A method of encoding and encrypting input data (D1) to generate corresponding encoded and encrypted data (E2) is provided. At least a first data block of the input data (D1) is encoded to generate a first encoded data block. The at least first encoded data block is then encrypted using at least one key to provide a first encoded and encrypted data block for inclusion in the encoded and encrypted data (E2). Moreover, a first seed value is generated for use in encrypting a next encoded data block to provide a next encoded and encrypted data block for inclusion in the encoded and encrypted data (E2). Furthermore, a next seed value is generated for use in encrypting a subsequent encoded data block, in a sequential repetitive manner until each data block of the input data (D1) is encoded and encrypted into the encoded and encrypted data (E2).

A cryptographic method includes providing memory locations for storing encrypted data. The memory locations have respective addresses and are accessible via a communication bus. The method includes receiving over the communication bus access requests to the memory locations, wherein the access requests include burst requests for access to respective sets of the memory locations starting from respective start addresses, and calculating as a function of the start addresses encryption/decryption cryptographic masks based on cryptographic keys. Plain text data is received for encryption and the method includes applying the cryptographic masks to the plain text data to obtain therefrom encrypted data, and including the encrypted data into output data for transmission over the communication bus.

In one example an apparatus comprises an input register to receive at least a portion of a transport layer data packet, an encryption/decryption pipeline communicatively coupled to the input register, comprising a first section comprising a set of advanced encryption standard (AES) engines including at least a first AES engine to perform encryption and/or decryption operations on input data from the at least a portion of a transport layer data packet, a second AES engine to determine an authentication key, and a third AES engine to determine an authentication tag mask, a second section comprising a first set of Galois field multipliers comprising at least a first Galois field multiplier to compute a first multiple of the authentication key, a third section comprising a second set of Galois field multipliers to compute a first partial authentication tag, and a fourth section comprising a processing circuitry to compute a second partial authentication tag and a final authentication tag.

Embodiments are directed to aggregate GHASH-based message authentication code (MAC) over multiple cachelines with incremental updates. An embodiment of a system includes a controller comprising circuitry, the controller to generate an error correction code for a memory line, the memory line comprising a plurality of first data blocks, generate a metadata block corresponding to the memory line, the metadata block comprising the error correction code for the memory line and at least one metadata bit, generate an aggregate GHASH corresponding to a region of memory comprising a cacheline set comprising at least the memory line, encode the first data blocks and the metadata block, encrypt the aggregate GHASH as an aggregate message authentication code (AMAC), provide the encoded first data blocks and the encoded metadata block for storage on a memory module comprising the memory line, and provide the AMAC for storage on a device separate from the memory module.

For a network including multiple computers acting as tunnel endpoints in a network, some embodiments provide a method for processing data messages in parallel using multiple processors (e.g., cores) of each computer. Each computer in some embodiments has a set of interfaces configured as tunnel endpoints connecting to multiple tunnels. In some embodiments, the multiple processors encrypt data messages according to a set of encryption parameters or multiple sets of encryption parameters that specify an encryption policy for data messages requiring encryption, an encryption algorithm, an encryption key, a destination network address, and an encryption-parameter-set identifier.

An input data may be received. A portion of a cryptographic operation may be performed with the received input data at a first function component. During the performance of the cryptographic operation at the first function component, a pre-charge operation may be performed at a second function component. Furthermore, the second function component may be used to perform another portion of the cryptographic operation with a result of the portion of the cryptographic operation performed at the first function component.

An adjunct processor dynamically determines, on a per-command basis, whether commands obtained by the adjunct processor are to be processed by the adjunct processor. The adjunct processor obtains a command request of a requester. The command request includes at least one filtering indicator indicating at least one valid command type for processing by the adjunct processor for the requester. The adjunct processor determines using the at least one filtering indicator whether a command of the command request is valid for processing by the adjunct processor for the requester. Based on determining that the command is valid for processing by the adjunct processor, the command is processed by the adjunct processor.

Cryptographic integrated circuits include an input module configured to receive a stream of input data packets, a plurality of cryptographic modules coupled to the input module, where each cryptographic module includes an input port for receiving an input data packet and an output port for transmitting an output data packet, and is configured to encrypt or decrypt the received input data packet to generate an output data packet, and an output module configured to receive output data packets from the plurality of cryptographic modules and to generate an output data stream comprising the output data packets, where the input and output modules and the plurality of cryptographic modules are mounted on a single integrated circuit board, and wherein the input module is configured to distribute the input data packets among the plurality of cryptographic modules.

Disclosed are memory encryption systems and methods that rotate encryption keys for robust resistance against side-channel-analysis (SCA)-based attacks on communication paths between an encryption engine within a trust boundary and an external memory component. A key data structure has a plurality of keys that are used to encrypt a plurality of memory blocks in the external memory. The memory blocks encrypted with the oldest key of the key data structure are identified. Encrypted data is read from the identified memory blocks. The encrypted data is decrypted from the identified memory blocks. The data is then re-encrypted using the selected key that is newer than the oldest key, and re-written to the identified memory blocks.

A content provider in a content distribution system may be configured to reduce latency in a content distribution system by storing multiple frames from a sequence of frames in different buffers and encrypting, in parallel, the frames stored in the different buffers. For example, the content provider may encrypt each buffer via a different instruction pipeline of a processor.