Generate random numbers using metastability resolution time
US-9189202-B2 · Nov 17, 2015 · US
Method for protecting a computer system from side-channel attacks
US2017141912A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2017141912-A1 |
| Application number | US-201615347299-A |
| Country | US |
| Kind code | A1 |
| Filing date | Nov 9, 2016 |
| Priority date | Nov 18, 2015 |
| Publication date | May 18, 2017 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method for protecting a computer system from side-channel attacks when using an encryption or decryption method for data packets of a data stream, wherein interruptions in the encryption or decryption method are generated by a random generator, where further computing operations are applied during the interruptions to already encrypted or decrypted data packets of the data stream or to data packets of the data stream which are yet to be encrypted or decrypted to generate random noise in the power consumption of the computer system.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method for protecting a computer system from side-channel attacks when using an encryption or decryption method for data packets of a data stream, the method comprising: generating interruptions in the encryption or decryption method via a random generator; and applying further computing operations to already encrypted or decrypted data packets of the data stream or to data packets of the data stream which are yet to be encrypted or decrypted during the generated interruptions to generate random noise in power consumption of the computer system. 2 . The method as claimed in claim 1 , wherein the further computing operations are part of an error-correction method. 3 . The method as claimed in claim 1 , wherein the further computing operations are part of an algorithm for message authentication via a message authentication code. 4 . The method as claimed in claim 2 , wherein the further computing operations are part of an algorithm for message authentication via a message authentication code. 5 . The method as claimed in claim 1 , wherein, in cases of encryption, the data stream is initially subjected to the encryption method and then subjected to the further computing operations. 6 . The method as claimed in claim 2 , wherein, in cases of encryption, the data stream is initially subjected to the encryption method and then subjected to the further computing operations. 7 . The method as claimed in claim 3 , wherein, in cases of encryption, the data stream is initially subjected to the encryption method and then subjected to the further computing operations. 8 . The method as claimed in claim 5 , wherein the further computing operations comprise an error-correction method. 9 . The method as claimed in claim 1 , wherein, in cases of decryption, the data stream is subjected initially subjected to the further computing operations and then subjected to the decryption method. 10 . The method as claimed in claim 2 , wherein, in cases of decryption, the data stream is subjected initially subjected to the further computing operations and then subjected to the decryption method. 11 . The method as claimed in claim 3 , wherein, in cases of decryption, the data stream is subjected initially subjected to the further computing operations and then subjected to the decryption method. 12 . The method as claimed in claim 5 , wherein the further computing operations comprise an error-correction method. 13 . The method as claimed in one of claim 1 , wherein a start and finish of the further computing operations are controlled by the encryption or decryption method. 14 . The method as claimed in claim 1 , wherein, if the further computing operations are finished, but the encryption or decryption method is unfinished, the interruptions generated by the encryption or decryption method are filled with computing operations based on random data. 15 . The method as claimed in claim 2 , wherein an error-correction method is performed with random data which are generated by the random generator. 16 . The method as claimed in claim 14 , wherein an error-correction method is performed with random data which are generated by the random generator. 17 . A computer system, comprising: at least one encryption or decryption unit; a further computing unit arranged in series with the at least one encryption or decryption unit with respect to a data stream; and a random generator configured to generate interruptions in an encryption or decryption method in the encryption or decryption unit; wherein the encryption or decryption unit is operatively connected to the further computing unit such that, during the interruptions, the further computing unit applies further computing operations to already encrypted or decrypted data packets of the data stream or to data packets of the data stream which are yet to be encrypted or decrypted. 18 . The computer system as claimed in claim 17 , wherein the random generator is operatively connected to the further computing unit such that, in an event that the further computing operations are completed, but the encryption or decryption method is not yet finished, the interruptions generated by the encryption or decryption method are filled with computing operations of the further computing unit based on random data from the random generator. 19 . The computer system as claimed in claim 17 , wherein the computer system comprises a field-programmable gate array and the encryption or decryption unit and further computing unit are formed as a soft core or hard core. 20 . A non-transitory computer program product encoded with a program which is directly loadable into a computing unit of a computer system which, when executed by the computing unit, provides protection of the computer system from side-channel attacks when using an encryption or decryption method for data packets of a data stream, the computer program comprising: program code generating interruptions in the encryption or decryption method via a random generator; and program code for applying further computing operations to already encrypted or decrypted data packets of the data stream or to data packets of the data stream which are yet to be encrypted or decrypted during the generated interruptions to generate random noise in power consumption of the computer system.
Assignees
Inventors
Classifications
including means for verifying the identity or authority of a user of the system {or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials} · CPC title
- H04L9/003Primary
for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA] · CPC title
with particular pseudorandom sequence generator · CPC title
Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy · CPC title
the encryption apparatus using shift registers or memories for block-wise {or stream} coding, e.g. DES systems {or RC4; Hash functions; Pseudorandom sequence generators} · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2017141912A1 cover?
- A method for protecting a computer system from side-channel attacks when using an encryption or decryption method for data packets of a data stream, wherein interruptions in the encryption or decryption method are generated by a random generator, where further computing operations are applied during the interruptions to already encrypted or decrypted data packets of the data stream or to data p…
- Who is the assignee on this patent?
- Siemens Ag Oesterreich
- What technology area does this patent fall under?
- Primary CPC classification H04L9/003. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu May 18 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).