CRYPTOGRAPHIC DEVICE WITH RESISTANCE TO DIFFERENTIAL POWER ANALYSIS AND OTHER EXTERNAL MONITORING ATTACKS
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques usable by devices to encrypt and decrypt sensitive data to in a manner that provides security from external monitoring attacks. The encrypting device has access to a base secret cryptographic value (key) that is also known to the decrypting device. The sensitive data are decomposed into segments, and each segment is encrypted with a separate encryption key derived from the base key and a message identifier to create a set of encrypted segments. The encrypting device uses the base secret cryptographic value to create validators that prove that the encrypted segments for this message identifier were created by a device with access to the base key. The decrypting device, upon receiving an encrypted segments and validator(s), uses the validator to verify the message identifier and that the encrypted segment are unmodified, then uses a cryptographic key derived from the base key and message identifier to decrypt the segments.
-
Citations
27 Claims
-
1. (canceled)
-
2. A programmable logic device comprising:
-
a keystore to store a secret value; and a cryptography logic coupled to the keystore, the cryptography logic to; receive a bitstream comprising a validator and a first encrypted segment of configuration data for the programmable logic device; retrieve the secret value from the keystore; derive an initial key for the bitstream based at least in part on the secret value; verify, using the received validator, that the first encrypted segment has not been modified; and decrypt the first encrypted segment using a first decryption key derived from the initial key to produce a first decrypted segment responsive to verifying that the first encrypted segment has not been modified. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
receiving, by a programmable logic device (PLD), a bitstream comprising a validator and a first encrypted segment of configuration data for the PLD; deriving, by the PLD, an initial key for the bitstream based at least in part on a secret value and a plurality of entropy distribution operations; verifying, using the received validator, that the first encrypted segment has not been modified; and decrypting the first encrypted segment using a first decryption key derived from the initial key to produce a first decrypted segment responsive to verifying that the first encrypted segment has not been modified. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
Specification