EP1025503A4 - Dispositif materiel de securite reconfigurable et procede de fonctionnement - Google Patents

Dispositif materiel de securite reconfigurable et procede de fonctionnement

Info

Publication number
EP1025503A4
EP1025503A4 EP98953711A EP98953711A EP1025503A4 EP 1025503 A4 EP1025503 A4 EP 1025503A4 EP 98953711 A EP98953711 A EP 98953711A EP 98953711 A EP98953711 A EP 98953711A EP 1025503 A4 EP1025503 A4 EP 1025503A4
Authority
EP
European Patent Office
Prior art keywords
hardware apparatus
computer system
code
level
unique identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP98953711A
Other languages
German (de)
English (en)
Other versions
EP1025503A2 (fr
Inventor
Robert C Ledzius
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Quickflex Inc
Original Assignee
Quickflex Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Quickflex Inc filed Critical Quickflex Inc
Publication of EP1025503A2 publication Critical patent/EP1025503A2/fr
Publication of EP1025503A4 publication Critical patent/EP1025503A4/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/006Identification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/123Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2207/00Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F2207/72Indexing scheme relating to groups G06F7/72 - G06F7/729
    • G06F2207/7219Countermeasures against side channel or fault attacks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • G06F2211/008Public Key, Asymmetric Key, Asymmetric Encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2117User registration

