WO1991019067A1 - Electronic key integrated circuit - Google Patents

Electronic key integrated circuit Download PDF

Info

Publication number
WO1991019067A1
WO1991019067A1 PCT/US1991/003376 US9103376W WO9119067A1 WO 1991019067 A1 WO1991019067 A1 WO 1991019067A1 US 9103376 W US9103376 W US 9103376W WO 9119067 A1 WO9119067 A1 WO 9119067A1
Authority
WO
Grant status
Application
Patent type
Prior art keywords
data
connected
password
memory
integrated circuit
Prior art date
Application number
PCT/US1991/003376
Other languages
French (fr)
Inventor
Robert D. Lee
Stephen M. Curry
Scott J. Curry
Michael L. Bolan
Original Assignee
Dallas Semiconductor Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Classifications

    • HELECTRICITY
    • H01BASIC ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES; ELECTRIC SOLID STATE DEVICES NOT OTHERWISE PROVIDED FOR
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/58Structural electrical arrangements for semiconductor devices not otherwise provided for, e.g. in combination with batteries
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/03Arrangements for converting the position or the displacement of a member into a coded form
    • G06F3/033Pointing devices displaced or positioned by the user, e.g. mice, trackballs, pens or joysticks; Accessories therefor
    • G06F3/038Control and interface arrangements therefor, e.g. drivers or device-embedded control circuitry
    • G06F3/0383Signal control means within the pointing device
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0487Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser
    • G06F3/0489Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using dedicated keyboard keys or combinations thereof
    • G06F3/04897Special input arrangements or commands for improving display capability
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06KRECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/0013Methods or arrangements for sensing record carriers, e.g. for reading patterns by galvanic contacts, e.g. card connectors for ISO-7816 compliant smart cards or memory cards, e.g. SD card readers
    • G06K7/0021Methods or arrangements for sensing record carriers, e.g. for reading patterns by galvanic contacts, e.g. card connectors for ISO-7816 compliant smart cards or memory cards, e.g. SD card readers for reading/sensing record carriers having surface contacts
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C5/00Details of stores covered by G11C11/00
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C5/00Details of stores covered by G11C11/00
    • G11C5/06Arrangements for interconnecting storage elements electrically, e.g. by wiring
    • G11C5/066Means for reducing external access-lines for a semiconductor memory clip, e.g. by multiplexing at least address and data signals
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C7/00Arrangements for writing information into, or reading information out from, a digital store
    • G11C7/24Memory cell safety or protection circuits, e.g. arrangements for preventing inadvertent reading or writing; Status cells; Test cells
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C8/00Arrangements for selecting an address in a digital store
    • G11C8/20Address safety or protection circuits, i.e. arrangements for preventing unauthorised or accidental access
    • HELECTRICITY
    • H01BASIC ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES; ELECTRIC SOLID STATE DEVICES NOT OTHERWISE PROVIDED FOR
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/0001Technical content checked by a classifier
    • H01L2924/0002Not covered by any one of groups H01L24/00, H01L24/00 and H01L2224/00
    • HELECTRICITY
    • H01BASIC ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES; ELECTRIC SOLID STATE DEVICES NOT OTHERWISE PROVIDED FOR
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/30Technical effects
    • H01L2924/301Electrical effects
    • H01L2924/3011Impedance

Abstract

An electronic key integrated circuit which includes independently addressable partitions of secure memory. Each of these partitions can function as a separate ''subkey''. Each of the subkeys is independently password-protected. In addition to the secure subkey memory partitions, the integrated circuit also contains a read/write ''scratchpad'' memory, which is the same size as each of the subkeys. After data has been written into the scratchpad (and verified if desired), it can be copied, as a block, onto one of the subkey partitions. However, to perform such a block move the password of the target subkey must also be specified.

Description

Electronic Key Integrated Circuit

International Patent Application of Dallas Semiconductor Corporation

Attorney's Docket No. DSC-303PCT

BACKGROUND OF THE INVENTION The present invention relates to electronic keys, and to low-power integrated circuits having secure memory therein.

Electronic Keys

An electronic key is a circuit which performs the function of a key, using stored information instead of shaped metal. In order to fulfill this function, an electronic key should preferably provide two kinds of concealment: the data in the key's secure memory should be concealed, and the password which permits access to the key's secure memory should also be concealed.

Electronic keys are used primarily to provide access to secure electronic data upon receipt of a valid password and to prohibit such access if an invalid password is received. One such application is the use of an electronic key hardware module in conjunction with commercially available software. The electronic key module is attached to the computer operating the software in a manner to allow the software to access the electronic key, and the software is programmed with an algorithm to verify that the module is attached to the computer. Thus, while the software is easily copied, the electronic key hardware module is not; and the software cannot, therefore, be simultaneously used in several computers. It may happen that a would-be counterfeiter can easily gain access to a sample legitimate key. If a copier could simply read the stored code in a key, the copier could easily make counterfeit keys to reproduce this code.

Therefore, keys are commonly password-protected: the key will not give out its secure data until it receives the proper password.

If the counterfeiter can simply run all possible passwords into the chip inputs, eventually he will hit upon the correct one. To some extent, this tactic can be countered simply by using a sufficiently long password.1 However, for many applications this is still insufficiently secure: in some cases, a counterfeiter may be able to connect a digital monitoring circuit in parallel with the electronic key port, so that he can listen in on a transaction between a legitimate key and the legitimate software which is talking to that key. To reduce the vulnerability to this type of assault, software is often designed to perform multiple accesses to the key, and to present the key with a number of false passwords as well as the real password. The key contains a random number generator, which generates garbage data, in the same format as the real data in the secure memory, when a false password is received. (See US Patents 4,810,975 and 4,855,690, which are both hereby incorporated by reference.) Thus, a would-be counterfeiter will see a number of passwords being issued (including the correct one), and will see a variety of data fields being returned (including the correct one). In many cases a counterfeiter cannot easily tell which data is the correct data, so there is still some weakness here. However, such systems still have a weakness: if a true random number generator is used, and if a false password is submitted twice, the data returned will be different each time. Thus, a counterfeiter can identify the correct password by submitting each password twice.

ϊor example, with a 32-bit password, even if the required hold time is a full millisecond, all passwords can be cycled through within a few weeks. By contrast, with a 64-bit password, an exhaustive search would take 58,000 years, even if one password could be checked every 100 nanoseconds. An electronic key may have to withstand harsh environments (such as users' pockets), and is therefore packaged to provide a high degree of physical robustness. Similarly, it is desirable to maximize the immunity of electronic keys to electrostatic discharge.2 Electronic keys, and related circuits, have found use in a wide variety of applications.

However, electronic keys present some unusual difficulties in design.

There is always some risk that an intruder may obtain a key and attempt to "crack" it, to gain free access to the system which is supposed to be protected. Thus, although perfect security may not be possible, the design must provide as much security as is economically possible.

Although many demonstrations and uses of electronic keys have occurred (since at least the 1960s), electronic keys never became common until well into the 1980s.

Battery-Backed Integrated Circuits Compact batteries are increasingly used inside integrated circuit packages or in very small modules, to provide nonvolatile data retention. In such packages and modules, the availability of battery backup can be used to ensure that power outages or power-line noise cannot cause loss of data (including configuration data). For example, modern semiconductor technology has provided solid-state memories with such low standby power requirements that a single coin-sized battery can power the memory for ten years of lifetime or more. Such memories are already commercially available.

In a battery-backed module, the module will typically go into a quiescent or "sleep" state when it senses that the system power supply has been lost. The battery is used to maintain the integrity of memory (or of logic). However, output operations, which can consume substantial amounts of battery power, are typically suspended at this time.

The very rapid progress of integrated circuit complexity generally, and

^ee US Application No. 345,144, Filed 4/28/89, entitled "Integrated Circuit Protected Against Negative Transients" (DSC-153), which is hereby incorporated by reference. the general use of CMOS processing, have permitted a huge increase in the functionality which can be included in a very compact portable system. However, power supply capabilities have not advanced as rapidly. Battery technology has provided a relatively slow increase in the amount of energy which can be stored per unit weight (or per unit volume). Thus, in order to provide complex functionality in a small portable module, a very high degree of power efficiency has become an enabling technology.

Battery-Operated Integrated Circuits

As power efficiencies have advanced, some integrated circuits have been designed to make use of power from a microbattery as the primary power source, and not merely as an alternative to system power. Some examples of such integrated circuits are described in the parent applications.

Low-Power Memories Conventional CMOS static memories have developed to the point where their standby power consumption is extremely small. The low power consumption of CMOS is extremely advantageous in a wide variety of environments, and is one of the reasons why CMOS logic has become very widely used for a wide variety of digital circuits. Low power consumption is not only advantageous where the total drain on system power supply must be conserved (as, for example, in applications where the power is being supplied from a battery), but also implies that the power dissipation on-chip will be less. This can be important in a wide variety of applications where a very high density is required.

