US20170288869A1 - Secure key storage using physically unclonable functions - Google Patents
Secure key storage using physically unclonable functions Download PDFInfo
- Publication number
- US20170288869A1 US20170288869A1 US15/628,386 US201715628386A US2017288869A1 US 20170288869 A1 US20170288869 A1 US 20170288869A1 US 201715628386 A US201715628386 A US 201715628386A US 2017288869 A1 US2017288869 A1 US 2017288869A1
- Authority
- US
- United States
- Prior art keywords
- key
- hardware
- component
- provisioner
- tester
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
Definitions
- Some embodiments of the invention generally relate to the manufacture of processors. More particularly, some embodiments of the invention relate to secure key management and provisioning, of keys to processors.
- keys are provisioned to and stored in the integrated circuit or processor.
- the keys may be stored in fuses of the integrated circuits or processors and may be unique per type of integrated circuit or processor.
- the keys may be fed into and consumed by various security engines or co-processors.
- the keys may be categorized as class 1 or class 2 keys.
- Class 1 keys include random secret keys that are shared with at least one entity such as a key generator. During manufacture of an integrated circuit or processor, the class 1 keys can be either auto-generated, by the integrated circuit or processor, stored therein, and revealed to at least one other entity or the class 1 keys may be externally generated, by a key generating entity, and stored in the integrated circuit or processor.
- Non-limiting examples of class 1 keys include provisioning keys, customer keys, and conditional access keys.
- Class 2 keys include secret keys derived from a master secret, which is unknown to the integrated circuit or processor but which is known to at least one entity such as a key generating entity. Unlike class 1 keys, class 2 keys cannot be auto-generated.
- Class 2 keys are generated, by a key generating entity, and stored, during manufacture, in the integrated circuit or processor.
- Non-limiting examples of class 2 keys include High-bandwidth Digital Content Protection (HDCP) keys, Enhanced Privacy Identifier (MD) keys, and Advanced Access Content System (AACS) keys.
- HDCP High-bandwidth Digital Content Protection
- MD Enhanced Privacy Identifier
- AACS Advanced Access Content System
- Security fuses may have a number of security countermeasures in place that make them less susceptible than regular fuses to physical attacks. However, these security countermeasures make the security fuses more costly, in terms of die area, than regular fuses such as general-purpose high-density fuses.
- FIG. 1 illustrates an exemplary key-provisioning and testing environment for provisioning keys to processors according to some implementations.
- FIG. 2 illustrates another exemplary key-provisioning environment for provisioning keys to processors according to some implementations.
- FIG. 3 illustrates a flow diagram of an exemplary process that includes provisioning a processor with a key according to some implementations.
- FIG. 4 illustrates another exemplary key-provisioning environment for provisioning keys to processors according to some implementations.
- FIG. 5 illustrates a flow diagram of another exemplary process that includes provisioning a processor with a key according to some implementations.
- FIG. 6 illustrates a flow-diagram of an exemplary process that includes generating a validator according to some implementations.
- FIG. 7 illustrates a flow diagram of another exemplary process that includes generating a validator according to some implementations.
- FIG. 8 illustrates an exemplary architecture of a processor having a secure key manager component according to some implementations.
- FIG. 9 illustrates another exemplary architecture of a processor having a secure key manager component according to some implementations.
- FIG. 10 is a block diagram of an illustrative architecture of a system provisioned with a key.
- FIG. 1 illustrates an exemplary key-provisioning and testing environment 100 for provisioning keys to processors.
- the key-provisioning and testing environment 100 may include a key generator 102 , a key-provisioner/tester 104 , and a processor 106 .
- the key generator 102 may generate key(s) (K 1 ) 108 .
- the key (K 1 ) 108 may be a shared secret type key (e.g., class 1 key and/or class 2 key).
- the key-provisioner/tester 104 receives the key (K 1 ) 108 from the key generator 1 . 02 .
- the key-provisioner/tester 104 provides the processor 1 . 06 with key (K 2 ) 110 .
- the key (K 2 ) 110 may be the same as the key (KO 108 .
- the key (K 2 ) 110 may be different from the key (KI) 108 but correspond to the key (K 1 ) 108 .
- the key-provisioner/tester 104 may encrypt the key-(K 1 ) 108 to generate the key-(K 2 ) 110 .
- the processor 106 may include a secure key manager component 112 and a processor core 114 .
- the secure key manager component 112 may provide the processor core 114 with key 116 , where the key 116 may be the same, numerically and/or functionally, as the key (K 1 ) 108 .
- FIG. 2 illustrates an exemplary key-provisioning environment 200 for provisioning keys to processors.
- the secure key manager component 112 of the processor 106 may-include nonvolatile memory 202 , key cipher component 204 , and a physically unclonable functions (PUF) component 206 .
- the non-volatile memory 202 may include programmable r ead-only memory (PROM), field programmable read-only memory (FPROM) and/or one-time-programmable nonvolatile memory (OTP VIM).
- the nonvolatile memory 202 may include metal fuses and/or anti-fuses of CMOS (complimentary metal-oxide-semiconductor) fabricated cells, and the fuses (and/or anti-fuses) may be selectively blown or destroyed to program the nonvolatile memory 202 .
- CMOS complementary metal-oxide-semiconductor
- the key cipher component 204 may be a decryption component and may be a hardware only component.
- the key cipher component 204 may be fixed logic circuitry for providing cipher functions and may include one or more of dedicated circuits, logic units, microcode, or the like.
- the key cipher component 204 may employ symmetric-key algorithms such as, but not limited to, Twofish, Serpent, Advanced Encryption Standard (AES), Blowfish, CASTS, CAST-128, RC4, Data Encryption Standard (DES), ‘Triple DES (3DES), and International Data Encryption Algorithm (IDEA).
- the PUF component 206 may be a hardware only component that generates a unique hardware key (KH) 208 based on one or more physical characteristics of the processor 106 .
- the PUF component 206 may be fixed logic circuitry and may include one or more of dedicated circuits, logic units, microcode, or the like.
- the one or more physical characteristics of the processor 106 may be due to manufacturing variations, which may be uncontrollable, that may be a result of integrated circuit fabrication of the processor 106 .
- integrated circuits that are of the same design may have timing differences due to manufacturing variations of parameters such as dopant concentration and widths.
- the PUF component 206 may measure temporal response of various components of the processor 106 and may generate the hardware key (KH) 208 based at least on the measured temporal responses.
- the PUF component 206 may provide the key-provisioner/tester 104 and the key cipher component 204 with the hardware key (KH) 208 .
- the key-provisioner/tester 104 receives the key (K 1 ) 108 from the key generator 102 and the hardware key (KH) 208 from the processor 106 .
- the key-provisioner/tester 104 may include a memory device 210 and a cipher device 212 .
- the key (K 1 ) 108 and the hardware key (KH) 208 may be stored, at least temporarily, in the memory device 210 .
- the cipher device 212 may include an encryption module and a decryption module.
- the cipher device 212 may employ symmetric-key algorithms such as, but not limited to, Twofish, Serpent, Advanced Encryption Standard (AES), Blowfish, CASTS, CAST-128, RC 4 , Data Encryption Standard (DES), Triple DES (3DES) and International Data Encryption Algorithm (IDEA).
- symmetric-key algorithms such as, but not limited to, Twofish, Serpent, Advanced Encryption Standard (AES), Blowfish, CASTS, CAST-128, RC 4 , Data Encryption Standard (DES), Triple DES (3DES) and International Data Encryption Algorithm (IDEA).
- the cipher device 212 may encrypt the key (K 1 ) 108 with the hardware key (KH) 208 to generate an encrypted key (E[K 1 ]) 214 .
- the key-provisioner/tester 104 may provide the encrypted key (E[K 1 ]) 214 and control signals 216 to store the encrypted key (E[K 1 ]) 214 into the nonvolatile memory 202 .
- the key-provisioner/tester 104 may read the nonvolatile memory 202 to retrieve the stored encrypted key (E[K 1 ]) 214 .
- the cipher device 212 may decrypt the encrypted key (E[K 1 ]) 214 retrieved from the nonvolatile memory 202 with the hardware key (KH) 208 to recover the key (K 1 ) 108 .
- the key-provisioner/tester 104 may compare the recovered key (K 1 ) 108 against a copy of the key (K 1 ) 108 retrieved from memory device 210 .
- the key-provisioner/tester 104 may validate the processor 106 . If the recovered key (K 1 ) 108 and the copy of the key (K 1 ) 108 received from memory device 210 are not the same, the key-provisioner/tester 104 may fail to validate the processor 106 .
- the secure key manager component 112 protects the integrity of key (K 1 ) 108 .
- the secure key manager component 112 may protect the integrity of key (K 1 ) 108 by not retaining a copy of the key (K 1 ) 108 .
- a physical attack on the secure key manager component 112 to read the key (K 1 ) 108 will fail.
- the secure key manager component 112 may protect the integrity of key (K 1 ) 108 by not retaining a copy of the hardware key (KH) 208 .
- an attacker cannot read the hardware key (KH) 208 from secure key manager component 112 and, consequently, cannot access the hardware key (KH) 208 to decrypt the encrypted key (E[K 1 ]) 214 .
- Physical attacks on the processor 106 may result in changes in the physical characteristics of the processor 106 .
- changes in the physical characteristics of the processor 106 may cause the PUF component 206 to no longer generate a valid copy of the hardware key (KH) 208 that can be used to decrypt the encrypted key (E[K 1 ]) 214 . Rather, the PUF component 206 may, as a consequence of the physical changes to the processor 106 , generate a different version of the hardware key (KH) 208 that cannot be used to decrypt the encrypted key (E[K 1 ]) 214 .
- the key-provisioner/tester 104 may isolate the secure key manager component 112 from communications with de-vices/entities that are external to the processor 106 .
- the key-provisioner/tester 104 may blow fuses and/or anti-fuses of the processor 106 and/or set internal flags/bits that communicatively isolate the secure key manager component 112 from external devices/entities.
- the secure key manager component 112 may communicate only with processor core 114 .
- each block may represent one or more operations tha.t may be implemented in hardware, firmware, software, or a combination thereof. However, in some embodiments, some blocks may represent one or more operations that may be implemented only in hardware, and in yet other embodiments, some blocks may represent one or more operations that may be implemented only in hardware or firmware.
- the blocks may represent hardware-based logic that is executable by the secure key manager component 112 to perform the recited operations.
- the blocks may represent computer-executable instructions that, when executed by a processor, cause the processor to perform the recited operations.
- computer-executable instructions include routines, programs, objects, modules, components, data structures, and the like that perform particular functions or implement particular abstract data types.
- the order in which the blocks are described is not intended to be construed as a limitation, and any number of the described operations can be combined in any order and/or in parallel to implement the processes.
- the processes 300 , 500 , 600 and 700 or FIGS. 3, 5, 6 and 7 , respectively are described with reference to one or more of the key-provisioning environments 200 , as described above, and 400 , as described below, although other models, systems and environments may he used to implement these processes.
- FIG. 3 illustrates a flu diagram of an exemplary process 300 that includes provisioning the processor 106 with a key (K 1 ) 108 .
- the process 400 may be performed by the key-provisioner/tester 104 and the secure key manager component 112 .
- the key-provisioner/tester 104 may receive the key (K 1 ) 108 from the key generator 102 .
- the key-provisioner/tester 104 may store, at least temporarily, the received key (K 1 ) 108 in memory device 210 .
- the key-provisioner/tester 104 may delete the key (K 1 ) 108 from the memory device 206 after successful validation of the processor 106 or after successful validation of a number of processors 106 , e.g., after a production run of processors 106 .
- the key-provisioner/tester 104 may challenge the PUF component 206 via control signals 216 .
- the PUF component 206 may generate the hardware key (KH) 208 in response to the challenge from the key-provisioner/tester 104 .
- the key-provisioner/tester 104 may retrieve the hardware key (KH) 208 from the processor 106 .
- the key-provisioner/tester 104 may read the hardware key (KH) 208 from the secure key manager component 112 , and in other embodiments, the key-provisioner/tester 104 may read the hardware key (KH) 208 from the nonvolatile memory 202 .
- the key-provisioner/tester 104 may store, at least temporarily, the read the hardware key (KH) 208 in memory device 210 .
- the key-provisioner/tester 104 may delete the hardware key (KH) 208 from the memory device 206 after successful validation of the processor 106 so that no other entity may acquire the hardware key (KH) 208 .
- the key-provisioner/tester 104 may encrypt the key (K 1 ) 108 with the hardware key (KH) 208 .
- the encryption of the key (K 1 ) 108 with the hardware key (KH) 208 generates the encrypted key (E[K 1 ]) 214 .
