of the asynchronous circuit and a second clock signal may be provided to a second portion of the self-test component in the feedback path of the asynchronous circuit. Furthermore, a test value may be generated based on the first clock signal and the second clock signal.

Methods and apparatus for identifying media are described. Example methods disclosed herein include presenting a graphical enable button via a display of a media presentation device, the graphical enable button, when selected, is to enable monitoring functionality implemented by the media presentation device, the monitoring functionality to monitor media presented by the media presentation device, the monitoring functionality to be disabled by default. Disclosed example methods also include detecting a first user input corresponding to selection of the graphical enable button and, in response to detection of the first user input: (i) enabling the monitoring functionality implemented by the media presentation device, and (ii) transmitting, via a network interface, information to a remote monitoring entity.

Methods and apparatus for identifying media are described. Example methods disclosed herein include presenting a graphical enable button via a display of a media presentation device, the graphical enable button, when selected, is to enable monitoring functionality implemented by the media presentation device, the monitoring functionality to monitor media presented by the media presentation device, the monitoring functionality to be disabled by default. Disclosed example methods also include detecting a first user input corresponding to selection of the graphical enable button and, in response to detection of the first user input: (i) enabling the monitoring functionality implemented by the media presentation device, and (ii) transmitting, via a network interface, information to a remote monitoring entity.

A secure computation technique of calculating a polynomial in a shorter calculation time is provided. A secure computation system generates concealed text [[u]] of u, which is the result of magnitude comparison between a value x and a random number r, from concealed text [[x]] by using concealed text [[r]]; generates concealed text [[c]] of a mask c from the concealed text [[x]], [[r]], and [[u]]; reconstructs the mask c from the concealed text [[c]]; calculates, for i=0, . . . , n, a coefficient b.sub.i from an order n, coefficients a.sub.0, a.sub.1, . . . , a.sub.n, and the mask c; generates, for i=1, . . . , n, concealed text [[s.sub.i]] of a selected value s.sub.i, which is determined in accordance with the result u of magnitude comparison, from the concealed text; [[u]]; and calculates a linear combination b.sub.0+b.sub.1[[s.sub.1]]+ . . . +b.sub.n[[s.sub.n]] of the coefficient b.sub.i and the concealed text [[s.sub.i]] as concealed text [[a.sub.0+a.sub.1x.sup.1+ . . . +a.sub.nx.sup.n]].

In order to improve the efficiency of transfer to outside devices while necessary buffer memory is suppressed, the present invention is an information processing apparatus for decoding a packet that is encrypted in accordance with Transport Layer Security (TLS) protocols and in which a padding portion has a variable length, the information processing apparatus including acquisition means for acquiring an encrypted packet on a unit data basis, decoding means for decoding the encrypted packet on the unit data basis, output means for outputting decoded data obtained through the decoding performed by the decoding means to an external device in accordance with an order in which the decoding is performed by the decoding means, and control means for restricting output to be performed by the output means in a case where a padding pattern is detected from the decoded data obtained through the decoding performed by the decoding means.