In a conventional CMOS SRAM, six transistors are used in each cell. Four of these transistors form a latch (i.e. a pair of cross-coupled inverters), which has two data nodes with opposite logic states. Each node is connected to ground through an NMOS driver transistor. The driver transistor which connects each node to ground has its gate connected to the opposite data node so that, when one data node goes high, it will pull the opposite data node low by turning on its driver transistor. Similarly, each node is connected, through a PMOS pull-up transistor, to the high supply voltage VDD (which is typically 5 volts). Again, the data nodes are connected to control the pull-up transistors of the opposite data node, so that, when one of the data nodes goes low, it will turn on the pull-up transistor of the opposite node, so that the opposite node is held high. In addition, two pass transistors (normally NMOS transistors) selectively connect the two data nodes to a pair of bit lines. (The gates of the pass transistors are connected to a word line, so that the cell nodes will be connected to the bit line pair only if the word line goes high.) Such a 6- transistor cell will hold its logic state indefinitely (as long as the supply voltages are maintained and no transient upset occurs). Moreover, while such a cell is simply holding data, it has almost zero power consumption, since each of the nodes will be disconnected from one of the two power supply voltages. Thus no current flows, except for the very small currents caused by junction leakage. (Currents do flow when read or write operations are occurring, and therefore the power consumption of an active cell is much higher.) However, even higher power efficiencies would be useful. Many system designs have begun to make use of the low standby power consumption of CMOS memory, to provide nonvolatile memory by attaching a very small battery. For example, many personal computers contain a battery-backed clock/calendar, which continues to keep time and date information when the computer is switched off. Many portable applications have also begun to use significant amounts of memory. In such applications, battery lifetime is one of the key performance parameters, from the end-user's point of view. If an integrated circuit which is sold for use in such systems turns out to consume more power than specified, so that the system batteries are exhausted early, this could be very unwelcome to the end-user. A further important class of applications is in packaging an integrated circuit, which includes some memory functions, together with a very small battery. The power supplied by the battery is used to preserve the data in memory while the system power supply is turned off. Thus, this arrangement permits the full advantages of nonvolatile memory to be achieved, without incurring the penalties of high-voltage circuitry and slow write time (as in EPROM or EEPROM floating-gate technology).

Address Remapping

In the type of computer systems known as "virtual memory" systems, the range of addresses which can be specified is much larger than the amount of physical memory which is actually present. The software can access data by specifying a logical address, without ever having to find out what physical address the logical address corresponds to. (Of course, the translation of logical address to physical address must be done consistently from one access to another.) Thus, at each memory access, the logical address specified by software must be translated into a physical memory address, which can be used for actually selecting RAM chips (or other memory devices). A wide variety of circuits have long been used for translating logical addresses into physical memory addresses.

SUMMARY OF THE INVENTION

The present application sets forth several novel points. Some novel teachings will now be summarized, but this does not imply that other novel teachings are not present.

Power Conservation in Low-Power Memory

An obvious and predictable source of power loss in memories is the leakage currents which inevitably exist. However, in modern CMOS architectures, this loss has been reduced to a very low level. The present application discloses innovations which focus on a different source of power loss. These innovations provide a novel way to reduce charge-pumping energy consumption in some cases.

Whenever a circuit node is charged up, energy must be drawn (directly or indirectly) from the battery (or other power supply).3 This "charge- pumping" energy consumption is uncontrollable in some cases: for example, when a memory is being read, it must expend a certain minimum energy for each line being driven to a high state.

Multifunctional Electronic Key The present application discloses a novel multifunctional electronic key, which can replace several different keys. The architecture of this multifunctional key contains several safeguards which provide operational flexibility with increased security.

The electronic key integrated circuit of the presently preferred embodiment includes three independently addressable partitions of secure memory. Each of these three partitions can function as a separate "subkey." Each of the subkeys is independently password-protected.

In addition to the secure subkey memory partitions, the integrated circuit also contains a read/write "scratchpad" memory, which is the same size as each of the subkeys. After data has been written into the scratchpad (and verified if desired), it can be copied, as a block, onto one of the subkey partitions. However, to perform such a block move the password of the target subkey must also be specified.

Note that the three subkeys may be designed to interface with three different host systems, or to provide three different enable signals to a

3When a node is charged up, the required energy input is at least I/2CL(VΔ)2, where is the line capacitance, and V4 is the voltage rise required to reach a logic "high" state. Physically, this energy is only dissipated when the node is eventually discharged; but for quick analysis, it is permissible to track the charging events rather than the discharging events. In addition, when a node is charged or discharged, energy is dissipated by resistive losses from any parasitic intervening circuit resistance R^.

An even simpler analysis is simply to consider battery lifetime as specified simp'y as a quantity of charge at a rated voltage. This gives a veiy simple model, which is reasonably accurate as long as the currents do not become very large. single host system. If is not even necessary that all the target host systems require the same length data field (as long as the longest data field requirement is not greater than the subkey's data field size).

The block move operations, in the presently preferred embodiment, do not require actual read and write operations in the memory array. Instead, pointer values in a lookup RAM translate the logical addresses into physical addresses. Thus, a block move can be performed merely by revising a few bits in the translation register.

Low-Power Chip with Selectable Battery-Backed and Battery-Run Modes The present application discloses a novel integrated circuit which can be operated EITHER in a battery-backed mode OR in a battery-operated mode. This is acomplished without any necessity for bond options, mask alteration, laser writing, or fuse blowing.

The integrated circuit of the presently preferred embodiment has one pin BAT for battery input, and another pin VCCI for connection to a system power supply. Two PMOS switches are provided to connect one of these two pins to an on-chip power supply VDD under appropriate conditions.

In addition, the disclosed integrated circuit has a third pin which can alternatively be used for battery input. In the presently preferred embodiment this is the VCCO pin, which otherwise provides a nonvolatized power output (e.g. to maintain data in SRAMs) from the same source as the on-chip power supply; but alternatively a different pin could be used if desired. The logic which controls the PMOS switches ensures that they will not turn on if their respective power inputs are low. The VCCI input powers the comparator, so that, if VCCI is below the minimum threshold voltage for a "high" logic level, the output of the comparator will necessarily be low (even if the BAT input is even lower than VCCI), and thus VCCI will not be connected to VDD under these circumstances. The BAT input is separately tested by an input gate to ensure that it is above the the minimum threshold voltage for a "high" logic level; if not, the BAT input will not be connected to VDD, even if the BAT input is higher than VCCI. Thus, if both BAT and VCCI are low, neither of these pins will be connected to the on-chip power line VDD. Of course, if no pins of the chip were powered, the chip would all reach a floating potential, and would be inactive. However, if the third pin (VCCO, in the presently preferred embodiment) is connected to a battery, the chip can still be powered up. (In this case the chip will operate permanently in the battery operated mode.)

Battery-Backed Mode

In the Battery Backed mode, the PSWCH circuit constantly monitors the relative voltage levels present on the VCCI and BAT pins. As long as VCCI is higher than BAT, the comparator outputs a logic 1 which enables the large p-channel pass gate allowing the VCCI level to propagate onto VDD (chip supply) and forces PF (Power Fail) to a logic 0. In this configuration the part is fully enabled and communication is possible through the CLK, DQ, and RST\ pins. When VCCI falls below BAT (such as when a key is withdrawn from a socket) the comparator's output falls to a logic 0. This in turn shuts off the large p-channel pass transistor on VCCI, enables the large p-channel pass transistor on BAT (thereby passing the BAT level through to VDD), and forces PF to a high level. In this configuration, chip power is maintained by BAT (and, thus, data is retained), but the PF signal disables the CLK, DQ, and RST\ inputs, preventing user access. Also, the comparator is completely powered down, preventing an unnecessary drain on the battery due to comparator bias currents. Battery-Operated Mode

In the Battery Operate mode, the VCCI and BAT inputs are tied low. The battery supply is then attached to the VCCO pin (which, in the presently preferred embodiment, is tied directly to the VDD bus internally). In this arrangement the comparator is powered down, both large p-channel pass transistors are disabled, and the PF signal is locked low allowing continuous user access through either the one-wire or three-wire port.

Comparator Power Burn

Another advantage of this integrated circuit is that, when the chip is connected to operate in battery-operated mode, the comparator does not draw current.

Module Versatility

A particular advantage of this integrated -circuit is that it can readily be used to configure various types of nonvolatile modules.

