WO2016031682A1 - デバイス固有情報の誤り率制御方法とデバイス固有情報の誤り率制御プログラム - Google Patents
デバイス固有情報の誤り率制御方法とデバイス固有情報の誤り率制御プログラム Download PDFInfo
- Publication number
- WO2016031682A1 WO2016031682A1 PCT/JP2015/073433 JP2015073433W WO2016031682A1 WO 2016031682 A1 WO2016031682 A1 WO 2016031682A1 JP 2015073433 W JP2015073433 W JP 2015073433W WO 2016031682 A1 WO2016031682 A1 WO 2016031682A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- responses
- input data
- error rate
- data
- natural number
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0751—Error or fault detection not based on redundancy
- G06F11/0754—Error or fault detection not based on redundancy by exceeding limits
- G06F11/076—Error or fault detection not based on redundancy by exceeding limits by exceeding a count or rate limit, e.g. word- or bit count limit
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0706—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment
- G06F11/0736—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment in functional embedded systems, i.e. in a data processing system designed as a combination of hardware and software dedicated to performing a certain function
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/079—Root cause analysis, i.e. error or fault diagnosis
-
- H—ELECTRICITY
- H03—ELECTRONIC CIRCUITRY
- H03K—PULSE TECHNIQUE
- H03K19/00—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits
- H03K19/003—Modifications for increasing the reliability for protection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/10—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols with particular housing, physical features or manual controls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Definitions
- the present invention relates to a technique for controlling the error rate of device specific information.
- Patent Document 1 discloses an authentication method using a challenge response for a plurality of physical tokens. Is disclosed.
- Patent Document 2 discloses a method of performing authentication by storing PUF aging information together.
- PUF is promising as a technology for generating device unique information (device ID) that is difficult to duplicate, but since the output includes a lot of noise due to process variations, when generating the unique information using the output of the PUF Some error rate will occur.
- the smaller the error rate the larger the required circuit scale and data size.
- the above error rate is generally set by the target application. For example, it is inherent in items that cannot be mistaken for fake, such as building entrance / exit cards and components of military equipment that require high security. Even if the information generation procedure is complicated and the data size is large, the error rate should be as small as possible.
- the present invention has been made to solve the above-described problems, and an object thereof is to provide a method and a program capable of controlling the error rate of device-specific information.
- the first step of storing in the storage means in advance and the ID of the physical replication difficult circuit and i input data are input to the storage means, and j ′ responses corresponding to the respective input data are input from the storage means.
- the “axis” means each component constituting the response.
- the three axes are the x-axis, the y-axis, and the z-axis (the same applies hereinafter).
- k 'subsets the most frequent value of each axis of the response within each subset (if there are multiple most frequent values, one of them) that axis of the response representing that subset K ′ responses are generated for each input data, j ′ responses are repeatedly concatenated, and k ′ responses are further concatenated (j ′ ⁇ k).
- the present invention includes a first step of initializing input data to the circuit that is difficult to replicate, and i (i is an arbitrary natural number) initial input data that is initialized.
- i i is an arbitrary natural number
- the j ′ responses for each input data obtained as the value of the axis of the response are stored in advance in the storage means in association with the ID of the physical replication difficult circuit and each input data corresponding thereto.
- Step 2 and the ID of the physical replication difficult circuit in the storage means Input i input data, read corresponding j ′ responses from the storage means, concatenate j ′ responses for each input data, and connect the concatenated data by repeating k ′ further (here Then, (j ′ ⁇ k ′) responses for each input data obtained by 0 ⁇ k ′ ⁇ k and k is an arbitrary natural number) are further connected for i different input data.
- (J ′ ⁇ k ′) responses are obtained by further concatenating j ′ responses obtained by repeatedly concatenating j ′ responses to k ′ responses, and i responses are further obtained.
- the present invention provides a first procedure for initializing input data to a physical replication difficulty circuit in a computer and i (i is an arbitrary natural number) initialized input data.
- j ′ responses for each input data obtained by associating the ID of the physical replication difficult circuit with each input data and storing them in the storage means in advance.
- a fifth procedure for determining whether or not the error rate of the combined output data is within a preset range is executed.
- the error rate is preset. If it is determined that it is not within the specified range In terms of changing the input data, to provide device-specific information of the error rate control program for causing repeated the procedure of the first to fall within the error rate set in advance to a fifth.
- the error rate of device specific information can be controlled.