Definitions

  • This invention relates generally to the field of computer hardware apparatus configuration and more specifically to a system and method of programming and reprogrammmg a computer hardware apparatus utilizing an encryption key system.
  • Public key cryptography utilizes an encryption key set consisting of two keys.
  • Generally available software can encrypt computer files using either of the keys, such that the computer files are inoperable and unreadable until decrypted.
  • Generally available software can similarly decrypt such encrypted files as long as a user can provide the appropriate complement to the key used to encrypt the files.
  • Each key m the encryption/decryption key set can be used to encrypt data and its complement key can be used to decrypt data.
  • a user may use the private Key to encrypt a message to be sent to another person.
  • the message can only oe decrypted if the recipient has access to the public key. In this way, the recipient can be assured that the author of the message was the holder of the private key. Additionally, if the sender of the message has disclosed the public key to only a small set of recipients, the sender of the message can be reasonably assured that only the intended recipients can decrypt the message, provided that care is taken to limit access to the decryption key.
  • Software providers can use this same encryption technology to control access to software programs. By encrypting files with one key, and providing the other key on a limited basis, software providers can prevent unauthorized use or copying of their product.
  • PCMCIA Personal Computer Memory Card International Association
  • PCMCIA cards are typically used to add functionality or memory to a personal, portable, or desktop computer i.e., host computer , as described m the PCMCIA Standard.
  • PCMCIA cards are available, including input/output (I/O) PCMCIA cards that transfer data between a nost computer system and an I/O bus, and data acquisition PCMCIA cards.
  • I/O input/output
  • data acquisition cards receive and digitize analog information from sensors and temporarily store the information before transferring it to the host computer.
  • a typical PCMCIA card includes a standard PCMCIA connector connected co a PCMCIA interface circuit through a standard PCMCIA bus .
  • the PCMCIA interface circuit operates according to the standard PCMCIA protocol to send data to and receive data from a host computer.
  • the typical PCMCIA card also may include a PCMCIA card controller that sends data to and receives data from the PCMCIA interface circuit and controls the operation of the functional hardware on the card.
  • the functional hardware is memory (e.g., a bank of random access memory (RAM) chips or a hard disk drive) and the PCMCIA card controller controls reading and writing to the memory.
  • RAM random access memory
  • PCMCIA card controllers and interface circuits can be implemented as hardwired logic or as programmable logic (e.g., one or more field programmable gate arrays (FPGAs) .
  • programmable logic e.g., one or more field programmable gate arrays (FPGAs) .
  • the programmable architecture of FPGAs is provided througn programmable logic blocKs interconnected by a hierarcny of routing resources.
  • the devices are customized by loading programming data into internal static memory cells.
  • FPGA programming ⁇ ata are design-specific data that define the functional operation of the FPGA's internal blocks and their interconnections.
  • a PCMCIA card having the PCMCIA card controller and interface circuit implemented m an FPGA(s)
  • the FPGA is programmed with FPGA programming data stored m non-volatile memory (e.g., EPROM, EEPROM, Flash memory, etc.) on the PCMCIA card.
  • m non-volatile memory e.g., EPROM, EEPROM, Flash memory, etc.
  • the memory required to store the FPGA programming data generally consumes a measurable area of the PCMCIA card which could be used to provide other functions within the PCMCIA card.
  • the present invention provides a system and method for reconfiguring a secure hardware apparatus in a data- link system, wherein a data link system comprises a plurality of objects which exchange data, that substantially eliminates or reduces disadvantages and problems associated with previously developed systems and methods for reconfiguring hardware apparatus . More specifically, the present invention provides a system and method of ensuring that a hardware apparatus m a data-link system can be operated only by an authorized user.
  • the method comprises the steps of assigning a unique number, possibly a serial number, to the hardware apparatus, generating at least one key or key set for the hardware apparatus which is based on the unique serial number of the hardware apparatus, distributing to an authorized user ac least one data string from which the key set for the hardware apparatus can be derived to functionally enable the hardware apparatus, and inputting the data string into the hardware apparatus to either disable at least one level of functionality of the hardware apparatus if an incorrect key set is derived from the data string, or to enable at least one level of functionality of the hardware apparatus if a correct key set is derived from the data string.
  • Additional embodiments of the reconfigurable secure hardware apparatus of the present invention provide a method and system to ensure that the hardware apparatus can Pe utilized only cy an authorized computer system or group of computer systems and a method and system for ensuring that the reconfigurable secure hardware apparatus can be programmed only by an authorized user utilizing an authorized host computer system.
  • a further emoodiment of the present invention ensures that neither the reconfigurable secure hardware apparatus nor the nost computer system will alone have sufficient information to allow a person who has obtained access to only one of either of the host computer system or the reconfigurable secure hardware apparatus to successfully operate the reconflguraole secure hardware apparatus with another unauthorized computer system.
  • a portion of an encrypted code is recorded in a memory location within the reconfigurable secure hardware apparatus and another portion cf the encrypted code is recorded m the host computer.
  • the present invention also provides for the use of a changeable personal encryption key stored in a memory location.
  • a further embodiment of the present invention can store multiple keys, one for each key set encompassed by the present invention. The storage takes place in an extension of the standard CIS (Card Information Structure) storage space of the PC-card.
  • a technical advantage of the present invention is that it provides a personal identity verification method wherein only part of the information necessary to correlate an account number to characteristic information is ava lapie at any one accessible place within the terminal system.
  • Another tecnnical advantage of the present invention is that it can store an encrypted typed in password for apparatus operation authorization for the entire device key sets, or additional passwords for individual key sets, that may be chosen by the user.
  • a still further technical advantage of the present invention is the combination of the apility to prevent software piracy and the ability to allow secure user communication via accelerated encryption in a single device.
  • FIGURE 1 is a system overview of one embodiment of the reconfigurable secure hardware apparatus of the present invention
  • FIGURE 2 is a flow diagram of a metnod of assigning manufacturing key sets
  • FIGURE 3 is a flow diagram of a user registration process according to one emoodiment of the present invention.
  • FIGURE 4 is a flow diagram of a method of registration of software to enable the use of the reconfigurable secure hardware apparatus of the present invention for piracy protection
  • FIGURE 5 is a description of a method of machine registration
  • FIGURE 6 is a flow diagram of a QARD plug-in procedure according to one embodiment of the present invention
  • FIGURE 7 is a description of a method of password protection according to one embodiment of the present invention.
  • FIGURE 8 is diagram illustrating an embodiment of the reconfigurable secure hardware apparatus of the present invention.
  • FIGURE 9 is a diagram illustrating a functional block of the reconfigurable computer hardware apparatus .
  • PC-Cards hereafter called "PC-Cards”
  • the present invention can be applied to other types of computing devices as well.
  • PC-Card that could implement the present invention is a reconfigurable secure hardware apparatus, or Reconfigurable-Computing (RC) card, such as those designed by QUICKFLEX INC., of Austin, Texas.
  • Quick Qard Technology QQT is comprised of a family of several PC-Card products that allow different software applications to define the hardware within the PC-Card specific for each application at the time that it is executed.
  • These RC PC-Cards are nicknamed "QUICK QARDS” or "QARDS” and can be used for a variety of standard or custom interfaces, as well as for hardware accelerating software applications.
  • Applications that can benefit from QQT include personal digital assistant interfaces, PC interfaces, industrial, emulation, video, audio, encryption, computer games, etc.