- the key-provisioner/tester 104 may provide the encrypted key-(E[K 1 ]) 214 to the processor 106 in some embodiments, the key-provisioner/tester 104 may write the encrypted key (E[K 1 ]) 214 into the nonvolatile memory 202 . In some embodiments, the key-provisioner/tester 104 may program the encrypted key (E[K 1 ]) 214 into the nonvolatile memory 202 via control signals 216 .
- the key-provisioner/tester 104 may blow fuses (or anti-fuses) of the nonvolatile memory 202 via the control signals 216 to store, write, or program the encrypted key (E[K 1 ]) 214 into the nonvolatile memory 202 .
- the key-provisioner/tester 104 may retrieve the encrypted key (E[K 1 ]) 214 from the processor 106 .
- the key-provisioner/tester 104 may retrieve the encrypted key (E[K 1 ]) 214 from the processor 106 by signaling, via control signals ‘ 16 , the processor 106 , and the processor 106 may provide the encrypted key (E[K 1 ]) 214 to the key-provisioner/tester 104 .
- the key-provisioner/tester 104 may signal, via control signals 216 , the secure key manager component 112 , and the secure key manager component 112 may provide the encrypted key (E[K 1 ]) 214 to the key-provisioner/tester 104 .
- the key-provisioner/tester 104 may read the encrypted key (E[K 1 ]) 214 from the nonvolatile memory 202 .
- the key-provisioner/tester 104 may validate the encrypted key (E[K 1 ]) 214 .
- the key-provisioner/tester 104 may decrypt the retrieved encrypted key (E[K 1 ]) 214 with the hardware key (KH) 208 .
- the key-provisioner/tester 104 may retrieve the hardware key (KH) 208 from the memory device 210 .
- the key-provisioner/tester 104 may retrieve the hardware key (KH) 208 from the processor 106 .
- the key-provisioner tester 104 may read the hardware key (KH) 208 from the nonvolatile memory 202 .
- the decryption of the encrypted key (E[K 1 ]) recovers the key (K 1 ) 108 .
- the key-provisioner/tester 104 may compare the recovered key (K 1 ) 108 with a known valid version of the key (K 1 ) 108 .
- the known valid version of the key (K 1 ) 108 may be a copy retrieved from the memory-device 210 or a copy received from the key generator 102 .
- the key-provisioner/tester 104 may validate the encrypted key (E[K 1 ]) 214 if the known valid version of the key (K 1 ) 108 and the, recovered key (K 1 ) 108 are the same.
- the key-provisioner/tester 104 may protect the integrity of the secure key manager component 112 .
- the key-provisioner/tester 104 may provide control signals 216 that isolate the secure key manager component 112 from sources/devices that are external to the processor 106 .
- the, key-provisioner/tester 104 may signal a component of the processor 106 to prevent external access to the secure key manager component 112 .
- the key-provisioner/tester 104 may blow fuses, or anti-fuses, of the processor 106 to prevent external access to the secure key manager component 112 .
- the key-provisioner/tester 104 may prevent external access to the PUF component 206 while permitting external access to at least one other component of the secure key manager component 112 .
- the hardware key (KH) 208 is not written into the nonvolatile memory 202 or other memory of the processor 106 .
- the PUF component 206 may generate the hardware key (KH) 208 each time that the key cipher component 204 requires the key hardware key (KH) 208 .
- the key-provisioner/tester 104 may protect the integrity of the secure key manager component by preventing external access to the PUF component 206 , even if other components of the secure key manager component 112 are externally accessible.
- the key-provisioner/tester 104 may complete testing of the processor 106 . Upon the processor 106 passing tests by the key-provisioner/tester 104 , the key-provisioner/tester 104 may validate the processor 106 .
- FIG. 4 illustrates an exemplary key-provisioning environment 400 for provisioning keys to processors.
- the security of the hardware key (KH) 208 may be further enhanced by no.t providing the hardware key (KH) 208 to the key-provisioner/tester 104 or to any entity, component, or device that is external to the processor 106 .
- the processor 106 may he manufactured such that the hardware key (KH) 208 is not distributed, nor accessible from, outside of the processor 106 .
- the secure key manager component 112 of the processor 106 may include nonvolatile memory 202 , key cipher component 204 , and a physically unclonable functions (PUF) component 206 , and a built-in self-tester (B1ST) component 402 .
- PAF physically unclonable functions
- B1ST built-in self-tester
- the key cipher component 204 may be an encryption and decryption component and may be a hardware only component.
- the key cipher component 204 may employ symmetric-key algorithms such as, but not limited to, Twofish, Serpent, Advanced Encryption Standard (AES), Blowfish, CASTS, CAST-128, RC4, Data Encryption Standard (DES), Triple DES (3DES), and International Data Encryption Algorithm (IDEA).
- the PUF component 206 may be a physical component that generates the unique hardware key (KH) 208 based on one or more physical characteristics of the processor 106 .
- the PUF component 206 may provide the key cipher component 204 with the hardware key (KH) 208 .
- the PUF component 206 may be isolated from external devices/entities such as the key-provisioner/tester 104 . The isolation of the PUP component 206 from external devices/entities may prevent the hardware key (KH) 208 from being distributed, or accessible from outside of the processor 106 .
- the BIST component 402 may check the validity of the, encrypted key (E[K]) 214 and may provide the key-provisioner/tester 104 with validator 404 .
- the BIST component 402 may be fixed logic circuitry for performing at least some of the operations discussed herein a d may include one or more of dedicated circuits, logic units, microcode, or the like.
- Validator 404 may provide an indication of whether or not the encrypted key (E[K 1 ]) 214 is valid.
- the, validator 404 may include content, such as a ciphertext, from which the key-provisioner/tester 104 may determine whether the encrypted key (E[K 1 ]) 214 is valid or invalid.
- the key-provisioner/tester 104 receives the key (K 1 ) 108 from the key generator 102 .
- the key-provisioner/tester 104 may store, at least temporarily, the key (K 1 ) 108 in the memory device 210 .
- the key-provisioner/tester 104 may provide the key (K 1 ) 108 and control signals 216 to the processor 106 to store the encrypted key (E[K 1 ]) 214 into the nonvolatile memory 202 .
- the key-provisioner/tester 104 may provide the key (K 1 ) 108 to the key cipher component 204 and may provide the key (K 1 ) 108 to the B1ST component 402 .
- the control signals 216 may instruct the processor 106 to generate the encrypted key encrypted key (E[K 1 ]) 214 and store the encrypted key encrypted key (E[K 1 ]) 214 in the nonvolatile memory 202 .
- the control signals 216 may cause the PUF component 206 to generate the hardware key (KH) 208 .
- the key cipher component 204 receives the key (K 1 ) 108 and the hardware key (KH) 208 .
- the key cipher component 204 may employ a symmetric cipher algorithm to encrypt the key (K 1 ) 108 with the hardware key (KH) 208 , thereby generating the encrypted key (E[K 1 ]) 214 .
- the encrypted key (E[KI]) 214 is stored in the nonvolatile memory 202 .
- the control signals 216 may instruct the processor 1 ( 16 to validate the encrypted key encrypted key (E[K 1 ]) 214 .
- the stored encrypted key (E[K 1 ]) 214 may be retrieved from the nonvolatile memory 202 and provided to the key cipher component 204 .
- the key cipher component 204 may employ decrypt the encrypted key (EIK. 11 ) : 214 with the hardware key (K 1 H 1 ) 208 thereby revealing a purported copy of the key (K 1 ) 108 .
- the B 1 ST component 402 may receive a validation indicator (V/I) 406 and the key (K 1 ) 108 .
- the validation indicator 406 may be a key that is purportedly the same as the key (K 1 ) 108 .
- the BIST component 402 may compare the key 108 and the validation indicator 406 . If the validation indicator 406 and the key (K 1 ) 108 are the same, the BIST component 402 may validate the encrypted key (E[K 1 ]) 214 .
- the B1ST component 402 may generate the validator 404 , which indicates whether the encrypted key (E[K 1 ]) 214 is valid or invalid, and may provide the validator 404 to the key-provisioner/tester 104 .
- the validation indicator 406 may be a ciphertext generated by key cipher component 204 .
- the key cipher component 204 may encrypt data which is known by the key-provisioner/tester 104 , with the revealed purported copy of the copy of the key (K 1 ) 108 , thereby generating the ciphertext.
- the BIST component 402 may include at least a portion of the ciphertext in the validator 404 .
- the cipher device 212 of the key-provisioner/tester 104 may encrypt the known data with the key (K 1 ) 108 , thereby generating reference cipher text.
- the key-provisioner/tester 104 may compare at least a portion of the reference ciphertext with validator 404 and determine whether the encrypted key (E[K 1 ]) 214 is valid or invalid.
- the validation indicator 406 may be data/text generated by the key cipher component 204 .
- the key cipher component 204 may decrypt ciphertext, which is known by the key-provisioner/tester 104 , with the revealed purported copy of the copy of the key-(K 1 ) 108 , thereby generating the data/text.
- the BIST component 402 may include at least a portion of the data/text in the validator 404 .
- the cipher device 212 of the key-provisioner/tester 104 may compare at least a portion of the data/text included in the validator 404 with the known reference data/text and determine whether the encrypted key (E[K 1 ]) 214 is valid or invalid.
- the validation indicator 406 may be a hash value.
- the key cipher component 204 may perform a hash function, which is known by the key-provisioner/tester 104 , on the revealed purported copy of the key (K 1 ) 108 , thereby generating recognizable content.
- the BIST component 402 may include at least a portion of the hash value in the validator 404 .
- the cipher device 212 of the key-provisioner/tester 104 generates a reference hash value by performing the same hash function on the key-(K 1 ) 108 and comparing the reference hash value with the hash value in the validator 406 .
- FIG. 5 illustrates a flu diagram of an exemplary process 500 that includes provisioning the processor 106 with a key (K 1 ) 108 .
- the process 500 may be performed by the key-provisioner/tester 104 and the secure key manager component 112 .
- the key-provisioner/tester 104 may receive the key (K) 108 from the key generator 102 .
- the key-provisioner/tester 104 may store, at least temporarily, the received key (K 1 ) 108 in memory device 210 .
- the received key (K 1 ) 108 is not stored in memory device 210 .
- the key-provisioner/tester 104 may challenge the PUF component 206 via control signals 216 .
- the PUF component 206 may generate the hardware key (KH) 208 in-response to the challenge from the key-provisioner/tester 104 .
- KH hardware key
- the key-provisioner/tester 104 may provide the key (K 1 ) 108 to the processor 106 .
- the key-provisioner/tester 104 may provide the key (K 1 ) 108 to the secure key manager component 112 , and in other embodiments, the key-provisioner/tester 104 may provide the key (K 1 ) 108 to the key cipher component 204 .
- the key cipher component 204 may encrypt the key (K 1 ) 108 with the hardware key (KH) 208 .
- the encryption of the key (K 1 ) 108 with the hardware key (KH) 208 generates the encrypted key (E[K 1 ]) 214 .
- the encrypted key (E[K 1 ]) 214 may be stored in the nonvolatile memory 202 .
- the key-provisioner/tester 104 may provide control signals 216 that permit the encrypted key (E[K 1 ]) 214 to be written or programmed into the nonvolatile memory 202 .
- the control signals 216 may permit fuses (or anti-fuses) of the nonvolatile memory 202 to be blown.
- the BIST component 402 generates the validator 404 .
- the validator 404 may be provided to the key-provisioner/tester 104 .
- the key-provisioner/tester 104 may read the validator 404 from the BIST component 402 .
- the processor 106 may transmit the validator 404 to the key-provisioner/tester 104 .
- the key-provisioner/tester 104 may validate the encrypted key (E[K 1 ]) 214 based at least in part on the validator 404 .
- the validator 404 may include recognizable content, which is recognizable to the key-provisioner/tester 104 , and the key-provisioner/tester 104 may-validate the encrypted key (E[K 1 ]) 214 based at least in part on the recognizable content.
- the recognizable content may be ciphertext that the key-provisioner/tester 104 may decrypt with the key (K 1 ) 108 or may be data/text that the key-provisioner/tester 104 may compare with reference data/text or may be a hash value that the key-provisioner/tester 104 may compare with a reference hash value (e.g., the key-provisioner/tester 104 may generate the reference hash value based at least in part on the key (K 1 ) 1018 ), or may be a portion of a key that is purportedly the same as the key (K 1 ) 108 .
- the key-provisioner/tester 104 may protect the integrity of the secure key manager component 112 .
- the key-provisioner/tester 104 may provide control signals 216 that isolate the secure key manager component 112 from sources/devices that are external to the processor 106 .
- the key provisioner/tester 104 may signal a component of the processor 106 to prevent external access to the secure key manager component 112 .