Electronic Key with Repeatable False Data

The present application also discloses a novel electronic key which includes a deterministic pseudo-random number generator. If the correct password is received, the contents of a secure memory will be outputted by the electronic key. However, if an incorrect password is received, that password will be used as a seed value for the pseudo-random number generator, and the resulting value will be outputted. Since the pseudo¬ random number generator is deterministic, each false password will always result in the same data output.

If a copier exercises the key through all possible passwords, the incorrect passwords, as well as the correct password, will result in the same output data every time it is tried. If a truly random output resulted from a false password, the output would be different every time it was enabled, even if the same false password was submitted twice. In this deterministic arrangement, however, the "random" data is "seeded" by the password sent in by the user. As such, if a given invalid password is written to the part twice, the "random" data output by the part will be the same each time. In fact, every possible 64-bit password combination has a unique "random" data sequence associated with it. Thus, the fact that the "random" data is deterministic adds to the security of the part.

Low-Power Secure Memory with Block Move Operations

The present application also discloses a low-power memory (preferably a secure memory) in which block move operations (memory-to-memory transfers) are performed without extensive write operations. A special translation register holds a set of pointers which (iin combination with the associated translation logic) affect the address decoding. By changing the values in this register, the logical addresses of the physical SRAM cell locations in the memory array (or arrays) to be changed without performing any write operations in the array. This avoids the charge consumption which would otherwise be required for charging and discharging bitlines as the memory cells are read and written to.

The chip of the preferred embodiment includes a scratchpad memory as well as multiple secure memories (multiple "subkeys"). The Scratch Pad is organized into eight blocks of eight bytes each. In order to prevent accidental moving and erasure of the wrong data, the nine 64-bit Block Selector Codes were chosen such that there is a minimum 32-bit difference between any two code words. The Move Block command is designed to place a block of data which has been previously written to the Scratch Pad directly into the corresponding block location within a secure subkey, or to replace the entire contents of a secure subkey partition (including the ID and Password fields) with the entire contents of the Scratch Pad. For security purposes, the user must issue the correct Password of the subkey which is to receive the data from the Scratch Pad, and after a block has been moved from the Scratch Pad to the secure subkey, the portion of the Scratch Pad in question is erased. This implies that the data which was replaced in the secure subkey is erased and the new data can only be accessed through the subkey. In the presently preferred embodiment, each block of memory corresponds to one row of cells in the memory array. This is particularly convenient, since all bits in a block will normally be read at mroe or less the same time, and therefore the word line for a selected block can simply be held high while the block is read. Again, this reduces charge consumption.

Hardware Pointer-Checking Circuit

The integrated circuit of the presently preferred embodiment provides reduced power consumption, by the use of remappable memory-block- allocation pointers. Normally, one logical pointer will point to one physical block of memory cells, and each block of memory cells will be pointed to by a unique logical pointer.

However, this arrangement is subject to some risk: if the pointer assignments ever become scrambled, then it might be possible for some blocks to be pointed to by no pointers, or by two or more pointers. Data in a physical block of memory which was not pointed to (did not have a logical address) could be lost (even though the data was still present in the latches of the memory cells it was written into). In a physical block of memory which was pointed to by two or more pointers, data errors would occur.

Another of the inventive teachings set forth herein provides a hardware check circuit, which continuously monitors the full set of pointers to ensure internal consistency. Thus, if the set of pointers ever becomes scrambled (e.g. due to an interrupted write or an electrostatic spike), the hardware check circuit will detect this, and generate a reset signal which sends the memory back to its default state.

In the integrated circuit of the presently preferred embodiment, the Lookup RAM contains the pointers which keep track of successive Block Move memory swaps. Because of the structure of the memory in the DS1205 (four partitions of 512 bits each; each partition divided into eight blocks [rows] of 64 bits each) the Lookup RAM is divided into eight blocks, each of which points to four rows - each row corresponding to one of the subkeys or the Scratch Pad. So, for example, Block 0 of the Lookup RAM contains four pointers, each one of which points to Block (Row) 0 of a subkey or the Scratch Pad. When the part is initialized (battery attach) these pointers are aligned as follows: 00 - Subkey 0 01 - Subkey 1

10 - Subkey 2

11 - Scratch Pad

When a Move Block command is issued, the actual RAM does not change its physical location. Rather, the pointers associated with the specified block simply exchange addresses within the appropriate block of Lookup RAM. For example, if a Move Block command is issued and Block 0 of subkey 1 is specified, then the above addresses for Lookup RAM Block 0 would read:

00 - Subkey 0 01 - Scratch Pad

10 - Subkey 2

11 - Subkey 1

Since each pointer address corresponds to a row (64 bits) of RAM, it is imperative that there be no address redundancies within a given block of

Lookup RAM as a redundancy would imply that one row is not being addressed at all. Therefore it was necessary -to include within each of the eight blocks of Lookup RAM a circuit which would monitor the states of the pointers and guarantee uniqueness of the four addresses. This circuit is shown in Figure 23C. It consists of an array of p-channel devices which forces a reset condition upon detection of an illegal, or redundant, state.

This reset signal re-initializes the pointer addresses only of the Lookup

RAM block in question to their power-up state. This series of events will rearrange the user data between the subkeys (assuming any Move Block commands have been issued), but it will allow user access to the entire RAM, whereas one or more rows might have been rendered inaccessible had the redundancy been allowed.

Interfacing an Electronic Key to a Standard Personal Computer

The present application also sets forth a new and more convenient way to connect an electronic key to a personal computer.

A male-female jumper adapter is used to interpose an electronic key interface into a personal computer's printer port. The adapter of the preferred embodiment is externally similar to the DS1255 keyring described above, but the electrical interface is different. The elctrical interface exploits the novel one-wire bus definition, described in Serial No. 352,581 (DSC-83) and in other parent applications cited above. This interface is slower than a three-wire serial interface, but has the great advantage that it can be sandwiched into the standard printer port without disrupting printer function in any respect. Among the innovative teachings disclosed herein is an electronic key device, comprising: a memory; a pseudo-random number generator, connected to receive a seed value and to output a number which is strictly dependent on the seed value, but which is a nonlinear and non-monotonic function of the seed value; external connections for receiving a password, and external connections for outputting data; a digital comparator, connected to compare a received password with a stored value, and accordingly: to enable output of data from the memory, IF the password does match the stored value; or alternatively to enable output of data from the pseudo-random number generator, IF the password does not match the stored value; the random number generator being connected to receive the password and to use the password as a seed value.

Among the innovative teachings disclosed herein is an integrated circuit, comprising: at least one memory array containing multiple low- power memory cells arranged in rows and columns; a command decoder, connected to decode commands requesting access to the memory array, wherein the command decoder includes a translation register whose state defines a one-to-one correspondence between each respective block of logical memory addresses and a respective block of cells of the array, and wherein the command decoder translates access requests, in accordance with the state of the translation register, to provide a block select output; an address decoder, connected to receive the block select output, and accordingly to select ones of the rows and columns of the cells to access the selected block of the cells.

Among the innovative teachings disclosed herein is an integrated circuit, comprising: at least one memory array containing multiple low- power memory cells arranged in rows and columns; a command decoder, connected to decode commands requesting access to the memory array, wherein the command decoder includes a translation register whose state defines a one-to-one correspondence between each respective block of logical memory addresses and a respective block of cells of the array, and wherein the command decoder also includes hardware verification logic which monitors the integrity of the translation register, and, if the translation register at any time ceases to define a one-to-one correspondence between logical memory addresses and physical blocks of cells, the hardware verification logic forces a reset of the translation register, and wherein the command decoder translates access requests, in accordance with the state of the translation register, to provide a block select output; an address decoder, connected to receive the block select output, and accordingly to select ones of the rows and columns of the cells to access the selected block of the cells.

Among the innovative teachings disclosed herein is an integrated circuit secure memory, comprising: at least one memory array containing multiple low-power memory cells arranged in rows and columns; a command decoder, connected to decode commands requesting access to the memory array, wherein the command decoder includes a translation register whose state defines a one-to-one correspondence between each respective block of logical memory addresses and a respective block of cells of the array, and wherein the command decoder translates access requests, in accordance with the state of the translation register, to provide a block select output; and wherein the command decoder checks password portions of the access requests, and provides the block select output only if the password portion is correct; an address decoder, connected to receive the block select output, and accordingly to serially select ones of the cells in sequence, to access the selected block of the cells. Among the innovative teachings disclosed herein is an integrated circuit electronic key, comprising: at least one memory array containing multiple low-power memory cells arranged in rows and columns; a command decoder, connected to decode commands requesting access to the memory array, wherein the command decoder includes a translation register whose state defines a one-to-one correspondence between each respective block of logical memory addresses and a respective block of cells of the array, and wherein the command decoder translates access requests, in accordance with the state of the translation register, to provide a block select output; an address decoder, connected to receive the block select output, and accordingly to select ones of the rows and columns of the cells to access the selected block of the cells; wherein the command and address decoders translate access requests in such a pattern that, at any given time, multiple partitions of the array are assigned as secure memories, which are only accessible with the correct password, and at least one partition of the array is assigned as scratchpad memory, which is accessible without password protection; and wherein one of the access requests which the command decoder can recognize is a block move request, and in response thereto the translation register is altered to effect the requested block move, but only if the block move request is accompanied by the correct password for any secure memory portion which would be altered by the requested block move.