- a PUF-mounted chip means a semiconductor integrated circuit incorporating a PUF, and the same applies to the following.
- the [1, 1, 1, k, k ′] mode is one of modes (hereinafter also referred to as “use mode”) used for authenticating the PUF-mounted chip, as shown in FIG.
- use mode one input data (challenge) is input to the PUF-mounted chip IC, and the obtained one output data (response) is registered in the database DB.
- k is a natural number greater than or equal to 2).
- the database DB may be another means for storing the response output from the PUF-mounted chip IC, such as a hard disk or a memory circuit, and the same applies to the following embodiments.
- FIG. 1 is a flowchart showing a method for determining the authenticity of a PUF-mounted chip in the [1, 1, 1, k, k ′] mode according to an embodiment of the present invention.
- step S1 as shown in FIG. 2, one challenge is input to the PUF-mounted chip IC, and one response to the challenge is associated with the input challenge and the ID of the PUF-mounted chip IC. Register with.
- step S2 the ID registered in step S1 and one challenge are input to the database DB.
- step S1 the ID registered in step S1 and one challenge are input to the database DB.
- step S1 a list of challenges registered in advance in association with the ID is acquired from the database DB or the like, and one challenge is selected from the list to select the DB You may make it input into.
- step S3 the first reference data is generated by reading one response corresponding to one challenge input in step S2 from the database DB and repeating k 'connections.
- step S4 the above challenge is input k times into the PUF-mounted chip IC, and the obtained k responses are processed as they are or are processed into k ′ (specifically, for example, for example, Responses that divide k into k 'subsets, and represent the most frequent values (if there are multiple most frequent values) for each axis of the response within each subset. And generating the first composite output data by concatenating them together.
- the “axis” means each component constituting the response. For example, in a response having three components, the three axes are the x-axis, the y-axis, and the z-axis (the same applies hereinafter).
- step S5 it is determined whether or not the first combined output data is similar to the first reference data (specifically, whether or not the Hamming distance between them is equal to or less than a threshold value), If it is determined to be similar, the process proceeds to step S6, where it is determined that the PUF-mounted chip IC is genuine, and if it is determined not to be similar, the process proceeds to step S7, where the PUF-mounted chip IC is determined. Is determined to be fake.
- the error rate in the determination in step S5 can be controlled by changing the values of k and k ′.
- the first synthesized output data and the first reference data generated by the method as described above can be used as an encryption key and original data for generating it.
- the [1, j, j ′, 1, 1] mode means that the same input data (challenge) is applied j times to the PUF-mounted chip IC (this embodiment).
- J is a natural number equal to or greater than 2.
- FIG. 3 is a flowchart showing a method for determining the authenticity of a PUF-mounted chip in the [1, j, j ′, 1, 1] mode according to an embodiment of the present invention.
- step S2 the ID and 1 challenge of the PUF-mounted chip IC registered in step S1 are input to the database DB.
- the ID of the chip IC with the PUF is once entered into the DB, a list of challenges registered in advance in association with the ID is obtained from the database DB, etc., and one challenge selected from the list is entered into the DB. It may be.
- step S3 j ′ responses corresponding to one challenge input in step S2 are read from the database DB and connected to generate second reference data.
- step S4 the above-described one challenge is input to the PUF-mounted chip IC, and j ′ times of the obtained one response are repeatedly connected to generate second synthesized output data.
- step S5 it is determined whether or not the second combined output data is similar to the second reference data (specifically, the hamming distance between them is equal to or less than a threshold value). If it is determined that the PUF-mounted chip IC is genuine, the PUF-mounted chip IC is determined to be genuine, and if it is determined that it is not similar, the process proceeds to step S7 where the PUF-mounted chip IC is imitation. It is judged that.
- the error rate in the determination in step S5 can be controlled by changing the values of j and j '.
- the time required for the determination can be shortened.
- the second synthesized output data and the second reference data generated by the above method can be used as an encryption key and its original data.
- j ′ responses need to be registered in the database DB, and these j ′ responses are compressed into information indicating different portions. If the database is stored in the database DB, the necessary scale of the database DB can be reduced.
- FIG. 5 is a flowchart showing a method for determining the authenticity of a chip equipped with a PUF in the [1, j, j ′, k, k ′] mode according to the embodiment of the present invention.
- j is divided into j ′ subsets, and the most frequent value of each axis of the response within each subset (if there are multiple most frequent values, one of them)
- the value of the axis of the response representing the subset is registered in the database DB in association with the input challenge and the ID of the PUF-mounted chip IC.