- the key-provisioner/tester 104 may blow fuses, or anti-fuses, of the processor 106 to prevent external access to the secure key manager component 112 .
- the hardware key (KH) 208 is not written into the nonvolatile memory 202 or other memory of the processor 106 .
- the PUF component 206 may generate the hardware key (KH) 208 each time that the key cipher component 204 requires the key hardware key (KH) 208 .
- the key-provisioner/tester 104 may protect the integrity of the secure key manager component 112 by preventing external access to the PUF component 206 , even if other components of the secure key manager component 112 are externally accessible.
- the key-provisioner/tester 104 may complete testing of the processor 106 . Upon the processor 106 passing tests by the key-provisioner/tester 104 , key-provisioner/tester 104 may validate the processor 106 .
- FIG. 6 illustrates a flow diagram of an exemplary process 600 for generating the validator 404 .
- the process 500 may be performed by the key-provisioner/tester 104 and the secure key manager component 112 .
- the encrypted key (E[K 1 ]) 214 may be retrieved from the nonvolatile memory 202 .
- the key-provisioner/tester 104 may challenge the PUF component 206 via control signals 216 .
- the PUF component 206 may generate the hardware key (KH) 208 in response to the challenge from the key-provisioner/tester 104 .
- the, key cipher component 204 may decrypt the retrieved encrypted key (E[K 1 ]) 214 with the hardware key (KH) 208 .
- the decryption of the encrypted key (E[K 1 ]) 214 with the hardware key (KH) 208 reveals a key that s purportedly the same as the key (K 1 ) 108 .
- At 610 at least a portion of the key that is purportedly the same as the key (K 1 ) 108 may be included in the validator 404 .
- FIG., 7 illustrates a flow diagram of another exemplary process 700 for generating the validator 404 .
- the process 700 may be performed by the key-provisioner/tester 104 and the secure key manager component 112 .
- the encrypted key (E[K 1 ]) 214 may be retrieved from the nonvolatile memory 202 .
- the key-provisioner/tester 104 may challenge the PUF component 206 via control signals 216 .
- the PUF component 206 may generate the hardware key (KH) 208 in response to the challenge from the key-provisioner/tester 104 .
- the key cipher component 204 may decrypt the retrieved encrypted key (E[K 1 ]) 214 with the hardware key (KH) 208 .
- the decryption of the encrypted key (E[K 1 ]) 214 with the hardware key (KH) 208 reveals a key that is purportedly the same as the key (K 1 ) 108 .
- the key cipher component 204 may generate recognizable content i.e., content that is recognizable to the key-provisioner/tester/provisioner 104 .
- the key cipher component 204 may encrypt data, which is known by the key-provisioner/tester 104 , with the revealed purported copy of the key (K 1 ) 108 , thereby generating ciphertext recognizable to the key-provisioner/tester 104 .
- the key cipher component 204 may decrypt ciphertext, which is known by the key-provisioner/tester 104 , with the revealed purported copy of the, key (K 1 ) 108 , thereby generating text recognizable to the key-provisioner/tester 104 .
- the key cipher component 204 may perform a hash function, which is known by the key-provisioner/tester 104 , on the revealed purported copy of the key (K 1 ) 108 , thereby generating recognizable content.
- The, key cipher component 204 may provide a portion of the revealed purported copy of the key (K 1 ) 108 , thereby generating recognizable content.
- the BIST component 402 may include at least a portion of the recognizable content in the validator 404 .
- FIG. 8 illustrates an exemplary architecture 800 of the processor 102 having a secure key manager component 802 .
- the secure key manager component 802 may include nonvolatile memory 804 , key cipher component 806 and PUF component 808 .
- the non-volatile memory 804 may include fuses 810 and/or anti-fuses 812 .
- the encrypted key (E[K 1 ]) 214 may be written/programmed into the nonvolatile memory 804 by blowing fuses 810 and/or anti-fuses 812 .
- the secure key manager component 802 , the nonvolatile memory 804 , the key cipher component 806 and the PUF component 808 may be the same as, or similar to, the secure key manager component 112 , the nonvolatile memory 202 , the key cipher component 204 and the PUF component 206 .
- the processor 106 may include contacts 814 , interconnects 816 and an initializer component 818 .
- the initializer component 818 may be fixed logic circuitry for performing at least some of the operations discussed herein and may include one or more of dedicated circuits, logic units, microcode, or the like.
- the contacts 814 provides electrical connectivity with external devices, and the interconnects 816 provide electrical connectivity with internal components of the processor 106 .
- the key-provisioner/tester 104 provides the initializer component 818 with control signals 216 in testing and/or validating the-processor 106 .
- the initializer component 818 may respond to the control signals 216 to test and validate components of the processor 106 .
- the key-provisioner/tester 104 may interface with the initializer component 818 to provision the processor 106 with the key (K 1 ) 108 .
- the operations of the initializer component 818 can be implemented in hardware, firmware, software, or a combination thereof.
- the key-provisioner/tester 104 may set flags and/or bits in the initializer component 818 that communicatively isolate the, secure key manager component 802 from external devices. Typically, the key-provisioner/tester 104 may set such flags and/or bits during final testing/validation of the processor 106 .
- the contacts 814 arid/or initializer component 818 may include fuses 820 and/or anti-fuses 822 .
- the key-provisioner/tester 104 may-blow fuses 820 and/or anti-fuses 822 that communicatively isolate the secure key manager component 802 from external devices. For example, the key-provisioner/tester 104 may blow fuses 820 and/or anti-fuses 822 of the initializer component 818 , which may then prevent the initializer cornpone R18 from further communications with the secure key manager component 802 .
- the key-provisioner/tester 104 may blow fuses 820 and/or anti-fuses 822 of the contacts 814 , which may isolate the interconnect 816 a from contacts 814 .
- the key-provisioner/tester 104 may blow fuses 820 and/or anti-fuses 822 during final testing/validation of the processor 106 .
- FIG. 9 illustrates another exemplary architecture 900 of the, processor 102 having the secure key manager component 802 .
- the secure key manager component 802 may include BIST component 902 .
- the BIST component 902 may check the validity of the encrypted key (E[K 1 ]) 214 and may provide the key-provisioner/tester 104 with validator 404 .
- the secure key manager component 802 , the nonvolatile, memory 804 , the key cipher component 806 , the PUF component 808 , and the BIST component 902 may be the same as secure key manager component 112 , the nonvolatile memory 202 , the key cipher component 204 , the PUF component 206 and BIST component 402 .
- module can represent program code (and/or declarative-type instructions) that performs specified tasks or operations when executed on a processing device or devices (e.g., CPUs or processors).
- the program code can be stored in one or more computer-readable memory devices or other computer storage devices.
- FIG. 10 is a block diagram of an illustrative architecture of a system provisioned with a key.
- the system 1000 may include one or more processors 1002 - 1 , . . . , 1002 -N (where N is a positive integer ⁇ 1), each of which may include one or more processor cores 1004 - 1 , . . . , 1004 -M (where M is a positive integer ⁇ 1).
- the processor(s) 1002 may be a single core processor, while in other implementations, the processor(s) 1002 may have a large number of processor cores, each of which may include some or all of the components illustrated in FIG. 10 . For example, each processor core 1004 - 1 , .
- 1004 -M may include an instance of logic 1006 for interacting with a register file 1008 - 1 , . . . , 1008 -M and/or performing at least some of the operations discussed herein.
- the logic 1006 may include one or more of dedicated circuits, logic units, microcode, or the like.
- the processor(s) 1002 and processor core(s) 1004 can be operated, via an integrated memory controller (IMC) 1010 in connection with a local interconnect 1016 , to read and write to a memory 1012 .
- the processor(s) 1002 and processor core(s) 1004 can also execute computer-readable instructions stored in the memory 1012 or other computer-readable media.
- the memory 1012 may include volatile and nonvolatile memory and/or removable and non-removable media implemented in any-type of technology for storage of information, such as computer-readable instructions, data structures, program modules or other data. Such memory may include, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology.
- the multiple processor cores 1004 may share a shared cache 1014 , which may be accessible via the local interconnect 1016 .
- storage 1018 may be provided for storing data, code, programs, logs, and the like.
- the storage 1018 may be accessible via an interconnect 1042 and may include solid state storage, magnetic disk storage, RAID storage systems, storage arrays, network attached storage, storage area networks, cloud storage, CD-ROM, digital versatile disks (DVD) or other optical storage, magnetic cassettes, magnetic tape, or any other medium which can be used to store desired information and which can be accessed by a computing device.
- the memory 1012 and/or the storage 1018 may be a type of computer readable storage media and may be a non-transitory media.
- the local interconnect 1016 may also communicate with a graphical controller (GIFX) 1020 to provide graphics processing.
- GIFX graphical controller
- the local interconnect 1016 may communicate with a system agent 1022 .
- the system agent 1022 may be in communication with a hub 1024 , which connects a display engine 1026 , a PCIe 1028 , and a DMI 1030 .
- the memory 1012 may store functional components that are exe able by the processor(s) 1002 .
- these functional components comprise instructions or programs 1032 that are executable by the processor(s) 1002 .
- the example functional components illustrated in FIG. 10 further include an operating system (OS) 1034 to manage operation of the system 1000 .
- OS operating system
- the system 1000 may include one or more communication devices 1036 that may accessible via the interconnect 1042 , and the communication devices 136 may include one or more interfaces and hardware components for enabling communication with various other devices over a communication link, such as one, or more networks 1038 .
- communication devices 1036 may facilitate communication through one or more of the Internet, cable networks, cellular networks, wireless networks (e.g., Wi-Fi, cellular) and wired networks.
- Components used for communication can depend at least in part upon the type of network and/or environment selected. Protocols and components for communicating such networks are well known and will not be discussed herein in detail.
- the system 1000 may further be equipped with various input/output (I/O) devices 1040 that may be accessible via the interconnect 1042 .
- I/O devices 1040 may include a display, various user interface controls (e.g., buttons, joystick, keyboard, touch screen, etc.), audio speakers, connection ports and so forth.
- An interconnect 1024 which may include a system bus, point-to-point interfaces, a chipset, or other suitable connections and components may be provided to enable communication between the processors 1002 , the memory 1012 , the storage 1018 , the communication devices 1036 , and the I/O devices 1040 .
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processor/apparatus. In one embodiment, the apparatus includes a physically unclonable functions (PUF) circuit to generate a hardware key based on at least one manufacturing variation of the apparatus and a nonvolatile memory coupled to the PUF circuit, the nonvolatile memory to store an encrypted key, the encrypted key comprising a first key encrypted using the hardware key. The apparatus further includes a hardware cipher component coupled to the nonvolatile memory and the PUF circuit, the hardware cipher component to decrypt the encrypted key stored in the nonvolatile memory with at least the hardware key to generate a decrypted copy of the first key and fixed logic circuitry coupled to the PUF circuit and the hardware cipher component, the fixed logic circuitry to verify that the decrypted copy of the first key is valid.
Description
- This application is a continuation of U.S. patent application Ser. No. 15/399,568, filed Jan. 5, 2017, which is a divisional of U.S. patent application Ser. No. 13/996,544, with a 371(c) date of Mar. 17, 2014, which is a National Stage Entry of PCT Application PCT/US11/67881, filed Dec. 29, 2011, the entire contents of all of which are hereby incorporated by reference herein.
- Some embodiments of the invention generally relate to the manufacture of processors. More particularly, some embodiments of the invention relate to secure key management and provisioning, of keys to processors.
- During manufacture, keys are provisioned to and stored in the integrated circuit or processor. The keys may be stored in fuses of the integrated circuits or processors and may be unique per type of integrated circuit or processor. The keys may be fed into and consumed by various security engines or co-processors.
- Typically, the keys may be categorized as
class 1 or class 2 keys.Class 1 keys include random secret keys that are shared with at least one entity such as a key generator. During manufacture of an integrated circuit or processor, theclass 1 keys can be either auto-generated, by the integrated circuit or processor, stored therein, and revealed to at least one other entity or theclass 1 keys may be externally generated, by a key generating entity, and stored in the integrated circuit or processor. Non-limiting examples ofclass 1 keys include provisioning keys, customer keys, and conditional access keys. Class 2 keys include secret keys derived from a master secret, which is unknown to the integrated circuit or processor but which is known to at least one entity such as a key generating entity. Unlikeclass 1 keys, class 2 keys cannot be auto-generated. Class 2 keys are generated, by a key generating entity, and stored, during manufacture, in the integrated circuit or processor. Non-limiting examples of class 2 keys include High-bandwidth Digital Content Protection (HDCP) keys, Enhanced Privacy Identifier (MD) keys, and Advanced Access Content System (AACS) keys. - Keys may be stored in non-volatile memory—having a special type of security fuses. Security fuses may have a number of security countermeasures in place that make them less susceptible than regular fuses to physical attacks. However, these security countermeasures make the security fuses more costly, in terms of die area, than regular fuses such as general-purpose high-density fuses.