Among the innovative teachings disclosed herein is an integrated circuit, comprising: first, second and third power input terminals; the first input terminal being operatively connected to supply power to an on-chip power supply line; a ground terminal, for connection to ground; a comparator, having a negative input thereof operatively connected to the second terminal, and having a positive input thereof and a power supply input thereof operatively connected to the third terminal, the comparator being configured to provide a high logic output if the third terminal is at a higher voltage than the second terminal while the comparator is being powered; a first power switch, configured to connect the third terminal to the on-chip power supply line IF the output of the comparator is at a high logic state; a second power switch, configured to connect the second terminal to the on-chip power supply line IF the output of the comparator is at a low logic state AND the voltage at the second terminal is at least a high logic level; whereby, if the integrated circuit is later combined with a battery attached to the second or third terminal, and a system power supply attached to the other of the second and third terminals, the chip will operate in a battery-backed mode; and if both the second and third terminals are grounded, the integrated circuit will operate in a battery- operated mode, if the first terminal is powered up.

Among the innovative teachings disclosed herein is an electronic key device, comprising: complementary male and female multipin connecters in a common housing, the male and female connectors being mutually complementary, and interconnected at substantially all corresponding pins thereof, and physically and electrically compatible with a standard connector and port definition; and an electronic key having a first terminal connected to a first pin of the connectors, and a second terminal connected to a second pin of the connectors, the first terminal being internally connected within the key to provide a one-wire signal interface.

BRIEF DESCRIPTION OF THE DRAWING

The present invention will be described with reference to the accompanying drawings, which show important sample embodiments of the invention and which are incorporated in the specification hereof by reference, wherein:

Figure 1 schematically shows the writing of a command word to the electronic key chip of the presently preferred embodiment. Figure 2 shows the field organization of the 24-bit command word, in the presently preferred embodiment. Figure 3 illustrates the subkey codes used in the presently preferred embodiment.

Figure 4 shows the data organization of the multiple subkeys of the electronic key chip of the presently preferred embodiment. Figure 5 shows the sequence of operations when a Set Password command is received, in the electronic key chip of the presently preferred embodiment.

Figure 6 shows the sequence of operations when a Set Secure Data command is received, in the electronic key chip of the presently preferred embodiment.

Figure 7 shows the sequence of operations when a Get Secure Data command is received, in the electronic key chip of the presently preferred embodiment.

Figure 8 shows the sequence of operations when a Set Scratchpad Data command is received, in the electronic key chip of the presently preferred embodiment.

Figure 9 shows the sequence of operations when a Get Scratchpad Data command is received, in the electronic key chip of the presently preferred embodiment. Figures 10—12 show the format and significance of a Move Block command, in the electronic key chip of the presently preferred embodiment.

Figure 13 shows the timing of a Write One time slot on the one-wire bus, in the presently preferred embodiment. Figure 14 shows the timing of a Write Zero time slot on the one-wire bus, in the presently preferred embodiment.

Figure 15 shows the timing of a Read time slot on the one-wire bus, in the presently preferred embodiment.

Figure 16 shows the timing of reset pulse operations, on the one-wire bus, in the presently preferred embodiment.

Figure 17 shows the timing of the presence-detect operations (in relation to the reset), on the one-wire bus, in the presently preferred embodiment. Figures 18 and 19 show the timing of data transfers on the three-wire bus, in the presently preferred embodiment.

Figure 20 shows the overall layout of the chip of the presently preferred embodiment. Figure 21 shows the preferred package of the chip of the presently preferred embodiment.

Figures 22A-22D show circuitry which is essentially the same as that used, in the presently preferred embodiment, for decoding command words and also for pseudo-random number generation. Figures 23A-23C show the circuitry used, in the presently preferred embodiment, for holding block pointer assignments and for checking that the block pointers are mutually consistent.

Figure 24 shows the circuitry used for selection of the power supply input, in the presently preferred embodiment. Figures 25A and 25B are two parts of a single Figure which shows the one-wire-to-three-wire conversion circuit used, in the presently preferred embodiment, in the integrated circuit of Figure 20.

Figure 26 shows the external appearance of the printer port adapter+key module of the presently preferred embodiment. Figure 27 shows the circuit components actually used in the presently preferred embodiment of the adapter/key module of Figure 26.

Figure 28 shows the timing relations preferably used to permit the host computer to communicate with one or more electronic keys, whose timing characteristics may vary over a wide range of uncertainty.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

The numerous innovative teachings of the present application will be described with particular reference to the presently preferred embodiment. However, it should be understood that this class of embodiments provides only a few examples of the many advantageous uses of the innovative teachings herein. In general, statements made in the specification of the present application do not necessarily delimit any of the various claimed inventions. Moreover, some statements may apply to some inventive features but not to others.

Overall Description of the Sample Embodiment

The DS1205 MultiKey is an enhanced version of the DS1204U Electronic Key which has both a standard 3-wire interface, data, clock, and reset, and a 1-wire "touch" interface. The DS 1205 MultiKey has three secure read/write subkeys which are each 384 bits in length. In addition, there is a 512-bit readAvrite scratchpad which can be used as a non-secure data area or as a holding register for data transfer to one of the three subkeys. Each subkey within the part is uniquely addressable.

Operation

The writing of a command word to the DS1205 MultiKey specifies the operation to be performed and the subkey to be operated on. There are two classes of operations available for the DS1205 MultiKey. These are operations which access one of the three secure readAvrite subkeys and operations which access the readAvrite scratchpad (Figure 1).

Command Word The 24-bit command word is grouped into three fields of eight bits each. These byte-sized fields specify the subkey which is to be accessed, the starting byte address for the data transfer operation, and the type of command to be performed. The starting byte address and the subkey identifier fields are required to be given in both true and complement form. If these values do not match, the access to the part will be terminated (Figure 2).

The first byte of the command word is made up of the complement of the 2-bit subkey code, identifying which subkey is being accessed, and the complement of the 6-bit address field, which specifies the starting byte address of the given subkey to be accessed. The second byte of the command word consists of the 2-bit subkey code and the 6-bit starting byte address. The third byte of the command word is the 8-bit function code which defines which of the six commands is to be executed. Each command is subkey- and address-specific and, as such, each command precludes the use of certain subkey codes and starting address locations. Figure 3 illustrates the subkey codes, starting address locations, and function codes that are valid for each of the six command operations.

Secure Subkey Commands Each secure subkey within the DS1205 MultiKey is comprised of a

64-bit ID field, a 64-bit password field, and a 384-bit secured data field (Figure 4). The three commands which operate on the secure subkeys are as follows:

1) Set password 2) Set secure data

3) Get secure data

Set Password

The Set Password command is used to enter data into the I.D. field and the password field of the selected subkey. Upon recognition of the correct I.D., the DS1205 MultiKey will erase the entire contents of the selected subkey and proceed to rewrite the 64-bit I.D. field and the 64-bit password field. The flow sequence is shown in Figure 5. Set Secure Data

The Set Secure Data command is used to enter data into the selected subkey. The first 64 bits of the data stream will be a read of the I.D. field from the selected subkey. The next 64 bits of the data stream must contain the password for the selected subkey. If the received password does not match the password field for the selected subkey, the DS1205 MultiKey will terminate the transaction immediately. The flow sequence is shown in Figure 6.

Get Secure Data The Get Secure Data command is used to retrieve secured data from the selected subkey. The 64-bit LD. field of the selected subkey must be read by the host. The password for the selected subkey must then be transmitted to the DS1205 MultiKey immediately after the command word. If the received password fails to match the password field for the selected subkey, the DS1205 MultiKey will output randomly generated data instead of the secured data. The flow sequence is shown in Figure 7.

Scratchpad ReadAyrite Commands

The 512-bit Read/Write Scratchpad of the DS1205 MultiKey is not password-protected and is accessible beginning at any byte boundary. The scratchpad can be used to store unsecured data or it can be used to build up a data structure which can be verified and then transferred to a secure subkey. The three commands which operate on the read write scratchpad are as follows:

1) Set scratchpad data 2) Get scratchpad data

3) Move block

Set Scratchpad Data

The Set Scratchpad Data command is used to enter data into the

DS1205 MultiKey scratchpad. The command word must specify the starting byte address for the data transfer. Valid byte addresses are 0 through 63. The DS1205 MultiKey will write data to the scratchpad until byte 63 has been written or until the RST\ line goes to a logic low level. The flow sequence is shown in Figure 8.

