Data can be protected in a centralized tokenization environment. A security value is received by a central server from a client device. The central server accesses a token table corresponding to the client device and generates a reshuffled static token table from the accessed token table based on the received security value. When the client device subsequently provides data to be protected to the central server, the central server tokenizes the provided data using the reshuffled static token table and stores the tokenized data in a multi-tenant database. By reshuffling token tables using security values unique to client devices, the central server can protect and store data for each of multiple tenants such that if the data of one tenant is compromised, the data of each other tenant is not compromised.

In an embodiment, a circuit includes a supply terminal, a reference terminal, a logic circuit coupled between the supply terminal and the reference terminal, and an auxiliary circuit coupled to the logic circuit. The auxiliary circuit includes a plurality of switches configured to be controlled to produce random criterions. Each random criterion causes, on each transition of an output signal of the logic, an attenuation of a current flowing between a supply terminal of the circuit and a reference terminal of the circuit; or an increase of the current flowing between the supply terminal of the circuit and the reference terminal of the circuit; or an additional current flowing through the logic circuit on a current path not passing through the supply terminal; or no change in the current flowing between the supply terminal of the circuit and the reference terminal of the circuit.

This document relates to hardware protection of differential privacy techniques. One example obtains multiple instances of encrypted telemetry data within a secure enclave and processes the encrypted telemetry data to obtain multiple instances of unencrypted telemetry data. The example also processes, within the secure enclave, the multiple instances of unencrypted telemetry data to obtain a perturbed aggregate. The example also releases the perturbed aggregate from the secure enclave.

A method to protect computational, in particular cryptographic, devices having multi-core processors from DPA and DFA attacks is disclosed herein. The method implies: Defining a library of execution units functionally grouped into business function related units, security function related units and scheduler function related units; Designating at random one among the plurality of processing cores on the computational device to as a master core for execution of the scheduler function related execution units; and Causing, under control of the scheduler, execution of the library of execution units, so as to result in a randomized execution flow capable of resisting security threats initiated on the computational device.

A random number generator generates a random number by using at least two algorithms. A security device includes the random number generator. The random number generator includes a random seed generator and a post processor. The random seed generator is configured to receive an entropy signal and to generate a random seed of a digital region generated by using the entropy signal. The post processor is configured to generate a random number from the random seed by using a first algorithm and a second algorithm. A bias property represents unbiasedness of a result value, and a bias property of the first algorithm is different from a bias property of the second algorithm

In a system executing a program, a method comprises detecting one or more input/output calls associated with the program and re-randomizing memory associated with the program in response to the one or more input/output calls. A related system is also described.

Apparatus and method for defending against a side-channel information attack such as a differential power analysis (DPA) attack. In some embodiments, a cryptographic hardware pipeline circuit performs a selected cryptographic function upon a selected set of data over a processing time interval. The pipeline circuit has a sequence of stages connected in series. The stages are enabled responsive to application of an asserted enable signal. An enable interrupt circuit is configured to periodically interrupt the selected cryptographic function to provide a plurality of processing intervals interspersed with the interrupt intervals. At least a selected one of the processing intervals or the interrupt intervals have random durations selected responsive to a series of random numbers.

An encryption device for performing virtual and real operations and a method of operating the encryption device. The method includes performing a virtual operation; when a real operation request signal is received, determining whether the virtual operation being performed is completed; and in response to the virtual operation being completed, performing a real operation in response to the real operation request signal.

A system and method to mitigate or complicate the use of differential power analysis (DPA) and simple power analysis (SPA) in the attack of a targeted integrated circuit, or device containing an integrated circuit, that is processing sensitive information. The system and method modifies the regularity of a clock that initiates the power events within the circuit such that subsequent processing of information does not always occur at the same time.

A method includes dispersed storage error encoding a plurality of data segments to produce a plurality of sets of encoded data slices and dispersed storage error encoding auxiliary data to produce a set of encoded auxiliary data slices. The method further includes obfuscating a first set of encoded data slices of the plurality of sets of encoded data slices using at least one encoded auxiliary data slices of the set of encoded auxiliary data slices to produce a first set of obfuscated encoded data slices. The method further includes obfuscating a second set of encoded data slices of the plurality of sets of encoded data slices using at least one other encoded auxiliary data slice of the set of encoded auxiliary data slices to produce a second set of obfuscated encoded data slices. The method further includes outputting the first and second sets of obfuscated encoded data slices for storage.