- The detailed description is set forth with reference to the accompanying drawing figures. In the figures, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. The use of the same reference numbers in different figures indicates similar or identical items or features.
-
FIG. 1 illustrates an exemplary key-provisioning and testing environment for provisioning keys to processors according to some implementations. -
FIG. 2 illustrates another exemplary key-provisioning environment for provisioning keys to processors according to some implementations. -
FIG. 3 illustrates a flow diagram of an exemplary process that includes provisioning a processor with a key according to some implementations. -
FIG. 4 illustrates another exemplary key-provisioning environment for provisioning keys to processors according to some implementations. -
FIG. 5 illustrates a flow diagram of another exemplary process that includes provisioning a processor with a key according to some implementations. -
FIG. 6 illustrates a flow-diagram of an exemplary process that includes generating a validator according to some implementations. -
FIG. 7 illustrates a flow diagram of another exemplary process that includes generating a validator according to some implementations. -
FIG. 8 illustrates an exemplary architecture of a processor having a secure key manager component according to some implementations. -
FIG. 9 illustrates another exemplary architecture of a processor having a secure key manager component according to some implementations. -
FIG. 10 is a block diagram of an illustrative architecture of a system provisioned with a key. -
FIG. 1 illustrates an exemplary key-provisioning andtesting environment 100 for provisioning keys to processors. The key-provisioning andtesting environment 100 may include akey generator 102, a key-provisioner/tester 104, and aprocessor 106. Thekey generator 102 may generate key(s) (K1) 108. The key (K1) 108 may be a shared secret type key (e.g.,class 1 key and/or class 2 key). - The key-provisioner/
tester 104 receives the key (K1) 108 from the key generator 1.02. The key-provisioner/tester 104 provides the processor 1.06 with key (K2) 110. In some instances, the key (K2) 110 may be the same as the key (KO 108. In other instances, the key (K2) 110 may be different from the key (KI) 108 but correspond to the key (K1) 108. For example, the key-provisioner/tester 104 may encrypt the key-(K1) 108 to generate the key-(K2) 110. - The
processor 106 may include a securekey manager component 112 and aprocessor core 114. The securekey manager component 112 may provide theprocessor core 114 withkey 116, where thekey 116 may be the same, numerically and/or functionally, as the key (K1) 108. -
FIG. 2 illustrates an exemplary key-provisioning environment 200 for provisioning keys to processors. - The secure
key manager component 112 of theprocessor 106 may-includenonvolatile memory 202,key cipher component 204, and a physically unclonable functions (PUF)component 206. Thenon-volatile memory 202 may include programmable read-only memory (PROM), field programmable read-only memory (FPROM) and/or one-time-programmable nonvolatile memory (OTP VIM). Thenonvolatile memory 202 may include metal fuses and/or anti-fuses of CMOS (complimentary metal-oxide-semiconductor) fabricated cells, and the fuses (and/or anti-fuses) may be selectively blown or destroyed to program thenonvolatile memory 202. - The
key cipher component 204 may be a decryption component and may be a hardware only component. For example, thekey cipher component 204 may be fixed logic circuitry for providing cipher functions and may include one or more of dedicated circuits, logic units, microcode, or the like. Thekey cipher component 204 may employ symmetric-key algorithms such as, but not limited to, Twofish, Serpent, Advanced Encryption Standard (AES), Blowfish, CASTS, CAST-128, RC4, Data Encryption Standard (DES), ‘Triple DES (3DES), and International Data Encryption Algorithm (IDEA). - The
PUF component 206 may be a hardware only component that generates a unique hardware key (KH) 208 based on one or more physical characteristics of theprocessor 106. For example, thePUF component 206 may be fixed logic circuitry and may include one or more of dedicated circuits, logic units, microcode, or the like. The one or more physical characteristics of theprocessor 106 may be due to manufacturing variations, which may be uncontrollable, that may be a result of integrated circuit fabrication of theprocessor 106. For example, integrated circuits that are of the same design may have timing differences due to manufacturing variations of parameters such as dopant concentration and widths. ThePUF component 206 may measure temporal response of various components of theprocessor 106 and may generate the hardware key (KH) 208 based at least on the measured temporal responses. ThePUF component 206 may provide the key-provisioner/tester 104 and thekey cipher component 204 with the hardware key (KH) 208. - The key-provisioner/
tester 104 receives the key (K1) 108 from thekey generator 102 and the hardware key (KH) 208 from theprocessor 106. The key-provisioner/tester 104 may include amemory device 210 and acipher device 212. The key (K1) 108 and the hardware key (KH) 208 may be stored, at least temporarily, in thememory device 210. Thecipher device 212 may include an encryption module and a decryption module. Thecipher device 212 may employ symmetric-key algorithms such as, but not limited to, Twofish, Serpent, Advanced Encryption Standard (AES), Blowfish, CASTS, CAST-128, RC4, Data Encryption Standard (DES), Triple DES (3DES) and International Data Encryption Algorithm (IDEA). - The
cipher device 212 may encrypt the key (K1) 108 with the hardware key (KH) 208 to generate an encrypted key (E[K1]) 214. The key-provisioner/tester 104 may provide the encrypted key (E[K1]) 214 andcontrol signals 216 to store the encrypted key (E[K1]) 214 into thenonvolatile memory 202. - After the encrypted key (E[K1]) 214 is stored in the
nonvolatile memory 202, the key-provisioner/tester 104 may read thenonvolatile memory 202 to retrieve the stored encrypted key (E[K1]) 214. Thecipher device 212 may decrypt the encrypted key (E[K1]) 214 retrieved from thenonvolatile memory 202 with the hardware key (KH) 208 to recover the key (K1) 108. The key-provisioner/tester 104 may compare the recovered key (K1) 108 against a copy of the key (K1) 108 retrieved frommemory device 210. Based at least on the comparison, the key-provisioner/tester 104 may validate theprocessor 106. If the recovered key (K1) 108 and the copy of the key (K1) 108 received frommemory device 210 are not the same, the key-provisioner/tester 104 may fail to validate theprocessor 106. - The secure
key manager component 112 protects the integrity of key (K1) 108. The securekey manager component 112 may protect the integrity of key (K1) 108 by not retaining a copy of the key (K1) 108. Thus, a physical attack on the securekey manager component 112 to read the key (K1) 108 will fail. In addition the securekey manager component 112 may protect the integrity of key (K1) 108 by not retaining a copy of the hardware key (KH) 208. Thus, an attacker cannot read the hardware key (KH) 208 from securekey manager component 112 and, consequently, cannot access the hardware key (KH) 208 to decrypt the encrypted key (E[K1]) 214. Physical attacks on theprocessor 106 may result in changes in the physical characteristics of theprocessor 106. In some embodiments, changes in the physical characteristics of theprocessor 106 may cause thePUF component 206 to no longer generate a valid copy of the hardware key (KH) 208 that can be used to decrypt the encrypted key (E[K1]) 214. Rather, thePUF component 206 may, as a consequence of the physical changes to theprocessor 106, generate a different version of the hardware key (KH) 208 that cannot be used to decrypt the encrypted key (E[K1]) 214. - During validation and/or final testing, of the
processor 106, the key-provisioner/tester 104 may isolate the securekey manager component 112 from communications with de-vices/entities that are external to theprocessor 106. The key-provisioner/tester 104 may blow fuses and/or anti-fuses of theprocessor 106 and/or set internal flags/bits that communicatively isolate the securekey manager component 112 from external devices/entities. In some embodiments, the securekey manager component 112 may communicate only withprocessor core 114. - In the flow diagrams of FIGS, 3, 5, 6 and 7, each block may represent one or more operations tha.t may be implemented in hardware, firmware, software, or a combination thereof. However, in some embodiments, some blocks may represent one or more operations that may be implemented only in hardware, and in yet other embodiments, some blocks may represent one or more operations that may be implemented only in hardware or firmware. In the context of hardware, the blocks may represent hardware-based logic that is executable by the secure
key manager component 112 to perform the recited operations. In the context of software or firmware, the blocks may represent computer-executable instructions that, when executed by a processor, cause the processor to perform the recited operations. Generally, computer-executable instructions include routines, programs, objects, modules, components, data structures, and the like that perform particular functions or implement particular abstract data types. The order in which the blocks are described is not intended to be construed as a limitation, and any number of the described operations can be combined in any order and/or in parallel to implement the processes. For discussion purposes, theprocesses FIGS. 3, 5, 6 and 7 , respectively, are described with reference to one or more of the key-provisioningenvironments 200, as described above, and 400, as described below, although other models, systems and environments may he used to implement these processes. -
FIG. 3 illustrates a flu diagram of anexemplary process 300 that includes provisioning theprocessor 106 with a key (K1) 108. Theprocess 400 may be performed by the key-provisioner/tester 104 and the securekey manager component 112. - At 302, the key-provisioner/
tester 104 may receive the key (K1) 108 from thekey generator 102. In some embodiments, the key-provisioner/tester 104 may store, at least temporarily, the received key (K1) 108 inmemory device 210. The key-provisioner/tester 104 may delete the key (K1) 108 from thememory device 206 after successful validation of theprocessor 106 or after successful validation of a number ofprocessors 106, e.g., after a production run ofprocessors 106. - At 304, the key-provisioner/
tester 104 may challenge thePUF component 206 via control signals 216. - At 306, the
PUF component 206 may generate the hardware key (KH) 208 in response to the challenge from the key-provisioner/tester 104. - At 308, the key-provisioner/
tester 104 may retrieve the hardware key (KH) 208 from theprocessor 106. In some embodiments, the key-provisioner/tester 104 may read the hardware key (KH) 208 from the securekey manager component 112, and in other embodiments, the key-provisioner/tester 104 may read the hardware key (KH) 208 from thenonvolatile memory 202. In some embodiments, the key-provisioner/tester 104 may store, at least temporarily, the read the hardware key (KH) 208 inmemory device 210. The key-provisioner/tester 104 may delete the hardware key (KH) 208 from thememory device 206 after successful validation of theprocessor 106 so that no other entity may acquire the hardware key (KH) 208. - At 310, the key-provisioner/
tester 104 may encrypt the key (K1) 108 with the hardware key (KH) 208. The encryption of the key (K1) 108 with the hardware key (KH) 208 generates the encrypted key (E[K1]) 214. - At 312, the key-provisioner/
tester 104 may provide the encrypted key-(E[K1]) 214 to theprocessor 106 in some embodiments, the key-provisioner/tester 104 may write the encrypted key (E[K1]) 214 into thenonvolatile memory 202. In some embodiments, the key-provisioner/tester 104 may program the encrypted key (E[K1]) 214 into thenonvolatile memory 202 via control signals 216. In some embodiments, the key-provisioner/tester 104 may blow fuses (or anti-fuses) of thenonvolatile memory 202 via the control signals 216 to store, write, or program the encrypted key (E[K1]) 214 into thenonvolatile memory 202. - At 314, the key-provisioner/
tester 104 may retrieve the encrypted key (E[K1]) 214 from theprocessor 106. In some embodiments, the key-provisioner/tester 104 may retrieve the encrypted key (E[K1]) 214 from theprocessor 106 by signaling, via control signals ‘16, theprocessor 106, and theprocessor 106 may provide the encrypted key (E[K1]) 214 to the key-provisioner/tester 104. In some embodiments, the key-provisioner/tester 104 may signal, via control signals 216, the securekey manager component 112, and the securekey manager component 112 may provide the encrypted key (E[K1]) 214 to the key-provisioner/tester 104. In some embodiments, the key-provisioner/tester 104 may read the encrypted key (E[K1]) 214 from thenonvolatile memory 202. - At 316, the key-provisioner/
tester 104 may validate the encrypted key (E[K1]) 214. The key-provisioner/tester 104 may decrypt the retrieved encrypted key (E[K1]) 214 with the hardware key (KH) 208. In some embodiments, the key-provisioner/tester 104 may retrieve the hardware key (KH) 208 from thememory device 210. In other embodiments, the key-provisioner/tester 104 may retrieve the hardware key (KH) 208 from theprocessor 106. In some embodiments, the key-provisioner tester 104 may read the hardware key (KH) 208 from thenonvolatile memory 202. The decryption of the encrypted key (E[K1]) recovers the key (K1) 108. The key-provisioner/tester 104 may compare the recovered key (K1) 108 with a known valid version of the key (K1) 108. The known valid version of the key (K1) 108 may be a copy retrieved from the memory-device 210 or a copy received from thekey generator 102. The key-provisioner/tester 104 may validate the encrypted key (E[K1]) 214 if the known valid version of the key (K1) 108 and the, recovered key (K1) 108 are the same. - At 318, the key-provisioner/
