The present disclosure is directed to systems and methods for mitigating or eliminating the effectiveness of a side channel attack, such as a Meltdown or Spectre type attack by selectively introducing a variable, but controlled, quantity of uncertainty into the externally accessible system parameters visible and useful to the attacker. The systems and methods described herein provide perturbation circuitry that includes perturbation selector circuitry and perturbation block circuitry. The perturbation selector circuitry detects a potential attack by monitoring the performance/timing data generated by the processor. Upon detecting an attack, the perturbation selector circuitry determines a variable quantity of uncertainty to introduce to the externally accessible system data. The perturbation block circuitry adds the determined uncertainty into the externally accessible system data. The added uncertainty may be based on the frequency or interval of the event occurrences indicative of an attack.

A transmission apparatus and a transmission data protection method thereof are provided. The transmission apparatus stores a data table, a bloom filter, a first randomization array, a plurality of second randomization arrays and an identifier of each of the second randomization arrays. The bloom filter has a plurality of independent hash functions. The transmission apparatus generates a current original datum according to the data table; inputs the current original datum to the bloom filter as a current input datum of the bloom filter to output a current bloom datum; randomizes the current bloom datum according to the first randomization array to generate a current first randomized datum; randomizes the current first randomized datum according to one of the second randomization arrays to generate a current second randomized datum; and transmits a data signal carrying the current second randomized datum and an identification datum to another transmission apparatus.

Apparatus and method for enacting data security in a data storage device, such as by protecting against a differential power analysis (DPA) attack. In some embodiments, a dithered clock signal is generated having a succession of clock pulse segments. Each of the clock pulse segments has a different respective frequency selected in response to a first random number and a different overall duration selected in response to a second random number. The different segment frequencies are selected by supplying the first random number to a lookup table, and the different segment durations are obtained by initializing a timer circuit using the second random number. The dithered clock signal is used to clock a programmable processor during execution of a cryptographic function.

An iterative calculation is performed on a first number and a second number, while protecting the iterative calculation against side-channel attacks. For each bit of the second number, successively, an iterative calculation routine of the bit of the second number is determined. The determination is made independent of a state of the bit. The determined iterative calculation routine of the bit is executed. A result of the iterative calculation is generated based on a result of the execution of the determined iterative calculation routine of a last bit of the second number.

A randomization element includes a logic input for inputting a logic signal, a logic output for outputting the input logic signal at a delay and a randomization element. The randomization elements introduces the delay between said logic input and said logic output and operates selectably in static mode and in dynamic mode in accordance with a mode control signal. A logic circuit may be formed with randomization elements interspersed amongst the logic gates, to obtain protection against side channel attacks by inputting a selected control sequence into the randomization elements.

An authentication protocol using a Hardware-Embedded Delay PUF (HELP), which derives randomness from within-die path delay variations that occur along the paths within a hardware implementation of a cryptographic primitive, for example, the Advanced Encryption Standard (AES) algorithm or Secure Hash Algorithm 3 (SHA-3). The digitized timing values which represent the path delays are stored in a database on a secure server (verifier) as an alternative to storing PUF response bitstrings thereby enabling the development of an efficient authentication protocol that provides both privacy and mutual authentication.

A method, system, and non-transitory computer readable medium are described for providing a sender a plurality of ephemeral keys such that a sender and receiver can exchange encrypted communications. Accordingly, a sender may retrieve information, such as a public key and a key identifier, for the first receiver from a local storage. The retrieved information may be used to generate a key-encrypting key that is used to generate a random communication encryption key. The random communication encryption key is used to encrypt a communication, while the key-encrypting key encrypts the random communication key. The encrypted communication and the encrypted random communication key are transmitted to the first receiver.

A method, system, and non-transitory computer readable medium are described for providing a sender a plurality of ephemeral keys such that a sender and receiver can exchange encrypted communications. Accordingly, a sender may retrieve information, such as a public key and a key identifier, for the first receiver from a local storage. The retrieved information may be used to generate a key-encrypting key that is used to generate a random communication encryption key. The random communication encryption key is used to encrypt a communication, while the key-encrypting key encrypts the random communication key. The encrypted communication and the encrypted random communication key are transmitted to the first receiver.

A method, system, and non-transitory computer readable medium are described for providing a sender a plurality of ephemeral keys such that a sender and receiver can exchange encrypted communications. Accordingly, a sender may retrieve information, such as a public key and a key identifier, for the first receiver from a local storage. The retrieved information may be used to generate a key-encrypting key that is used to generate a random communication encryption key. The random communication encryption key is used to encrypt a communication, while the key-encrypting key encrypts the random communication key. The encrypted communication and the encrypted random communication key are transmitted to the first receiver.

According to one embodiment of the present specification, a method for transmitting security data is disclosed. The method for transmitting security data can comprise the steps of: outputting a first sequence by scrambling a bit stream of dummy data; outputting a second sequence by scrambling the security data to be transmitted by using the bit stream; and transmitting a first code word and a second code word obtained by encoding the first sequence and the second sequence.