  • the security features of the reconfigurable secure hardware apparatus of the present invention described herein can be used for access or piracy protection of third-party software.
  • This third-party software may be comprised of configuration files of hardware apparatus for use within the PC-Cards, or may be general software not targeted to use the reconfigurable computing aspects of the PC-Cards.
  • the security features of the present invention can be implemented as a security system that can be adapted to other types of implementations beyond the QQT products.
  • Protection of files containing documents, data, executable code, interpretive code or other intellectual property or information which must be protected is achievable using the described security features of the present invention. Protection can be achieved by the use of various sets of public keys. Half of each of the public key sets are stored in the PC-card, which is detachable and thus physically protectable, and half can be stored on the host computer system. Additional security levels of flexible software defined adaptable encryption/decryption algorithms and flexible reconfigurable hardware implementable encryption/decryption algorithms can be implemented within the reconfigurable computing PC-card that allow for customization of the security features.
  • FIGURE 1 shows a system overview of one embodiment of the present invention that provides protections for information m any form, whether to be kept internal or to be shipped externally, for individual users, groups of users and organizations.
  • FIGURE 1 demonstrates how Quick Qards 1, when used with Anti- Piracy Software 3 and/or Communications &.
  • FIGURE 2 is a flow diagram for a method of assigning unique manufacturing key sets 30 to individual hardware apparatuses 34. Manufacturing key sets 30 can be used to ensure authorized feature enablement of the various features offered by Quick
  • a unique manufacturing serial number 32 is assigned to each hardware apparatus 34 at manufacture.
  • Unique manufacturing serial number 32 is programmed into the CIS non-volitile memory at manufacturing.
  • the seed value for generating manufacturing key set 30 can be based on unique manufacturing serial number 32 or can be derived by a variety of other methods or algorithms.
  • Step 16 of FIGURE 2 corresponds to manufacturing key set 30 being generated from unique manufacturing serial number 32.
  • Manufacturing key set 30 is the first of tne multiple key sets used by the reconfigurable secure hardware apparatus of the present invention and may be referred to as level-zero key set (L0KS) 36 as shown m step 16.
  • L0KS level-zero key set
  • Manufacturing key set 30 can be generated and programmed into hardware apparatus 34 at the time it is manufactured.
  • L0KS 36 comprises an encryption key (LOEK) 38 and decryption key (LODK) 40.
  • LOEK encryption key
  • LODK decryption key
  • Step 18 of FIGURE 2 the unique manufacturing serial number 32 and the LODK 40 for a group of manufactured hardware apparatuses can be stored m step 18 in list file 42 for future use.
  • Step 20 creates a registry data file 43 which comprises unique manufacturing serial number 32 and LOEK 38.
  • Registry data file 43 complements list file 42 m that LODK 40 and LOEK 38 must both be used to enable hardware apparatus 34.
  • Registry data file 43 should be stored in a remote location from hardware apparatus 34 to be accessed by the end user at a later time. This remote location may include a remote host computer system 86 as shown in step 50 of FIGURE 3 which may be accessed via a communication path such as the internet .
  • each hardware apparatus 34 is assigned a unique oarcode 45 for manufacturing trac ⁇ ng purposes. Barcode 45 may be incorporated into list file 42 and made to correspond to a particular unique serial number 32 and LODK 40 combination. Barcode 45 will ensure that the correct manufacturing serial number 32 and LODK 40 pair are programmed into hardware apparatus 34 during testing of hardware apparatus 34 m step 24.
  • hardware apparatus 34 can be packaged m step 26 with a certificate 46 containing the unique manufacturing serial number 32, LODK 40 and barcode 45. This will allow a hardware apparatus 34 designer to ensure that a hardware apparatus 34 registered after purchase was authorized for manufacture by the designer to prevent manufacture of copies of the design by an unauthorized manufacturing house.
  • step 28 the product is shipped.
  • unique manufacturing serial number 32 and LOEK 38 (or the manufacturing encryption public key of the set) can be given back to the card designer.
  • This allows the registration information to be checked against registry data file 43 (which comprises a list of approved manufactured PC-Cards) for validity.
  • registry data file 43 which comprises a list of approved manufactured PC-Cards
  • a card designer can ascertain if a given PC- Card has been previously registered to insure that no un-authorized PC-Card copies with copies of the CIS are being manufactured, as each PC-Card snould have a unique code.
  • FIGURE 3 illustrates one potential registration process for the present invention.
  • a communication data path is established between a local computer system 84 and a host computer system 86 wherein nardware apparatus 34 is installed m the local computer system 84.
  • the communication data path may take the form of an internet connection to a "QUICKFLEX" website.
  • a software object operating within host computer system 86 may offer the user a variety of options concerning hardware apparatus 34 wherein the user can select to register the hardware apparatus 34 with the designer m step 52.
  • Step 54 of FIGURE 3 corresponds to a registration process that can require the user to supply registration information 88 comprising name, email address, information regarding where the hardware apparatus 34 was purchased, and the like. This will allow tracing back to the source of unauthorized hardware apparatus 34 manufacturing.
  • step 56 a check is performed to determine if hardware apparatus 34 support software 90 is installed on local computer system 84. Based on the results of this check a decision is made in step 58 to either download and install the necessary software support 90 at step 60 or to proceed to step 62.
  • Step 62 provides for establishing a secure link 92 between hardware apparatus 34 and host computer system 86 if software 90 s present on local computer system 84.
  • Secure link 92 provides for the transfer of unique manufacturing serial number 32 and LODK 40 from a programmed memory location within hardware apparatus 34 to host computer system 86.
  • step 64 of FIGURE 3 the user is required to manually enter barcode 45 or the unique manufacturing serial number 32 and LODK 40 pair.
  • step 66 a verification is performed on manually entered barcode 45 or unique manufacturing serial number 32 and LODK 40 pair against a copy of unique manufacturing serial number 32 and LODK 40 transferred from a programmed memory location within hardware apparatus 34. If the verification fails the user is prompted with an error message at steep 68 to return to registration data entry process step 54. If the verification is successful, additional verifications are made in step 70 to verify that unique manufacturing serial number 32 is contained within registry data file 43 and in step 72 to verify that hardware apparatus 34 has not
  • Registry data file 45 is updated m step 76 of FIGURE 3 to include the information associated with unique manufacturing serial number provided m step 54.
  • step 78 generates a new LOKS 36 comprising a new LODK 40 and a new LOEK 33.
  • a secure link is again established between hardware apparatus 34 and host computer system 86 allowing host computer system 86 to reprogram new LODK 40 into a memory location of hardware apparatus 34.
  • a new LOEK 38 is also downloaded to the user that can be recorded on certificate 46 or programmed directly into a memory location of hardware apparatus 34.
  • Registry data file 43 is also updated with the new LOKS 36 m step 82.
  • An important technical advantage associated with the present invention allows a software vendor to prevent unauthorized use of its proprietary software.
  • Software or configuration file vendors or authors can use the LOKS 36 encryption key for providing an access code for licensing or allowing their Intellectual Property (IP) contained in virtual hardware objects for the RC system to be accessed by one and only one Secure Qard user. They may also limit the time span m which their IP is accessible or limit the number of times their IP is accessible to the user with other security provisions. Vendors can also use an on-line card designer's public key listing of users, provided that users allow this at registration time, to verify that a given user is registered for utilizing the secure authorization code .
  • IP Intellectual Property
  • FIGURE 4 is a flow diagram of a method of registration of software to enable the use of the current invention for software piracy protection.
  • the user establishes a communication path m step 90 via the internet or other means between local computer system 84 containing hardware apparatus 34 and a vendor (host) computer system 86.