Get Scratchpad Data The Get Scratchpad data command is used to retrieve data from the

512-bit scratchpad. The command word must specify the starting byte address for the data retrieval. Valid byte addresses are 0 through 63. The DS1205 MultiKey will retrieve data from the scratchpad until byte 63 has been read or the RST\ line goes to a logic low level. The flow sequence is shown in Figure 9.

Move Block

The Move Block command is used to transfer data, which has been previously entered into the scratchpad and verified, to one of the three secure subkeys. Data can be transferred as one large block of 512 bits or it can be transferred in blocks of 64 bits each (Figure 10). There are nine valid block selectors which are used to specify which block or blocks are to be transferred (Figure 11). As a further precaution against accidental erasure of a secure subkey, the 64-bit password of the destination subkey must be entered and match the destination subkey. If the passwords fail to match, the operation is terminated. The flow sequence is shown in Figure 12.

1-wire Interface

When The "touch" interface is used, all communications to and from the DS1205 MultiKey are accomplished via a single interface lead. Data is read and written through the use of time slots to manipulate bits and a command word to specify the transaction.

Write Time Slots

A write time slot is initiated when the host pulls the data line from a high logic level to a low logic level. There are two types of write time slots: Write One time slots and Write Zero time slots. All write time slots must be a minimum of 60uS and a maximum of 120uS in duration. There is a minimum of a luS valid access recovery time between time slots.

For the host to generate a Write One time slot, the data line must be pulled to a logic low level and then released, allowing the data line to pull up to a high level within 15uS after the start of the write time slot (see Figure 13).

For the host to generate a Write Zero time slot, the data line must be pulled to a logic low level and remain low for the duration of the write time slot (see Figure 14).

Read Time Slots

The host generates read time slots when data is to be read from the 1-wire interface. A read time slot is initiated when the host pulls the data line from a logic high level to a logic low level. The data line must remain at a low logic level for a minimum of luS and a maximum of 15uS. This maximum time of 15uS includes the time required for the data line to pull up to a high level after it is released. The state of the 1-wire data line must be read by the host within 15 uS after the start of the read time slot. After this time, the state of the data is not guaranteed (see Figure 15). All read time slots must be a minimum of 60uS in duration with a minimum of a luS valid access recovery time between individual read time slots.

1-wire Protocol

The 1-wire protocol can be viewed as having three distinct layers. These layers are the Presence Detect layer, the Reset layer, and the Command layer.

Presence Detect

The presence detect layer is used to signal to a host device that a new device has been attached to the 1-wire port. The 1-wire port from the host remains at a logic high level during quiescent times between read and write time slots. This high time must be present for a minimum of 15uS before 25 the new device can assert a presence detect signal. The presence detect signal will be a logic low level asserted by the newly attached device which remains low for a maximum of 240uS and is then released (see Figure 16). This low logic level can be detected by the host and used as an interrupt condition for the host processor.

Device Reset

The Reset layer is used to reset the attached 1-wire devices. This allows the host to place the 1-wire device or devices into a known state at any time. The reset signal consists of a logic low level asserted by the host for a minimum of 480uS. After this, the host must release the 1-wire signal line and allow it to rise to a logic high level. This high logic level must be maintained by the host for a minimum of 480uS before any data can be exchanged. During this logic high time, any device present on the 1-wire signal line will assert its presence- detect waveform.

1- Wire Commands

There are four commands which can be issued by the host on the 1-wire port. These are:

1) [33 hex] read ROM data

2) [55 hex] match ROM data 3) [F0 hex] search ROM data

4) [CC hex] pass-through mode

Read ROM Data

Upon recognition of the command word [33 hex], the DS1205 is ready to respond to the next eight read time slots with the Type Identifier number. This number is a hexadecimal 02 and is unique to the DS1205 part. After receipt by the host of the Type Identifier number, the DS1205 is ready to output the unique 48-bit serial number contained within the device. The host must issue 48 read time slots to retrieve this number. Following the 48-bit serial number is an eight-bit Cyclic Redundancy Check (CRC) value. This CRC value has been calculated over the Type Identifier and Serial Number, 56 bits total, using the following polynomial:

p(x) = x2 + x3, assuming xO = > LSB

This calculated value is then lasered into the part at the time of manufacture. To read the CRC value, the host must issue eight additional read time slots.

Match ROM Data

The Match ROM data command is used as a device select when multiple 1-wire devices are connected to a single bus. This command allows the host to address any one of the multiple 1-wire devices on an individual basis. To do a Match ROM data command, the host must issue the command [55 hex] to the device with eight write time slots. Following the command byte, the host must write the desired device's Type Identifier, serial number, and CRC byte. If all of these values match the data stored internally in the ROM, the DS1205 can now be accessed using the standard DS1205 commands and protocol. If any of the bit values transmitted by the host fail to match the ROM data pattern, the access will be terminated. To return from a pattern fail condition, the host must issue a Reset command:

j Type ID J 48-bit Serial Number } CRC j transmit >

Search ROM Data

The Search ROM data command allows the host 1-wire device to poll efficiently to determine the unique ROM address of all devices on the 1-wire bus. In this mode, each of the bits of the ROM data requires three time slots on the 1-wire bus. The first two time slots are read time slots in which the DS1205 transmits back to the host the value of the ROM bit followed by its complement. The third time slot is a write time slot in which the host supplies its desired value for the ROM bit. The DS1205 then compares the desired value with the actual ROM bit. If they disagree, the DS1205 will go to a high impedance state until a RESET is issued by the host. If the bits agree, the DS1205 increments its internal counter to point to the next bit in the ROM data and then repeats the same set of three time slots for the next bit. If all bits of the ROM are matched correctly, the host may access the DS1205 with the standard command structure for the part.

Example of a ROM search

The following example of the ROM search process assumes two different DS1205s are connected to the same 1-wire bus. The ROM data of the two DS1205s begins as shown:

ROM0- 00110101...

ROM1- 00010001...

The search process is as follows:

1) The host begins by resetting all devices present on the 1-wire bus.

2) The host will then issue the Search ROM Data command on the 1-wire bus.

3) The host executes two read time slots and receives a zero bit followed by a one bit. This indicates that all devices still coupled have zero as their first ROM bit.

4) The host executes a write zero time slot as the third slot in the set of three. This action keeps ROM2 and ROM1 coupled.

5) The host executes two read time slots and receives a zero bit followed by a one bit. This indicates that all devices still coupled (ROM2 and ROM1) have a zero as their second ROM bit. 6) The host will executes a write zero time slot as the third time slot to keep ROM2 and ROM1 coupled.

7) The host executes two read time slots and receives two zero bits. This indicates that both one bits and zero bits exist as the third bit of the ROM LD.'s of the devices coupled.

8) The host executes a write zero time slot as the third bit. This decouples ROM2, leaving only ROM1 still coupled.

9) The host reads the remainder of the ROM bits for ROM1 using three time slots for each bit. After this, the host can communicate to the underlying logic, if desired. This completes the first ROM I.D. search pass, in which one of the devices was found.

10) The host starts a new ROM search sequence by repeating steps 1 through 7 above.

11) The host supplies a write one time slot as the third bit. This decouples ROM1, leaving only ROM2 still connected.

12) The host reads the remainder of the ROM I.D. bits for ROM2 and communicates with the underlying logic, if desired.

If more devices are present on the 1-wire, the same structure as presented above will be used to determine the uniqure ROM I.D. of each attached device. As soon as multiple devices are detected, a series of writes will be used to disable that branch in the search path.

Note the following: The host learns the unique address (ROM data pattern) of one 1-wire device on each ROM SEARCH operation. The time required to derive the part's unique address is: 960 uS + [ 8 + 3 X 61uS] X 61uS = 13.16mS

The host is therefore capable of identifying 75 different 1-wire devices per second.

Additionally, the data obtained from the two read time slots of each set of three time slots have the following interpretations:

00 - There are still devices attached which have conflicting bits in this position.

01 - All devices still coupled have a zero bit in this bit position.

10 - All devices still coupled have a one bit in this bit position.

11 - There are no devices attached to the 1-wire bus. (This is an error condition).

Pass-thru Mode

The Pass-Thru command is used to allow a host connected to the 1-wire bus to gain access to the DS1205 directly. It can be used only when there is one DS1205 on the 1-wire bus. This command bypasses the serial number internal to the DS1205 and allows the host to directly control the DS1205 with the DS1205 commands and protocol.

