A plurality of dice having at least a first die and a second die. The first die can generate a measure of the first die using a cryptographic algorithm, a public key and a private key, and a digital signature according to the measure and the private key. The digital signature can include a digest encrypted by the private key. The digest can include the measure. The first die can communicate the measure, the digital signature, and the public key to the second die. The second die can store a validation code representative of a measure of the first die and validate the digital signature using the public key as well validate the measure by comparing the measure to the validation code.

Provided is a method for securing against fault attacks during verification a digital signature of a message on a client device. It performs (S1) at least one check on intermediate parameters that are generated for one that is different from 0 modulo n. It checks that values computed by several executions of the verification algorithm are the same, and checks that at least one mathematical relationship is verified. It performs a signature comparison final step to test equality between one of the intermediate parameters and a part of the digital signature. It triggers (S2) a fault attack countermeasure when at least one of the performed checks has failed.

Disclosed herein is an apparatus for estimating randomness of a random number generator. The apparatus is configured to divide output data (302), generated by the random number generator (704), into blocks (310) of a length (L), estimate a Shannon entropy of a second sub-set (404) of the blocks (310), using a first sub-set (402) of the blocks (310) to initialize the estimating, solve an estimate function, that relates an argument parameter (θ) to the Shannon entropy estimate, to determine a value for the argument parameter (θ) that is indicative of a probability of a most probable block being generated by the random number generator (704) as a new block, and use the length (L) to tune an estimate of randomness of the random number generator (704) calculated based on the value for the argument parameter (θ).

Systems, methods, and apparatuses for protecting a secret on a device with limited memory, while still providing tamper resistance, are described. To achieve security, an encoding computer can apply a memory-hard function MHF to a secret S and determine a result Y, then determine a proof π for the result Y. Then, the encoding computer can send a codeword C comprising the secret S and the proof π to a decoding computer. The decoding computer can retrieve the codeword C from persistent memory and parse the secret S and the proof π. The decoding device can use transient memory decode the codeword C by verifying the proof π was generated with the secret S and the result Y. When the correctness of the result Y is verified, the decoding device can apply a cryptographic function to input data using the secret S then reset the transient memory.

This disclosure describes techniques for analyzing statistical quality of bitstrings produced by a physical unclonable function (PUF). The PUF leverages resistance variations in the power grid wires of an integrated circuit. Temperature and voltage stability of the bitstrings are analyzed. The disclosure also describes converting a voltage drop into a digital code, wherein the conversion is resilient to simple and differential side-channel attacks.

A system, method and elliptic curve cryptography scheme having a fault injection attack resistant protocol. The cryptographic scheme has a first arithmetic operation having at least one of a single input bit, a single output bit, or a single output bit-string that is vulnerable to a fault injection attack. The protocol includes: performing a first arithmetic operation to determine a first output; performing a second arithmetic operation to determine a second output, the second arithmetic operation being a variant of the first arithmetic operation; and comparing the first output and the second output, and if the comparison is incompatible, outputting an invalidity condition, otherwise, outputting the first output.

A battery-swapping and encryption system and method. The battery-swapping and encryption system comprises an encryption device (12). The encryption device (12) is used to receive a swapping-complete signal, and to set a swapping-authorized signal after receiving the swapping-complete signal. The swapping-complete signal is used to indicate that an electric vehicle has completed battery swapping in an authorized battery-swapping facility. The encryption device (12) is further used to store the swapping-authorized signal. The battery-swapping and encryption system and method can be used to detect whether battery swapping performed by a user conforms to operation regulations, thereby ensuring that batteries of a battery-swapping station circulate within the station itself without being lost.

Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for recovering and verifying a public key. One of the methods includes accepting information encoding parameters of an elliptic curve, a published public key, a hash value of a message, a digital signature, and an identification parameter; generating a recovered public key based on the parameters of the elliptic curve, the hash value of the message, the digital signature, and the identification parameter; comparing the published public key and the recovered public key to verify the published public key.

An example operation may include one or more of dividing a data file into a plurality of data chunks, generating a randomness value for each data chunk based on one or more predefined randomness tests, and accumulating generated randomness values of the plurality of data chunks to generate an accumulated randomness value, detecting whether the data file is one or more of encrypted and compressed based on the accumulated randomness value and a predetermined threshold value, and storing information about the detection via a storage.

A method for delivering an update manifest and an update payload to a target device, the method comprising: receiving, at the target device, security credentials for the target device, the target device being configured to receive the update manifest and the update payload via a remote connection interface using the security credentials; receiving, at the target device, the update manifest from a host device via a local connection interface; and applying, at the target device, the update payload in accordance with the update manifest.