tester 104 may protect the integrity of the securekey manager component 112. The key-provisioner/tester 104 may providecontrol signals 216 that isolate the securekey manager component 112 from sources/devices that are external to theprocessor 106. For example, the, key-provisioner/tester 104 may signal a component of theprocessor 106 to prevent external access to the securekey manager component 112. The key-provisioner/tester 104 may blow fuses, or anti-fuses, of theprocessor 106 to prevent external access to the securekey manager component 112. In some embodiments, the key-provisioner/tester 104 may prevent external access to thePUF component 206 while permitting external access to at least one other component of the securekey manager component 112. - In some embodiments, the hardware key (KH) 208 is not written into the
nonvolatile memory 202 or other memory of theprocessor 106. ThePUF component 206 may generate the hardware key (KH) 208 each time that thekey cipher component 204 requires the key hardware key (KH) 208. The key-provisioner/tester 104 may protect the integrity of the secure key manager component by preventing external access to thePUF component 206, even if other components of the securekey manager component 112 are externally accessible. Because the hardware key (KH) 208 is not written into thenonvolatile memory 202 or other memory of theprocessor 106, an attempt to read the hardware key (KH) 208 from theprocessor 106 will be unsuccessful after the key-provisioner/tester 104 protects the integrity of the securekey manager component 112. - At 320, the key-provisioner/
tester 104 may complete testing of theprocessor 106. Upon theprocessor 106 passing tests by the key-provisioner/tester 104, the key-provisioner/tester 104 may validate theprocessor 106. -
FIG. 4 illustrates an exemplary key-provisioning environment 400 for provisioning keys to processors. In this embodiment, the security of the hardware key (KH) 208 may be further enhanced by no.t providing the hardware key (KH) 208 to the key-provisioner/tester 104 or to any entity, component, or device that is external to theprocessor 106. Theprocessor 106 may he manufactured such that the hardware key (KH) 208 is not distributed, nor accessible from, outside of theprocessor 106. - The secure
key manager component 112 of theprocessor 106 may includenonvolatile memory 202,key cipher component 204, and a physically unclonable functions (PUF)component 206, and a built-in self-tester (B1ST)component 402. - The
key cipher component 204 may be an encryption and decryption component and may be a hardware only component. Thekey cipher component 204 may employ symmetric-key algorithms such as, but not limited to, Twofish, Serpent, Advanced Encryption Standard (AES), Blowfish, CASTS, CAST-128, RC4, Data Encryption Standard (DES), Triple DES (3DES), and International Data Encryption Algorithm (IDEA). - The
PUF component 206 may be a physical component that generates the unique hardware key (KH) 208 based on one or more physical characteristics of theprocessor 106. ThePUF component 206 may provide thekey cipher component 204 with the hardware key (KH) 208. ThePUF component 206 may be isolated from external devices/entities such as the key-provisioner/tester 104. The isolation of thePUP component 206 from external devices/entities may prevent the hardware key (KH) 208 from being distributed, or accessible from outside of theprocessor 106. - The
BIST component 402 may check the validity of the, encrypted key (E[K]) 214 and may provide the key-provisioner/tester 104 withvalidator 404. TheBIST component 402 may be fixed logic circuitry for performing at least some of the operations discussed herein a d may include one or more of dedicated circuits, logic units, microcode, or the like.Validator 404 may provide an indication of whether or not the encrypted key (E[K1]) 214 is valid. For example, thevalidator 404 may include a flag (e.g., 1/0) indicating that the encrypted key (E[K1]) 214 is valid or invalid (e.g., 1=valid, 0=invalid). As another example, the,validator 404 may include content, such as a ciphertext, from which the key-provisioner/tester 104 may determine whether the encrypted key (E[K1]) 214 is valid or invalid. - The key-provisioner/
tester 104 receives the key (K1) 108 from thekey generator 102. In some embodiments, the key-provisioner/tester 104 may store, at least temporarily, the key (K1) 108 in thememory device 210. The key-provisioner/tester 104 may provide the key (K1) 108 andcontrol signals 216 to theprocessor 106 to store the encrypted key (E[K1]) 214 into thenonvolatile memory 202. In some embodiments, the key-provisioner/tester 104 may provide the key (K1) 108 to thekey cipher component 204 and may provide the key (K1) 108 to theB1ST component 402. - The control signals 216 may instruct the
processor 106 to generate the encrypted key encrypted key (E[K1]) 214 and store the encrypted key encrypted key (E[K1]) 214 in thenonvolatile memory 202. The control signals 216 may cause thePUF component 206 to generate the hardware key (KH) 208. Thekey cipher component 204 receives the key (K1) 108 and the hardware key (KH) 208. Thekey cipher component 204 may employ a symmetric cipher algorithm to encrypt the key (K1) 108 with the hardware key (KH) 208, thereby generating the encrypted key (E[K1]) 214. The encrypted key (E[KI]) 214 is stored in thenonvolatile memory 202. - The control signals 216 may instruct the processor 1(16 to validate the encrypted key encrypted key (E[K1]) 214. The stored encrypted key (E[K1]) 214 may be retrieved from the
nonvolatile memory 202 and provided to thekey cipher component 204. Thekey cipher component 204 may employ decrypt the encrypted key (EIK.11) :214 with the hardware key (K1H1) 208 thereby revealing a purported copy of the key (K1) 108. TheB1ST component 402 may receive a validation indicator (V/I) 406 and the key (K1) 108. - In some embodiments, the
validation indicator 406 may be a key that is purportedly the same as the key (K1) 108. TheBIST component 402 may compare the key 108 and thevalidation indicator 406. If thevalidation indicator 406 and the key (K1) 108 are the same, theBIST component 402 may validate the encrypted key (E[K1]) 214. TheB1ST component 402 may generate thevalidator 404, which indicates whether the encrypted key (E[K1]) 214 is valid or invalid, and may provide thevalidator 404 to the key-provisioner/tester 104. - In some embodiments, the
validation indicator 406 may be a ciphertext generated bykey cipher component 204. Thekey cipher component 204 may encrypt data which is known by the key-provisioner/tester 104, with the revealed purported copy of the copy of the key (K1) 108, thereby generating the ciphertext. TheBIST component 402 may include at least a portion of the ciphertext in thevalidator 404. Thecipher device 212 of the key-provisioner/tester 104 may encrypt the known data with the key (K1) 108, thereby generating reference cipher text. The key-provisioner/tester 104 may compare at least a portion of the reference ciphertext withvalidator 404 and determine whether the encrypted key (E[K1]) 214 is valid or invalid. - In some embodiments, the
validation indicator 406 may be data/text generated by thekey cipher component 204. Thekey cipher component 204 may decrypt ciphertext, which is known by the key-provisioner/tester 104, with the revealed purported copy of the copy of the key-(K1) 108, thereby generating the data/text. TheBIST component 402 may include at least a portion of the data/text in thevalidator 404. Thecipher device 212 of the key-provisioner/tester 104 may compare at least a portion of the data/text included in thevalidator 404 with the known reference data/text and determine whether the encrypted key (E[K1]) 214 is valid or invalid. - In some embodiments, the
validation indicator 406 may be a hash value. Thekey cipher component 204 may perform a hash function, which is known by the key-provisioner/tester 104, on the revealed purported copy of the key (K1) 108, thereby generating recognizable content. TheBIST component 402 may include at least a portion of the hash value in thevalidator 404. Thecipher device 212 of the key-provisioner/tester 104 generates a reference hash value by performing the same hash function on the key-(K1) 108 and comparing the reference hash value with the hash value in thevalidator 406. -
FIG. 5 illustrates a flu diagram of anexemplary process 500 that includes provisioning theprocessor 106 with a key (K1) 108. Theprocess 500 may be performed by the key-provisioner/tester 104 and the securekey manager component 112. - At 502, the key-provisioner/
tester 104 may receive the key (K) 108 from thekey generator 102. In some embodiments, the key-provisioner/tester 104 may store, at least temporarily, the received key (K1) 108 inmemory device 210. In other embodiments, the received key (K1) 108 is not stored inmemory device 210. - At 504, the key-provisioner/
tester 104 may challenge thePUF component 206 via control signals 216. - At 506, the
PUF component 206 may generate the hardware key (KH) 208 in-response to the challenge from the key-provisioner/tester 104. - At 508, the key-provisioner/
tester 104 may provide the key (K1) 108 to theprocessor 106. In some embodiments, the key-provisioner/tester 104 may provide the key (K1) 108 to the securekey manager component 112, and in other embodiments, the key-provisioner/tester 104 may provide the key (K1) 108 to thekey cipher component 204. - At 510, the
key cipher component 204 may encrypt the key (K1) 108 with the hardware key (KH) 208. The encryption of the key (K1) 108 with the hardware key (KH) 208 generates the encrypted key (E[K1]) 214. - At 512, the encrypted key (E[K1]) 214 may be stored in the
nonvolatile memory 202. The key-provisioner/tester 104 may providecontrol signals 216 that permit the encrypted key (E[K1]) 214 to be written or programmed into thenonvolatile memory 202. The control signals 216 may permit fuses (or anti-fuses) of thenonvolatile memory 202 to be blown. - At 514, the
BIST component 402 generates thevalidator 404. - At 516, the
validator 404 may be provided to the key-provisioner/tester 104. In some embodiments, the key-provisioner/tester 104 may read the validator 404 from theBIST component 402. In other embodiments, theprocessor 106 may transmit thevalidator 404 to the key-provisioner/tester 104. - At 518, the key-provisioner/
tester 104 may validate the encrypted key (E[K1]) 214 based at least in part on thevalidator 404. In some embodiments, thevalidator 404 may include a flag (e.g., 1/0) indicating that the encrypted key (E[K1]) 214 is valid or invalid (e.g., 1=valid, 0=invalid). In other embodiments, thevalidator 404 may include recognizable content, which is recognizable to the key-provisioner/tester 104, and the key-provisioner/tester 104 may-validate the encrypted key (E[K1]) 214 based at least in part on the recognizable content. For example, the recognizable content may be ciphertext that the key-provisioner/tester 104 may decrypt with the key (K1) 108 or may be data/text that the key-provisioner/tester 104 may compare with reference data/text or may be a hash value that the key-provisioner/tester 104 may compare with a reference hash value (e.g., the key-provisioner/tester 104 may generate the reference hash value based at least in part on the key (K1) 1018), or may be a portion of a key that is purportedly the same as the key (K1) 108. - At 520, the key-provisioner/
tester 104 may protect the integrity of the securekey manager component 112. The key-provisioner/tester 104 may providecontrol signals 216 that isolate the securekey manager component 112 from sources/devices that are external to theprocessor 106. For example, the key provisioner/tester 104 may signal a component of theprocessor 106 to prevent external access to the securekey manager component 112. The key-provisioner/tester 104 may blow fuses, or anti-fuses, of theprocessor 106 to prevent external access to the securekey manager component 112. - In some embodiments, the hardware key (KH) 208 is not written into the
nonvolatile memory 202 or other memory of theprocessor 106. ThePUF component 206 may generate the hardware key (KH) 208 each time that thekey cipher component 204 requires the key hardware key (KH) 208. The key-provisioner/tester 104 may protect the integrity of the securekey manager component 112 by preventing external access to thePUF component 206, even if other components of the securekey manager component 112 are externally accessible. Because the hardware key (KH) 208 is not written into thenonvolatile memory 202 or other memory of theprocessor 106, an attempt to read the hardware key (KH) 208 from theprocessor 106 will be unsuccessful after the key-provisioner/tester 104 protects the integrity of the securekey manager component 112. - At 522 the key-provisioner/
tester 104 may complete testing of theprocessor 106. Upon theprocessor 106 passing tests by the key-provisioner/tester 104, key-provisioner/tester 104 may validate theprocessor 106. -
FIG. 6 illustrates a flow diagram of anexemplary process 600 for generating thevalidator 404. Theprocess 500 may be performed by the key-provisioner/tester 104 and the securekey manager component 112. - At 602, the encrypted key (E[K1]) 214 may be retrieved from the
nonvolatile memory 202. - At 604, the key-provisioner/
tester 104 may challenge thePUF component 206 via control signals 216. - At 606, the
PUF component 206 may generate the hardware key (KH) 208 in response to the challenge from the key-provisioner/tester 104. - At 608, the,
key cipher component 204 may decrypt the retrieved encrypted key (E[K1]) 214 with the hardware key (KH) 208. The decryption of the encrypted key (E[K1]) 214 with the hardware key (KH) 208 reveals a key that s purportedly the same as the key (K1) 108. - At 610 at least a portion of the key that is purportedly the same as the key (K1) 108 may be included in the
validator 404. - FIG., 7 illustrates a flow diagram of another
exemplary process 700 for generating thevalidator 404. Theprocess 700 may be performed by the key-provisioner/tester 104 and the securekey manager component 112. - At 702, the encrypted key (E[K1]) 214 may be retrieved from the
nonvolatile memory 202. - At 704, the key-provisioner/
tester 104 may challenge thePUF component 206 via control signals 216. - At 706, the
PUF component 206 may generate the hardware key (KH) 208 in response to the challenge from the key-provisioner/tester 104. - At 708, the
key cipher component 204 may decrypt the retrieved encrypted key (E[K1]) 214 with the hardware key (KH) 208. The decryption of the encrypted key (E[K1]) 214 with the hardware key (KH) 208 reveals a key that is purportedly the same as the key (K1) 108. - At 710, the
