| CPC H04L 9/0852 (2013.01) | 21 Claims |
|
1. A cryptographic system to perform post-quantum cryptographic operations for a communicatively-coupled computing system, the cryptographic system being separate from the communicatively-coupled computing system and comprising:
a set of bus interfaces for communicatively coupling the cryptographic system to one or more system buses of the computing system;
a cryptographic math unit; and
a control unit comprising at least one processor and memory to control the cryptographic math unit, wherein the control unit is communicatively coupled to the set of bus interfaces via a first internal bus and is communicatively coupled to the cryptographic math unit via a second internal bus, wherein the first and second internal buses do not allow access to internal cryptographic data of the cryptographic math unit during the cryptographic operations,
wherein the cryptographic math unit comprises:
a matrix memory to store a multi-dimensional array of data;
an address generator configured to receive control signals from the control unit and to control access to data within the matrix memory;
an arithmetic unit to perform a set of defined arithmetic operations upon data within the matrix memory as accessed using the address generator; and
a permutation unit configured to generate a random bit sequence, wherein the permutation unit is controlled by the control unit and is communicatively coupled to the arithmetic unit,
wherein the cryptographic system is configured to perform masked arithmetic computations by decomposing secret data values into a plurality of data shares, the control unit being configured to control the arithmetic unit and the address generator to apply at least one of the set of defined arithmetic operations as a plurality of independent linear operations on the respective plurality of data shares.
|