Relational encryption
US-2017012970-A1 · Jan 12, 2017 · US
Memory integrity with error detection and correction
US9990249B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9990249-B2 |
| Application number | US-201514998054-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 24, 2015 |
| Priority date | Dec 24, 2015 |
| Publication date | Jun 5, 2018 |
| Grant date | Jun 5, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Apparatus, systems, and/or methods may provide for identifying unencrypted data including a plurality of bits, wherein the unencrypted data may be encrypted and stored in memory. In addition, a determination may be made as to whether the unencrypted data includes a random distribution of the plurality of bits, for example based on a compressibility function. An integrity action may be implemented when the unencrypted data includes a random distribution of the plurality of bits, which may include error correction including a modification to ciphertext of the unencrypted data. Independently of error correction, a diffuser may generate intermediate and final ciphertext. In addition, a key and/or a tweak may be derived for a location in the memory. Moreover, an integrity value may be generated (e.g., as a copy) from a portion of the unencrypted data, and/or stored in a slot of an integrity check line based on the location.
First claim
Opening claim text (preview).
We claim: 1. An apparatus comprising: memory, and logic, at least partially implemented in hardware, to, identify unencrypted data including a plurality of bits, wherein the unencrypted data is to be encrypted and stored in the memory, determine whether the unencrypted data includes a random distribution of the plurality of bits, and implement error correction by a modification to ciphertext of the unencrypted data to reduce randomness when the unencrypted data includes a random distribution of the plurality of bits and is corrupt, wherein the logic is further to, flip one or more bits in ciphertext of an integrity check line to generate modified ciphertext of the integrity check line, decrypt the modified ciphertext of the integrity check line to generate modified plaintext of the integrity check line, check the modified plaintext of the integrity check line for a recognizable pattern including to determine one or more of whether there is a match between an integrity value of the modified plaintext of the integrity check line and the unencrypted data or whether there is a match between the integrity value of the modified plaintext of the integrity check line and the unencrypted data when the recognizable pattern is restored in one or more of the modified plaintext of the integrity check line or the unencrypted data, and replace the ciphertext of the integrity check line with the modified ciphertext of the integrity check line when the recognizable pattern is restored in the modified plaintext of the integrity check line. 2. The apparatus of claim 1 , wherein the unencrypted data is to include modified plaintext of the unencrypted data. 3. The apparatus of claim 1 , further including to, flip one or more bits in the ciphertext of the unencrypted data to generate modified ciphertext of the unencrypted data when the unencrypted data includes a random distribution of the plurality of bits and is corrupt, decrypt the modified ciphertext of the unencrypted data to generate modified plaintext of the unencrypted data, check the modified ciphertext of the unencrypted data for a random distribution of the plurality of bits, and replace the ciphertext of the unencrypted data with the modified ciphertext of the unencrypted data when the modified plaintext of the unencrypted data does not include a random distribution of the plurality of bits. 4. The apparatus of claim 3 , further including to determine whether there is a match between the integrity value and the modified plaintext of the of the unencrypted data. 5. The apparatus of claim 1 , further including to encrypt the unencrypted data when a block size of a block cipher is less than a granularity the memory is to be accessed including to one or more of, generate intermediate ciphertext for each data block using a number of encryption rounds that ensures diffusion across the unencrypted data of at least a one-bit change and that is less than a number that provides sufficient confidentiality, or generate intermediate ciphertext for each data block using a re-mapping of bits of each data block. 6. The apparatus of claim 1 , further including to one or more of: select one of a key from a plurality of keys of a key domain; or select a tweak from a plurality of tweaks of a tweak domain. 7. The apparatus of claim 1 , further including to determine whether the integrity value is needed based on an integrity value threshold from a real data model. 8. The apparatus of claim 1 , further including to one or more of, select a particular integrity check line to store a particular integrity value for the unencrypted data, or select a slot of the integrity check line for the integrity value, wherein the integrity check line is to include a plurality of slots for a plurality of integrity values. 9. The apparatus of claim 1 , further including to determine whether unencrypted data includes a random distribution of the plurality of bits based on a compression function. 10. At least one non-transitory computer readable storage medium comprising a set of instructions, which when executed by a computer, cause the computer to: identify unencrypted data including a plurality of bits, wherein the unencrypted data is to be encrypted and stored in memory; determine whether the unencrypted data includes a random distribution of the plurality of bits; and implement error correction by a modification to ciphertext of the unencrypted data to reduce randomness when the unencrypted data includes a random distribution of the plurality of bits and is corrupt, wherein the computer is further to: flip one or more bits in ciphertext of an integrity check line to generate modified ciphertext of the integrity check line; decrypt the modified ciphertext of the integrity check line to generate modified plaintext of the integrity check line; check the modified plaintext of the integrity check line for a recognizable pattern including to determine one or more of whether there is a match between an integrity value of the modified plaintext of the integrity check line and the unencrypted data or whether there is a match between the integrity value of the modified plaintext of the integrity check line and the unencrypted data when the recognizable pattern is restored in one or more of the modified plaintext of the integrity check line or the unencrypted data, and replace the ciphertext of the integrity check line with the modified ciphertext of the integrity check line when the recognizable pattern is restored in the modified plaintext of the integrity check line. 11. The at least one computer readable storage medium of claim 10 , wherein the instructions, when executed, cause the computer to: flip one or more bits in the ciphertext of the unencrypted data to generate modified ciphertext of the unencrypted data when the unencrypted data includes a random distribution of the plurality of bits and is corrupt; decrypt the modified ciphertext of the unencrypted data to generate modified plaintext of the unencrypted data; check the modified ciphertext of the unencrypted data for a random distribution of the plurality of bits; and replace the ciphertext of the unencrypted data with the modified ciphertext of the unencrypted data when the modified plaintext of the unencrypted data does not include a random distribution of the plurality of bits. 12. The at least one computer readable storage medium of claim 11 , wherein the instructions, when executed, cause the computer to determine whether there is a match between the integrity value and the modified plaintext of the of the unencrypted data. 13. The at least one computer readable storage medium of claim 10 , wherein the instructions, when executed, cause the computer to encrypt the unencrypted data when a block size of a block cipher is less than a granularity the memory is to be accessed, wherein the computer is further to one or more of: generate intermediate ciphertext for each data block using a number of encryption rounds that ensures diffusion across the unencrypted data of at least a one-bit change and that is less than a number that provides sufficient confidentiality; or generate intermediate ciphertext for each data block using a re-mapping of bits of each data block. 14. The at least one computer readable storage medium of claim 10 , wherein the instructions, when executed, cause the computer to one or more of: select a key from a plurality of keys of a key domain; or select a tweak from a plurality of tweaks of a tweak domain. 15. The at least one computer readable storage medium of claim 10 , wherein the instruct
Assignees
Inventors
Classifications
Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM] · CPC title
Compressed data · CPC title
by using cryptography (for digital transmission H04L9/00) · CPC title
- G06F12/0886Primary
Variable-length word access · CPC title
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9990249B2 cover?
- Apparatus, systems, and/or methods may provide for identifying unencrypted data including a plurality of bits, wherein the unencrypted data may be encrypted and stored in memory. In addition, a determination may be made as to whether the unencrypted data includes a random distribution of the plurality of bits, for example based on a compressibility function. An integrity action may be implement…
- Who is the assignee on this patent?
- Intel Corp
- What technology area does this patent fall under?
- Primary CPC classification G06F12/0886. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jun 05 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).