WO2012001615A1

WO2012001615A1 - A method, circuit, device and system for authenticating an integrated circuit

Info

Publication number: WO2012001615A1
Application number: PCT/IB2011/052824
Authority: WO
Inventors: Yoav Yogev; Eli Lusky
Original assignee: Infinite Memory Ltd.
Priority date: 2010-06-27
Filing date: 2011-06-27
Publication date: 2012-01-05

Abstract

Disclosed is a method, circuit, device and system for authenticating an integrated circuit or a data baring peripheral or device also containing an integrated circuit. A first device may attempt to authenticate an integrated circuit, or a second peripheral or device, by comparing measured physical, electrical or operational parameters of the integrated circuit, or an integrated circuit on the second device, against information relating to the physical, electrical or operational parameters of the circuit/device.

Description

A METHOD, CIRCUIT, DEVICE AND SYSTEM FOR AUTHENTICATING AN

INTEGRATED CIRCUIT

INVENTORS:

Yoav Yogev

Eli Lusky

FIELD OF THE INVENTION

[001] The present invention generally relates to the field of Communication Authentication. More specifically, the present invention relates to a method, circuit, device and system for authenticating an integrated circuit (IC) and/or a data bearing peripheral or device comprising an integrated circuit.

BACKGROUND

[002] Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. In private and public computer networks (including the Internet), authentication is commonly done through the use of logon passwords. Knowledge of the password is assumed to guarantee that the user is authentic. Each user registers initially (or is registered by someone else), using an assigned or self-declared password. On each subsequent use, the user must know and use the previously declared password. The weakness in this system for transactions that are significant (such as the exchange of money) is that passwords can often be stolen, accidentally revealed, or forgotten.

[003] For this reason, Internet business and many other transactions require a more stringent authentication process. The use of digital certificates issued and verified by a Certificate Authority (CA) as part of a public key infrastructure is considered likely to become the standard way to perform authentication on the Internet.

[004] There are three main factors of authentication to consider: something you know, such as a user ID and password; something you have, such as a smart card; and something you are, which refers to a physical characteristic, like a fingerprint that is verified using biometric technology. These factors can be used alone, or they can be combined to build a stronger authentication strategy in what is known as two-factor or multifactor authentication. [005] User ID and password systems are among the oldest forms of digital authentication. These types of authentication systems, which simply prompt a user to enter his or her ID and password to gain system access, are easy to implement and use, but they also carry some huge security risks.

[006] One of the biggest problems with passwords is that they can be shared, guessed or misused. Organizations educate users on how to properly handle their passwords. Among the most important password guidelines for users is that passwords should never been written down. Often employees will jot down their passwords in an effort to help them remember their many sets of credentials. One way to eliminate this problem is to nix the use of multiple passwords. If users can have one ID and password for corporate systems - typically referred to as enterprise single sign-on (SSO) - the likelihood of them needing to jot anything down is greatly decreased.

[007] Biometrics is an authentication method that uses fingerprint or facial scans and iris or voice recognition to identify users. A biometric scanning device takes a user's biometric data, such as an iris pattern or fingerprint scan, and converts it into digital information a computer can interpret and verify. Since it is more difficult for a malicious hacker to gain access to a person's biometric data, and it is unlikely that a user will misplace or misuse his or her biometric data, this form of technology a greater level of assurance than other methods of identification.

[008] Biometrics can be used for both physical access to corporate buildings and internal access to enterprise computers and systems. Biometrics is most often used as a form of authentication in a broader two-factor or multifactor authentication

[009] Single sign-on (SSO) is a form of technology that eases the authentication process for users and IT administrators. Through SSO, a user can enter his or her username and password once for access to multiple applications. Users are given rights to specific applications, and they will be able to access all of those apps when they enter their credentials, which eliminates continuous prompts. SSO also reduces the cost of managing an endless number of passwords for IT staffs.

[0010] SSO systems improve security by centralizing authentication on dedicated servers. All authentication credentials must travel through a dedicated SSO server first, which then passes along the specific authentication credential it has stored for an individual user. This centralization is more likely to weed out malicious access than single-factor authentication systems.

[0011] A public key infrastructure (PKI) is a group of servers that handle the creation of public keys for digital certificates. PKI systems maintain digital certificates, creating and deleting them as needed. The system allows users to swap information securely across a public network through a pair of public and private cryptographic keys, which is obtained and accessed through a certificate authority (CA). The public key infrastructure provides a digital certificate, which is an electronic "credit card" that contains the name of the certificate authority, the name of the user, and the effective and expiration dates and the user's public key. Digital certificates are used to establish user credentials during online transactions. All certificates are issued by a certification authority and contain the digital signature of the certificate-issuing authority to verify authentication.

[0012] A smart card is a small plastic card, about the size of a credit card, containing an embedded microchip that can be programmed to store specific user authentication information. The chip on a smart card can store multiple identification factors of a specific user (i.e. password and fingerprint). When the user swipes his or her card into a smart card reader, the card implements multiple factors of authentication, making the smart card system a viable option for two-factor or multifactor authentication.

[0013] In connection with secure transactions and secure communication sessions (e.g. entered into through distributed communication networks). Authentication may be of a string or code (e.g. login id) and not of the actual device or person behind it. This requirement may pose a problem to proprietary hardware authentication solutions as they attempt to identify the real device/person behind a virtual identity.