key cipher component 204 may generate recognizable content i.e., content that is recognizable to the key-provisioner/tester/provisioner 104. Thekey cipher component 204 may encrypt data, which is known by the key-provisioner/tester 104, with the revealed purported copy of the key (K1) 108, thereby generating ciphertext recognizable to the key-provisioner/tester 104. Thekey cipher component 204 may decrypt ciphertext, which is known by the key-provisioner/tester 104, with the revealed purported copy of the, key (K1) 108, thereby generating text recognizable to the key-provisioner/tester 104. Thekey cipher component 204 may perform a hash function, which is known by the key-provisioner/tester 104, on the revealed purported copy of the key (K1) 108, thereby generating recognizable content. The,key cipher component 204 may provide a portion of the revealed purported copy of the key (K1) 108, thereby generating recognizable content. - At 712, the
BIST component 402 may include at least a portion of the recognizable content in thevalidator 404. -
FIG. 8 illustrates anexemplary architecture 800 of theprocessor 102 having a securekey manager component 802. The securekey manager component 802 may includenonvolatile memory 804,key cipher component 806 andPUF component 808. Thenon-volatile memory 804 may include fuses 810 and/or anti-fuses 812. In some embodiments, the encrypted key (E[K1]) 214 may be written/programmed into thenonvolatile memory 804 by blowing fuses 810 and/or anti-fuses 812. - In some embodiments, the secure
key manager component 802, thenonvolatile memory 804, thekey cipher component 806 and thePUF component 808 may be the same as, or similar to, the securekey manager component 112, thenonvolatile memory 202, thekey cipher component 204 and thePUF component 206. - The
processor 106 may includecontacts 814,interconnects 816 and aninitializer component 818. Theinitializer component 818 may be fixed logic circuitry for performing at least some of the operations discussed herein and may include one or more of dedicated circuits, logic units, microcode, or the like. Thecontacts 814 provides electrical connectivity with external devices, and theinterconnects 816 provide electrical connectivity with internal components of theprocessor 106. - The key-provisioner/
tester 104 provides theinitializer component 818 withcontrol signals 216 in testing and/or validating the-processor 106. Theinitializer component 818 may respond to the control signals 216 to test and validate components of theprocessor 106. The key-provisioner/tester 104 may interface with theinitializer component 818 to provision theprocessor 106 with the key (K1) 108. The operations of theinitializer component 818 can be implemented in hardware, firmware, software, or a combination thereof. In some embodiments, the key-provisioner/tester 104 may set flags and/or bits in theinitializer component 818 that communicatively isolate the, securekey manager component 802 from external devices. Typically, the key-provisioner/tester 104 may set such flags and/or bits during final testing/validation of theprocessor 106. - In some embodiments, the
contacts 814 arid/orinitializer component 818 may include fuses 820 and/or anti-fuses 822. The key-provisioner/tester 104 may-blow fuses 820 and/or anti-fuses 822 that communicatively isolate the securekey manager component 802 from external devices. For example, the key-provisioner/tester 104 may blow fuses 820 and/or anti-fuses 822 of theinitializer component 818, which may then prevent the initializer cornpone R18 from further communications with the securekey manager component 802. As another example, the key-provisioner/tester 104 may blow fuses 820 and/or anti-fuses 822 of thecontacts 814, which may isolate the interconnect 816 a fromcontacts 814. Typically, the key-provisioner/tester 104 may blow fuses 820 and/or anti-fuses 822 during final testing/validation of theprocessor 106. -
FIG. 9 illustrates anotherexemplary architecture 900 of the,processor 102 having the securekey manager component 802. The securekey manager component 802 may includeBIST component 902. TheBIST component 902 may check the validity of the encrypted key (E[K1]) 214 and may provide the key-provisioner/tester 104 withvalidator 404. - In some embodiments, the secure
key manager component 802, the nonvolatile,memory 804, thekey cipher component 806, thePUF component 808, and theBIST component 902 may be the same as securekey manager component 112, thenonvolatile memory 202, thekey cipher component 204, thePUF component 206 andBIST component 402. - The exemplary environments and architectures described herein are merely examples suitable for some implementations and are not intended to suggest any limitation as to the scope of use or functionality of the environments, architectures and frameworks that can implement the processes, components and features described herein. Thus, implementations herein are operational with numerous environments or architectures, and may be implemented in general purpose and special-purpose computing systems, or other devices having processing capability. Generally, any of the functions described with reference to the figures can be implemented using software, hardware (e.g., fixed logic circuitry) or a combination of these implementations. The term “module,” “mechanism” or component” as used herein generally represents software, hardware, or a combination of software and hardware that can be configured to implement prescribed functions. For instance, in the case of a software implementation, the term “module,” “mechanism” or “component” can represent program code (and/or declarative-type instructions) that performs specified tasks or operations when executed on a processing device or devices (e.g., CPUs or processors). The program code can be stored in one or more computer-readable memory devices or other computer storage devices. Thus, the processes, components and modules described herein may, be implemented by a computer program product.
- Furthermore this disclosure provides various example implementations, as described and as illustrated in the drawings. However, this disclosure is not limited to the implementations described and illustrated herein, but can extend to other implementations, as would be known or as would become known to those skilled in the art. Reference in the specification to “one implementation,” “this implementation,” “these implementations” or “some implementations” means that a particular feature, structure or characteristic described is included in at least one implementation, and the appearances of these-phrases in various places in the specification are not necessarily all referring to the same implementation.
-
FIG. 10 is a block diagram of an illustrative architecture of a system provisioned with a key. Thesystem 1000 may include one or more processors 1002-1, . . . , 1002-N (where N is a positive integer≦1), each of which may include one or more processor cores 1004-1, . . . , 1004-M (where M is a positive integer≦1). In some implementations, as discussed above, the processor(s) 1002 may be a single core processor, while in other implementations, the processor(s) 1002 may have a large number of processor cores, each of which may include some or all of the components illustrated inFIG. 10 . For example, each processor core 1004-1, . . . , 1004-M may include an instance oflogic 1006 for interacting with a register file 1008-1, . . . , 1008-M and/or performing at least some of the operations discussed herein. Thelogic 1006 may include one or more of dedicated circuits, logic units, microcode, or the like. - The processor(s) 1002 and processor core(s) 1004 can be operated, via an integrated memory controller (IMC) 1010 in connection with a
local interconnect 1016, to read and write to amemory 1012. The processor(s) 1002 and processor core(s) 1004 can also execute computer-readable instructions stored in thememory 1012 or other computer-readable media. Thememory 1012 may include volatile and nonvolatile memory and/or removable and non-removable media implemented in any-type of technology for storage of information, such as computer-readable instructions, data structures, program modules or other data. Such memory may include, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology. In the case in which there aremultiple processor cores 1004, in some implementations, themultiple processor cores 1004 may share a sharedcache 1014, which may be accessible via thelocal interconnect 1016. - Additionally,
storage 1018 may be provided for storing data, code, programs, logs, and the like. Thestorage 1018 may be accessible via aninterconnect 1042 and may include solid state storage, magnetic disk storage, RAID storage systems, storage arrays, network attached storage, storage area networks, cloud storage, CD-ROM, digital versatile disks (DVD) or other optical storage, magnetic cassettes, magnetic tape, or any other medium which can be used to store desired information and which can be accessed by a computing device. Depending on the configuration of thesystem 1000, thememory 1012 and/or thestorage 1018 may be a type of computer readable storage media and may be a non-transitory media. - In various embodiments, the
local interconnect 1016 may also communicate with a graphical controller (GIFX) 1020 to provide graphics processing. In some embodiments, thelocal interconnect 1016 may communicate with asystem agent 1022. Thesystem agent 1022 may be in communication with ahub 1024, which connects adisplay engine 1026, aPCIe 1028, and aDMI 1030. - The
memory 1012 may store functional components that are exe able by the processor(s) 1002. In some implementations, these functional components comprise instructions orprograms 1032 that are executable by the processor(s) 1002. The example functional components illustrated inFIG. 10 further include an operating system (OS) 1034 to manage operation of thesystem 1000. - The
system 1000 may include one ormore communication devices 1036 that may accessible via theinterconnect 1042, and the communication devices 136 may include one or more interfaces and hardware components for enabling communication with various other devices over a communication link, such as one, ormore networks 1038. For example,communication devices 1036 may facilitate communication through one or more of the Internet, cable networks, cellular networks, wireless networks (e.g., Wi-Fi, cellular) and wired networks. Components used for communication can depend at least in part upon the type of network and/or environment selected. Protocols and components for communicating such networks are well known and will not be discussed herein in detail. - The
system 1000 may further be equipped with various input/output (I/O)devices 1040 that may be accessible via theinterconnect 1042. Such I/O devices 1040 may include a display, various user interface controls (e.g., buttons, joystick, keyboard, touch screen, etc.), audio speakers, connection ports and so forth. Aninterconnect 1024, which may include a system bus, point-to-point interfaces, a chipset, or other suitable connections and components may be provided to enable communication between the processors 1002, thememory 1012, thestorage 1018, thecommunication devices 1036, and the I/O devices 1040. - Although the subject matter has been described in language specific to structural features and/or methodological acts, the subject matter defined in the appended claims is not limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example forms of implementing the claims. This disclosure is intended to cover any and all adaptations or variations of the disclosed implementations, and the following claims should not be construed to be limited to the specific implementations disclosed in the specification. Instead, the scope of this document is to be determined entirely by the following claims, along with the full range of equivalents to which such claims are entitled.
Claims (12)
1. An apparatus comprising:
a physically unclonable functions (PUF) circuit to generate a hardware key based on at least one manufacturing variation of the apparatus;
nonvolatile memory coupled to the PUF circuit, the nonvolatile memory to store an encrypted key, the encrypted key comprising a first key encrypted using the hardware key;
a hardware cipher component coupled to the nonvolatile memory and the PUF circuit, the hardware cipher component to decrypt the encrypted key stored in the nonvolatile memory with at least the hardware key to generate a decrypted copy of the first key; and
fixed logic circuitry coupled to the PUF circuit and the hardware cipher component, the fixed logic circuitry to verify that the decrypted copy of the first key is valid.
2. The apparatus of claim 1 , wherein the at least one manufacturing variation results from integrated circuit fabrication of the apparatus.
3. The apparatus of claim 1 , wherein the nonvolatile memory includes at least one anti-fuse.
4. The apparatus of claim 1 , wherein the hardware cipher component comprises an encryption and decryption component.
5. The apparatus of claim 1 , further comprising:
at least one internal interconnect, wherein the PUF circuit, the nonvolatile memory, the hardware cipher component, and the fixed logic circuitry are coupled together the by the at least one internal interconnect.
6. The apparatus of claim 1 , wherein the apparatus is coupled to a processing device by at least one external interconnect.
7. An system comprising:
an input/output (I/O) subsystem;
a memory subsystem; and
a processing device, communicably coupled to the I/O subsystem and the memory subsystem, the processing device comprising:
a physically unclonable functions (PUF) circuit to generate a hardware key based on at least one manufacturing variation of the processing device;
nonvolatile memory coupled to the PUF circuit, the nonvolatile memory to store an encrypted key, the encrypted key comprising a first key encrypted using the hardware key;
a hardware cipher component coupled to the nonvolatile memory and the PUF circuit, the hardware cipher component to decrypt the encrypted key stored in the nonvolatile memory with at least the hardware key to generate a decrypted copy of the first key; and
fixed logic circuitry coupled to the PUF circuit and the hardware cipher component, the fixed logic circuitry to verify that the decrypted copy of the first key is valid.
8. The system of claim 7 , wherein the at least one manufacturing variation results from integrated circuit fabrication of the processing device.
