A method for creating a physical unclonable function (PUF) bit for use with transistor circuitry includes performing a tilt test on a PUF cell of a transistor circuitry, comprising tilting the PUF cell at least once, and comparing a mismatch of a response of the PUF cell to a tilt threshold. A magnitude of the mismatch is determined. A mismatch magnitude below the tilt threshold is considered a first logic value” and a mismatch magnitude above the tilt threshold is considered a second logic value. The mismatch magnitude of the PUF cell is random. The absolute value of the mismatch magnitude is used as an entropy source to produce at least one PUF bit called a mirror PUF bit.

A terminal exchanges a common key generated using a seed, the randomness of which was recognized in advance, with a verification server. The terminal generates verification data using a plurality of measured values from a noise source. The terminal encrypts the verification data with the common key and transmits the verification data to the verification server. The verification server verifies the randomness of verification data obtained by decrypting the encrypted verification data with the common key. When it is determined that the verification data has randomness, the verification server transmits a verification result indicating that the randomness of the verification data is recognized to the terminal. The terminal acquires a plurality of measured values and generates a new seed in accordance with the verification result from the server and preserves the new seed in a secure area.

There is provided a cryptographic key determination device for determining one or more cryptographic keys in a cryptographic device, the cryptographic device being configured to execute one or more test programs, the cryptographic device comprising one or more components (11-i), each component (11-i) being configured to generate static and dynamic data, the dynamic data being generated in response to the execution of the one or more test programs, wherein the cryptographic key determination device comprises: a data extraction unit configured to extract at least one part of the static data and at least one part of the dynamic data generated by the one or more components (11-i), and a key generator configured to combine the at least one part of static data and the at least one part of dynamic data, and to determine the one or more cryptographic keys by applying a cryptographic function to the combined data.

A first lawful interception (LI) function transmits, to a second LI function in a virtualized network function, VNF, a request for random number generator, RNG, data, characterizing a random number generator in the second LI function. The RNG data is tested, resulting in a randomness test result that is indicative of randomness of numbers generated by the RNG in the second LI function. If the randomness is below a first threshold, mitigation takes place of any undesired effect associated with the randomness being less than the threshold value. A corresponding method is performed by the second LI function, receiving the request for RNG data, obtaining and transmitting the RNG data to the first LI function. Verification can thereby be made whether a LI function in a VNF has a proper level of entropy source for use by its cryptographic operations and, if not, perform mitigation.

A device multiplies a first public key by a first scalar value, generating an intermediate result. The first public key corresponds to a point on an elliptic curve of order n, n is an integer, and the first scalar value is equal to n/m where in is a largest prime integer factor of n. The device determines whether the intermediate result is equal to a value corresponding to a point O at infinity on the elliptic curve. In response to the determining indicating the intermediate result is different from the value corresponding to the point O, the device multiplies the intermediate result by a second scalar, generating a shared secret value. The device performs one or more processing operations using the generated shared secret value. Otherwise, the device may initiate error processing without generating the shared secret value.

A computer-implemented method includes retrieving, by a bridge device communicatively linked to a blockchain network node of a blockchain network, a first set of blockchain blocks from the blockchain network node using a first set of threads of the bridge device; storing, by the bridge device, the first set of blockchain blocks in the bridge device; and verifying, by the bridge device, a second set of blockchain blocks that are stored in the bridge device using a second set of threads of the bridge device; and wherein retrieving the first set of blockchain blocks and verifying the second set of blockchain blocks are performed asynchronously using the first set of threads and the second set of threads.

Systems, apparatuses, methods, and computer-readable media for implementing confidential computing of one or more computing systems and/or devices using component authentication and data encryption with integrity and anti-replay mechanisms are disclosed. In some examples, the systems, apparatuses, methods, and computer-readable media described herein can perform various techniques, including one or more secure boot processes, component and data authentication, and data encryption with integrity and anti-replay, among other secure techniques. One implementation may include executing secure boot process based on authentication of a device identifier stored in a secure physical object of a processing device. Another implementation may include encrypting and storing a counter value corresponding to a cache line and generating an integrity tag value replacing error correction code bits associated with the cache line with the generated cache line tag value.

Some embodiments are directed to an electronic cryptographic device arranged to determine a cryptographic key. The cryptographic device can include a physically unclonable function (PUF) arranged to produce a first noisy bit string during the enrollment phase and a second noisy bit string during the reconstruction phase, and a statistical unit arranged to execute a statistical test for verifying correct functioning of the physical unclonable function. The statistical test computes a statistical parameter for the physical unclonable function using helper data. The statistical test determines correct functioning if the statistical parameter satisfies a criterion of the statistical test.

Disclosed are various embodiments for executing entity-specific cryptographic code in a cryptographic coprocessor. In one embodiment, an exemplary method comprises receiving encrypted code that includes implementing a cryptographic algorithm from a service via a network, wherein the encrypted code further includes a symmetric encryption key; decrypting, by a cryptographic coprocessor, the encrypted code; executing, by the cryptographic coprocessor, the decrypted code to generate a cryptogram including information encrypted using the cryptographic algorithm and the symmetric encryption key; and sending the cryptogram to the service via the network.

A method is provided for secure provisioning of a device. In the method, a plurality of integrated circuit (IC) devices is manufactured by a first entity for use in the device. The first entity provides signed provisioning software and stores in at least one provisioning IC device one or more keys used for provisioning the plurality of ICs. The provisioning device with the signed provisioning software is provided to a second entity. The second entity verifies the provisioning software using a stored key. The provisioning software encrypts provisioning assets provided by the second entity and provides the encrypted provisioning assets to the third entity. The signed provisioning software is provided to a third entity by the first entity. During manufacturing of the manufactured products by the third entity, the provisioning software verifies and decrypts the encrypted provisioning assets of the second entity to provision all the plurality of IC devices.