[0014] Accordingly, there is a need in the field for a circuit, system device and method for authentication and/or encryption that may mitigate the possibility of false positive identification based on cloning an identifying device or identification code(s) and eliminate the threat of hackers stealing stored or transmitted information from a computer. The information may be fully or partially processed on the smart card, so some or all of it may never have to leave the card or be transmitted to another machine.

[0015] In connection with secure transactions and secure communication sessions entered into through distributed communication networks, authentication is required in order to verify that a virtual identity requesting a session (e.g. party requesting connection with a secure server or gateway) is the original registering identity. Authentication may be of a string or code (e.g. login id) and not of the actual device or person behind it. This requirement poses a problem to most proprietary hardware authentication solutions as they attempt to identify the real device/person behind a virtual identity.

[0016] Accordingly, there is a need in the field for a circuit, system and method for authentication and/or encryption that may mitigate the possibility of false positive identification based on cloning an identifying device or identification code(s). SUMMARY OF THE INVENTION

[0017] The present invention is a method, circuit, device and system for authenticating an integrated circuit (IC) or a data baring peripheral or device comprising an integrated circuit. According to some embodiments of the present invention, a first device (e.g. a Host Device) may attempt to authenticate a second peripheral or device (e.g. an Integrated Circuit) by comparing measured physical, electrical or operational parameters of an integrated circuit on the second device against information relating to the physical, electrical or operational parameters of the device, where the information may be stored in non-volatile memory (NVM) on the second device.

[0018] According to some embodiments, physical, electrical or operational parameters may include, but are in no way limited to, parameters relating to the IC's NVM die's threshold voltages (VT) distribution, parameters relating to the analog voltages produced at internal circuits such as the charge pump and/or any screening, transformation or manipulation of such raw 'DNA' data.

[0019] According to some embodiments, the non-volatile memory may be of a one time programmable (OTP) type Memory which is comprised of native cells having generic native threshold voltages (VT), which native threshold voltages (VT) may be programmed-to/registered-in one or more other location(s) of the array. Each die/circuit may thus have its own unique parameter stamp or DNA. According to embodiments using OTP, once data is inserted into a native cell, the cell can't be restored to its native state, hence the programming/registration of die's/circuit's unique DNA can't be modified.

[0020] An OTP's unique DNA may be stored in OTP cells and may be used for the optimized operation of the die/circuit. Optimized operation of the die may include using the native VT distributions of some of the cell or cell groups (i.e. DNA) to regulate or adjust a reading sequence of a functionally associated controller. Accordingly, any modification in the OTP cells storing the DNA pattern may result with malefaction operation of the die/circuit.

[0021] According to embodiments where authentication of a physical unit is required (e.g. IC), the die/circuit DNA may be matched with the actual physical characteristics during any phase of the memory die/circuit life span, thereby optionally insuring absolute traceability up to production day, and further providing proof of authenticity.

[0022] According to further embodiments, the peripheral may include an integrated circuit, such as a non-volatile memory die, digital logic circuit, amplifiers, or any other integrated circuit type known today or to be devised in the future. According to further embodiments of the present invention, the characterization information of one or more physical, electrical or operational parameters of the integrated circuit may be stored as a sequence of bits, possibly in a pseudo-random (e.g. encrypted) pattern, on one or more non-volatile memory dies integral or functionally associated with the peripheral.

[0023] According to further embodiments of the present invention, a host device adapted to communicate with the peripheral/IC may include authentication circuitry including authentication logic circuitry adapted to read the characterization information bits and to derive the characterization information (i.e. DNA Parameters of the IC) - for example by decrypting the information contained in a pseudo-random bit pattern. The authentication circuitry/peripheral inspection circuit(s) may include a DNA Reader adapted to inspect, directly or indirectly (the peripheral device controller may provide direct or indirect measurement functionality), physical, electrical or operational parameters on the peripheral/IC corresponding to the information contained in the read characterization information bits. According to further embodiments of the present invention, the authentication logic circuitry may compare the measured integrated circuit parameters against those indicated in the characterization information bits read from the peripheral/IC. A mismatch between the two may result in a failure to authenticate the peripheral/IC.

[0024] According to further embodiments of the present invention where the peripheral inspection circuit(s) are adapted to indirectly inspect physical, electrical or operational parameters on the peripheral/IC corresponding to the information contained in the read characterization information bits, the inspection circuit(s) may be adapted to receive a digital or analog readout data from an IC DNA parameter measurement circuit integral or functionally associated with the integrated circuit (e.g. of the peripheral). The peripheral/IC inspection circuit(s) may be adapted to readout and/or otherwise indirectly determine physical, electrical or operational parameters of the integrated circuit according to any method or technique known today or to be devised in the future.