- step S2 the ID of the above-mentioned PUF-mounted chip IC and one challenge registered in step S1 are input to the database DB.
- the ID of the chip IC with the PUF is input to the DB
- a list of challenges registered in advance in association with the ID is acquired from the database DB or the like, and one challenge is input from the list to the DB. May be.
- step S3 j ′ responses corresponding to one challenge input in step S2 are read from the database DB and concatenated, and the concatenated data is further concatenated k ′ repeatedly to obtain (j ′ ⁇ k ') Generate third reference data composed of responses.
- step S4 the above challenge is input k times into the PUF-mounted chip IC, and the obtained k response is processed as it is, or k ′ pieces (specifically, for example, k pieces). Is divided into k 'subsets, and the most frequent value of each axis of the response within each subset (if there are multiple most frequent values, one of them) of the response representing that subset (K axis value)) k ′ responses obtained by repetitively linking them, and further k ′ linking them, thereby comprising (k ′ ⁇ j ′) responses. 3 composite output data is generated.
- step S5 it is determined whether or not the third combined output data is similar to the third reference data (specifically, both hamming distances are equal to or smaller than a threshold value). If it is determined that the PUF-mounted chip IC is genuine, the PUF-mounted chip IC is determined to be genuine, and if it is determined that it is not similar, the process proceeds to step S7 where the PUF-mounted chip IC is imitation. It is judged that.
- the error rate in the determination in step S5 can be controlled by changing the values of j, j ′, k, and k ′. .
- the error rate can be changed by independently setting the j, j ', k, and k' as the four parameters, the error rate can be controlled with higher accuracy.
- the third synthesized output data and the third reference data generated by the method as described above can be used as an encryption key and original data for generating it.
- j ′ responses need to be registered in the database DB, and these j ′ responses are compressed into information indicating different portions. If the database is stored in the database DB, the necessary scale of the database DB can be reduced.
- the [i, j, j ′, k, k ′] mode refers to i different input data (i is a natural number of 2 or more in the present embodiment) for the PUF-mounted chip IC.
- k responses from the above-mentioned PUF-mounted chip IC (this embodiment) In the form, k is a natural number of 2 or more.) Means.
- FIG. 6 is a flowchart showing a method for determining the authenticity of a chip equipped with a PUF in the [i, j, j ′, k, k ′] mode according to the embodiment of the present invention.
- step S2 the ID registered in step S1 and i challenges are input to the database DB. It is to be noted that once the ID is entered into the database DB, a list of challenges registered in advance in association with the ID is obtained from the database DB, etc., i challenges are selected from the list and entered into the DB. Also good.
- step S3 j ′ responses corresponding to the i challenges input in step S2 are read from the database DB and linked, and the linked data are further linked k ′ times and obtained.
- Generate fourth reference data consisting of (i ⁇ j ′ ⁇ k ′) responses obtained by concatenating (j ′ ⁇ k ′) responses for each challenge for i different challenges. .
- step S5 it is determined whether or not the fourth combined output data is similar to the fourth reference data (specifically, the hamming distance between them is equal to or less than a threshold value). If it is determined that the PUF-mounted chip IC is genuine, the PUF-mounted chip IC is determined to be genuine, and if it is determined that it is not similar, the process proceeds to step S7 where the PUF-mounted chip IC is imitation. It is judged that.
- the error rate in the determination in step S5 is controlled by changing the values of i, j, j ′, k, and k ′. Can do.
- the error rate can be controlled with higher accuracy.
- the fourth composite output data generated by this method can be used as an encryption key or original data for generating it.
- step S1 an initial mode [i 0 , j 0 , j ′ 0 , k 0 , k ′ 0 ] is provisionally set as a usage mode.
- step S2 the error rate is measured in the set use mode.
- step S3 it is determined whether or not the error rate measured in step S2 is within a desired range. If it is determined that it is within the desired range, the process proceeds to step S4 to determine the usage mode, and if it is determined that it is not within the desired range, a new usage mode is set in step S5 to set step S2. Return to.
- the error rate can be controlled by arbitrarily setting i, j, j ', k, and k', but the error rate can also be controlled by changing the challenge.
- step S1 initial input data C0 is provisionally set as one challenge.
- step S2 the error rate is measured in the set mode using the set input data.
