An elliptic curve random number generator avoids escrow keys by choosing a point on the elliptic curve as verifiably random. An arbitrary string is chosen and a hash of that string computed. The hash is then converted to a field element of the desired field, the field element regarded as the x-coordinate of a point on the elliptic curve and the x-coordinate is tested for validity on the desired elliptic curve. If valid, the x-coordinate is decompressed to the point , wherein the choice of which is the two points is also derived from the hash value. Intentional use of escrow keys can provide for back up functionality. The relationship between P and is used as an escrow key and stored by for a security domain. The administrator logs the output of the generator to reconstruct the random number with the escrow key.

Methods and apparatus for using characterized devices such as memories. In one embodiment, characterized memories are associated with a range of performances over a range of operational parameters. The characterized memories can be used in conjunction with a solution density function to optimize memory searching. In one exemplary embodiment, a cryptocurrency miner can utilize characterized memories to generate memory hard proof-of-work (POW). The results may be further validated against general compute memories; such that only valid solutions are broadcasted to the mining community. In one embodiment, the validation mechanism is implemented for a plurality of searching apparatus in parallel to provide a more distributed and efficient approach. Various other applications for characterized memories are also described in greater detail herein (e.g., blockchain, social media, machine learning, probabilistic applications and other error-tolerant applications).

There are provided a method and system for assessing latency of ciphering end point of secure communication channel. The method comprises: generating a test traffic comprising a series of original data packets, wherein, for each original data packet, size of a given packet is uniquely indicative of the packet's place in a sequence of data packets in the series and enables unique correspondence with a size of the given packet upon its encryption; successively transmitting the original packets to the ciphering end point, whilst associating with respective departure time stamps; receiving encrypted packets from the ciphering end point and associating them with respective arrival time stamps; using a size of a given encrypted packet with a timestamp TS.sub.a to identify a size of a matching original packet, its place in the sequence of original packets and, thereby, its departure timestamp TS.sub.d, thus giving rise to a plurality of timestamp pairs (TS.sub.d; TS.sub.a).

According to the embodiment, an encrypted data generation device includes one or more processors. The one or more processors generate a first hash value from plaintext data by a certain hash function, encrypt the plaintext data, and generate encrypted data. And the one or more processors transmit the first hash value and the encrypted data to an external device.

A method for authenticating an additively manufactured (AM) object is disclosed herein. A computing device obtains a measurement that is indicative of a stochastic distribution of dopant incorporated into the AM object. The computing device generates authentication data for the AM object based upon the measurement, and authenticates the AM object based upon the authentication data.

A system and method for minimizing the likelihood that the secret key used by a bootloader is compromised is disclosed. A bootloader is installed on the device. The bootloader is a software program that performs many functions. These functions may include checking the checksum of the incoming software image for integrity, decrypting the incoming software image using a secret key, deleting data in the FLASH memory, installing the new software image in the FLASH memory and other functions. The bootloader utilizes various techniques to track the versions of the software image being installed. The method also counts the number of incomplete attempts that are made when trying to update the software image. By monitoring these parameters, the bootloader can determine when a malicious actor is attempting a side channel attack. In response, the bootloader may not allow a new software image to be loaded or the secret key to be accessed.

The present invention relates to a method and system for storing log data entries to provide a for a nonrepudiation log file that may be authenticated on an entry by entry basis. The system and method may be, or use, an encoder plug-in to translate entries into paired data and to write the translated entry to the log file in any order thereby allowing for the use of multiple processor systems. The log entries may be extracted and verified as authentic using this encoding plug-in and one or more processor systems. Various techniques may be used to prevent tampering with the log to remove a tuple and to detect unauthorized removal of data from the log. The present invention also relates to a method and system of securing and processing digital asset transactions.

A data storage device utilized for confirming firmware data includes a flash memory and a controller. The controller is coupled to the flash memory to receive first firmware data and first sorting hash data related to the first firmware data, and it divides a first hash data generated from the first firmware data into a plurality of data groups, and re-assembles the data groups according to a mapping and sorting algorithm to generate second sorting hash data. The controller includes an efuse region for writing the mapping and sorting algorithm. When the controller determines that the second sorting hash data is identical to the first sorting hash data, the first firmware data is allowed to update the controller.

This disclosure describes techniques for analyzing statistical quality of bitstrings produced by a physical unclonable function (PUF). The PUF leverages resistance variations in the power grid wires of an integrated circuit. Temperature and voltage stability of the bitstrings are analyzed. The disclosure also describes converting a voltage drop into a digital code, wherein the conversion is resilient to simple and differential side-channel attacks.

An elliptic curve random number generator avoids escrow keys by choosing a point Q on the elliptic curve as verifiably random. An arbitrary string is chosen and a hash of that string computed. The hash is then converted to a field element of the desired field, the field element regarded as the x-coordinate of a point Q on the elliptic curve and the x-coordinate is tested for validity on the desired elliptic curve. If valid, the x-coordinate is decompressed to the point Q, wherein the choice of which is the two points is also derived from the hash value. Intentional use of escrow keys can provide for back up functionality. The relationship between P and Q is used as an escrow key and stored by for a security domain. The administrator logs the output of the generator to reconstruct the random number with the escrow key.