9. The system of claim 7 , wherein the nonvolatile memory includes at least one anti-fuse.
10. The system of claim 7 , wherein the hardware cipher component comprises an encryption and decryption component.
11. The system of claim 7 , the processing device further comprising:
at least one internal interconnect, wherein the PUF circuit, the nonvolatile memory, the hardware cipher component, and the fixed logic circuitry are coupled together the by the at least one internal interconnect.
12. The system of claim 7 , wherein the processing device is coupled to a second processing device by at least one external interconnect.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/628,386 US20170288869A1 (en) | 2011-12-29 | 2017-06-20 | Secure key storage using physically unclonable functions |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/US2011/067881 WO2013101085A1 (en) | 2011-12-29 | 2011-12-29 | Secure key storage using physically unclonable functions |
US201413996544A | 2014-03-17 | 2014-03-17 | |
US15/399,568 US10284368B2 (en) | 2011-12-29 | 2017-01-05 | Secure key storage |
US15/628,386 US20170288869A1 (en) | 2011-12-29 | 2017-06-20 | Secure key storage using physically unclonable functions |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/399,568 Continuation US10284368B2 (en) | 2011-12-29 | 2017-01-05 | Secure key storage |
Publications (1)
Publication Number | Publication Date |
---|---|
US20170288869A1 true US20170288869A1 (en) | 2017-10-05 |
Family
ID=48698321
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/996,544 Active US9544141B2 (en) | 2011-12-29 | 2011-12-29 | Secure key storage using physically unclonable functions |
US15/399,568 Active US10284368B2 (en) | 2011-12-29 | 2017-01-05 | Secure key storage |
US15/628,386 Abandoned US20170288869A1 (en) | 2011-12-29 | 2017-06-20 | Secure key storage using physically unclonable functions |
Family Applications Before (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/996,544 Active US9544141B2 (en) | 2011-12-29 | 2011-12-29 | Secure key storage using physically unclonable functions |
US15/399,568 Active US10284368B2 (en) | 2011-12-29 | 2017-01-05 | Secure key storage |
Country Status (4)
Country | Link |
---|---|
US (3) | US9544141B2 (en) |
CN (2) | CN107612685A (en) |
TW (1) | TWI483139B (en) |
WO (1) | WO2013101085A1 (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110020556A (en) * | 2018-01-10 | 2019-07-16 | 力旺电子股份有限公司 | Using physics can not reproduction technology tangle and fetch system |
EP3512156A1 (en) * | 2018-01-10 | 2019-07-17 | eMemory Technology Inc. | Entanglement and recall system using physically unclonable function technology |
US10985914B2 (en) * | 2017-03-07 | 2021-04-20 | Fujitsu Limited | Key generation device and key generation method |
EP4047587A1 (en) * | 2021-02-22 | 2022-08-24 | HENSOLDT Sensors GmbH | Chip device and method for a randomized logic encryption |
EP4060537A1 (en) * | 2021-03-17 | 2022-09-21 | Secure Thingz Limited | A method and system for securely provisioning electronic devices |
TWI809852B (en) * | 2021-05-03 | 2023-07-21 | 銓安智慧科技股份有限公司 | Integrated circuit module functioning for information security |
Families Citing this family (51)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107612685A (en) | 2011-12-29 | 2018-01-19 | 英特尔公司 | Use the secure key storage of physically unclonable function |
US20140006806A1 (en) * | 2012-06-23 | 2014-01-02 | Pomian & Corella, Llc | Effective data protection for mobile devices |
KR101332517B1 (en) * | 2012-08-21 | 2013-11-22 | 한양대학교 산학협력단 | Apparatus and method for processing authentication information |
US9742563B2 (en) | 2012-09-28 | 2017-08-22 | Intel Corporation | Secure provisioning of secret keys during integrated circuit manufacturing |
US8928347B2 (en) | 2012-09-28 | 2015-01-06 | Intel Corporation | Integrated circuits having accessible and inaccessible physically unclonable functions |
JP6030925B2 (en) * | 2012-11-12 | 2016-11-24 | ルネサスエレクトロニクス株式会社 | Semiconductor device and information processing system |
US9165163B2 (en) * | 2012-11-30 | 2015-10-20 | Broadcom Corporation | Secure delivery of processing code |
US8938792B2 (en) | 2012-12-28 | 2015-01-20 | Intel Corporation | Device authentication using a physically unclonable functions based key generation system |
US10984116B2 (en) | 2013-04-15 | 2021-04-20 | Calamu Technologies Corporation | Systems and methods for digital currency or crypto currency storage in a multi-vendor cloud environment |
US9225512B1 (en) * | 2013-05-01 | 2015-12-29 | Xilinx, Inc. | Encryption and decryption using a physically unclonable function |
US20150143130A1 (en) * | 2013-11-18 | 2015-05-21 | Vixs Systems Inc. | Integrated circuit provisioning using physical unclonable function |
WO2015148659A1 (en) * | 2014-03-25 | 2015-10-01 | Mai Kenneth Wei-An | Methods for generating reliable responses in physical unclonable functions (pufs) and methods for designing strong pufs |
TWI506469B (en) * | 2014-07-31 | 2015-11-01 | Elitegroup Computer Sys Co Ltd | Data security method, electronic device and external storage device |
US9614669B1 (en) * | 2014-11-17 | 2017-04-04 | Q-Net Security, Inc. | Secure network communications using hardware security barriers |
US9674162B1 (en) | 2015-03-13 | 2017-06-06 | Amazon Technologies, Inc. | Updating encrypted cryptographic key pair |
US9893885B1 (en) | 2015-03-13 | 2018-02-13 | Amazon Technologies, Inc. | Updating cryptographic key pair |
US9479340B1 (en) | 2015-03-30 | 2016-10-25 | Amazon Technologies, Inc. | Controlling use of encryption keys |
US10003467B1 (en) | 2015-03-30 | 2018-06-19 | Amazon Technologies, Inc. | Controlling digital certificate use |
WO2016207945A1 (en) * | 2015-06-22 | 2016-12-29 | 三菱電機株式会社 | Authenticity determination device, authenticity determination system, and authenticity determination method |
WO2017021254A1 (en) * | 2015-08-06 | 2017-02-09 | Intrinsic Id B.V | Cryptographic device having physical unclonable function |
US9953167B2 (en) * | 2015-10-12 | 2018-04-24 | Microsoft Technology Licensing, Llc | Trusted platforms using minimal hardware resources |
US20170126414A1 (en) * | 2015-10-28 | 2017-05-04 | Texas Instruments Incorporated | Database-less authentication with physically unclonable functions |
US10032521B2 (en) * | 2016-01-08 | 2018-07-24 | Synopsys, Inc. | PUF value generation using an anti-fuse memory array |
US10476680B2 (en) | 2016-02-03 | 2019-11-12 | Ememory Technology Inc. | Electronic device with self-protection and anti-cloning capabilities and related method |
BR112018068378A2 (en) * | 2016-03-14 | 2019-01-15 | Arris Entpr Llc | cable modem anti-cloning |
WO2018031342A1 (en) * | 2016-08-02 | 2018-02-15 | Paul Lewis | Jurisdiction independent data storage in a multi-vendor cloud environment |
US20180102908A1 (en) * | 2016-10-11 | 2018-04-12 | Tyfone, Inc. | Fine grain reconfigurable building block for ic protection and obfuscation |
US10223531B2 (en) * | 2016-12-30 | 2019-03-05 | Google Llc | Secure device state apparatus and method and lifecycle management |
CN108538880B (en) * | 2017-03-02 | 2020-11-10 | 旺宏电子股份有限公司 | Semiconductor element and device having the same |
US11354390B2 (en) * | 2017-06-04 | 2022-06-07 | Apple Inc. | Biometric authentication with user input |
US10643006B2 (en) * | 2017-06-14 | 2020-05-05 | International Business Machines Corporation | Semiconductor chip including integrated security circuit |
CN109286495B (en) * | 2017-07-21 | 2022-03-01 | 展讯通信(上海)有限公司 | DCP public key protection method and device and HDCP equipment |
CN109286488B (en) * | 2017-07-21 | 2021-09-21 | 展讯通信(上海)有限公司 | HDCP key protection method |
US10649735B2 (en) * | 2017-09-12 | 2020-05-12 | Ememory Technology Inc. | Security system with entropy bits |
US10915464B2 (en) | 2017-09-12 | 2021-02-09 | Ememory Technology Inc. | Security system using random number bit string |
CN107911215B (en) * | 2017-11-21 | 2020-09-29 | 中国银行股份有限公司 | HSM key verification method and device |
KR102432451B1 (en) * | 2018-01-10 | 2022-08-12 | 삼성전자주식회사 | Semiconductor device and method for operating semiconductor device |
US10839872B2 (en) * | 2018-07-03 | 2020-11-17 | Ememory Technology Inc. | Random bit cell using an initial state of a latch to generate a random bit |
US10528754B1 (en) | 2018-10-09 | 2020-01-07 | Q-Net Security, Inc. | Enhanced securing of data at rest |
US11216575B2 (en) | 2018-10-09 | 2022-01-04 | Q-Net Security, Inc. | Enhanced securing and secured processing of data at rest |
US11991297B2 (en) | 2018-10-17 | 2024-05-21 | Nokia Solutions And Networks Oy | Secure cryptoprocessor |
TWI758697B (en) * | 2019-03-22 | 2022-03-21 | 旺宏電子股份有限公司 | Integrated circuit, memory circuit, and method for operating integrated circuit |
CN111783919A (en) * | 2019-04-04 | 2020-10-16 | 利盟国际有限公司 | Physically unclonable function for security in bank cards or identity cards |
NL2022902B1 (en) * | 2019-04-09 | 2020-10-20 | Univ Delft Tech | Integrated circuit device for loT applications |
US11121884B2 (en) * | 2019-06-10 | 2021-09-14 | PUFsecurity Corporation | Electronic system capable of self-certification |
MX2022002973A (en) * | 2019-09-10 | 2022-04-01 | Lexmark Int Inc | Cryptoanchor reader. |
US11768611B2 (en) | 2020-04-02 | 2023-09-26 | Axiado Corporation | Secure boot of a processing chip |
US11663472B2 (en) | 2020-06-29 | 2023-05-30 | Google Llc | Deep neural network processing for a user equipment-coordination set |
US20220103354A1 (en) * | 2020-09-25 | 2022-03-31 | Renesas Electronics Corporation | Secure encryption key generation and management in open and secure processor environments |
US11480613B2 (en) * | 2020-12-18 | 2022-10-25 | Arm Limited | Method and/or system for testing devices in non-secured environment |
TWI827465B (en) * | 2023-02-13 | 2023-12-21 | 國立臺灣科技大學 | Paired encryption-decryption method |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030177401A1 (en) * | 2002-03-14 | 2003-09-18 | International Business Machines Corporation | System and method for using a unique identifier for encryption key derivation |
US7134025B1 (en) * | 2002-03-29 | 2006-11-07 | Xilinx, Inc. | Methods and circuits for preventing the overwriting of memory frames in programmable logic devices |
US20090224323A1 (en) * | 2008-03-06 | 2009-09-10 | Xilinx, Inc. | Integrated circuit with mosfet fuse element |
Family Cites Families (65)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5799080A (en) | 1995-07-13 | 1998-08-25 | Lsi Logic Corporation | Semiconductor chip having identification/encryption code |
US6760119B1 (en) | 1999-05-25 | 2004-07-06 | Silverbrook Research Pty Ltd | Relay device |
US6823454B1 (en) | 1999-11-08 | 2004-11-23 | International Business Machines Corporation | Using device certificates to authenticate servers before automatic address assignment |
US20020129261A1 (en) * | 2001-03-08 | 2002-09-12 | Cromer Daryl Carvis | Apparatus and method for encrypting and decrypting data recorded on portable cryptographic tokens |
US7310821B2 (en) | 2001-08-27 | 2007-12-18 | Dphi Acquisitions, Inc. | Host certification method and system |
US7840803B2 (en) | 2002-04-16 | 2010-11-23 | Massachusetts Institute Of Technology | Authentication of integrated circuits |
TW588243B (en) | 2002-07-31 | 2004-05-21 | Trek 2000 Int Ltd | System and method for authentication |
US7475254B2 (en) * | 2003-06-19 | 2009-01-06 | International Business Machines Corporation | Method for authenticating software using protected master key |
US7949877B2 (en) | 2003-06-30 | 2011-05-24 | Realnetworks, Inc. | Rights enforcement and usage reporting on a client device |
US20050039016A1 (en) | 2003-08-12 | 2005-02-17 | Selim Aissi | Method for using trusted, hardware-based identity credentials in runtime package signature to secure mobile communications and high-value transaction execution |