  • step 92 the user is prompted by software vendor computer system 86 to select an option allowing the user to register a software application 434.
  • Step 94 requires tne user to supply registration information 120 which may oe comprised of name, email address, information regarding wnere software application 434 was purchased, the unique software registration number 124 and the like to vendor computer system 86.
  • Vendor computer system 86 can access unique manufacturing serial number 32 of hardware apparatus 34 directly from a memory location within hardware apparatus 34 as shown in step 96.
  • step 98 vendor computer system 86 establishes a communication path to software registry database 122.
  • Software registry database 122 may be contained m a third computer system 424 and can comprise a website, such as
  • step 104 unique software registration number 124 is compared to the entries m software registry database 122 to determine if it is a valid unique software registration number 124. If unique software registration number 124 is not valid, an error message will be generated at step 106 that is echoed by vendor computer system 86 to the user m step 108. If unique software registration number 124 is valid, vendor computer system 86 can supply a software authorization code 126 m step 110 to be sent to third computer system 424. At step 112, third computer system 424 generates a software run code 128 for hardware apparatus 34. Software run code 128 is transmitted to vendor computer system 86 which echoes it to hardware apparatus 34.
  • Software run code 128 can allow the vendor software to be installed on the local computer system or the vendor software can verify the presence of software run code 128 on hardware apparatus 34 before executing the vendor software. Both the authorized installation of the vendor software on a given local computer system 32 and the authorized execution of the vendor software are thus ensured.
  • a counter 750 counts upward by one for each software run code 128 sent to vendor computer system 86 to account for possible royalty payments.
  • software vendor computer system 86 sets a license in place for the user to use the software .
  • FIGURE 5 is a method of ensuring chat hardware apparatus 34 is utilized only by authorized local computer systems 84.
  • FIGURE 5 uses the QUICK QARD system of FIGURE 1 for illustrative purposes, but any secure hardware apparatus, reconfigurable or not, of the present invention can be used instead.
  • Support software 90 of hardware apparatus 34 is installed and executed on the local computer system 84.
  • a communication path is established between hardware apparatus 34 and local computer system 84.
  • a verification is made to determine if hardware apparatus 34 is password protected. If so, a valid password must oe supplied before proceeding.
  • Support software 90 will verify if unique manufacturing serial number 32 of hardware apparatus 34 is m a registry list 130 maintained on local computer system 84. If unique manufacturing serial number 32 of hardware apparatus 34 is not in registry list 130, the user must register hardware apparatus 34.
  • the list of authorized host ID'S permutated with the unique serial number or key set information could also be stored within the EEPROM memory of the apparatus for allowing apparatus enabling on a particular machine as well . In this case the host ID must be registered with the apparatus.
  • the present invention can insure that the PC-Card is only used by that user.
  • This memory space can be left cleared at test (all zero's; and can be enabled for password protection if the purchaser decides to activate that feature.
  • Users may define any password they wish and the entry can then be encrypted using the LOEK 38 that resides on the machine during the initial setup of the PC-Card after purchase.
  • the encrypted password programmed into the PC-Card can be decrypted using LODK 40 and can be checked against the typed m value .
  • PC-Cards implementing the current invention can also be configured to only execute on a specific machine or group of machines with the use of passwords, thus maKing the PC-Card hardware of little use m the event it is stolen.
  • FIGURE 5 provides a detailed description of one method of machine registration.
  • FIGURE 6 is a flow diagram of a QARD plug-m procedure according to one embodiment of the present invention.
  • step 150 hardware apparatus 34 is installed m a local computer system 84.
  • step 152 A check is performed in step 152 to determine the presence m local computer system 84 of the necessary support software 90. If support software 90 is not present, the QARD plug-m procedure terminates and the support software 90 must be installed before resuming with the QARD plug-in procedure.
  • Hardware apparatus 34 may be protected by a password and step 154 tests to determine if password protection is enabled. If password protection is enabled, the password must be provided step 156. At step 158 the provided password is encrypted using LOEK 38. If the provided password matches the password stored in a memory location on hardware apparatus 34, then at step 160 the plug m procedure is allowed to proceed. Furthermore, hardware apparatus 34 may be protected by a verification step, to verify authorization by local computer system 84, requiring the input of a match to unique serial number 174 provided by local computer system 84 (such as by a hard disk drive serial number) . Hardware apparatus 34 's use is not permitted unless the unique serial number 174 inputted at step 162 matches the unique serial number 174 stored in local computer system 84.
  • Step 164 determines if the inputted serial number 174 is a match. If it is, than the QARD piug-m procedure is complete. Unique serial number 174 is generated during the user registration process as described aoove for FIGURE 3. It can be stored either in hardware apparatus 34 memory or local computer system 84 memory If unique serial number 174 does not match at step 164, then the user registration process of
  • FIGURE 3 must be performed m steps 168-172 of FIGURE 6 to complete the QARD plug procedure.
  • FIGURE 7 is a description of a method of password protection according to one empodiment of the present invention wnich additionally is illustrated as part of the flow diagram presented FIGURE 6. Steps 154-160 of FIGURE 6 correspond to this method of password protection.
  • FIGURE 8 illustrates another embodiment of the reconfigurable secure hardware apparatus of the present invention.
  • Reconfigurable hardware apparatus 100 interfaces with a host computer system 200 or with another hardware apparatus .
  • Reconfigurable hardware apparatus 100 may be divided into three modules, a configuration control module 300, a configuration status module 400 and a functional module 500.
  • Host computer system 200 interfaces with reconfigurable hardware apparatus 100 by way of data input/output bus 202.
  • Input/output bus 202 is shown accessing four control data registers, 304a, 304b, 304c and 304d, inside configuration control module 300 and two status data registers, 306a and 306b_, inside configuration status module 400.
  • Control data registers 304a-304d provide a temporary storage location for data transmitted or received from data input/output bus 202. While this embodiment of the reconfigurable secure hardware apparatus of the present invention has been described with four data registers, it can have more or less registers, as needed.
  • Code Generator (CG) 310 accepts input data from data register 304b to generate a check data word.
  • the check data word generated by CG 310 can be LOKS 36. Multiple generated check words can be generated for different security features for enabling the separate security features of the invention. Since the features described are security related, a process or algorithm for generating the check data words should be kept as a trade secret for an organization producing reconfigurable hardware apparatus 100. The process chosen should yield as output check data words that are not easily determined from the input data to the process, which could be comprised of manufacturing serial number 32, and should have properties that output a pseudo- random sequence that is sufficient length to not easily be guessed by trial and error.
  • the embodiment of the reconfigurable secure hardware apparatus of the present invention described herein is only one of many possible implementations and is provided for illustrative purposes only.
  • the focus of this embodiment of the present invention is the way in which CG 310 is used to realize the security features described.
  • the check data words outputted by CG 310 can be checked with code comparator (CC) 312 against an input check value stored data registers 304c and 304d, wnich together comprise the Code Check Register (CCR) 314.
  • the input cneck value stored CCR 314 can be comprised of LOEK 38 and LODK 40 and can also be user inputted.
