According to various embodiments, an integrated circuit is described comprising a plurality of subcircuits having different signal transfer reaction times, a control circuit configured to form two competing paths from the plurality of subcircuits in response to a control signal, an input circuit configured to supply an input signal to the two competing paths and an output circuit configured to generate an output value depending on which of the competing paths has transferred the input signal with shorter reaction time.

The embodiments herein are directed to technologies for backside security meshes of semiconductor packages. One package includes a substrate having a first interconnect terminal of a first type and a second interconnect terminal of a second type. The package also includes a first security mesh structure disposed on a first side of an integrated circuit die and a conductive path coupled between the first interconnect terminal and the second interconnect terminal. The first security mesh structure is coupled to the first interconnect terminal and the second interconnect terminal being coupled to a terminal on a second side of the integrated circuit die.

A method for executing an operation by a circuit, may include executing a first operation to process an input data, the circuit generating during the execution of the first operation a first signal, and executing in the circuit a second operation receiving the input data and configured to add to the first signal, between first and second instants during the execution of the first operation, a continuous second signal. A combination of the first and second signal forming a resultant signal in which the second signal may be indistinctly measurable with the first signal from outside of the circuit. The second signal and the resultant signal varying as a function of the input data.

A computer security lock having separate key pairs includes an encryption board inserted between a main board and a hard disk, and an encryption board being inserted into the encryption board to perform a real-time authentication process. The electronic key and the encryption board performs the real-time authentication process and hardware anti-copy self-testing process, and encrypt the data communicated between the encryption board and the electronic key. After passing the authentication process and the hardware anti-copy self-testing process, the electronic key combines an internally stored key list with the key list on the encryption board, and selects a user key to encrypt/decrypt the data on the disk according to the partition of the hard disk where the encrypted data is written to. The computer security lock can assure the safety of the data, and the hardware is prevented from being copied.

A method for executing by a circuit a substitution operation such that an output data may be selected in a substitution table using an input data as an index. The substitution operation may be performed using a new masked substitution table. The input data may be combined by XOR operations with a new value of a first mask parameter, and the output data may be combined by XOR operations with a new value of a second mask parameter. The new masked substitution table may be generated by computing the new value of the first mask parameter by applying XOR operations to a previous value of the first mask parameter and to a first input mask, computing the new value of the second mask parameter by applying XOR operations to a previous value of the second mask parameter and to a second input mask, and generating the new masked substitution table using a previous masked substitution table and the first and second input masks.

Techniques are disclosed relating to relating to a public key infrastructure (PKI). In one embodiment, an integrated circuit is disclosed that includes at least one processor and a secure circuit isolated from access by the processor except through a mailbox mechanism. In some embodiments, the secure circuit is configured to generate a public key and a private key for an application, and receive, from the application via an API, a request to perform a cryptographic operation using the private key. The secure circuit is further configured to perform the cryptographic operation in response to the request.

Systems and methods are provided for encrypting data in a memristor array. The data may be scrambled by multiplying an input data unit by another data unit, by multiplying each element of a first data unit by a different instance of a second data unit. The process continues until all elements of the first data unit are multiplied by a different instance of the second data unit. The elements of the data units may be represented by resistive values of a memristor array. The result of all of the above multiplication of different instances of the second data unit are a new set of data units. All of the resulting data units are added together by adding the currents associated with values of the memristors representing the resulting data units. The operation may be performed as a finite field computation, with the memristor array.

Embodiments of the present invention provide systems and techniques for changing cryptographic keys in high-frequency transaction environments to mitigate service disruptions or loss of transactions associated with key maintenance. In various embodiments, a server device can employ a working key encrypted with a first master key to decrypt messages being communicated from a client device, whereby each message is encrypted with a first cryptogram that was generated based on the working key encrypted with the first master key. While the working key encrypted with the first master key is being employed, the server device can generate a notification including a second cryptogram generated based on the working key encrypted with a second master key for transmission to the client device. The transmitted notification can cause the client device to encrypt the messages being communicated with the second cryptogram. The server device can concurrently employ the working key encrypted with one of the first and second master keys to decrypt messages received from the client device, whether encrypted with the first cryptogram or the second cryptogram.

A security device and an operating method thereof, which generate masking data for masking a key on the basis of a physically unclonable function (PUF), are provided. The security device includes a PUF circuit including a plurality of PUF cells outputting random key data and masking data, a key generator configured to generate a key through post-processing performed on the random key data, and a masking module configured to mask and store the key by using the masking data, wherein the random key data and the masking data are generated by different PUF cells.

N key generation circuits are arranged in a pipeline having N stages. Each key generation circuit is configured to generate a round key as a function of a respective input key and a respective round constant. Output signal lines that carry the round key from a key generation circuit in a stage of the pipeline, except the key generation circuit in a last stage of the pipeline, are coupled to the key generation circuit in a successive stage of the pipeline to provide the respective input key.