[0025] According to further embodiments of the present invention, an external client dependent ID string, which may be provided by a content holder/loader, may be assigned to one or to each of a set of integrated circuit(s), peripheral(s) or device(s) (e.g. client, client group). The external ID string may be written to and stored on the OTP section of the peripherals'/IC's NVM die and may be used along with the measured physical, electrical or operational parameters of the integrated circuit or an integrated circuit on the peripheral, as part of a multifactor authentication and/or encryption and/or decryption scheme between the peripheral/IC and a host. According to some embodiments of the present invention, the external ID which may be client dependent when combined with the internally measured physical, electrical or operational parameters of the integrated circuit may result in absolute traceability per each type of customer or user. BRIEF DESCRIPTION OF THE FIGURES

[0026] The subject matter regarded as the invention is particularly pointed out and distinctly claimed in the concluding portion of the specification. The invention, however, both as to organization and method of operation, together with objects, features, and advantages thereof, may best be understood by reference to the following detailed description when read with the accompanying attachments including the following figures:

[0027] Fig. 1A is a functional block diagram of an exemplary integrated circuit (IC) including one or more non-volatile memory cells which are programmed with DNA parameters of the IC wherein the DNA parameters are at least partially based on native NVM cell Distributions, in accordance with some embodiments of the present invention;

[0028] Fig. IB is a functional block diagram of an exemplary integrated circuit (IC) including one or more non-volatile memory cells which are programmed with DNA parameters of the IC wherein the DNA parameters are at least partially based on a transfer function of an analog circuit, in accordance with some embodiments of the present invention;

[0029] Fig. 2A is a functional block diagram of an exemplary host device, wherein the host device may interface with and authenticate an integrated circuit (IC) using a DNA reader and an IC Authenticator capable of measuring DNA related IC parameters directly from the IC, in accordance with some embodiments of the present invention;

[0030] Fig. 2B is a functional block diagram of an exemplary host device, wherein the host device may interface with and authenticate an integrated circuit (IC) using a DNA reader and an IC Authenticator capable of receiving DNA related IC parameters from a measurement unit on the IC, in accordance with some embodiments of the present invention;

[0031] Fig. 2C is a functional block diagram of an exemplary host device, wherein the host device may interface with and authenticate an integrated circuit (IC) using a DNA reader and an IC Authenticator capable of measuring DNA related IC parameters directly from the IC and wherein DNA parameters of authorized ICs are stored on the host, in accordance with some embodiments of the present invention;

[0032] Fig. 2D is a functional block diagram of an exemplary IC/Peripheral Device, wherein the IC/Peripheral Device may interface with and authenticate a Host Device, in accordance with some embodiments of the present invention;

[0033] Fig. 2E is a functional block diagram of an exemplary authentication scheme, wherein an IC/Peripheral Device may interface with and authenticate a Host Device, in accordance with some embodiments of the present invention; [0034] Fig. 2F is a functional block diagram of an exemplary authentication scheme, wherein a Host Device may authenticate an interfaced IC/Peripheral Device, in accordance with some embodiments of the present invention;

[0035] Fig. 3 is a flow chart including the steps of an exemplary method by which an IC of the present invention may be produced, in accordance with some embodiments of the present invention;

[0036] Fig. 4A is a flow chart including the steps of an exemplary method by which an IC according to some embodiments may be authenticated, wherein a DNA parameter measurement unit is located on the authenticating host device, in accordance with some embodiments of the present invention;

[0037] Fig. 4B is a flow chart including the steps of an exemplary method by which an IC according to some embodiments may be authenticated, wherein a DNA parameter on-die measurement unit is located on the IC, in accordance with some embodiments of the present invention;

[0038] Fig. 5A is a signal/data flow diagram of an exemplary embodiment wherein a DNA parameter measurement unit is located on the authenticating host device and wherein part of the signal is analog data measured from the die by a circuit on the host, in accordance with some embodiments of the present invention;

[0039] Fig. 5B is a signal/data flow diagram of an exemplary embodiment wherein a DNA parameter on-die measurement unit is located on the IC and wherein part of the signal includes a request to the on-board unit to measure one or more parameters and digital output generated by the unit and sent to the host, in accordance with some embodiments of the present invention;

[0040] Fig. 5C is a signal/data flow diagram of an exemplary embodiment wherein a Host Device is authenticated by an IC, in accordance with some embodiments of the present invention; and

[0041] Fig. 5D is a signal/data flow diagram of an exemplary embodiment wherein an IC is authenticated by a Host Device, in accordance with some embodiments of the present invention.

DESCRIPTION OF THE INVENTION

[0042] In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the invention. However, it will be understood by those skilled in the art that the present invention may be practiced without these specific details. In other instances, well- known methods, procedures, components and circuits have not been described in detail so as not to obscure the present invention.

[0043] Unless specifically stated otherwise, as apparent from the following discussions, it is appreciated that throughout the specification discussions utilizing terms such as "processing", "computing", "calculating", "determining", or the like, refer to the action and/or processes of a computer or computing system, or similar electronic computing device, that manipulate and/or transform data represented as physical, such as electronic, quantities within the computing system's registers and/or memories into other data similarly represented as physical quantities within the computing system's memories, registers or other such information storage, transmission or display devices.

[0044] Embodiments of the present invention may include apparatuses for performing the operations herein. Such apparatus may be specially constructed for the desired purposes, or it may comprise a general-purpose computer selectively activated or reconfigured by a computer program stored in the computer. Such a computer program may be stored in a computer readable storage medium, such as, but is not limited to, any type of disk including floppy disks, optical disks, CD-ROMs, magnetic-optical disks, read-only memories (ROMs), random access memories (RAMs) electrically programmable readonly memories (EPROMs), electrically erasable and programmable read only memories (EEPROMs), magnetic or optical cards, or any other type of media suitable for storing electronic instructions, and capable of being coupled to a computer system bus.

[0045] The processes and displays presented herein are not inherently related to any particular computer or other apparatus. Various general-purpose systems may be used with programs in accordance with the teachings herein, or it may prove convenient to construct a more specialized apparatus to perform the desired method. The desired structure for a variety of these systems will appear from the description below. In addition, embodiments of the present invention are not described with reference to any particular programming language. It will be appreciated that a variety of programming languages may be used to implement the teachings of the inventions as described herein. [0046] The present invention is a method, circuit, device and system for authenticating an integrated circuit (IC) or a data baring peripheral or device comprising an integrated circuit. According to some embodiments of the present invention, a first device (e.g. a Host Device) may attempt to authenticate a second peripheral or device (e.g. an Integrated Circuit) by comparing measured physical, electrical or operational parameters of an integrated circuit on the second device against information relating to the physical, electrical or operational parameters of the device, where the information may be stored in non-volatile memory (NVM) on the second device.

[0047] According to some embodiments, physical, electrical or operational parameters may include, but are in no way limited to, parameters relating to the IC's NVM die's threshold voltages (VT) distribution, parameters relating to the analog voltages produced at internal circuits such as the charge pump and/or any screening, transformation or manipulation of such raw 'DNA' data.

[0048] According to some embodiments, the non-volatile memory may be of a one time programmable (OTP) type Memory which is comprised of native cells having generic native threshold voltages (VT), which native threshold voltages (VT) may be programmed-to/registered-in one or more other location(s) of the array. Each die/circuit may thus have its own unique parameter stamp or DNA. According to embodiments using OTP, once data is inserted into a native cell, the cell can't be restored to its native state, hence the programming/registration of die's/circuit's unique DNA can't be modified.

[0049] An OTP's unique DNA may be stored in OTP cells and may be used for the optimized operation of the die/circuit. Optimized operation of the die may include using the native VT distributions of some of the cell or cell groups (i.e. DNA) to regulate or adjust a reading sequence of a functionally associated controller. Accordingly, any modification in the OTP cells storing the DNA pattern may result with malefaction operation of the die/circuit.

[0050] According to embodiments where authentication of a physical unit is required (e.g. IC), the die/circuit DNA may be matched with the actual physical characteristics during any phase of the memory die/circuit life span, thereby optionally insuring absolute traceability up to production day, and further providing proof of authenticity.

[0051] According to further embodiments, the peripheral may include an integrated circuit, such as a non-volatile memory die, digital logic circuit, amplifiers, or any other integrated circuit type known today or to be devised in the future. According to further embodiments of the present invention, the characterization information of one or more physical, electrical or operational parameters of the integrated circuit may be stored as a sequence of bits, possibly in a pseudo-random (e.g. encrypted) pattern, on one or more non-volatile memory dies integral or functionally associated with the peripheral.

[0052] In figure 1A there is shown, in accordance with some embodiments of the present invention, a functional block diagram of an exemplary integrated circuit (IC) including one or more non-volatile memory cells which are programmed with DNA parameters of the IC wherein the DNA parameters are at least partially based on native NVM cell distributions.

[0053] According to some embodiments, native NVM cell distribution of one or more NVM cells and/or threshold voltage across one or more NVM cells may be determined by an on-die DNA Parameter Measurement Unit/Circuit functionally associated with the NVM Array Controller. Data indicative of the DNA parameters may be previously programmed onto one or more cells of the NVM Array of the IC and may be read by the NVM Array Controller. The IC Device Controller may be adapted to communicate the DNA parameter measurements determined by the on-die DNA Parameter Measurement Unit/Circuit and the read DNA parameter indicative data to an interfaced device (e.g. a host device) through one or more Interface Circuits and/or one or more Die Contact Pads.

[0054] In figure IB there is shown, in accordance with some embodiments of the present invention, a functional block diagram of an exemplary integrated circuit (IC) including one or more non-volatile memory cells which are programmed with DNA parameters of the IC wherein the DNA parameters are at least partially based on a transfer function of an analog circuit.

[0055] According to some embodiments, a transfer function of one or more analog circuit segments may be determined by an on-die DNA Parameter Measurement Unit/Circuit functionally associated with one or more analog circuits of the IC. Data indicative of the DNA parameters may be previously programmed onto one or more cells of the NVM Array of the IC and may be read by the NVM Array Controller. The IC Device Controller may be adapted to communicate the DNA parameter measurements determined by the on-die DNA Parameter Measurement Unit/Circuit and the read DNA parameter indicative data to an interfaced device (e.g. a host device) through one or more Interface Circuits and/or one or more Die Contact Pads.

[0056] According to some embodiments of the present invention, the data indicative of the DNA parameters may be measured and programmed onto one or more cells of the NVM Array of the IC during the production process of the IC, for example during the sorting stage. According to some embodiments, the data indicative of the DNA parameters may be programmed and/or stored on NVM cells that are distributed and/or scrambled across the NVM Array of the IC. According to some embodiments, the data indicative of the DNA parameters may be encrypted prior to its programming to the NVM cells. According to some embodiments, one or more of the NVM cells of the IC may be a One Time Programmable (OTP) NVM cell(s).

[0057] According to further embodiments of the present invention, a host device adapted to communicate with the peripheral/IC may include authentication circuitry including authentication logic circuitry adapted to read the characterization information bits and to derive the characterization information (i.e. DNA Parameters of the IC) - for example by decrypting the information contained in a pseudo-random bit pattern. The authentication circuitry/peripheral inspection circuit(s) may include a DNA Reader adapted to inspect, directly or indirectly (the peripheral device controller may provide direct or indirect measurement functionality), physical, electrical or operational parameters on the peripheral/IC corresponding to the information contained in the read characterization information bits. According to further embodiments of the present invention, the authentication logic circuitry may compare the measured integrated circuit parameters against those indicated in the characterization information bits read from the peripheral/IC. A mismatch between the two may result in a failure to authenticate the peripheral/IC.

[0058] According to further embodiments of the present invention where the peripheral inspection circuit(s) are adapted to indirectly inspect physical, electrical or operational parameters on the peripheral/IC corresponding to the information contained in the read characterization information bits, the inspection circuit(s) may be adapted to receive a digital or analog readout data from an IC DNA parameter measurement circuit integral or functionally associated with the integrated circuit (e.g. of the peripheral). The peripheral/IC inspection circuit(s) may be adapted to readout and/or otherwise indirectly determine physical, electrical or operational parameters of the integrated circuit according to any method or technique known today or to be devised in the future.

[0059] In figure 2A there is shown, in accordance with some embodiments of the present invention, a functional block diagram of an exemplary host device, wherein the host device may interface with and authenticate an integrated circuit (IC) using a DNA reader and an IC Authenticator capable of measuring DNA related IC parameters directly from the IC. According to some embodiments, the host device DNA Reader may comprise a DNA Parameter Measurement Unit/Circuit adapted to measure DNA parameters directly off the IC through an IC/Peripheral Device Interface Circuit connected to one or more Interface Circuits and/or Contact Pads of the IC. An IC Authentication and/or Peripheral Inspection Unit of the Host Device may comprise an Authentication Logic Circuitry and may be adapted to compare determined DNA parameters as measured by the DNA Parameter Measurement Unit/Circuit of the host to DNA parameters data read from the NVM cells of the IC and communicated by the IC Device Controller. According to some embodiments, a match between measured and read DNA parameters may result in a successful authentication of the IC, a mismatch may result in a failure of authentication of the IC.

[0060] In figure 2B there is shown, in accordance with some embodiments of the present invention, a functional block diagram of an exemplary host device, wherein the host device may interface with and authenticate an integrated circuit (IC) using a DNA reader and an IC Authenticator capable of receiving DNA related IC parameters from a measurement unit on the IC. According to some embodiments, the IC may comprise an on die DNA Parameter Measurement Unit/Circuit adapted to measure DNA parameters (e.g. upon request/command from an interfaced host device) of one or more circuits of the IC. An IC Authentication and/or Peripheral Inspection Unit of the Host Device may comprise an Authentication Logic Circuitry and may be adapted to compare determined and communicated DNA parameters as measured by the on die DNA Parameter Measurement Unit/Circuit to DNA parameters data read from the NVM cells of the IC and communicated by the IC Device Controller. According to some embodiments, a match between measured and read DNA parameters may result in a successful authentication of the IC, a mismatch may result in a failure of authentication of the IC.

[0061] In figure 2C there is shown, in accordance with some embodiments of the present invention, a functional block diagram of an exemplary host device, wherein the host device may interface with and authenticate an integrated circuit (IC) using a DNA reader and an IC Authenticator capable of measuring DNA related IC parameters directly from the IC and/or receiving DNA related IC parameters from a measurement unit on the IC. An IC Authentication and/or Peripheral Inspection Unit of the Host Device may comprise an Authentication Logic Circuitry and may be adapted to compare determined DNA parameters as directly measured from the IC by the DNA Parameter Measurement Unit/Circuit of the Host Device, and/or as measured by the on die DNA Parameter Measurement Unit/Circuit and communicated to the Host Device, to DNA parameters of one or more authorized IC(s)/Peripheral(s) previously stored on the Host Device and/or, at least partially stored, on a computerized storage device (e.g. a database) networked to the Host Device. According to some embodiments, a match between measured and previously stored DNA parameters may result in a successful authentication of the IC, a mismatch may result in a failure of authentication of the IC.

[0062] In figure 2D there is shown, in accordance with some embodiments of the present invention, a functional block diagram of an exemplary IC/Peripheral Device, wherein the IC/Peripheral Device may interface with and authenticate a Host Device. A DNA reader of the Host Device may measure DNA parameters from one or more of its ICs or segments thereof. Measured DNA parameters may be communicated to the IC/Peripheral Device and compared, using an Authentication Logic Circuitry of the IC/Peripheral Device, to DNA Parameters of Authorized Host Devices which are stored on one or more NVM cells of the IC/Peripheral Device. An unauthenticated host may be prevented from accessing data on the NVM of the IC and/or may receive data read from IC in a scrambled or encrypted format.

[0063] It is further made clear that all of the authentication schemes described herein, wherein an IC or Peripheral Device is authenticated by a Host Device may be partially or fully implemented as part of an authentication scheme wherein a Host Device is authenticated by an Interfaced IC/Peripheral Device. Furthermore, various ICs or IC(s) containing devices or systems may be authenticated using the teachings and techniques disclosed herein.

[0064] In figure 2E there is shown, in accordance with some embodiments of the present invention, a functional block diagram of an exemplary authentication scheme, wherein an IC/Peripheral Device may interface with and authenticate a Host Device. According to some embodiments, a DNA Parameter Measurement Unit/Circuit of the IC may measure one or more DNA parameters of the IC. Measured parameters may be communicated to an IC DNA Calculation Circuit and to a Host DNA Calculation Circuit that may each calculate a result/value based on the DNA parameters and one or more Shared Secrets or values. The Host Device may then communicate the result of its calculation back to the IC where it may be compared by an Authentication Logic Circuitry to the result of its own IC DNA Calculation Circuit. A match between the result calculated by the IC and the result calculated by the Host Device may result in a successful authentication of the host. A mismatch may lead to an authentication failure and may further prevent the IC from allowing the Host Device to access its data.

[0065] In figure 2F there is shown, in accordance with some embodiments of the present invention, a functional block diagram of an exemplary authentication scheme, wherein a Host Device may authenticate an interfaced IC/Peripheral Device. According to some embodiments, a DNA Parameter Measurement Unit/Circuit of the IC may measure one or more DNA parameters of the IC. Measured parameters may be communicated to an IC DNA Calculation Circuit and to a Host DNA Calculation Circuit that may each calculate a result/value based on the DNA parameters and one or more Shared Secrets or values. The IC may then communicate the result of its calculation back to the Host Device where it may be compared by an Authentication Logic Circuitry to the result of its own Host DNA Calculation Circuit. A match between the result calculated by the IC and the result calculated by the Host Device may result in a successful authentication of the IC. A mismatch may lead to an authentication failure and may further prevent the Host Device from accessing data on the IC. [0066] According to some embodiments of the present invention, failure of authentication of the IC may prevent the Host Device from accessing some or all of the data stored on NVM cells of the IC. According to some embodiments, failure of authentication may cause further data read from the IC to be communicated to the Host device in a scrambled or encrypted format. According to further embodiments, any data access and/or data usage prevention and/or limitation technique, known today or to be devised in the future, may be triggered as a result of an unsuccessful authentication of the IC.

[0067] According to further embodiments of the present invention, an external client dependent ID string, which may be provided by a content holder/loader, may be assigned to one or to each of a set of integrated circuit(s), peripheral(s) or device(s) (e.g. client, client group). The external ID string may be written to and stored on the OTP section of the peripherals'/IC's NVM die and may be used along with the measured physical, electrical or operational parameters of the integrated circuit or an integrated circuit on the peripheral, as part of a multifactor authentication and/or encryption and/or decryption scheme between the peripheral/IC and a host. According to some embodiments of the present invention, the external ID which may be client dependent when combined with the internally measured physical, electrical or operational parameters of the integrated circuit may result in absolute traceability per each type of customer or user.

[0068] In figure 3 there is shown, in accordance with some embodiments of the present invention, a flow chart including the steps of an exemplary method by which an IC of the present invention may be produced. According to some embodiments the method may comprise one or more of the following steps: (1) fabricating an integrated circuit that also includes one or more NVM cells; (2) determining one or more DNA parameters of the IC by measuring substantially unique electrical parameters of one or more segments of the integrated circuit such as, but in no way limited to: (a) transfer function(s) of one or more analog circuit segments, (b) native threshold voltage(s) of one or more NVM cells of NVM array(s) of the IC, and/or (c) threshold voltage(s) across one or more NVM cells of NVM array(s) of the IC; (3) programming data indicative of the measured DNA parameters, and/or any form of indicative parameters data derived from the measured parameters, onto a set of NVM cells on the IC, possibly at locations known to the IC Device Controller and/or to one or more Host Devices adapted to interface with and authenticate the IC; and (4) packaging the IC (e.g. as a peripheral disk-on-key device).

[0069] According to embodiments of the present invention, steps 2 and 3 described above may be performed as part of an IC production testing and/or sorting process. According to some embodiments, measuring and programming the DNA parameters of the IC may be performed through one or more interface circuit(s), contact pads and/or connection pins of the IC such as, but in no way limited to, those used for IC testing and/or sorting during their production process. According to some embodiments, at least some of the NVM cells of the IC on which NVM parameter data is stored may be physically distributed or scrambled across one or more of the NVM array(s) of the IC.

[0070] In figure 4A there is shown, in accordance with some embodiments of the present invention, the steps of an exemplary method by which an IC may be authenticated, wherein a DNA parameter measurement unit/circuit is located on the authenticating host device. According to some embodiments, upon connection of the IC to a Host Device the DNA Parameter Measurement Unit/Circuit of the Host Device may measure DNA parameters directly off the connected IC. The Host Device may then send to the IC Device Controller a request/command to read NVM cells of the IC onto to which DNA parameters of the IC have been programmed. The NVM Array Controller may read the data from the requested NVM cells and the IC Device Controller may communicate it to the Host Device.

[0071] In figure 4B there is shown, in accordance with some embodiments of the present invention, the steps of an exemplary method by which an IC may be authenticated, wherein an on die DNA parameter measurement unit/circuit is located on the IC. According to some embodiments, upon connection of the IC to a Host Device, the Host Device may send to the Device Controller of the connected IC a request/command to measure the DNA parameters of the IC using an on die DNA Parameter Measurement Unit/Circuit of the IC. The Host Device may then send to the IC Device Controller a request/command to read NVM cells of the IC onto to which DNA parameters of the IC have been programmed. The NVM Array Controller may read the data from the requested NVM cells and the IC Device Controller may communicate it to the Host Device.

[0072] According to some embodiments, the DNA parameters measured by the DNA Parameter Measurement Unit/Circuit of the Host Device, by the on die DNA Parameter Measurement Unit/Circuit of the IC, and/or according to some embodiments - by a combination of both; may be compared to the DNA parameters read from the NVM cells of the IC by a Host Device Authentication Logic Circuitry. If the measured DNA parameters match the read DNA parameters (e.g. substantially similar parameters measured and read) the IC is successfully authenticated, if no match is found the authentication of the IC may fail. According to some exemplary embodiments, the Host Device Authentication Logic Circuitry may be configured to consider a certain level of partial similarity between measured and read parameters as sufficient for the authentication of the IC.

[0073] In figure 5A there is shown, in accordance with some embodiments of the present invention, a signal/data flow diagram of an exemplary embodiment wherein a DNA parameter measurement unit/circuit is located on the authenticating host device and wherein part of the signal is analog data measured from the die by a circuit on the host. According to some embodiments, the IC may initially be connected to / interfaced with the host device. The host device may then send a signal to measure DNA parameters directly off the interfaced IC and receive in return an analog signal representing the DNA parameters or DNA parameter values. The returned analog signal may then be converted by the host device (e.g. by an analog to digital converter) to a digital format. The host device may then send a signal requesting/commanding the reading of the NVM cells of the IC onto which data indicative of the DNA parameters of the IC have been programmed and receive in return a digital data signal representing the programmed DNA parameters. The host device may then compare the measured DNA parameters to the read DNA parameters and if the parameters match signal to the IC device controller that the IC has been authenticated. Once successfully authenticated, data stored on the NVM of the IC may be communicated to the host device automatically and/or as read commands arrive from the host device. An unsuccessful comparison may lead to an authentication failure and to data stored on the NVM of the IC to be inaccessible to the host device and/or to be communicated to the host device in a scrambled and/or an encrypted format.

[0074] In figure 5B there is shown, in accordance with some embodiments of the present invention, a signal/data flow diagram of an exemplary embodiment wherein a DNA parameter on-die measurement unit/circuit is located on the IC and wherein part of the signal includes a request to the on-board unit to measure one or more parameters and digital output generated by the unit and sent to the host device. According to some embodiments, the IC may initially be connected to / interfaced with the host device. The host device may then send a request to the on-die measurement unit/circuit of the IC to measure the DNA parameters of the IC. In return the on-die measurement unit/circuit of the IC may measure the DNA parameters of the IC, convert the analog signal representing the DNA parameters or DNA parameter values to a digital signal, and send the converted digital signal back to the host device. The host device may then send a signal requesting/commanding the reading of the NVM cells of the IC onto which data indicative of the DNA parameters of the IC have been programmed and receive in return a digital data signal representing the programmed DNA parameters. The host device may then compare the measured DNA parameters to the read DNA parameters and if the parameters match signal to the IC device controller that the IC has been authenticated. Once successfully authenticated, data stored on the NVM of the IC may be communicated to the host device automatically and/or as read commands arrive from the host device. An unsuccessful comparison may lead to an authentication failure and to data stored on the NVM of the IC to be inaccessible to the host device and/or to be communicated to the host device in a scrambled and/or an encrypted format. [0075] In figure 5C there is shown, in accordance with some embodiments of the present invention, a signal/data flow diagram of an exemplary embodiment wherein a Host Device is authenticated by an IC. According to some embodiments, upon connection of the IC to a Host Device the Host may request a measurement of DNA parameters of the IC. An on-die Measurement Unit/Circuit of the IC may measure the parameters and communicate them to the Host. The IC and the Host may use their respective DNA Calculation Circuits to calculate values based on the measured/communicated DNA parameters and a shared secret value/string. The value calculated by the Host may then be communicated to the IC and compared by an Authentication Circuitry of the IC against its own calculated value. A successful comparison may authenticate the Host and allow it access to data on the IC. An unsuccessful comparison may lead to a failed authentication and to the IC preventing the Host from accessing its data and/or communicating to it scrambled or encrypted data.

[0076] In figure 5D there is shown, in accordance with some embodiments of the present invention, a signal/data flow diagram of an exemplary embodiment wherein an IC is authenticated by a Host Device. According to some embodiments, upon connection of the IC to a Host Device the Host may request a measurement of DNA parameters of the IC. An on-die Measurement Unit/Circuit of the IC may measure the parameters and communicate them to the Host. The IC and the Host may use their respective DNA Calculation Circuits to calculate values based on the measured/communicated DNA parameters and a shared secret value/string. The value calculated by the IC may then be communicated to the Host Device and compared by an Authentication Circuitry of the Host Device against its own calculated value. A successful comparison may authenticate the IC and allow the access to its data. An unsuccessful comparison may lead to a failed authentication and to may prevent the host from accessing data on the IC.

[0077] According to some embodiments of the present invention, the order of the signals/data flow described above may be altered, for example: the DNA parameters may be first read from the NVM of the IC and only then measured, or reading and measuring of the parameters may be done in an alternating and possibly repetitive manner. Furthermore, the authentication process may be a multi level authentication scheme and may include multiple read-measure-compare or measure-read- compare iterations of the same, and/or of different, circuit segments of the IC and NVM cells programmed with DNA indicative data.

[0078] According to some embodiments of the present invention, the locations of the NVM cells of the IC onto which NVM indicative data has been programmed, may also be communicated to the IC device controller by the host device and/or may be previously disclosed/known to the IC device controller, or stored (e.g. on NVM cells of the IC) at a location automatically referenced at power-on of the IC.

[0079] While certain features of the invention have been illustrated and described herein, many modifications, substitutions, changes, and equivalents will now occur to those skilled in the art. It is, therefore, to be understood that the appended claims are intended to cover all such modifications and changes as fall within the true spirit of the invention.

Claims

CLAIMS What claimed is:

1. An integrated circuit comprising:

at least one circuit segment having at least one substantially unique and measurable electrical parameter;

a set of non-volatile memory (NVM) cells programmed with data bits indicative of the at least one substantially unique parameter;

one or more access pins to provide a host device to read said set of NVM cells; and one or more access pins for a host device to determine the at least one substantially unique parameter.

2. The integrated circuit according to claim 1 wherein determining is through direct measurement.

3. The integrated circuit according to claim 1 wherein determining is through communication with an on die measuring circuit.

4. The integrated circuit according to claim 1 wherein the NVM cell set is one time programmable

(OTP).

5. The integrated circuit according to claim 1 wherein the unique parameter is measured during sorting.

6. The integrated circuit according to claim 5 wherein the NVM cell set is programmed during sorting.

7. The integrated circuit according to claim 1 wherein the data on at least some of said NVM cells is encrypted.

8. The integrated circuit according to claim 1 wherein at least some of said NVM cells on which parameter data is stored are physically distributed or scrambled across an NVM array.

9. The integrated circuit according to claim 1 wherein the substantially unique parameter is selected from the group consisting of: (1) a transfer function of one or more analog circuit segments, (2) a native threshold voltage of one or more NVM cells, (3) a threshold voltage across one or more NVM cells.

10. A method of producing an integrated circuit comprising:

fabricating an integrated circuit die including:

determining at least one substantially unique electrical parameter of a segment of the

integrated circuit; and

programming to a set of non-volatile memory (NVM) cells of the integrated circuit data bits indicative of the at least one substantially unique parameter.

11. The method according to claim 10 wherein programming is to a one time programmable (OTP) NVM cell set.

12. The method according to claim 10 wherein at least some of said NVM cells on which parameter data is programmed are physically distributed or scrambled across an NVM array.

13. The method according to claim 10 further comprising encrypting the parameter data on at least some of the NVM cells.

14. The method according to claim 10 wherein determining the at least one unique parameter further comprises measuring them during sorting.

15. The method according to claim 14 wherein programming the at least one unique parameter is executed during sorting.

16. The method according to claim 10 wherein the measured substantially unique parameter is selected from the group consisting of: (1) a transfer function of one or more analog circuit segments, (2) a native threshold voltage of one or more NVM cells, and (3) a threshold voltage across one or more NVM cells.

17. A method of authenticating an integrated circuit comprising:

integrated circuit;

reading data bits indicative of the at least one substantially unique parameter from a set of nonvolatile memory (NVM) cells of the integrated circuit; and

comparing measured unique parameters to read unique parameters.

18. The method according to claim 17 wherein determining includes direct measuring performed by a host device.

19. The method according to claim 17 wherein determining includes communicating with an on die measuring circuit.

20. The method according to claim 17 wherein reading is from a one time programmable (OTP) NVM cell set.

21. The method according to claim 17 wherein reading is from a set of non-volatile memory (NVM) cells which are physically distributed or scrambled across an NVM array.

22. The method according to claim 17 wherein at least part of the data indicative of the at least one substantially unique parameter is encrypted.

23. The method according to claim 22 further comprising decrypting read data prior to comparison.

24. A method of authenticating a host device comprising:

integrated circuit;

communicating the at least one unique parameter to an interfaced host device;

calculating a value at least partially based on the at least one parameter and a secret shared with one or more authorized host devices; and comparing the calculated value to a value calculated by and received from the interfaced host device.

25. A method of authenticating an integrated circuit comprising:

integrated circuit;

calculating a value at least partially based on the at least one parameter and a secret shared with one or more host devices; and

communicating the at least one unique parameter and the calculated value to an interfaced host device.

26. An integrated circuit comprising:

a parameter measurement circuit to determine the at least one substantially unique parameter and communicate it to an interfaced host device;

a calculation circuit to calculate a first value based on the determined unique parameter and at least one secret shared with one or more host devices; and

an authentication logic circuitry to compare the calculated first value to a second value received from the interfaced host device.

27. An integrated circuit comprising:

a parameter measurement circuit to determine the at least one substantially unique parameter and communicate it to an interfaced host device; and

a calculation circuit to calculate a first value based on the determined unique parameter and at least one secret shared with one or more host devices and communicate it to the interfaced host device.