3-Wire Bus

The 3-wire bus is comprised of three signals. These are the RST\ (reset) signal, the CLK (clock) signal, and the DQ (data) signal. All data transfers are initiated by driving the RST\ input high. The RST\ signal provides a method of terminating a data transfer. A clock cycle is a sequence of a falling edge followed by a rising edge. For data inputs, the data must be valid during the rising edge of a clock cycle. Command bits and data bits are input on the rising edge of the clock and data bits are output on the falling edge of the clock. All data transfers terminate if the RST\ is low and the DQ pin goes to a high impedance state. When data transfers to the DS1205 are terminated by the RST\ signal going low, the transition of the RSTλ going low must occur during a high level of the CLK signal. Failure to ensure that the CLK signal is high will result in the corruption of the last bit transferred. Data transfers are illustrated in Figures 18 and 19 for normal modes of operation.

l-Wire/3-Wire Arbitration

The DS1205 can utilize both the 1-wire and the 3-wire busses simultaneously. Neither input bus has priority over the other. Instead, if both inputs are being used, the signal arriving first will take precedence. More simply, if the 1-wire interface becomes active before the 3-wire interface, all communications will take place on the 1-wire bus. The 3-wire bus will be ignored in this case. The same condition occurs for the 1-wire interface if the 3-wire interface becomes active first.

Thus, some significant features of the presently preferred embodiment - not all of which are claimed to be separately novel - include the following: Four addressable readAvrite data partitions; .Three secure readAvrite data partitions of 384 bits each; One non-secure read/write data partition of 512 bits; Secure data cannot be deciphered by reverse engineering; Supports a hierarchical privilege system; Partitioned memory thwarts pirating; 64-bit password and I.D. fields provide a barrier against accidental key erasure; Maximum data transfer rate of 2 million bits/second; Low-power CMOS circuitry; 3-wire bus-compatible; 1-wire "touch" bus-compatible; Applications include software authorization, proprietary data, financial transactions, secure personnel areas, and systems access control. Preferred Package

The preferred packaging embodiment is an 8-pin SOIC package, as shown in Figure 21. However, of course, a wide variety of other package types can be used instead if desired.

Chip Layout

Figure 20 shows the overall layout of the chip of the presently preferred embodiment.

At the center of the chip is a low-power memory array 2030. In the presently preferred embodiment, this is an array of 32 rows by 64 columns of conventional 6-transistor full-CMOS SRAM cells.

The column decoder logic 2034 is conventional (for a serially accessed RAM). However, the row decoder logic 2032 includes memory I/O circuits, and specifically a lookup RAM, which provides remapping of memory blocks as described more fully below. Power control circuitry 2010 is shown more fully in Figure 24, and is discussed below.

One-wire interface circuitry 2020 provides translation from the one-wire interface protocol to a standard 3-wire interface, and is shown more fully in Figures 25A and 25B. The move-block decoder and random number generator circuitry 2040 are shown more fully in Figures 25A and 25B, and are discussed in detail below.

The control logic 2050 contains a shift register, and decode logic, for decoding a functional command word (such as "Get Secure Data" or "Set Secure Data"). Thus, control logic 2050 and timing circuits 2052 are essentially the same as are commonly used in any chip accessed by a serial port.

If the functional command word is "Move Block," then a further specifier must be transmitted to specify which block is to be moved. This further specifier is decoded by a different shift register, in the move block decoder 2040, described below in detail. This same shift register in the move block decoder 2040 is also used for repeatable pseudo-random number generation, as will be described below.

Specific Circuitry

Some significant features of circuitry in the chip of the presently preferred embodiment will now be described in further detail.

Pseudo-Random Number Generation

Figures 22A through 22D show the circuitry which provides pseudo¬ random number generation.

A chain of D-flops 2210 provides a basic shift register structure. However, note that the connection is occasionally broken by an XOR gate

2220, which combines the propagating logic state with an input from the feedforward line B or the feedback line A. These flip-flops have slightly larger output drivers than normal, in order to drive the decoding logic.

Line B is a feedforward line, which carries forward a state from an early stage for combination into various other nodes along the chain. Line

A is a feedback line, which carries back a* state from a later stage for combination into various other nodes along the chain.

However, note that the feedforward and feedback lines are only enabled when signal EN_RND_DATA ("enable random data") is active. When the EN_RND_DATA signal is not active, the combination of gates 2230 provides a simple combinatorial decoder. This combinatorial logic provides decoding of the block specifier which is used in a block move operation. The 9 possible block destinations are indicated by BLOCK_0, BLOCK_l, etc., and XFER_ALL (which indicates that the entire scratchpad is to be copied to the target subkey).

Thus, the structure shown has a double purpose: when a comparator

(not shown) detects a password mismatch, the line EN_RND_DATA is activated to send out garbage. If line EN_RND_DATA is not activated, this shift register structure can operate as a decoder to determine block address. Note that, if the decoding structure shown detects a mismatch between the specified value and the target subkey's password, signal MBINVB goes active.

When scrambled data is clocked out of the structure shown, it appears on line RND_DAT_OUT. A multiplexer (not shown) selects this data stream for output if needed.

The structure shown differs from the actual manufactured embodiment of the DS1205 chip in two respects. First, in .the structure shown the XOR gates 2220 have been reconfigured. The structure shown will work perfectly well, and disclosure of the actual manufactured structure would jeopardize the security of that structure.

Secondly, in the structure shown, an input signal SCRMBL enables operation of the random number generator whenever a Get Secure Data operation is requested. Thus, if scrambling is required, the shift registers already contain scrambled data when data output is requested. By contrast, in the actual manufactured embodiment, the EN_RND_DATA signal is not enabled until after all 64 bits have been read in, and the preceding comparator indicates whether a mismatch is present. Either version will work perfectly well, but the version pictured is believed to be slightly preferable.

Block Assignment Pointer Management

Figures 23A through 23C show details of the translation register and associated logic.

Figure 23A generally shows a key portion of the translation register. The logic shown is replicated 8 times (once for each segment of the key). For example, the register set for block 3 contains the row address for subkeys 0, 1, and 2, and the scratch pad.

When a move block command is specified, these registers will simply swap addresses between the scratchpad registers and the registers associated with the selected key. Figure 23B shows output multiplexing logic associated with the circuitry of Figure 23A. This circuitry multiplexes the address for the selected subkey onto predecoded row lines MSB and LSB.

Figure 23C is the illegal state detect circuit. This is an array of pairs of PMOS devices, wired to detect any redundant state in the registers of

Figure 23A. If any such state is detected, signal LKUP_RST is driven active (high), to force the registers of Figure 23A to a predetermined default state.

Memory Array The memory array itself, in the presently preferred embodiment, is an entirely conventional structure of 6-transistor full-CMOS SRAM cells.

Power Source Selection

Figure 24 shows the circuitry used, in the presently preferred embodiment, for power source selection. Input VCCI is filtered by resistor 2401A and capacitor 2402A. Input

BAT is filtered by resistor 2401B and capacitor 2402B. Comparator 2410 compares the filtered versions of the two inputs BAT and VCCI. When powered up, this comparator will provide a high output if VCCI exceeds

BAT. If the comparator 2410 provides a high output, inverter 2412 will drive a low level onto the gate of large PMOS switching transistor 2420A, which connects VCCI directly to VDD.

However, note that this comparator is powered from input VCCI, not from the on-chip power supply VDD. Thus, if VCCI is below the minimum threshold voltage for a "high" logic level, the output of the comparator will necessarily be low (even if the BAT input is even lower than VCCI), and thus VCCI will not be connected to VDD under these circumstances. If the BAT input is higher than VCCI (and is also at least a logic "high" level), then the output of comparator 2410 will be low, and the output of inverter 2412 will be high. This will turn on the large PMOS switching transistor 2420B, IF the other input to NAND gate 2434 is also high. However, note that BAT is also connected directly to the input of inverter 2430. If BAT is not high enough to drive the output of 2430 low, then the output of inverter 2432 will be low, and the output of NAND gate 2434 will necessarily be high. Thus, if BAT is low, the large PMOS switch transistor 2420B will always be turned off, and BAT will never be connected directly to VDD.

Thus, if both BAT and VCCI are low, neither of these pins will be connected to the on-chip power line VDD. Of course, if no pins of the chip were powered, the chip would reach a uniform potential, and would be inactive. However, if the third pin (VCCO, in the presently preferred embodiment) is connected to a battery, the chip can still be powered up. (In this case the chip will operate permanently in the battery operated mode.)

One-Wire Interface Figures 25 A and 25B are two parts of a single Figure which shows the one-wire-to-three-wire conversion circuit used, in the presently preferred embodiment, in the integrated circuit of Figure 20. This circuitry is a fairly straightforward implementation of the logical relationships described, and is pictured here merely for completeness.

