In an embodiment, after a first phase of multiplication, in an electronic multiplication circuit, of a first operand by a second operand leading to a successive delivery of least significant words of the result of the first multiplication, a second multiplication, of the first operand by a supplementary operand is implemented in the electronic multiplication circuit, during a second phase of multiplication. The supplementary operands are not all identical.

The present disclosure relates to a cryptographic method comprising: multiplying a point belonging to a mathematical set with a group structure by a scalar by performing: the division of a scalar into a plurality of groups formed of a same number w of digits, w being greater than or equal to 2; and the execution, by a cryptographic circuit and for each group of digits, of a sequence of operations on point, the sequence of operations being identical for each group of digits, at least one of the operations executed for each of the groups of digits being a dummy operation.

Methods and apparatuses for increasing the leak-resistance of cryptographic systems are disclosed. A cryptographic token maintains secret key data based on a top-level key. The token can produce updated secret key data using an update process that makes partial information that might have previously leaked to attackers about the secret key data no longer usefully describe the new updated secret key data. By repeatedly applying the update process, information leaking during cryptographic operations that is collected by attackers rapidly becomes obsolete. Thus, such a system can remain secure against attacks involving analysis of measurements of the device's power consumption, electromagnetic characteristics, or other information leaked during transactions. Transactions with a server can be secured with the token.

Systems and techniques for a System-on-a-Chip (SoC) security plugin are described herein. A component message may be received at an interconnect endpoint from an SoC component. The interconnect endpoint may pass the component message to a security component via a security interlink. The security component may secure the component message, using a cryptographic engine, to create a secured message. The secured message is delivered back to the interconnect endpoint via the security interlink and transmitted across the interconnect by the interconnect endpoint.

Disclosed are a system and method for calculating elliptic curve cryptography scalar multiplication using an FPGA (Field Programmable Gate Array), the system and method scheduling calculation, which is used in a Montgomery ladder Algorithm, and enabling efficient calculation through an improved modular arithmetic calculation method. The system for calculating elliptic curve cryptography (ECC) scalar multiplication using an FPGA includes: a scheduler implementing Montgomery ladder step calculation in a pipeline structure; a pipeline modular adder/subtractor implementing n-bit modular addition in a d-stage pipeline structure; and a modular multiplier implementing n-bit modular multiplication in a 10-stage pipeline structure up to maximum 256 bits.

A calculation is performed on a first number and a second number. For each bit of the second number a first function is performed. The first function inputs include contents of a first register, contents of a second register and the first number. A result of the first function is placed in a third register. For each bit of the second number, a second function is performed which has as inputs contents of the third register and the contents of a selected one of the first and the second register according to a state of a current bit of the second number. A result of the second function is stored in the selected one of the first and second register.

Systems and techniques for a System-on-a-Chip (SoC) security plugin are described herein. A component message may be received at an interconnect endpoint from an SoC component. The interconnect endpoint may pass the component message to a security component via a security interlink. The security component may secure the component message, using a cryptographic engine, to create a secured message. The secured message is delivered back to the interconnect endpoint via the security interlink and transmitted across the interconnect by the interconnect endpoint.

Circuitry comprises a prediction register storing a plurality of entries each having respective data values for association with one or more branch instructions; prediction circuitry to detect, using prediction data derived by a mapping function from the stored data values associated with a given branch instruction, whether or not a branch represented by the given branch instruction is predicted to be taken; update circuitry to modify the stored data values associated with the given branch instruction in dependence upon a resolution of whether the branch represented by the given branch instruction is taken or not; and control circuitry configured to selectively alter one or more of the data values other than data values associated with the given branch instruction.

Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using Various embodiments of the invention implement countermeasures designed to withstand attacks by potential intruders who seek partial or full retrieval of elliptic curve secrets by using known methods that exploit system vulnerabilities, including elliptic operation differentiation, dummy operation detection, lattice attacks, and first real operation detection. Various embodiments of the invention provide resistance against side-channel attacks, such as simple power analysis, caused by the detectability of scalar values from information leaked during regular operation flow that would otherwise compromise system security. In certain embodiments, system immunity is maintained by performing elliptic scalar operations that use secret-independent operation flow in a secure Elliptic Curve Cryptosystem.

Systems and techniques for a System-on-a-Chip (SoC) security plugin are described herein. A component message may be received at an interconnect endpoint from an SoC component. The interconnect endpoint may pass the component message to a security component via a security interlink. The security component may secure the component message, using a cryptographic engine, to create a secured message. The secured message is delivered back to the interconnect endpoint via the security interlink and transmitted across the interconnect by the interconnect endpoint.