A redundancy system includes a first computational device and a second computational device each configured to receive at least one input and to generate a first output and a second output, respectively, based on the at least one input; a random sequence generator configured to generate a random bit sequence; a random delay selector configured to determine a random delay based on the random bit sequence; a first random delay circuit configured to delay outputting the at least one input to the first computational device based on the random delay; a second random delay circuit configured to delay outputting the second output based on the random delay; and a fault detection circuit configured to receive the first output and the delayed second output, and to generate a comparison result based on comparing the first input to the delayed second output.

A system, method and elliptic curve cryptography scheme having a fault injection attack resistant protocol. The cryptographic scheme has a first arithmetic operation having at least one of a single input bit, a single output bit, or a single output bit-string that is vulnerable to a fault injection attack. The protocol includes: performing a first arithmetic operation to determine a first output; performing a second arithmetic operation to determine a second output, the second arithmetic operation being a variant of the first arithmetic operation; and comparing the first output and the second output, and if the comparison is incompatible, outputting an invalidity condition, otherwise, outputting the first output.

A system-on-chip (SoC) is provided that includes security control registers, the security control registers including security flags for security critical assets of the SoC, wherein each security flag includes multiple bits.

The present invention relates to a shift register protected against physical attacks, comprising a coding module, a decoding module, a plurality of basic shift registers of which the respective inputs receive the bits of a codeword supplied by the coding module using an input bit at each clock cycle, and of which the respective outputs are connected to the decoding module in order to supply an output bit, with the codewords being chosen in such a way as to have the same non-zero Hamming weight and two successive codewords having a constant non-zero Hamming distance. The codewords are generated using an internal state machine and/or an external state machine to the coding module.

An electronic chip includes a first well having a first PN junction located therein, a second buried well located under and separated from the first well, and a first region forming a second PN junction with the second well. A detection circuit is coupled to the first well and configured to output a digital signal that has a first logic value when a potential difference within the first region is above a threshold and a second logic value when the potential difference within the first region is below the threshold.

A data processing system includes technology for detecting and tolerating faults. The data processing system comprises an electronic control unit (ECU) with a processing core and a fault-tolerant elliptic curve digital signature algorithm (ECDSA) engine. The fault-tolerant ECDSA engine comprises multiple verification state machines (VSMs). The data processing system also comprises nonvolatile storage in communication with the processing core and ECU software in the nonvolatile storage. The ECU software, when executed, enables the data processing system to operate as a node in a distributed data processing system, including receiving digitally signed messages from other nodes in the distributed data processing system. The ECU further comprises a known-answer built-in self-test unit (KA-BISTU). Also, the ECU software comprises fault-tolerant ECDSA engine (FTEE) management software which, when executed by the processing core, utilizes the KA-BISTU to periodically test the fault-tolerant ECDSA engine for faults. Other embodiments are described and claimed.

An integrated circuit includes a semiconductor substrate having a rear face. A first semiconductor well within the substrate includes circuit components. A second semiconductor well within the substrate is insulated from the first semiconductor well and the rest of the substrate. The second semiconductor well provides a detection device that is configurable and designed to detect a DFA attack by fault injection into the integrated circuit.

plurality of objects that comprise an input to a cryptographic signing function. For each object in the plurality of objects, an output value y.sub.i of a hash function is calculated, where the value i is equal to an index value of the object, a compressed output value x.sub.i of a compression function is calculated, the output value y.sub.i from the computer readable memory, and the compressed output value x.sub.i is stored. For each object in the plurality of objects, an output value y.sub.i of the hash function is calculated, where the value i is equal to the index value of the object, a compressed output value x.sub.i of the compression function executed on the output value y.sub.i is calculated, the output value x.sub.i is determined to be equal to the output value x.sub.i, and the output value y.sub.i is transmitted in an output data stream.

A device for detecting perturbation attacks performed on a digital circuit is provided. The device comprises: a first metallic layer and a second metallic layer arranged on the digital circuit, the first metal layer comprising a plurality of signal transmission lines routed horizontally, the second metal layer comprising a plurality of signal transmission lines routed vertically, the device comprising one or more transmitter buffers and one or more receiver buffers, a transmitter buffer and a receiver buffer being connected by each signal transmission line; a random number generator configured to generate random signal values; the device further comprising a transmitter manager connected to one or more transmitter buffers and a receiver manager connected to one or more receiver buffers, wherein: the transmitter manager is configured to transmit random signal values generated by the random number generator over the signal transmission lines of the first metallic layer and the second metallic layer, the receiver manager is configured to receive random signal values from the transmitter manager through the one or more receiver buffers connected to the receiver manager, measure a transmission time corresponding to a time of transmission of the received random signal values, and compare the transmission time to a predefined timing interval to detect perturbation attacks.

A redundancy system includes a first computational device and a second computational device each configured to receive at least one input and to generate a first output and a second output, respectively, based on the at least one input; a random sequence generator configured to generate a random bit sequence; a random delay selector configured to determine a random delay based on the random bit sequence; a first random delay circuit configured to delay outputting the at least one input to the first computational device based on the random delay; a second random delay circuit configured to delay outputting the second output based on the random delay; and a fault detection circuit configured to receive the first output and the delayed second output, and to generate a comparison result based on comparing the first input to the delayed second output.