  • CCR 314 can be a register having a length equal to the length of the CG 310 cneck data word output and can oe written to allow an authorization check of the reconfigurable hardware apparatus 100 feature being used. Longer checK data words may require multiple CCRs 314 if they extend beyond the host computer system 200 data bus width. The values written to CCR 314 may be provided several different manners depending on what feature of reconfigurable hardware apparatus 100 is being authorized. CC 312 performs a bit-by-bit cneck of the CG 310 check data word output and the entered CCR 314 value to determine if the feature authorization check passes or fails.
  • CC 312 If the feature authorization check passes, CC 312 generates a high digital bit output (a digital "1") and forwards it to configuration and control gates 318, which is comprised of a plurality of "AND" logic gates 700 corresponding to the plurality of features of reconfigurable hardware apparatus 100.
  • These features include, but are not limited to, product enable check 319, HDD ID enable Check 320, Flash Write enable 322, password enable 324 and Configuration File Vendor Enable 326.
  • Control register 316 receives an input from host computer system 200 through data registers 304a and 304b to select one or more of the features of reconfigurable hardware apparatus 100. Based on the input received from data registers 304a and 304b, control register 316 will generate a high digital bit output "l" as an input for the selected features and low digital bit output ("0") as an input for all the other features.
  • the AND gates 700 for the selected features will therefore have two high digital b t inputs and will output a high digital bit as an input to their corresponding pull -down resistors 350 m configuration status module 400, thereby allowing access to the corresponding feature in functionality circuit 500 as directed by host computer system 200.
  • the pull down resistors are necessary f it s possible that the Security Login Module 300 disappears due to the module being implemented within the FPGA of the RC hardware apparatus 100.
  • configuration status module 400 can be instructed to reprogram and enable the various features of functionality circuit 500 depending on which features are so selected.
  • Functional Module 500 may receive virtual hardware objects for performing applications specific tasks within the reconfigurable computing hardware apparatus FPGA.
  • status data registers 306a and 306b can interface with host computer system 200 through data mput/output bus 202 to communicate the configuration of functionality circuit 500 to host computer system 200.
  • FIGURE 9 provides a functional bloc ⁇ diagram 400 of the reconfigurable computing hardware apparatus used to illustrate the reconfigurable computing operations that the present invention makes possible.
  • EEPROM 410 provides CIS memory, key memory, and password storage functions.
  • Programmable Logic Device 420 which may be an application specific integrated circuit provides interface/configuration/and status register functions.
  • the security feature circuit (block 300, FIGURE 8), which may be within FPGA 420 or within PLD configuration register 430, provides the necessary implementation for these functions.
  • Field programmable gate array 420 implements security feature circuit functions of the present embodiment. Either a programmable logic device or field programmable gate array 420 may make possible the reconfigurable computing functional circuits.
  • Virtual hardware objects 500 of FIGURE 8, attentively, may also provide these functions.
  • Host bus interface socket 440 includes a 68-pin PCMCIA connector.
  • Other components of FIGURE 9, including the various generic items such as oscillators 450, expansion connectors 460 and 470, RAM 480, or other features provide the ability to apply the reconfigurable computing to a desired application.
  • a L1KS space can be provided for a user to generate and define a key set specific for that user which is not registered with the card designer and is kept secret by the user.
  • the L1KS can be stored just like LOKS 36.
  • Password space for a level-one password (LIPW) can also be allocated in the CIS and can execute the same manner as the level -zero password (L0PW) .
  • the L1KS can be generated by the user and thus there are no guarantees that the code is unique.
  • the bit length can be long enough, however, to insure that it is improbable that the key set is in use by another user.
  • the bit length of this key can differ in length from LOKS 36.
  • the user public key is a secure key set and may be changed by the user over time.
  • This key is useful when the information is intended only for the user. Even so, however, a further advantage of the present invention is that several PC-Cards may be programmed with the same LIKS for project sharing access.
  • the key set for the group could be common to all PC-Cards used by the group.
  • Members of the group may be local or remote and may securely exchange data utilizing this key.
  • the present invention contemplates that the number of key sets can be expanded beyond the two sets defined in the above sections.
  • a file header can contain the following information addition to the normal file header information normally found m files for a particular operating system.
  • the present embodiment could wrap this additional header information around the information indicated.
  • OOTSL (1 or 1) : QUICK PC-Card Technology Security Level 0 or 1 :
  • QQTSLO and QQTSL1 correspond to the LOKS and LIKS, respectively, used m the PC-Card.
  • This information indicates one of the following kinds of files :
  • the QQT PCMCIA driver during a configuration load can automatically decrypt QQT files using the specified algorithm.
  • information m the file for a window message can be displayed indicating information the author wishes to be displayed and the user must respond to the window to continue execution. Notices such as "QQT Module: name s the property of Company XYZ and may not be sold or distributed without the prior written consent of Company XYZ". This enables the author to freely distribute hardware apparatuses for PC-Cards, allowing possible developers who may be interested in licensing the hardware apparatuss the ability to evaluate the work prior to agreeing to license rights to the work.
  • Encrypted configuration files may be encrypted for use only with certain PC-Cards to protect against mass unauthorized distribution of the intellectual property.
  • Generation of unique encrypted hardware apparatuss for target evaluation PC-Cards can be done automatically and transparently through a web site.
  • the requesting party can be
  • Encryption algorithms used to encrypt or decrypt files can be cnanged over time. Groups of users or a software vendor may develop their own custom algorithm. Algorithms may be executed as software or as hardware within a RC PC-Card, provided the RC PC- Card has enough gate capacity to execute the defmed algorithm n hardware. For example, the QQT driver has a default algorithm built into it that is executed m software as data is passed through the PC-Card for configuration file protection purposes.
  • Algorithms utilizing run time authorization codes, date expiration cooes, or other access limits may utilize additional external information other than that found m the encrypted file chat needs to be supplied by the source of the encrypted data for access .
  • This information is the Public Key Encryption Key used for encrypting the file.
  • This key can be originally supplied by a receiver and made public.
  • the key length can be derived from the QQT SECURE
  • FILE indication on the first line It s included the file so that an easy and fast determination of the target destination for the data can be verified.
  • EMD Encrypted Message Data
  • the EMD contains information regarding the contents cf the file that may be decrypted and looked at quickly without decrypting the entire EFD. For example, the EMD for a QQT configuration file is displayed m a window whenever the file is loaded. Certain algorithms may also utilize the EMD to transmit an additional encrypted key for decrypting the EFD with a non -public key algorithm. In other words, the security system may use public key to secretly transmit a separate secure key.
  • the EFD contains the encrypted file data including original operating system header information.
  • the present invention is to allow flexibility for software distributors.
  • the software distributor could freely distribute software or provide the software m a freely downloadable format to the public, but m order for the software to be executed, a valid authorization code must be present.
  • the software vendor could create an authorization code that corresponds to a specific PC-Card encompassing the present invention. Just as configuration files for the PC-Cards can be obtained via a web page, authorization codes to run software can be purchased via a web page. Each user would need only one PC- Card to allow authorization of running any software utilizing the piracy aspects of the invention.
  • Each software vendor may also define their own algorithms for protecting their software using the PC-Cards.
  • a machine could run the software as long as the authorization codes for the particular QARD used in this system is present to validate the execution of the software.
  • a further embodiment of the mvention would allow a database of authorized QARD users to be made available to software vendors.
  • a further embodiment of the invention could use

