A multivariate signature method for resisting key recovery attack, which establishes a new signature verification condition by adding additional value of signature. The verification condition implies verification of internal information x and y, thereby effectively resisting key recovery attack generated by the existence of equivalence key. Specifically, the method includes the three stages of data preprocessing, signature generation and signature verification. The invention is a signature authentication method based on polynomial equations of a plurality of variables in a finite field, which can effectively resist the key recovery attack, provide the basic technical support for the information security and the establishment of the trust system in the quantum computer era, and provide a secure digital signature option in the quantum era. The present invention is especially suitable for use under application condition which has limited storage and processing time, such as smart cards, wireless sensor networks and dynamic RFID tags.

A digital encrypting and decrypting unit (PMEU) that operates according to a Rivest-Shamir-Adleman (RSA) cryptosystem based on Residue Numeral System (RNS) and Chinese Reminder Theorem (CRT). The unit includes two modular exponentiation calculating units (MES-1, MES-2) to process a two residual signals (X mod p; X mod q) to calculate a result of a modular exponentiation by a binary method. The calculating units have inputs (I-k[i], I-SM, I-MM) and outputs (O-k[i], O-SM, O-MM) for signals representing partial results of the modular exponentiation. A modular exponentiation controlling unit (MECU) is connected to the inputs and outputs of the calculating units to control flow of the signals representing the partial results of the modular exponentiation.

Among other things, this document describes systems, devices, and methods for responding to the detection of tampering with a remotely deployed computer, such as a server in a network data center. In one embodiment, the computer can be equipped with various tamper detection mechanisms, such as proximity sensors or circuitry triggered when the server's case is opened and/or internal components are moved or altered. Tamper detection can invoke an automated trust revocation mechanism. When tampering is detected, the computer hardware can automatically prevents access to, and/or use of, a previously stored authentication key. Consequently, the computer cannot authenticate to a remote entity, such as a network operations center and/or another computer in a distributing computing system. In some embodiments, the computer remains operable so that administrators can communicate with the server and/or extract information therefrom, although the computer will be treated as entrusted.

Among other things, this document describes systems, devices, and methods for responding to the detection of tampering with a remotely deployed computer, such as a server in a network data center. In one embodiment, the computer can be equipped with various tamper detection mechanisms, such as proximity sensors or circuitry triggered when the server's case is opened and/or internal components are moved or altered. Tamper detection can invoke an automated trust revocation mechanism. When tampering is detected, the computer hardware can automatically prevents access to, and/or use of, a previously stored authentication key. Consequently, the computer cannot authenticate to a remote entity, such as a network operations center and/or another computer in a distributing computing system. In some embodiments, the computer remains operable so that administrators can communicate with the server and/or extract information therefrom, although the computer will be treated as entrusted.

A distributed device network including a number of device nodes connected to a wireless mesh network and including memory configured to store instructions thereon. The instructions cause the one or more processors to receive, from a server by a first device node of the number of device nodes, a first packaged application, the first packaged application including a first functionality, execute, by the first device node, the first packaged application to provide the first functionality receive, from the server by a second device node of the number of device nodes, a second packaged application, the second packaged application including a second functionality, execute, by the second device node, the second packaged application to provide the second functionality, wherein the number of device nodes are resource-constrained devices that cooperate to perform one or more functions of a cloud computing system.

The present disclosure is directed to systems and methods to protect against SCA and fault injection attacks through the use of a temporary or ephemeral key to cryptographically alter input data portions. Universal resistant block (URB) circuitry receives a seed data value and a at least one secret key data value and generates an ephemeral key output data value. Cryptographic circuitry uses the ephemeral key data value to transform an input data portion to produce an transformed output data portion. The use of an SCA or fault injection attack on the transformed output data portion will reveal only the ephemeral key data value and not the at least one secret key data value. Further, where a unique ephemeral key data value is used to transform each input data portion, an attacker cannot discover the ephemeral key in a piecemeal manner and must instead discover the complete ephemeral key data valuesignificantly increasing the difficulty of performing a successful SCA or fault injection attack.

A host device includes a power supply unit configured to supply power to a SoC, a current measurement circuit configured to measure a current from the power supply unit to the SoC, a detection unit configured to detect a power supply glitch in the host device, on the basis of a result of current measurement by the current measurement circuit, and a controller configured to suspend transmission of encrypted command from the host device to the memory device if the detection unit detects a power supply glitch in the host device.

The disclosure describes a security system, including a security element and a clock randomization processing unit. The clock randomization processing unit is configured to: receive a clock signal, randomly change arrangement of high-level steps or low-level steps in the clock signal, and provide a changed clock signal to the security element. The security system in an embodiment of the present invention first performs randomization processing on the clock signal before inputting the clock signal to the security element, and then inputs a randomized clock signal to the security element. The randomized clock signal causes a module inside the security element to work irregularly. Therefore, it is much more difficult to perform analysis in a side-channel attack, and a security capability of the security element is improved.

A zero detection circuit includes a chain of masked OR circuits. Each masked OR circuit includes data inputs. Each data input is configured to receive a respective data input bit. Each masked OR circuit further includes an input mask input to receive one or more input masking bits, an output mask input to receive an output masking bit and a data output. The zero detection circuit is configured to output a bit equal to an OR combination, masked with the output masking bit, of the data input bits, each demasked with an input masking bit of the one or more input masking bits. One of the inputs of each masked OR circuit except the first masked OR circuit of the chain of masked OR circuits is coupled to the data output of the masked OR circuit preceding the masked OR circuit in the chain of masked OR circuits.

A method for detecting errors is performed on a data string which includes an information portion and a redundancy portion. The information portion includes two or more sub-strings. The method includes generating respective redundancy words for each sub-string by encoding each sub-string with a separable robust code. A composite redundancy word is generated from respective redundancy words. An error is flagged when the redundancy portion of said data string differs from the composite redundancy word.