Interfacing Keys to a Printer Port

Figure 26 shows the external appearance of the printer port adapter + key module of the presently preferred embodiment. Note that this adapter includes a male DB25 conector on one side, and a female DB25 connector on the other. Thus, this adapter can be left plugged into the printer port of an end-user's computer, and the printer can be plugged into this adapter.

In the particular embodiment shown, the key is permanently sealed inside the adapter. Thus, this embodiment is somewhat inflexible; it is contemplated that it will be more preferable to provide an adapter which includes slots for user insertion of various keys. Figure 27 shows the circuit components actually used in the presently preferred embodiment of the adapter/key module of Figure 26. An electronic key 2700 is connected between line 13 and ground (line 18). (All line numbers reference the standard line number assignments in the industry-standard PC-compatible printer port.) A lkilohm load resistor is connected between line 13 and line 14, and a zener diode (rated at 5.6V, in the presently preferred embodiment) clamps the voltage of line 13. In addition, a first Schottky diode is connected between lines 14 and 13, a first Schottky diode is connected between lines 14 and 13, and another Schottky diode is connected between lines 13 and 18. Thus, when the voltage of line 14 goes down, the Schottky diode 2722 bypasses the resistor 2710, permitting the voltage to fall rapidly.

Thus, in this arrangement, pins 13, 14, and 18 are passed through the adapter, and the extra componenets shown do not prevent these lines from functioning according to their normal signal assignments. However, the host computer can also (by driving line 14 in accordance with the one-wire protocol described above) communicate with an electronic key when desired.

Note that the circuit arrangement shown has the effect of splitting the one-wire bus definition described above. However, correct operation according to the above protocol is still achieved.

Figure 28 shows the timing relations preferably used to permit the host computer to communicate with one or more electronic keys, whose timing characteristics may vary over a wide range of uncertainty. The host computer pulls the signal line low for 480 milliseconds, to poll for the presence of electronic keys. The host brings the line back high before the earliest time in which a key could respond. When a key responds, the host continues to monitor the line: the latest time at which any key is still pulling the line low tells the host what is the speed of the slowest key on the line. Witgh this information, the host can condition the timing of further accesses appropriately: send operations are timed to permit interface with the slowest key present; receive operations are timed to interface with the fastest key present. Further Modifications and Variations

It will be recognized by those skilled in the art that the innovative concepts disclosed in the present application can be applied in a wide variety of contexts. Moreover, the preferred implementation can be modified in a tremendous variety of ways. Accordingly, it should be understood that the modifications and variations suggested below and above are merely illustrative. These examples may help to show some of the scope of the inventive concepts, but these examples do not nearly exhaust the full scope of variations in the disclosed novel concepts. In the presently preferred embodiment, the subkeys can be written either directly or by block transfer from the subkey. However, alternatively, in future embodiments it may be preferable to allow subkeys to be written only by block transfer. This restriction can be used to provide additional security. In the presently preferred embodiment, block transfers may be performed on any single row of the array, or may be performed on one whole partition of the array (8 rows). However, of course, it is alternatively possible to define different block transfer size, or to restrict the block transfer to only one size of block. The presently preferred embodiment is a serial access memory, but the disclosed concepts can also be advantageously applied (although less preferably) to a random access memory.

It should also be noted that the disclosed inventive concepts can also be advantageously applied (although less preferably) to a memory which uses EEPROMS rather than SRAM cells.

As will be recognized by those skilled in the art, the innovative concepts described in the present application can be modified and varied over a tremendous range of applications, and accordingly their scope is not limited except by the allowed claims.

Claims

CLAIMSWhat is claimed is:
1. An integrated circuit electronic key, comprising: at least one memory array containing multiple low-power memory cells; command and address decoders, connected to receive incoming commands requesting access to said memory array, and to translate access requests in such a pattern that, at any given time, multiple partitions of said array are assigned as secure memories, which are read accessible, and at least one partition of said array is assigned as scratchpad memory, which is read/write accessible; and wherein one of the access requests which said decoders can recognize is a block move request, and in response thereto the contents of said scratchpad memory are translated into another portion of said memory, but only if the block move request is accompanied by the correct password.
2. The integrated circuit of Claim 1, wherein said decoders also screen access requests for match with a password.
3. The method system integrated circuit of Claim 1, wherein each of said subkey partitions corresponds to one or more blocks of logical memory addresses.
4. The method system integrated circuit of Claim 1, wherein each of said subkey partitions corresponds to multiple blocks of logical memory addresses.
5. An electronic key device, comprising: a memory; a pseudo-random number generator, connected to receive a seed value and to output a number which is strictly dependent on said seed value, but which is a nonlinear and non-monotonic function of said seed value; external connections for receiving a password, and external connections for outputting data; a digital comparator, connected to compare a received password with a stored value, and accordingly: to enable output of data from said memory, IF said password does match said stored value; or alternatively to enable output of data from said pseudo-random number generator, IF said password does not match said stored value; said random number generator being connected to receive said password and to use said password as a seed value.
6. The device of Claim 5, wherein said password is at least 64 bits in length.
7. The device of Claim 5, wherein said pseudo-random number generator is an IIR filter having both feed-forward and feedback connections.
8. The device of Claim 5, wherein said pseudo-random number generator comprises: a chain of plural multiple-input logic gates, each having a clock input, and at least one data input, and at least one data output; a feedforward bus and a feedback bus; wherein substantially each said gate is connected in either a first configuration or a second configuration, and ones of said gates which are connected in said first configuration have said input thereof connected directly to said output of the preceding one of said gates in said chain, ones of said gates which are connected in said second configuration have said input thereof connected directly to the output a respective XOR gate which has one input thereof connected directly to said output of the preceding one of said gates in said chain, said XOR gate also having another input thereof which is connected either to said feedforward bus or to said feedback bus.
9. An integrated circuit, comprising: at least one memory array containing multiple low-power memory cells arranged in rows and columns; a command decoder, connected to decode commands requesting access to said memory array, wherein said command decoder includes a translation register whose state defines a one-to-one correspondence between each respective block of logical memory addresses and a respective block of cells of said array, and wherein said command decoder also includes hardware verification logic which monitors the integrity of said translation register, and, if said translation register at any time ceases to define a one-to-one correspondence between logical memory addresses and physical blocks of cells, said hardware verification logic forces a reset of said translation register, and wherein said command decoder translates access requests, in accordance with the state of said translation register, to provide a block select output; an address decoder, connected to receive said block select output, and accordingly to select ones of said rows and columns of said cells to access the selected block of said cells.
10. The integrated circuit of Claim 9, wherein said command decoder also screens access requests for match with a password, and further comprising a pseudo-random number generator, which is activated if said command decoder does not detect a match with the password.
11. An integrated circuit, comprising: first, second and third power input terminals; said first input terminal being operatively connected to supply power to an on-chip power supply line; a ground terminal, for connection to ground; a comparator, having a negative input thereof operatively connected to said second terminal, and having a positive input thereof and a power supply input thereof operatively connected to said third terminal, said comparator being configured to provide a high logic output if said third terminal is at a higher voltage than said second terminal while said comparator is being powered; a first power switch, configured to connect said third terminal to said on-chip power supply line IF said output of said comparator is at a high logic state; a second power switch, configured to connect said second terminal to said on-chip power supply line IF said output of said comparator is at a low logic state AND the voltage at said second terminal is at least a high logic level; whereby, if said integrated circuit is later combined with a battery attached to said second or third terminal, and a system power supply attached to the other of said second and third terminals, said chip will operate in a battery-backed mode; and if both said second and third terminals are grounded, said integrated circuit will operate in a battery-operated mode, if said first terminal is powered up.
12. The integrated circuit of Claim 11, wherein said first and second power switches each comprise a P-channel insulated gate field effect transistor.
13. The integrated circuit of Claim 11, wherein said first and second power switches each comprise a P-channel insulated gate field effect transistor with a width to length ratio greater than 2000.
14. The integrated circuit of Claim 11, wherein said negative input of said comparator is connected to said second terminal through an analog filter stage, said positive input of said comparator is connected to said third terminal through an analog filter stage, and
15. The integrated circuit of Claim 11, wherein said positive input of said comparator is connected to said third terminal through an analog filter stage, and said power supply input of said comparator is connected directly to said third terminal without any intervening filter stage.
PCT/US1991/003376 1989-05-15 1991-05-15 Electronic key integrated circuit WO1991019067A1 (en)

Priority Applications (12)