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Quality & Reliability (AREA)
  • Radar, Positioning & Navigation (AREA)
  • Remote Sensing (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Storage Device Security (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention concerne un système et un procédé permettant d'assurer que seul un utilisateur autorisé peut faire fonctionner un dispositif matériel dans un système de liaison de données. Le procédé consiste à attribuer un numéro d'identification unique au dispositif matériel; à produire au moins un ensemble d'informations de sécurité pour le dispositif matériel, établi à partir du numéro d'identification unique dudit dispositif matériel; à distribuer à un utilisateur autorisé au moins une chaîne de données à partir de laquelle on peut dériver l'ensemble d'informations de sécurité permettant d'activer le dispositif matériel de manière fonctionnelle; et à introduire la chaîne de données dans le dispositif matériel de façon à désactiver au moins un niveau de fonctionnalité du dispositif matériel si un ensemble d'informations incorrect est dérivé de la chaîne de données, ou à activer au moins l'une des fonctionnalisés du dispositif matériel si un ensemble d'informations de sécurité correct est dérivé de la chaîne de données.
EP98953711A 1997-10-20 1998-10-19 Dispositif materiel de securite reconfigurable et procede de fonctionnement Withdrawn EP1025503A4 (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US6318897P 1997-10-20 1997-10-20
US63188P 1997-10-20
PCT/US1998/022062 WO1999021094A2 (fr) 1997-10-20 1998-10-19 Dispositif materiel de securite reconfigurable et procede de fonctionnement

