A content recording apparatus includes an obtaining unit which obtains a content having a variable-length packet structure, an encrypter which generates encrypted data by encrypting the content, and a recorder which records the encrypted data in a block unit having a fixed length in a recording medium. The encrypted data includes an invalidated region unnecessary for reproduction of the content. The recorder records a size of the invalidated region in the recording medium.

A key generator including a first access circuit, a first calculating circuit and a first certification circuit is provided. The first access circuit writes first predetermined data to a first resistive memory cell during a write period and reads a first current passing through the first resistive memory cell after a randomization process. The first calculating circuit calculates the first current to generate a first calculation result. The first certification circuit generates a first password according to the first calculation result.

A method of operation concealment for a cryptographic system includes randomly selecting which one of at least two cryptographic operation blocks receives a key to apply a valid operation to data and outputs a result that is used for subsequent operations. Noise can be added by operating the other of the at least two cryptographic operation blocks using a modified key. The modified key can be generated by mixing the key with a block-unique-identifier, a device secret, a slowly adjusting output of a counter, or a combination thereof. In some cases, noise can be added to a cryptographic system by transforming input data of the other cryptographic operation block(s) by mixing the input data with the block-unique-identifier, device secret, counter output, or a combination thereof. A cryptographic system with operation concealment can further include a distributed (across a chip) or interweaved arrangement of subblocks of the cryptographic operation blocks.

A baseband processor of a communication device, the baseband processor including an encryptor block that encrypts a transmit data stream into an encrypted data stream, at least one transmit chain block that transforms the encrypted data stream into an analog transmit signal, and a randomness inspector unit that is in communication with the encryptor block, the randomness inspector unit accessing the transmit data stream and the encrypted data stream from the encryptor block as first and second input streams, respectively, to the randomness inspector unit, and determining a randomness gain by comparing a first randomness measurement associated with the first input stream to a second randomness measurement associated with the second input stream.

Systems and methods of generating a security key for an integrated circuit device include generating a plurality of key bits with a physically unclonable function (PUF) device. The PUF can include a random number generator that can create random bits. The random bits may be stored in a nonvolatile memory. The number of random bits stored in the nonvolatile memory allows for a plurality of challenge and response interactions to obtain a plurality of security keys from the PUF.

A plurality of data blocks are encrypted in accordance with an encryption scheme that transforms a data block into an encrypted data block by: performing a bit modification operation on the data block using one or more logic blocks generated for the data block to thereby generate a first intermediate state data block; performing a bit remapping operation on the first intermediate state data block using at least one encryption screen to thereby generate a second intermediate state data block; and performing a bit modification operation on the second intermediate state data block using one or more logic blocks generated for the data block to thereby generate the encrypted data block. The encrypted data blocks may then be decrypted in accordance with a decryption scheme that applies at least one decryption screen and the same logic blocks that were used in the encryption scheme.

A substitute box includes a target input terminal, an obfuscation input terminal, a first output terminal and a second output terminal. The target input terminal is configured to receive a target input data. The obfuscation input terminal is configured to receive an obfuscation input data unrelated to a plaintext. The first output terminal is configured to output a first output data. The second output terminal is configured to output a second output data associated with the first output data. The first output data and the second output data are generated according to both the target input data and the obfuscation input data.

A physically unclonable function (PUF) device comprises a plurality of conductors, at least some of which are arranged so that they interact electrically and/or magnetically with one another. A media surrounds at least a portion of each of the conductors, and circuitry applies an electrical challenge signal to at least one of the conductors and for receiving an electrical output from at least one of the other conductors to generate an identifying response to the challenge signal that is unique to the device.

A secure keyboard resource executed in a network device detects a user input, and generates a user input data structure representing the user input relative to input options presented to the user, the user input data structure based on the secure keyboard resource identifying a position of the user input relative to the input options. The secure keyboard resource sends the user input data structure to one or more executable destination resources, having requested supply of the user input data structure responsive to a user selection, only via a corresponding data path providing the destination resource with access to the user input data structure, for execution of a service by the one or more executable destination resources based on the user input data structure. The secure keyboard resource thus minimizes spying by limiting access of the user input data structure to the destination resource via the data path.

A communication apparatus communicates with an electronic apparatus, accepts input of connection information including first information, which is identification information of a first network to be used for wireless communication with an external apparatus, and second information, which is security information for connecting to the first network, and transmits the connection information to the electronic apparatus. The communication apparatus, when acceptance of the connection information starts, displays a first display region for accepting input of the first information and displays the first information acquired from the electronic apparatus in the first display region, and when acceptance of the connection information starts, displays a second display region for accepting input of the second information and displays dummy information in the second display region without acquiring the second information.