Application Number Priority Date Filing Date Title
US615,608 1984-05-31
PCT/US1990/002891 WO1990014626A1 (en) 1989-05-15 1990-05-15 Systems with data-token/one-wire-bus
USPCT/US90/02891 1990-05-15
US61561590 true 1990-11-19 1990-11-19
US61561890 true 1990-11-19 1990-11-19
US615,618 1990-11-19
US07615606 US5206905A (en) 1989-05-15 1990-11-19 Password protected device using incorrect passwords as seed values for pseudo-random number generator for outputting random data to thwart unauthorized accesses
US07615608 US5226137A (en) 1989-05-15 1990-11-19 Electronic key with multiple password protected sub-keys using address and translation to implement a block data move between public and protected sub-keys
US615,615 1990-11-19
US615,606 1990-11-19
US07631929 US5506991A (en) 1989-05-15 1990-12-19 Printer port adapter with overlaid one-wire interface for electronic key
US631,929 1990-12-19

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US08031776 US6016255A (en) 1990-11-19 1993-03-15 Portable data carrier mounting system
US08365252 US6112275A (en) 1990-05-15 1994-12-28 Method of communicating over a single wire bus between a host device and a module device which measures thermal accumulation over time
US09009666 US6036101A (en) 1990-05-15 1998-01-20 Electronic labeling systems and methods and electronic card systems and methods
US09084516 US6217213B1 (en) 1990-05-15 1998-05-26 Temperature sensing systems and methods
US09291262 US6330977B1 (en) 1989-05-15 1999-04-13 Electronic labeling systems and methods and electronic card systems and methods
US09827825 US20020018513A1 (en) 1990-05-15 2001-04-06 Memory

Related Child Applications (3)

Application Number Title Priority Date Filing Date
US07631929 Continuation-In-Part US5506991A (en) 1989-05-15 1990-12-19 Printer port adapter with overlaid one-wire interface for electronic key
US72579391 Continuation-In-Part 1991-07-09 1991-07-09
US2225893 Continuation-In-Part 1993-02-24 1993-02-24

Publications (1)

Publication Number Publication Date
WO1991019067A1 true true WO1991019067A1 (en) 1991-12-12

Family

ID=27557371

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1991/003376 WO1991019067A1 (en) 1989-05-15 1991-05-15 Electronic key integrated circuit

Country Status (1)

Country Link
WO (1) WO1991019067A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999008234A2 (en) * 1997-08-08 1999-02-18 Elettronica Meccanica Sistemi S.R.L. A method and apparatus for printing marks
EP1085521A1 (en) * 1999-09-17 2001-03-21 Fujitsu Limited Non-volatile semiconductor memory
GB2398658A (en) * 2003-02-18 2004-08-25 Agilent Technologies Inc Implementing a hidden address in a communication module.
GB2405231A (en) * 2003-08-20 2005-02-23 Agilent Technologies Inc Accessing memory over a communications link using an access code

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4683372A (en) * 1984-02-23 1987-07-28 Omron Tateisi Electronics Co. IC card system
US4713555A (en) * 1987-04-08 1987-12-15 Dallas Semiconductor Corporation Battery charging protection circuit
US4742215A (en) * 1986-05-07 1988-05-03 Personal Computer Card Corporation IC card system
US4800590A (en) * 1985-01-14 1989-01-24 Willis E. Higgins Computer key and computer lock system
US4843224A (en) * 1987-06-12 1989-06-27 Oki Electric Industry Co., Ltd. IC card
US4855690A (en) * 1987-08-10 1989-08-08 Dallas Semiconductor Corporation Integrated circuit random number generator using sampled output of variable frequency oscillator
US4862501A (en) * 1985-03-08 1989-08-29 Kabushiki Kaisha Toshiba Communications network using IC cards
US4864542A (en) * 1987-03-16 1989-09-05 Hitachi Maxell, Ltd. Memory cartridge having stored data protecting function and memory protecting method
US4885788A (en) * 1986-02-17 1989-12-05 Hitachi, Ltd. IC card
US4908790A (en) * 1988-03-10 1990-03-13 Dallas Semiconductor Corporation Backup battery switching circuitry for a microcomputer or a microprocessor
US4924075A (en) * 1987-09-30 1990-05-08 Kabushiki Kaisha Toshiba Smart IC card
US4928001A (en) * 1987-03-20 1990-05-22 Mitsubishi Denki Kabushiki Kaisha Secret information preserving system for a multiple issuer IC card
US5010331A (en) * 1988-03-02 1991-04-23 Dallas Semiconductor Corporation Time-key integrated circuit

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4683372A (en) * 1984-02-23 1987-07-28 Omron Tateisi Electronics Co. IC card system
US4800590A (en) * 1985-01-14 1989-01-24 Willis E. Higgins Computer key and computer lock system
US4862501A (en) * 1985-03-08 1989-08-29 Kabushiki Kaisha Toshiba Communications network using IC cards
US4885788A (en) * 1986-02-17 1989-12-05 Hitachi, Ltd. IC card
US4742215A (en) * 1986-05-07 1988-05-03 Personal Computer Card Corporation IC card system
US4864542A (en) * 1987-03-16 1989-09-05 Hitachi Maxell, Ltd. Memory cartridge having stored data protecting function and memory protecting method
US4928001A (en) * 1987-03-20 1990-05-22 Mitsubishi Denki Kabushiki Kaisha Secret information preserving system for a multiple issuer IC card
US4713555A (en) * 1987-04-08 1987-12-15 Dallas Semiconductor Corporation Battery charging protection circuit
US4843224A (en) * 1987-06-12 1989-06-27 Oki Electric Industry Co., Ltd. IC card
US4855690A (en) * 1987-08-10 1989-08-08 Dallas Semiconductor Corporation Integrated circuit random number generator using sampled output of variable frequency oscillator
US4924075A (en) * 1987-09-30 1990-05-08 Kabushiki Kaisha Toshiba Smart IC card
US5010331A (en) * 1988-03-02 1991-04-23 Dallas Semiconductor Corporation Time-key integrated circuit
US4908790A (en) * 1988-03-10 1990-03-13 Dallas Semiconductor Corporation Backup battery switching circuitry for a microcomputer or a microprocessor

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999008234A2 (en) * 1997-08-08 1999-02-18 Elettronica Meccanica Sistemi S.R.L. A method and apparatus for printing marks
WO1999008234A3 (en) * 1997-08-08 1999-04-15 Elettronica Meccanica Sistemi A method and apparatus for printing marks
EP1085521A1 (en) * 1999-09-17 2001-03-21 Fujitsu Limited Non-volatile semiconductor memory
GB2398658A (en) * 2003-02-18 2004-08-25 Agilent Technologies Inc Implementing a hidden address in a communication module.
US7065621B2 (en) 2003-02-18 2006-06-20 Takashi Hidai System and method for implementing a hidden address in a communication module
GB2398658B (en) * 2003-02-18 2007-01-24 Agilent Technologies Inc System and method for implementing a hidden address in a communication module
GB2405231A (en) * 2003-08-20 2005-02-23 Agilent Technologies Inc Accessing memory over a communications link using an access code
GB2405231B (en) * 2003-08-20 2006-05-24 Agilent Technologies, Inc Master slave arrangement

Similar Documents

Publication Publication Date Title
US5923682A (en) Error correction chip for memory applications
US4188670A (en) Associative interconnection circuit
US5604880A (en) Computer system with a memory identification scheme
US5161159A (en) Semiconductor memory with multiple clocking for test mode entry
US4303993A (en) Memory present apparatus
US6058048A (en) Flash memory device used as a boot-up memory in a computer system
US5485428A (en) Memory device with page select capability
US5946246A (en) Semiconductor memory device with built-in self test circuit
US6148363A (en) Device and method for controlling solid-state memory system
US5768208A (en) Fail safe non-volatile memory programming system and method therefor
US5315177A (en) One time programmable fully-testable programmable logic device with zero power and anti-fuse cell architecture
US7133302B1 (en) Low power content addressable memory
US7516371B2 (en) ECC control apparatus
US4977537A (en) Dram nonvolatizer
US6901020B2 (en) Integrated charge sensing scheme for resistive memories
US5315557A (en) Semiconductor memory device having self-refresh and back-bias circuitry
US20070165457A1 (en) Nonvolatile memory system
US4701886A (en) Semiconductor integrated circuit device
US5315549A (en) Memory controller for nonvolatile RAM operation, systems and methods
US6521994B1 (en) Multi-chip module having content addressable memory
EP1465203A1 (en) Nonvolatile memory with page copy capability and method thereof
US5978275A (en) Erase and program control state machines for flash memory
US6226729B1 (en) Method and apparatus for configuring and initializing a memory device and a memory channel
US6718432B1 (en) Method and apparatus for transparent cascading of multiple content addressable memory devices
US6147890A (en) FPGA with embedded content-addressable memory

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): CA JP KR

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FR GB GR IT LU NL SE

NENP Non-entry into the national phase in:

Ref country code: CA