Publications (2)

Publication Number Publication Date
EP1025503A2 EP1025503A2 (fr) 2000-08-09
EP1025503A4 true EP1025503A4 (fr) 2002-03-27

Family

ID=22047550

Family Applications (1)

Application Number Title Priority Date Filing Date
EP98953711A Withdrawn EP1025503A4 (fr) 1997-10-20 1998-10-19 Dispositif materiel de securite reconfigurable et procede de fonctionnement

Country Status (4)

Country Link
EP (1) EP1025503A4 (fr)
CA (1) CA2308755A1 (fr)
TW (1) TW456103B (fr)
WO (1) WO1999021094A2 (fr)

Families Citing this family (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6615344B1 (en) * 1999-09-03 2003-09-02 Infineon Technologies North America Corp. System and method for tracking selectively enabling modules used in an integrated processor using a tracking register providing configuration information to an external pin
KR20000017956A (ko) * 1999-12-30 2000-04-06 김월영 하드웨어락에 의한 보안 및 원격관리 솔루션 "바다"
NL1014274C2 (nl) 2000-02-03 2001-08-16 Tele Atlas Bv Stelsel voor het beveiligen van op een datadrager aanwezige data.
GB2363218A (en) * 2000-06-07 2001-12-12 Ubinetics Ltd A method of accessing application data for a peripheral device
JP3874593B2 (ja) * 2000-06-12 2007-01-31 株式会社日立製作所 コンピュータ識別装置
AU2001287444A1 (en) * 2000-09-01 2002-03-13 Conleth Buckley Method and system for preventing unwanted alterations of data and programs stored in a computer system
WO2002035414A1 (fr) * 2000-10-26 2002-05-02 Interlex Inc. Procede de vente numerique de contenus et systeme utilisant un reseau de communication
US7752419B1 (en) 2001-03-22 2010-07-06 Qst Holdings, Llc Method and system for managing hardware resources to implement system functions using an adaptive computing architecture
US7962716B2 (en) 2001-03-22 2011-06-14 Qst Holdings, Inc. Adaptive integrated circuitry with heterogeneous and reconfigurable matrices of diverse and adaptive computational units having fixed, application specific computational elements
US6836839B2 (en) 2001-03-22 2004-12-28 Quicksilver Technology, Inc. Adaptive integrated circuitry with heterogeneous and reconfigurable matrices of diverse and adaptive computational units having fixed, application specific computational elements
US7249242B2 (en) 2002-10-28 2007-07-24 Nvidia Corporation Input pipeline registers for a node in an adaptive computing engine
US7653710B2 (en) 2002-06-25 2010-01-26 Qst Holdings, Llc. Hardware task manager
US6577678B2 (en) 2001-05-08 2003-06-10 Quicksilver Technology Method and system for reconfigurable channel coding
DE10139610A1 (de) * 2001-08-11 2003-03-06 Daimler Chrysler Ag Universelle Rechnerarchitektur
US7046635B2 (en) * 2001-11-28 2006-05-16 Quicksilver Technology, Inc. System for authorizing functionality in adaptable hardware devices
US6986021B2 (en) 2001-11-30 2006-01-10 Quick Silver Technology, Inc. Apparatus, method, system and executable module for configuration and operation of adaptive integrated circuitry having fixed, application specific computational elements
US8412915B2 (en) 2001-11-30 2013-04-02 Altera Corporation Apparatus, system and method for configuration of adaptive integrated circuitry having heterogeneous computational elements
US7215701B2 (en) 2001-12-12 2007-05-08 Sharad Sambhwani Low I/O bandwidth method and system for implementing detection and identification of scrambling codes
US7403981B2 (en) 2002-01-04 2008-07-22 Quicksilver Technology, Inc. Apparatus and method for adaptive multimedia reception and transmission in communication environments
JP3735300B2 (ja) * 2002-01-31 2006-01-18 富士通株式会社 アクセス制限可能な情報記録再生システム及びそのアクセス制限方法
US7660984B1 (en) 2003-05-13 2010-02-09 Quicksilver Technology Method and system for achieving individualized protected space in an operating system
US7328414B1 (en) 2003-05-13 2008-02-05 Qst Holdings, Llc Method and system for creating and programming an adaptive computing engine
US8108656B2 (en) 2002-08-29 2012-01-31 Qst Holdings, Llc Task definition for specifying resource requirements
US7937591B1 (en) 2002-10-25 2011-05-03 Qst Holdings, Llc Method and system for providing a device which can be adapted on an ongoing basis
US8276135B2 (en) 2002-11-07 2012-09-25 Qst Holdings Llc Profiling of software and circuit designs utilizing data operation analyses
US7225301B2 (en) 2002-11-22 2007-05-29 Quicksilver Technologies External memory controller node
US7894606B2 (en) 2005-11-28 2011-02-22 Panasonic Electric Works Co., Ltd. Systems and methods for facilitating secure key distribution to an embedded device
CN112328975A (zh) * 2020-10-29 2021-02-05 上海金仕达软件科技有限公司 一种产品软件授权管理方法、终端设备及介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5448045A (en) * 1992-02-26 1995-09-05 Clark; Paul C. System for protecting computers via intelligent tokens or smart cards
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
GB2302968A (en) * 1995-07-05 1997-02-05 Pierre Antonini Temporarily authorising the use of a computer programme protected by an electronic cartridge
WO1997030575A2 (fr) * 1996-02-26 1997-08-28 Network Engineering Technologies Systeme automatise de gestion de logiciel sous licence

