Systems and techniques are described herein for information protection. For example, a process may include obtaining a security information asset at a randomizing engine; performing a first randomization of the security information asset to obtain a randomized security information asset; providing the randomized security information asset to a secure storage device; obtaining the randomized security information asset from the secure storage device; performing a second randomization of the security information asset to obtain an updated randomized security information asset; and providing the updated randomized security information asset to a security component, wherein the updated randomized security information asset is used to perform a security operation.

The present description concerns an integrated circuit including, between first and second terminals having a first voltage applied therebetween, a load configured to execute instructions, a circuit for delivering a digital signal having at least two bits from a binary signal and a current output digital-to-analog converter controlled by the digital signal and coupled between the first and second terminals in parallel with the load.

In accordance with a first aspect of the present disclosure, a method of protecting a cryptographic device against side-channel attacks is conceived, the cryptographic device comprising a cryptographic unit and a processing unit, and the method comprising: performing, by the cryptographic unit, a cryptographic operation on input data, wherein said cryptographic operation generates at least one intermediate result; generating, by the processing unit, a set of possible values of the intermediate result; leaking, by the cryptographic device, said set of possible values of the intermediate result. In accordance with a second aspect of the present disclosure, a computer program is provided for carrying out said method. In accordance with a third aspect of the present disclosure, a corresponding cryptographic device is provided.

Methods and systems disclosed herein describe obfuscating plaintext cryptographic material stored in memory. A random location in an obfuscation buffer may be selected for each byte of the plaintext cryptographic material. The location of each byte of the plaintext cryptographic material may be stored in a position tracking buffer. To recover the scrambled plaintext cryptographic material, the location of each byte of the plaintext cryptographic material may be read from the position tracking buffer. Each byte of the plaintext cryptographic material may then be read from the obfuscation buffer and written to a temporary buffer. When each byte of the plaintext cryptographic material is recovered, the plaintext cryptographic material may be used to perform one or more cryptographic operations. The scrambling techniques described herein reduce the likelihood of a malicious user recovering plaintext cryptographic material while stored in memory.

The present invention relates to a test method of a circuit, comprising: acquiring a plurality of value sets comprising values of a physical quantity linked to the activity of a circuit to be tested when the circuit executes an operation of a set of distinct cryptographic operations applied to a secret data, selecting at least a first subset in each value set, for each value set, counting by a processing unit occurrence numbers of values transformed by a first surjective function applied to the values of the first subset of the value set, to form an occurrence number set for the value set, for each operation of the operation set, and each of the possible values of a part of the secret data, computing a partial operation result, computing cumulative occurrence number sets by adding the occurrence number sets corresponding to the operations of the operation set, which when applied to a same value or equivalent value of the possible values of the part of the secret data, provide a partial operation result having a same transformed value resulting from the application of a second surjective function, merging according to a selected merging scheme, cumulative occurrence numbers in the cumulative occurrence number sets, and analyzing the merged cumulative occurrence number sets to determine the part of the secret data.

One embodiment provides a system for noise addition to enforce data privacy protection in a star network. In operation, participants may add a noise component to a dataset. An aggregator may receive the noise components from the plurality of participants, compute an overall noise term based on the received noise components, and aggregate values using the noise components and overall noise term.

A secure method and a secure provision unit provide a secured replica pseudo random noise signal for a receiver unit. A replica pseudo random noise code is modulated with a noise signal by a receiver-end provision unit. The replica pseudo random noise code has artificially produced noise superimposed thereon, so that the replica pseudo random noise code cannot be read from the noisy signal even at the receiver end, for example within a receiver or on a transmission path between provision unit and receiver.

Systems and methods for tokenization to support pseudonymization are provided herein. An example method includes receiving an input set, seeding a random number generator with one or more secret data, transposing the input set using a first random number/transposition parameter generated by the random number generator to create a transposed input set, transposing a token set using a second random number/transposition parameter generated by the random number generator to create a transposed token set, and generating a token by substituting transposed input set values with transposed token set values.

Techniques for preventing tampering with programmable read-only memory of an integrated circuit are provided. A method according to these techniques includes performing a randomized read of data stored in the programmable read-only memory based on an input from an entropy source, writing the data to one or more registers of the integrated circuit, and initializing one or more components of the integrated circuit using the data stored in the one or more registers.

A method for conducting an operation including (a) lifting coefficients of a data structure from a representation modulo q to a representation modulo q, wherein the data structure comprises values which are reduced modulo q, wherein q and are integers; (b) randomizing the coefficients in modulo q, wherein for each coefficient a random value is multiplied with the value of q and the result of this multiplication is added to the coefficient; (c) conducting an operation on the lifted and randomized coefficients; and (d) reducing the lifted and randomized coefficients by conducting an operation modulo q.