A method of operating at least one node in a communication network that uses a shared communication medium has been developed to reduce or eliminate timing side-channel attacks performed by an adversary that is connected to the shared communication medium. The method includes generating, with a controller in a first node, a first jitter time offset randomly generated from within a predetermined time range, and transmitting, with a transceiver in the first node, a first data bit through an output of the transceiver that is connected to a shared communication medium, the first data bit being transmitted at a first time corresponding to the first jitter time offset added to a first predetermined transmission time.

Cryptographic circuitry masks sensitive data values. The masking includes extracting unique combinations of random mask values from one or more sets of random mask values. Each sensitive data value is masked using a respective unique combination. The unique combinations have a combination class greater than or equal to a determined integer corresponding to a protection-level against side-channel attacks, and a number of unique combinations greater than or equal to a number of the sensitive data values. A number of random mask values in the one or more sets of random mask values is based on the number of unique combinations and the class of the plurality of unique combinations.

The disclosed apparatus may include an encryption device that signs information exchanged between network devices to ensure the integrity of the information. The disclosed apparatus may also include a network device communicatively coupled to the encryption device, wherein the network device (1) obtains geo-location information that identifies the location of the network device, (2) directs the encryption device to sign the geo-location information to ensure the integrity of the geo-location information, (3) provides the signed geo-location information to a remote management system that manages the configuration of the network device based at least in part on the geo-location information, and (4) receives a configuration profile that modifies the configuration of the network device to account for the current location of the network device from the remote management system. Various other apparatuses, systems, and methods are also disclosed.

A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y.sup.2=f(X); and from polynomials X1(t), X2(t), X3(t) and U(t) satisfying: f(X1(t)).Math.f(X2(t)).Math.f(X3(t))=U(t).sup.2 in Fq, with q=3 mod 4. Firstly a value of the parameter t is obtained. Next, the point P is determined by: (i) calculating X1=X1(t), X2=X2(t), X3=X3(t) and U=U(t); (ii) if the term f(X1).Math.f(X2) is a square, then testing whether the term f(X3) is a square in Fq and if so calculating the square root of f(X3) in order to obtain the point P(X3); (iii) otherwise, testing whether the term f(X1) is a square and, if so, calculating the square root of f(X1) in order to obtain the point P(X1); (iv) otherwise, calculating the square root of f(X2) in order to obtain the point P(X2). This point P is useful in a cryptographic application.

The disclosed apparatus may include an encryption device that signs information exchanged between network devices to ensure the integrity of the information. The disclosed apparatus may also include a network device communicatively coupled to the encryption device, wherein the network device (1) obtains geo-location information that identifies the location of the network device, (2) directs the encryption device to sign the geo-location information to ensure the integrity of the geo-location information, (3) provides the signed geo-location information to a remote management system that manages the configuration of the network device based at least in part on the geo-location information, and (4) receives a configuration profile that modifies the configuration of the network device to account for the current location of the network device from the remote management system. Various other apparatuses, systems, and methods are also disclosed.

A floating core network for secure isolation of a circuit from an external supply interface is described. Isolation of a core is accomplished through a dynamic current limiting network providing an isolated core voltage to the core; and an isolated supply for the corresponding core that is continuously recharged by the dynamic current limiting network. The dynamic current limiting network can include two control loops, one control loop providing a fixed gate voltage to a p-type transistor supplying current to the isolated supply and another control loop providing a fixed gate voltage to an n-type transistor sinking current from the isolated supply.

An encryption module and method for performing an encryption/decryption process executes two cryptographic operations in parallel in multiple stages. The two cryptographic operations are executed such that different rounds of the two cryptographic operations are performed in parallel by the same instruction or the same finite state machine (FSM) state for hardware implementation.

Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using known methods that exploit system vulnerabilities, including elliptic operation differentiation, dummy operation detection, lattice attacks, and first real operation detection. Various embodiments of the invention provide resistance against side-channel attacks, such as sample power analysis, caused by the detectability of scalar values from information leaked during regular operation flow that would otherwise compromise system security. In certain embodiments, system immunity is maintained by performing elliptic scalar operations that use secret-independent operation flow in a secure Elliptic Curve Cryptosystem.

Disclosed are devices, systems, apparatus, methods, products, and other implementations, including a method that includes identifying a process to obtain timing information of a processor-based device, and in response to identifying the process to obtain the timing information, delaying delivery of the timing information for a time-delay period. In some embodiments, identifying the process to obtain the timing information may include identifying a request to obtain the timing information of the processor-based device. In some embodiments, identifying the process to obtain the timing information may include identifying a memory-access process.

A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y.sup.2=f(X) and from polynomials satisfying: f(X.sub.1(t)).Math.f(X.sub.2(t))=U(t).sup.2 in the finite body Fq, irrespective of the parameter t, q=3 mod 4. A value of the parameter t is obtained and the point P is determined by: (i) calculating X.sub.1=X.sub.1 (t), X.sub.2=X.sub.2(t) and U=U(t); (ii) testing whether the term f(X1) is a squared term in the finite body Fq and, if so, calculating the square root of the term f(X1), the point P having X.sub.1 as abscissa and Y.sub.1, the square root of the term f(X.sub.1), as ordinate; (iii) otherwise, calculating the square root of the term f(X.sub.2), the point P having X.sub.2, as abscissa and Y.sub.2, the square root of the term f(X.sub.2), as ordinate. The point P is useful in encryption, scrambling, signature, authentication or identification cryptographic applications.