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5432934A (en) * 1993-07-26 1995-07-11 Gensym Corporation Access restrictions as a means of configuring a user interface and making an application secure
US5825876A (en) * 1995-12-04 1998-10-20 Northern Telecom Time based availability to content of a storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5448045A (en) * 1992-02-26 1995-09-05 Clark; Paul C. System for protecting computers via intelligent tokens or smart cards
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
GB2302968A (en) * 1995-07-05 1997-02-05 Pierre Antonini Temporarily authorising the use of a computer programme protected by an electronic cartridge
WO1997030575A2 (fr) * 1996-02-26 1997-08-28 Network Engineering Technologies Systeme automatise de gestion de logiciel sous licence

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of WO9921094A3 *

Also Published As

Publication number Publication date
TW456103B (en) 2001-09-21
WO1999021094A3 (fr) 1999-07-01
WO1999021094A2 (fr) 1999-04-29
EP1025503A2 (fr) 2000-08-09
CA2308755A1 (fr) 1999-04-29

Similar Documents

Publication Publication Date Title
EP1025503A2 (fr) Dispositif materiel de securite reconfigurable et procede de fonctionnement
CN100424678C (zh) 使用隐含中间密钥来认证软件的系统和方法
Zhang et al. Recent attacks and defenses on FPGA-based systems
US4817140A (en) Software protection system using a single-key cryptosystem, a hardware-based authorization system and a secure coprocessor
CN1312876C (zh) 用不可访问的唯一密钥对储存的数据进行加密/解密
Maes et al. A pay-per-use licensing scheme for hardware IP cores in recent SRAM-based FPGAs
White ABYSS: ATrusted Architecture for Software Protection
US9195806B1 (en) Security server for configuring and programming secure microprocessors
US7313828B2 (en) Method and apparatus for protecting software against unauthorized use
US5978476A (en) Access restriction to circuit designs
CN100354786C (zh) 开放型通用抗攻击cpu及其应用系统
CN1914849B (zh) 受信移动平台体系结构
US9003177B2 (en) Data security for digital data storage
US6233567B1 (en) Method and apparatus for software licensing electronically distributed programs
US7082539B1 (en) Information processing apparatus
US20040255119A1 (en) Memory device and passcode generator
US7475254B2 (en) Method for authenticating software using protected master key
US7096370B1 (en) Data security for digital data storage
US20070055892A1 (en) Concealment of information in electronic design automation
US20020199110A1 (en) Method of protecting intellectual property cores on field programmable gate array
EP0266748B1 (fr) Système de protection de logiciels à l'aide d'un système cryptographique à clé unique, d'un système d'autorisation basé sur le matériel et d'un coprocesseur en lieu sûr
CN101142599A (zh) 基于硬件识别的数字权利管理系统
CN102347834A (zh) 受信移动平台体系结构
CN101523399A (zh) 基于用户认证修改完整性度量的方法和系统
US20090222927A1 (en) Concealment of Information in Electronic Design Automation

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20000517

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

A4 Supplementary search report drawn up and despatched

Effective date: 20020207

AK Designated contracting states

Kind code of ref document: A4

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

RIC1 Information provided on ipc code assigned before grant

Free format text: 7G 06F 12/14 A, 7G 06F 1/00 B

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN

18W Application withdrawn

Withdrawal date: 20020429