US7533276B2 (en) | 2003-08-26 | 2009-05-12 | Panasonic Corporation | Program execution device |
US8028164B2 (en) * | 2004-03-19 | 2011-09-27 | Nokia Corporation | Practical and secure storage encryption |
GB0413034D0 (en) * | 2004-06-10 | 2004-07-14 | Scient Generics Ltd | Secure workflow engine |
US20080106605A1 (en) | 2004-10-18 | 2008-05-08 | Koninklijke Philips Electronics, N.V. | Secure Sensor Chip |
US7813507B2 (en) | 2005-04-21 | 2010-10-12 | Intel Corporation | Method and system for creating random cryptographic keys in hardware |
CN101263503A (en) | 2005-09-14 | 2008-09-10 | 皇家飞利浦电子股份有限公司 | Improved device, system and method for determining authenticity of an item |
US8660964B2 (en) * | 2006-06-30 | 2014-02-25 | Hewlett-Packard Development Company, L.P. | Secure device licensing |
US8364975B2 (en) | 2006-12-29 | 2013-01-29 | Intel Corporation | Methods and apparatus for protecting data |
US9244863B2 (en) * | 2007-02-05 | 2016-01-26 | Intel Deutschland Gmbh | Computing device, with data protection |
US8290150B2 (en) * | 2007-05-11 | 2012-10-16 | Validity Sensors, Inc. | Method and system for electronically securing an electronic device using physically unclonable functions |
US9214183B2 (en) | 2007-06-12 | 2015-12-15 | Nxp B.V. | Secure storage |
US8472620B2 (en) | 2007-06-15 | 2013-06-25 | Sony Corporation | Generation of device dependent RSA key |
US8661552B2 (en) * | 2007-06-28 | 2014-02-25 | Microsoft Corporation | Provisioning a computing system for digital rights management |
EP2191410B1 (en) | 2007-08-22 | 2014-10-08 | Intrinsic ID B.V. | Identification of devices using physically unclonable functions |
CN101542496B (en) * | 2007-09-19 | 2012-09-05 | 美国威诚股份有限公司 | Authentication with physical unclonable functions |
US20090080659A1 (en) * | 2007-09-21 | 2009-03-26 | Texas Instruments Incorporated | Systems and methods for hardware key encryption |
US8966660B2 (en) * | 2008-08-07 | 2015-02-24 | William Marsh Rice University | Methods and systems of digital rights management for integrated circuits |
US9183357B2 (en) | 2008-09-24 | 2015-11-10 | Panasonic Intellectual Property Management Co., Ltd. | Recording/reproducing system, recording medium device, and recording/reproducing device |
CN102165458B (en) | 2008-09-26 | 2015-05-27 | 皇家飞利浦电子股份有限公司 | Authenticating a device and a user |
US7761714B2 (en) | 2008-10-02 | 2010-07-20 | Infineon Technologies Ag | Integrated circuit and method for preventing an unauthorized access to a digital value |
US8683210B2 (en) | 2008-11-21 | 2014-03-25 | Verayo, Inc. | Non-networked RFID-PUF authentication |
JP5423088B2 (en) | 2009-03-25 | 2014-02-19 | ソニー株式会社 | Integrated circuit, encryption communication device, encryption communication system, information processing method, and encryption communication method |
US8379856B2 (en) | 2009-06-17 | 2013-02-19 | Empire Technology Development Llc | Hardware based cryptography |
US8370787B2 (en) | 2009-08-25 | 2013-02-05 | Empire Technology Development Llc | Testing security of mapping functions |
US8387071B2 (en) | 2009-08-28 | 2013-02-26 | Empire Technology Development, Llc | Controlling integrated circuits including remote activation or deactivation |
WO2011048126A1 (en) | 2009-10-21 | 2011-04-28 | Intrinsic Id B.V. | Distribution system and method for distributing digital information |
US8402401B2 (en) | 2009-11-09 | 2013-03-19 | Case Western University | Protection of intellectual property cores through a design flow |
US20110154501A1 (en) | 2009-12-23 | 2011-06-23 | Banginwar Rajesh P | Hardware attestation techniques |
KR101727130B1 (en) | 2010-01-20 | 2017-04-14 | 인트린직 아이디 비브이 | Device and method for obtaining a cryptographic key |
US8458489B2 (en) | 2010-03-25 | 2013-06-04 | Empire Technology Development Llc | Differential uncloneable variability-based cryptography |
US20110299678A1 (en) * | 2010-06-07 | 2011-12-08 | Alexander Roger Deas | Secure means for generating a specific key from unrelated parameters |
KR101852115B1 (en) | 2010-10-04 | 2018-04-25 | 인트린직 아이디 비브이 | Physical unclonable function with improved start―up behavior |
US8694778B2 (en) | 2010-11-19 | 2014-04-08 | Nxp B.V. | Enrollment of physically unclonable functions |
KR20120056018A (en) | 2010-11-24 | 2012-06-01 | 삼성전자주식회사 | Semiconductor device with cross-shaped bumps and test pads arrangement |
US20120137137A1 (en) | 2010-11-30 | 2012-05-31 | Brickell Ernest F | Method and apparatus for key provisioning of hardware devices |
US8386990B1 (en) | 2010-12-07 | 2013-02-26 | Xilinx, Inc. | Unique identifier derived from an intrinsic characteristic of an integrated circuit |
JP5225412B2 (en) | 2011-03-03 | 2013-07-03 | 株式会社東芝 | Communication apparatus and communication method |
WO2012122994A1 (en) | 2011-03-11 | 2012-09-20 | Kreft Heinz | Off-line transfer of electronic tokens between peer-devices |
US20130141137A1 (en) | 2011-06-01 | 2013-06-06 | ISC8 Inc. | Stacked Physically Uncloneable Function Sense and Respond Module |
EP2680485B1 (en) | 2011-06-02 | 2016-04-06 | Mitsubishi Electric Corporation | Key information generation device and key information generation method |
JP2013031151A (en) | 2011-06-20 | 2013-02-07 | Renesas Electronics Corp | Encryption communication system and encryption communication method |
JP5770026B2 (en) | 2011-06-20 | 2015-08-26 | ルネサスエレクトロニクス株式会社 | Semiconductor device |
DE102011079259B9 (en) | 2011-07-15 | 2013-11-28 | Infineon Technologies Ag | Bit error correction for eliminating age-related errors in a bit pattern |
CN102393890B (en) | 2011-10-09 | 2014-07-16 | 广州大学 | Crypto chip system for resisting physical invasion and side-channel attack and implementation method thereof |
US8700916B2 (en) | 2011-12-02 | 2014-04-15 | Cisco Technology, Inc. | Utilizing physically unclonable functions to derive device specific keying material for protection of information |
US20130147511A1 (en) | 2011-12-07 | 2013-06-13 | Patrick Koeberl | Offline Device Authentication and Anti-Counterfeiting Using Physically Unclonable Functions |
CN107612685A (en) | 2011-12-29 | 2018-01-19 | 英特尔公司 | Use the secure key storage of physically unclonable function |
US8525549B1 (en) | 2012-02-23 | 2013-09-03 | International Business Machines Corporation | Physical unclonable function cell and array |
US8750502B2 (en) | 2012-03-22 | 2014-06-10 | Purdue Research Foundation | System on chip and method for cryptography using a physically unclonable function |
US10079678B2 (en) | 2012-07-24 | 2018-09-18 | Intel Corporation | Providing access to encrypted data |
US9742563B2 (en) | 2012-09-28 | 2017-08-22 | Intel Corporation | Secure provisioning of secret keys during integrated circuit manufacturing |
US8928347B2 (en) | 2012-09-28 | 2015-01-06 | Intel Corporation | Integrated circuits having accessible and inaccessible physically unclonable functions |
US8954735B2 (en) | 2012-09-28 | 2015-02-10 | Intel Corporation | Device, method, and system for secure trust anchor provisioning and protection using tamper-resistant hardware |
US8938792B2 (en) | 2012-12-28 | 2015-01-20 | Intel Corporation | Device authentication using a physically unclonable functions based key generation system |
US9391617B2 (en) | 2013-03-15 | 2016-07-12 | Intel Corporation | Hardware-embedded key based on random variations of a stress-hardened inegrated circuit |
-
2011
- 2011-12-29 CN CN201710494807.9A patent/CN107612685A/en active Pending
- 2011-12-29 CN CN201180076155.8A patent/CN104025500B/en active Active
- 2011-12-29 WO PCT/US2011/067881 patent/WO2013101085A1/en active Application Filing
- 2011-12-29 US US13/996,544 patent/US9544141B2/en active Active
-
2012
- 2012-12-25 TW TW101149778A patent/TWI483139B/en active
-
2017
- 2017-01-05 US US15/399,568 patent/US10284368B2/en active Active
- 2017-06-20 US US15/628,386 patent/US20170288869A1/en not_active Abandoned
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030177401A1 (en) * | 2002-03-14 | 2003-09-18 | International Business Machines Corporation | System and method for using a unique identifier for encryption key derivation |
US7134025B1 (en) * | 2002-03-29 | 2006-11-07 | Xilinx, Inc. | Methods and circuits for preventing the overwriting of memory frames in programmable logic devices |
US20090224323A1 (en) * | 2008-03-06 | 2009-09-10 | Xilinx, Inc. | Integrated circuit with mosfet fuse element |
Non-Patent Citations (1)
Title |
---|
Physical Uncloneable Functions for Device Authentication and Secret Key Generation. G. Edward Suh and Srinivas Devadas. DAC 2007, June 408, 2007, San Diego, California, USA. 6 pages. Provided by applicants in parent application 13/996544. * |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10985914B2 (en) * | 2017-03-07 | 2021-04-20 | Fujitsu Limited | Key generation device and key generation method |
CN110020556A (en) * | 2018-01-10 | 2019-07-16 | 力旺电子股份有限公司 | Using physics can not reproduction technology tangle and fetch system |
EP3512156A1 (en) * | 2018-01-10 | 2019-07-17 | eMemory Technology Inc. | Entanglement and recall system using physically unclonable function technology |
US11050575B2 (en) | 2018-01-10 | 2021-06-29 | Ememory Technology Inc. | Entanglement and recall system using physically unclonable function technology |
EP4047587A1 (en) * | 2021-02-22 | 2022-08-24 | HENSOLDT Sensors GmbH | Chip device and method for a randomized logic encryption |
EP4060537A1 (en) * | 2021-03-17 | 2022-09-21 | Secure Thingz Limited | A method and system for securely provisioning electronic devices |
WO2022194469A1 (en) * | 2021-03-17 | 2022-09-22 | Secure Thingz Ltd. | A method and system for securely provisioning electronic devices |
TWI809852B (en) * | 2021-05-03 | 2023-07-21 | 銓安智慧科技股份有限公司 | Integrated circuit module functioning for information security |
Also Published As
Publication number | Publication date |
---|---|
CN104025500B (en) | 2017-07-25 |
CN107612685A (en) | 2018-01-19 |
US10284368B2 (en) | 2019-05-07 |
WO2013101085A1 (en) | 2013-07-04 |
US9544141B2 (en) | 2017-01-10 |
US20170126405A1 (en) | 2017-05-04 |
TWI483139B (en) | 2015-05-01 |
US20140201540A1 (en) | 2014-07-17 |
TW201346618A (en) | 2013-11-16 |
CN104025500A (en) | 2014-09-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10284368B2 (en) | Secure key storage | |
EP3454318B1 (en) | Security system with entropy bits generated by a puf | |
US9847872B2 (en) | Memory integrity | |
US10205747B2 (en) | Protection for computing systems from revoked system updates | |
TW201926112A (en) | Communication system and method for operating a communication system | |
TWI631462B (en) | Computing system and computing device-implemented method to secure on-board bus transactions and non-transitory computer readable storage medium | |
CN110659506A (en) | Replay protection of memory based on key refresh | |
JP2006107274A (en) | Hash function operation system, encryption system and unauthorized analysis/tampering prevention system | |
US20200235910A1 (en) | Lightweight mitigation against first-order probing side-channel attacks on block ciphers | |
US20140173294A1 (en) | Techniques for emulating an eeprom device | |
TWI474257B (en) | Microprocessor, method of protection and method of revoking first password | |
CN112256357B (en) | Data protection system, method and computer readable medium | |
US20210232688A1 (en) | Determine whether to perform action on computing device based on analysis of endorsement information of a security co-processor | |
CN109891425A (en) | Sequence verification | |
US9069988B2 (en) | Detecting key corruption | |
CN111222138A (en) | Algorithm checking method, algorithm right confirming method and device | |
JP2011175464A (en) | Apparatus and method for processing information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |