WO2014091559A1 - 統合セキュリティ装置および統合セキュリティ装置に用いられる信号処理方法 - Google Patents
統合セキュリティ装置および統合セキュリティ装置に用いられる信号処理方法 Download PDFInfo
- Publication number
- WO2014091559A1 WO2014091559A1 PCT/JP2012/082081 JP2012082081W WO2014091559A1 WO 2014091559 A1 WO2014091559 A1 WO 2014091559A1 JP 2012082081 W JP2012082081 W JP 2012082081W WO 2014091559 A1 WO2014091559 A1 WO 2014091559A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- function
- encryption
- signal
- signals
- security device
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
- H04L9/3278—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/122—Hardware reduction or efficient architectures
Definitions
- the present invention relates to a logic circuit that executes a security function such as an authentication process or an encryption process, and generates a chip-specific ID, a physical random number, and a cipher necessary for authenticating secret information or a device used in the encryption process.
- the present invention relates to an integrated security device and a signal processing method used in the integrated security device for providing an encryption / decryption function with a small-scale logic circuit.
- Such a function is generally realized by the following authentication protocol.
- the secret information K is stored in advance in the LSI mounted on the mobile phone body and the LSI mounted on the battery.
- the mobile phone body sends a random number C to the battery side.
- the main body side checks whether or not Rs received from the battery side is equal to Rm calculated by itself, and if they are equal, the authentication is OK, and if they are different, the authentication is NG.
- the point is that if the mobile phone body and the battery have the same secret information K, they can pass authentication.
- each device holds the secret information K "safely". This “safe” means that it is difficult for anyone other than those who can use the device to read or tamper with confidential information.
- PUF Physical Unclonable Function
- ⁇ Function 1> is a function that can be achieved by the above-described PUF.
- ⁇ Function 2> needs to be a physical random number generator because it requires random number generation without reproducibility.
- ⁇ function 3> is exemplified by processing of a block encryption algorithm such as AES (Advanced Encryption Standard).
- the prior art has the following problems.
- the PUF circuit, the physical random number generation circuit, and the encryption circuit are individually mounted on the LSI, and their functions are integrated by a control circuit, a CPU, or the like. Is common.
- the present invention has been made to solve the above-described problems, and is an integrated security device capable of integrating three different circuits into the same circuit, reducing the circuit scale, and facilitating the test. It is another object of the present invention to obtain a signal processing method used for an integrated security device.
- the integrated security device uses a logic circuit that constitutes an encryption / decryption function to perform an encryption / decryption processing unit that performs processing necessary for authentication, and a logic according to a selection signal from the outside.
- a selector for selecting a specific number of signals from a plurality of intermediate nodes of the circuit, and a function for detecting glitches generated by a specific number of signals selected by the selector, and selecting A function that generates a device identifier based on physical characteristics based on a glitch detected according to a specific number of signals selected by switching and selecting a specific number of signals by applying an external signal to the device
- a signal processing unit for realizing both functions of generating a physical random number.
- the signal processing method used in the integrated security device includes an encryption / decryption processing step for executing processing necessary for authentication using a logic circuit constituting an encryption / decryption function;
- an encryption / decryption processing step for executing processing necessary for authentication using a logic circuit constituting an encryption / decryption function;
- a function to detect glitches generated by signals is executed, and a specific number of signals are switched by applying an external signal to the selector, and detection is performed according to the specific number of signals selected by switching.
- the glitch it has a signal processing step that performs both the function of generating a device identifier according to physical characteristics and the function of generating a physical random number It is intended.
- random logic when operating as a PUF and random logic when operating as a physical random number generator are realized by using circuits originally implemented as encryption function processes, respectively. It is possible to obtain an integrated security apparatus and a signal processing method used for the integrated security apparatus that can integrate three different circuits into the same circuit, reduce the circuit scale, and facilitate the test.
- the glitch shape is determined by the relative relationship of delay, as with the Delay-PUF such as Arbiter-PUF, and the shape is maintained even if the operating environment changes. Can be expected.
- the iterative process is performed in the same way as at the time of generation, but the final response is determined by majority decision and mask process by S mask. .
- FIG. 10 is an example of a configuration diagram of the GPUF circuit.
- “Input register” 101 in FIG. 10 is a register for storing x ′ i and x i in algorithms 3 and 4.
- “Random logic f” 102 in FIG. 10 is a combinational circuit that processes the random logic f in the algorithms 3 and 4.
- “Glitch count register” 103 in FIG. 10 is a flip-flop (FF) using a signal for determining an even odd number of a rising edge as a clock. This FF is reset by the “clear” signal in FIG. 10 immediately before the determination process is performed.
- FF flip-flop
- Counter & Comparator 105 in FIG. 10 has a register 105a for managing the number of occurrences of 0 and 1 for each bit based on the determination result bi, and a PUF response w ii and an auxiliary function according to the appearance function. Data s m ii is calculated.
- FIG. 10 Input register 101 in FIG. 10 is an 8-bit register and is changed from 0x00 to 0x55. This operation is equivalent to x 'i ⁇ x i in the algorithm 3,4.
- the determination function can be realized by outputting the MSB of the counter.
- the stability of the GPUF response that is, the error probability of the response bit depends on the circuit configuration of “Random logic f” 102. This bit error rate tends to increase as the number of logical stages becomes deeper. For example, the error probability is 1% at a certain number of logical stages, but there is a dependency that the error probability becomes 10% as the number of logical stages increases.
- FIG. 1 is a block diagram of a security device that integrates a PUF function, a random number generation function, and an encryption function according to Embodiment 1 of the present invention.
- the encryption / decryption device 11 is a circuit block that performs normal encryption / decryption processing. Then, signals from a plurality of intermediate nodes of the logic circuit constituting the encryption / decryption device 11 are output to the outside of the circuit block.
- the selector 12 selects a specific number of signals from a plurality of intermediate node signals output from the encryption / decryption device 11. Further, the glitch detector 13 performs glitch detection on the signal selected by the selector 12 and outputs a detection result.
- the path change signal input to the encryption / decryption device 11 is a signal for switching a circuit through which data processed by the encryption / decryption device 11 passes. Further, the intermediate node selected by the selector 12 is switched according to the value of the intermediate node selection signal input to the selector 12.
- the intermediate node selection signal it is possible to switch between an intermediate node signal that performs glitch detection when operating as a PUF and an intermediate node signal that performs glitch detection when operating as a physical random number,
- the same glitch detector 13 can be used.
- the counter 21 determines the stability of the glitch detection result by the glitch detector 13 as described above. In determining the stability at this time, the upper bits of the counter 21 are used. For example, in the case of majority decision, the frequency of 0 or 1 can be determined by MSB. In the second embodiment, the lower bits of the counter 21 are used as random numbers.
- the PUF response is input to the key generator 22 according to the algorithms 1 and 2.
- the first selector 23 selects one of the plurality of signals read as the output of the key generator 22 in accordance with an external key selection signal, and outputs the selected signal to the encryption / decryption device 11. In this way, the first selector 23 can provide the encryption / decryption device 11 with the device identifier generated based on the physical characteristics.
- the random number output corresponding to the output of the lower bits of the counter 21 is read into the second selector 24. Then, the second selector 24 selects either plaintext / ciphertext input from the outside in accordance with the plaintext selection signal from the outside, and together with the random number output read from the counter 21, the encryptor / decryptor 11. Output to.
- a selector 34 is provided that draws out the signal lines of the subfunction f32 and the subfunction g33 from the circuit path that performs the processing of the encryption function Enc, and enables selection of each signal line. Yes.
- the function of the PUF is operated, the output of the subfunction f32 is selected.
- the function of the physical random number generator is operated, the signal line of the subfunction g33 is selected.
- FIG. 3 When FIG. 3 operates as a PUF, an “input register” 31 that stores plaintext and intermediate values H i in the encryption process has the same function as the “input register” 101 of FIG. Also, the subfunction f32 in FIG. 3 bears the same function as the “Random logic f” 102 in FIG.
- “PUF / RNG logic” 35 in FIG. 3 includes “Glitch count register” 103, “Output register” 104, and “Counter & Comparator” 105 shown in FIG.
- Each input X (x 1 , x 2 ,..., X l ) in the algorithms 3 and 4 is the ciphertext C encrypted by the plaintext P and the key K, or its intermediate value H i , and the next input It updates by doing.
- the point of FIG. 3 is a circuit (corresponding to subfunctions f and g) that originally implements random logic when operating as a PUF and random logic when operating as a physical random number generator in the processing of the encryption function Enc. And switching according to the depth of each logic stage. Furthermore, PUF input updating is scheduled with an encryption function.
- FIG. 5 is a block diagram of a security device that integrates the PUF function, random number generation function, and encryption function according to Embodiment 4 of the present invention.
- the subfunction f of the encryption function Enc is processing performed in a certain divided unit.
- a replacement process such as S-box corresponds to this.
- FIG. 5 there is provided a path for feeding back the output of a subfunction f52 using AND and XOR gates to the input of a different subfunction f52.
- FIG. 5 is equivalent to an operation necessary for the encryption function Enc.
- FIG. 5 is equivalent to an operation necessary for generating a physical random number, and a circuit path having the number of logical stages corresponding to two stages of the subfunction f is configured.
- the part surrounded by the dotted line on the left is “Basic modules for AES” 61 which is a circuit originally required to realize the function of AES, while the part surrounded by the one-dot chain line on the right Is “Additional modules for PUF & RNG” 62, which is a circuit added for PUF and random number generation.
- the basic operation is the same as in FIG. 2, and the AES and PUF operations and the random number generation function are switched by switching between 0 and 1 of the logical AND gate input represented as “chain logic” in FIG. Can be switched.
- this module operates as a PUF, and “Additional modules for PUF & RNG” 62 generates a response W of the PUF.
- “Additional modules for PUF & RNG” 62 generates a response W of the PUF.
- the “Encoder / Decoder” 71 and “Hash” 72 generate the key K PUF and the “Basic” which is the AES circuit of this module “modules for AES” 61 is loaded.
- FIG. 8 shows a hardware architecture for realizing the authentication function according to the first to fifth embodiments of the present invention.
- the security device 801 uses any of the integrated security devices described in the embodiments as the integration module 808.
- the integrated module 808 is connected to the CPU 802, the memories 803 and 804, and the I / O 805 via the local bus 807. Further, the integration module 808 is connected to the HF 801 via the FEC 809.
- the integrated security apparatus according to the present invention can be embodied as such a hardware configuration of FIG.
- the present invention is not limited to Embodiments 1 to 5 described above. That is, at the implementation stage, the constituent elements can be modified and implemented without departing from the scope of the invention.
- Various inventions can be formed by appropriately combining a plurality of constituent elements disclosed in the first to fifth embodiments. In addition, some components may be deleted from all the components shown in the first to fifth embodiments. Furthermore, you may combine the component covering different embodiment suitably.
Abstract
Description
(1)あらかじめ、携帯電話本体に搭載されたLSI、およびバッテリに搭載されたLSIに、それぞれ秘密情報Kを格納する。
(2)認証時、携帯電話本体は、乱数Cをバッテリ側に送る。同時に、暗号化関数Enc(C、K)=Rを実行し、Rmとして保持する。
(3)バッテリ側は、送られてきた乱数Cに対して本体側と同様に、暗号化関数Enc(C、K)=Rを実行し、実行結果をRsとして本体側に送信する。
(4)本体側は、バッテリ側から受信したRsと自身が計算したRmとが等しくなるか否かをチェックし、等しくなれば認証をOKとし、異なっていれば認証をNGとする。
<機能1>秘密情報Kを安全に機器内でそれぞれ保持する機能。
<機能2>乱数Cを生成する機能。
<機能3>暗号化関数Encを処理する機能。
上述した認証プロトコルを実現するためには、それぞれPUF回路、物理乱数発生回路、暗号化回路の3つの回路をLSIにそれぞれ個別に実装し、制御回路やCPUなどによって、それらの機能を統合するのが一般的である。
一般に、PUFの応答をそのまま暗号に使用する鍵として用いることは難しい。なぜならば、PUFの応答が毎回誤りを含まず、かつその応答が一様分布であることを保証することが難しいためである。そこで、通常は、Fuzzy Extractor(以下、FEと称す)を用いて、鍵生成を行う。FEの構成法は、いくつかのバージョンが存在するが、本願では、コードオフセットによる構成について説明する。
Glitch PUF(以下、GPUFと称す)は、論理回路を構成する各ゲートの入出力信号間の遅延関係によって発生するグリッチと呼ばれる現象を利用したPUFの一構成法である。
図10中の“Input register”101を8bitのレジスタとし、0x00を保持した状態から0x55に変化させるとする。この動作がアルゴリズム3、4におけるx’i→xiに相当する。
図1は、本発明の実施の形態1に係るPUFの機能、乱数生成の機能、および暗号化機能を統合したセキュリティ装置のブロック図である。暗号化・復号器11は、通常の暗号化・復号処理を行う回路ブロックである。そして、暗号化・復号器11を構成する論理回路の複数の中間ノードの信号が、回路ブロックの外部へ出力される。
本実施の形態2では、先の実施の形態1における図1の構成をより具体化した態様について説明する。図2は、本発明の実施の形態2に係るPUFの機能、乱数生成の機能、および暗号化機能を統合したセキュリティ装置のブロック図である。
図3は、本発明の実施の形態3に係るPUFの機能、乱数生成の機能、および暗号化機能を統合したセキュリティ装置のブロック図である。まず、暗号化関数Encについて説明する。なお、ここでは、説明の簡易化のために、暗号化関数で用いる秘密情報Kを省略する。
H1=g(f(P));
の処理が行われ“input register”31の値がH1に更新される。
H2=g(f(H1));
の処理を行い、このような処理をn回繰り返した後に“input register”31に格納される
C=Hn=g(f(Hn-1));
を暗号文Cとして、暗号化関数の処理を終了する。
先の実施の形態3では、暗号化関数Encの副関数fおよび副関数gを、PUFおよび物理乱数発生器のランダムロジックとしてそのまま利用する構成であった。しかしながら、副関数fおよび副関数gの論理段数が少ない場合には、十分なビット誤り率が得られず、PUFとして機能しても、乱数性が不十分になる可能性がある。
本実施の形態5では、先の実施の形態4をより具体化した構成について説明する。図6は、本発明の実施の形態5に係るPUFの機能、乱数生成の機能、および暗号化機能を統合したセキュリティ装置のブロック図である。本実施の形態5においては、暗号化関数Encとして、米国標準暗号AESを想定した構成を採用している。
<機能1>秘密情報Kを安全に機器内でそれぞれ保持する。
<機能2>乱数Cを生成する。
<機能3>暗号化関数Encを処理する。
(動作1)アルゴリズム4に従い、本モジュールは、PUFとして動作を行い、“Additional modules for PUF & RNG”62は、PUFの応答Wを生成する。
(動作2)アルゴリズム2に従い、PUFの応答Wと補助データS、Smaskから、“Encoder/Decoder”71および“Hash”72は、鍵KPUFを生成し、本モジュールのAES回路である“Basic modules for AES”61へロードされる。
(動作4)“Basic modules for AES”61は、非セキュア領域に格納されている認証鍵Kを鍵KPUFで暗号化したデータD=Enc(K、KPUF)を暗号文として、本モジュールにロードし、K=Dec(D、KPUF)で認証鍵Kに復号し、本モジュールに鍵としてロードする。
(動作6)“Basic modules for AES”61は、乱数Rに対して暗号化C=Enc(R、K)を行う。
(動作7)“Basic modules for AES”61は、認証先から受信したデータC’とCを比較し、一致すれば認証OK、不一致であれば認証NGを判定する。
Claims (7)
- 暗号化・復号関数を構成する論理回路を利用して、認証に必要な処理を実行する暗号化・復号処理部と、
外部からの選択信号に応じて、前記論理回路の複数の中間ノードからの信号のうち、特定の本数分の信号を選択する選択器と、
前記選択器により選択された前記特定の本数分の信号により発生するグリッジを検出する機能を有するとともに、前記選択器に対して前記外部信号を与えることで前記特定の本数分の信号を切り替え選択し、切り替え選択した前記特定の本数分の信号に応じて検出した前記グリッジに基づいて、物理的特性によってデバイス識別子を生成する機能と、物理乱数を発生する機能の両機能を実現する信号処理部と
を備える統合セキュリティ装置。 - 請求項1に記載の統合セキュリティ装置において、
前記暗号化・復号関数は、副関数の繰り返し処理で構成され、
前記信号処理部は、前記選択器に対して前記外部信号を与えることで、前記繰り返し処理により更新される信号の中から前記特定の本数分の信号を選択することで、前記デバイス識別を生成する機能に必要な入力情報を取得する
統合セキュリティ装置。 - 請求項1または2に記載の統合セキュリティ装置において、
前記信号処理部により生成された前記デバイス識別子により認証に必要な鍵を保護し、発生した前記物理乱数により認証に必要なチャレンジデータを生成する鍵生成部をさらに備え、
前記暗号化・復号処理部は、前記鍵生成部から前記鍵および前記チャレンジデータを取得し、認証に必要な暗号化・復号処理を行うことで認証プロトコルを処理する
統合セキュリティ装置。 - 請求項1から3のいずれか1項に記載の統合セキュリティ装置において、
前記暗号化・復号処理部は、前記暗号化・復号関数を構成するある1つの副関数として、N分割(Nは、2以上の整数)された単位で処理を実行する分割副関数を有し、
前記選択器は、前記外部信号に応じて、前記分割副関数のn分割目(nは、1以上N-1以下の整数)の出力をn+1分割目の入力にフィードバックする切り替え回路を有し、
前記信号処理部は、前記物理乱数を発生する機能を実現する際には、前記フィードバックする切り替え回路が形成されるように前記外部信号を出力し、前記物理的特性によってデバイス識別子を生成する機能を実現する際には、前記フィードバックする切り替え回路が形成されないように前記外部信号を出力する
統合セキュリティ装置。 - 請求項1から4のいずれか1項に記載の統合セキュリティ装置において、
前記信号処理部は、前記選択器を介して、所定のビット遷移確率を有する信号を所定回数繰り返して読み込んだ際の遷移状態に基づいて、前記物理乱数を発生する処理を行う
統合セキュリティ装置。 - 請求項1から5のいずれか1項に記載の統合セキュリティ装置において、
前記暗号化・復号関数は、少なくとも1段目の論理回路を構成する第1の副関数、および2段目の論理回路を構成する第2の副関数を含み、複数の論理段数により構成されており、
前記信号処理部は、前記物理的特性によってデバイス識別子を生成する機能を実現する際には、前記第1の副関数からの出力信号を選択するように前記選択器に対して前記外部信号を与え、前記物理乱数を発生する機能を実現する際には、前記第2の副関数からの出力信号を選択するように前記選択器に対して前記外部信号を与える
統合セキュリティ装置。 - 暗号化・復号関数を構成する論理回路を利用して、認証に必要な処理を実行する暗号化・復号処理ステップと、
外部からの選択信号に応じて選択器を切り替えることで、前記論理回路の複数の中間ノードからの信号のうち、特定の本数分の信号を選択する選択ステップと、
前記選択ステップにより選択された前記特定の本数分の信号により発生するグリッジを検出する機能を実行するとともに、前記選択器に対して前記外部信号を与えることで前記特定の本数分の信号を切り替え選択し、切り替え選択した前記特定の本数分の信号に応じて検出した前記グリッジに基づいて、物理的特性によってデバイス識別子を生成する機能と、物理乱数を発生する機能の両機能を実行する信号処理ステップと
を備える統合セキュリティ装置に用いられる信号処理方法。
Priority Applications (7)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP12889923.4A EP2933944B1 (en) | 2012-12-11 | 2012-12-11 | Integrated security device and signal processing method used by integrated security device |
JP2014551769A JP5863994B2 (ja) | 2012-12-11 | 2012-12-11 | 統合セキュリティ装置および統合セキュリティ装置に用いられる信号処理方法 |
CN201280077591.1A CN104838617B (zh) | 2012-12-11 | 2012-12-11 | 整合安全装置及整合安全装置中使用的信号处理方法 |
PCT/JP2012/082081 WO2014091559A1 (ja) | 2012-12-11 | 2012-12-11 | 統合セキュリティ装置および統合セキュリティ装置に用いられる信号処理方法 |
US14/651,130 US9722805B2 (en) | 2012-12-11 | 2012-12-11 | Integrated security device and signal processing method used for an integrated security device |
KR1020157018156A KR101653121B1 (ko) | 2012-12-11 | 2012-12-11 | 통합 시큐리티 장치 및 통합 시큐리티 장치에 이용되는 신호 처리 방법 |
TW102112458A TWI484368B (zh) | 2012-12-11 | 2013-04-09 | Integrated safety devices and signal processing methods for integrating safety devices |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2012/082081 WO2014091559A1 (ja) | 2012-12-11 | 2012-12-11 | 統合セキュリティ装置および統合セキュリティ装置に用いられる信号処理方法 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014091559A1 true WO2014091559A1 (ja) | 2014-06-19 |
Family
ID=50933885
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2012/082081 WO2014091559A1 (ja) | 2012-12-11 | 2012-12-11 | 統合セキュリティ装置および統合セキュリティ装置に用いられる信号処理方法 |
Country Status (7)
Country | Link |
---|---|
US (1) | US9722805B2 (ja) |
EP (1) | EP2933944B1 (ja) |
JP (1) | JP5863994B2 (ja) |
KR (1) | KR101653121B1 (ja) |
CN (1) | CN104838617B (ja) |
TW (1) | TWI484368B (ja) |
WO (1) | WO2014091559A1 (ja) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10044513B2 (en) * | 2013-09-02 | 2018-08-07 | Samsung Electronics Co., Ltd. | Security device having physical unclonable function |
US11303461B2 (en) * | 2013-09-02 | 2022-04-12 | Samsung Electronics Co., Ltd. | Security device having physical unclonable function |
US9703989B1 (en) * | 2014-12-23 | 2017-07-11 | Altera Corporation | Secure physically unclonable function (PUF) error correction |
WO2017077611A1 (ja) * | 2015-11-05 | 2017-05-11 | 三菱電機株式会社 | セキュリティ装置、及びセキュリティ方法 |
JP6585018B2 (ja) | 2016-09-12 | 2019-10-02 | 株式会社東芝 | 認証サーバ、認証システムおよび認証方法 |
US10530588B2 (en) * | 2016-12-16 | 2020-01-07 | Intel Corporation | Multi-stage non-linearly cascaded physically unclonable function circuit |
CN106888093B (zh) * | 2017-01-05 | 2023-03-21 | 宁波大学 | 一种nmos零温度系数点的多端口puf电路 |
CN109818745B (zh) * | 2017-11-21 | 2022-04-01 | 佛山芯珠微电子有限公司 | 物联网信息安全芯片 |
KR20200133062A (ko) * | 2019-05-15 | 2020-11-26 | 삼성디스플레이 주식회사 | 디스플레이 구동 집적 회로 및 이를 포함하는 디스플레이 시스템 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005523481A (ja) * | 2002-04-16 | 2005-08-04 | マサチューセッツ インスティテュート オブ テクノロジー | 集積回路の認証 |
JP2009524998A (ja) | 2006-01-24 | 2009-07-02 | ヴェラヨ インク | 信号発生器をベースとした装置セキュリティ |
JP2009533741A (ja) | 2006-04-13 | 2009-09-17 | エヌエックスピー ビー ヴィ | 半導体デバイス識別子の生成方法および半導体デバイス |
WO2011086688A1 (ja) * | 2010-01-15 | 2011-07-21 | 三菱電機株式会社 | ビット列生成装置及びビット列生成方法 |
WO2012095972A1 (ja) * | 2011-01-13 | 2012-07-19 | 三菱電機株式会社 | ビット生成装置及びビット生成方法 |
Family Cites Families (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7508937B2 (en) * | 2001-12-18 | 2009-03-24 | Analog Devices, Inc. | Programmable data encryption engine for advanced encryption standard algorithm |
KR101080551B1 (ko) * | 2003-07-31 | 2011-11-04 | 주식회사 아도반테스토 | 시험 장치 |
US7421076B2 (en) * | 2003-09-17 | 2008-09-02 | Analog Devices, Inc. | Advanced encryption standard (AES) engine with real time S-box generation |
JP2006072117A (ja) * | 2004-09-03 | 2006-03-16 | Matsushita Electric Ind Co Ltd | 暗号処理装置 |
US7372304B2 (en) * | 2005-10-04 | 2008-05-13 | Stmicroelectronics, Inc. | System and method for glitch detection in a secure microcontroller |
TW200718143A (en) * | 2005-10-21 | 2007-05-01 | Ren Liu | Mapping codes apparatus and method thereof |
KR100837270B1 (ko) * | 2006-06-07 | 2008-06-11 | 삼성전자주식회사 | 스마트 카드 및 그것의 데이터 보안 방법 |
US9247024B2 (en) | 2007-04-12 | 2016-01-26 | Intrinsic Id B.V. | Controlled activation of function |
US8290150B2 (en) | 2007-05-11 | 2012-10-16 | Validity Sensors, Inc. | Method and system for electronically securing an electronic device using physically unclonable functions |
CN101755269B (zh) * | 2007-07-20 | 2012-06-27 | Nxp股份有限公司 | 具有安全虚拟机的设备 |
TWI345406B (en) * | 2007-07-31 | 2011-07-11 | Formosoft Internat Inc | System and method of mutual authentication with dynamic password |
TWI357251B (en) * | 2008-01-10 | 2012-01-21 | Ind Tech Res Inst | Authentication method from elliptic curve cryptogr |
FR2952735B1 (fr) * | 2009-11-18 | 2011-12-09 | St Microelectronics Rousset | Procede et dispositif de detection d'attaques par injection de fautes |
TWI405450B (zh) * | 2009-12-30 | 2013-08-11 | Univ Vanung | Password authentication method |
KR101614950B1 (ko) * | 2010-04-12 | 2016-04-25 | 삼성전자주식회사 | 저장 장치에 물리적 식별자를 생성하는 방법 및 기계로 읽을 수 있는 저장 매체 |
FR2963713A1 (fr) * | 2010-08-04 | 2012-02-10 | St Microelectronics Grenoble 2 | Procede de chiffrement d'un flux de donnees |
WO2012122994A1 (en) * | 2011-03-11 | 2012-09-20 | Kreft Heinz | Off-line transfer of electronic tokens between peer-devices |
US9383969B2 (en) * | 2011-04-05 | 2016-07-05 | Intrinsic Id B.V. | Random number generating system based on memory start-up noise |
US9235460B2 (en) * | 2012-02-27 | 2016-01-12 | Altera Corporation | Methods and apparatus for automatic fault detection |
DE102012217716A1 (de) * | 2012-09-28 | 2014-06-12 | Siemens Aktiengesellschaft | Selbst-Test einer Physical Unclonable Function |
US10044513B2 (en) * | 2013-09-02 | 2018-08-07 | Samsung Electronics Co., Ltd. | Security device having physical unclonable function |
-
2012
- 2012-12-11 EP EP12889923.4A patent/EP2933944B1/en active Active
- 2012-12-11 JP JP2014551769A patent/JP5863994B2/ja active Active
- 2012-12-11 KR KR1020157018156A patent/KR101653121B1/ko active IP Right Grant
- 2012-12-11 CN CN201280077591.1A patent/CN104838617B/zh active Active
- 2012-12-11 US US14/651,130 patent/US9722805B2/en active Active
- 2012-12-11 WO PCT/JP2012/082081 patent/WO2014091559A1/ja active Application Filing
-
2013
- 2013-04-09 TW TW102112458A patent/TWI484368B/zh active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005523481A (ja) * | 2002-04-16 | 2005-08-04 | マサチューセッツ インスティテュート オブ テクノロジー | 集積回路の認証 |
JP2009524998A (ja) | 2006-01-24 | 2009-07-02 | ヴェラヨ インク | 信号発生器をベースとした装置セキュリティ |
JP2009533741A (ja) | 2006-04-13 | 2009-09-17 | エヌエックスピー ビー ヴィ | 半導体デバイス識別子の生成方法および半導体デバイス |
WO2011086688A1 (ja) * | 2010-01-15 | 2011-07-21 | 三菱電機株式会社 | ビット列生成装置及びビット列生成方法 |
WO2012095972A1 (ja) * | 2011-01-13 | 2012-07-19 | 三菱電機株式会社 | ビット生成装置及びビット生成方法 |
Non-Patent Citations (2)
Title |
---|
DAISUKE SUZUKI: "Glitch PUF o Mochiita Kagi Seisei", 2012 DAI 29 KAI SYMPOSIUM ON CRYPTOGRAPHY AND INFORMATION SECURITY GAIYOSHU [ CD-ROM ] 2012 NEN SYMPOSIUM ON CRYPTOGRAPHY AND INFORMATION SECURITY YOKOSHU, 30 January 2012 (2012-01-30), XP008179424 * |
DAISUKE SUZUKI; KOICHI SHIMIZU: "Proceedings of the 12th international conference on Cryptographic hardware and embedded systems", 2010, SPRINGER-VERLAG, article "The glitch puf: a new delay-puf architecture exploiting glitch shapes", pages: 366 - 382 |
Also Published As
Publication number | Publication date |
---|---|
JPWO2014091559A1 (ja) | 2017-01-05 |
EP2933944A4 (en) | 2016-08-17 |
US20150312047A1 (en) | 2015-10-29 |
EP2933944B1 (en) | 2017-09-20 |
EP2933944A1 (en) | 2015-10-21 |
KR20150093785A (ko) | 2015-08-18 |
US9722805B2 (en) | 2017-08-01 |
TWI484368B (zh) | 2015-05-11 |
CN104838617A (zh) | 2015-08-12 |
JP5863994B2 (ja) | 2016-02-17 |
KR101653121B1 (ko) | 2016-08-31 |
CN104838617B (zh) | 2018-01-02 |
TW201423476A (zh) | 2014-06-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5863994B2 (ja) | 統合セキュリティ装置および統合セキュリティ装置に用いられる信号処理方法 | |
US11856116B2 (en) | Method and apparatus for protecting embedded software | |
JP6354172B2 (ja) | 半導体集積回路及び認証システム | |
US8667265B1 (en) | Hardware device binding and mutual authentication | |
US8316235B2 (en) | Method and device for manipulation-proof transmission of data | |
KR101393806B1 (ko) | 다단계 물리적 복제 불가 함수 시스템 | |
CN111066077B (zh) | 加密装置、加密方法、解密装置以及解密方法 | |
JP6877889B2 (ja) | 暗号化装置、暗号化方法、復号化装置、及び復号化方法 | |
US20120093308A1 (en) | Apparatus and method for generating random data | |
CN110601822A (zh) | 一种基于量子保密通信技术的加密盲签名方法 | |
Hemavathy et al. | Arbiter PUF-a review of design, composition, and security aspects | |
KR101136973B1 (ko) | 통합 보안 장치 및 통합 보안 방법 | |
Nassar et al. | CaPUF: Cascaded PUF structure for machine learning resiliency | |
WO2019043921A1 (ja) | 暗号化装置、復号装置、暗号化方法、復号方法、暗号化プログラム及び復号プログラム | |
Roy et al. | Combining puf with rluts: a two-party pay-per-device ip licensing scheme on fpgas | |
Kamali et al. | Extru: A lightweight, fast, and secure expirable trust for the internet of things | |
Chhabra et al. | Towards the enhancement of AES IP security using hardware obfuscation technique: A practical approach for secure data transmission in IoT | |
KR101925787B1 (ko) | 폰 노이만 후처리시 난수 출력 신호의 연속성을 확보하기 위한 방법 및 장치 | |
KR101373576B1 (ko) | Des 암호화 시스템 | |
US20200389328A1 (en) | Electronic system capable of self-certification | |
Jasim et al. | Design and Implementation of AES-SHA Security Hardware using FPGA | |
Yaseen | 256 Bits Symmetric-key BLOCK CIPHER ALGORITHM | |
KR19990079634A (ko) | 이동통신의 인증 및 데이타 보호방법 및 그 장치 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 12889923 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2014551769 Country of ref document: JP Kind code of ref document: A |
|
REEP | Request for entry into the european phase |
Ref document number: 2012889923 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2012889923 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14651130 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 20157018156 Country of ref document: KR Kind code of ref document: A |