- step S3 it is determined whether or not the error rate measured in step S2 is within a desired range. If it is determined that it is within the desired range, the process proceeds to step S4 to confirm the challenge (input data), and if it is determined that it is not within the desired range, new input data is set in step S5. To return to step S2.
- the device-specific information error rate control method according to the embodiment of the present invention as described above can be applied to the following application fields.
- the authentication error rate can be controlled even after the chip is manufactured. Therefore, the authentication error rate is changed according to the aging of the chip. It is also possible. Further, the error rate can be dynamically changed according to the use of the chip or the like while using the PUF of the same standard.
- RFID radio frequency identifier
- the device-specific information error rate control method described above describes the algorithm shown in FIGS. 1, 3, 5 to 8 in the computer program, and describes the program (device-specific information error rate). It is also realized by causing a computer to execute a control program.
- the error rate can be controlled after manufacturing the chip. Therefore, it is not necessary to individually design and manufacture the chip having the target error rate.
Abstract
Description
なお、上記において「軸」とは、上記レスポンスを構成する各成分を意味し、例えば3成分を有するレスポンスにおいては、x軸、y軸、及びz軸の3軸となる(以下同じ)。
そして、それらをi個の入力データ分についてさらに連結して(i×j’ ×k’)個分のレスポンスを得ることにより基準データを生成する第2のステップと、上記物理複製困難回路にi個の入力データをそれぞれk回入力して、i個の各々に対して得られたk個のレスポンスをk’=kとしてそのまま、あるいはk’個に加工(具体的には、例えばk個をk’個の部分集合に分割し、各部分集合内でレスポンスの各軸の値の最頻出値(最頻出値が複数ある場合にはそのいずれか)をその部分集合を代表するレスポンスのその軸の値と)して、各入力データにつきk’個のレスポンスを生成し、その各レスポンスをj’個繰り返し連結し、j‘個のレスポンスをさらにk’個連結することにより(j’×k’)個分のレスポンスを得て、さらにそれをi個連結することにより(i×j’×k’)個分のレスポンスを得ることによって合成出力データを生成する第3のステップと、合成出力データが基準データと同一の範囲にあるか否かを判定する第4のステップと、第4のステップにおける判定の結果、合成出力データの誤り率が予め設定した範囲内であるか否かを判断する第5のステップとを有し、第5のステップにおいて、誤り率が予め設定した範囲内にないと判断された場合には、i、j、j’、k、k’のうち少なくとも一つを変更した上で、誤り率が予め設定した範囲内に入るまで第1から第5までのステップを繰り返すデバイス固有情報の誤り率制御方法を提供する。
本発明に係るデバイス固有情報の誤り率制御方法の具体例として、第1から第4の実施の形態に係るPUF搭載チップの真贋判定方法について詳しく説明する。
図1及び図2を用いて、第1の実施の形態に係る[1,1,1,k,k’]モードによるPUF搭載チップの真贋判定方法を詳しく説明する。
なお、上記データベースDBは、PUF搭載チップICから出力されたレスポンスを記憶する他の手段、例えばハードディスクやメモリ回路等であってもよく、以下の実施の形態においても同様である。
まずステップS1において、図2に示されるように、上記PUF搭載チップICへ1つのチャレンジを入力し、それに対する1つのレスポンスを、入力したチャレンジおよび上記PUF搭載チップICのIDと対応させてデータベースDBに登録する。
なお、上記において「軸」とは、上記レスポンスを構成する各成分を意味し、例えば3成分を有するレスポンスにおいては、x軸、y軸、及びz軸の3軸となる(以下同じ)。
図3及び図4を用いて、第2の実施の形態に係る[1,j,j’,1,1]モードによるPUF搭載チップの真贋判定方法を詳しく説明する。
図5を用いて、第3の実施の形態に係る[1,j,j’,k,k’]モードによるPUF搭載チップの真贋判定方法を詳しく説明する。
図6を用いて、第4の実施の形態に係る[i,j,j’,k,k’]モードによるPUF搭載チップの真贋判定方法を詳しく説明する。
DB データベース
Claims (8)
- i個(iは任意の自然数)の入力データを物理複製困難回路にそれぞれj回(jは任意の自然数)入力し、j個のレスポンスをj’個(j’は任意の自然数で、0<j’≦j)に加工し、各々の前記入力データと対応付けて予め記憶手段に記憶させる第1のステップと、
前記記憶手段に前記i個の入力データを入力して、それぞれ対応する前記j’個のレスポンスを前記記憶手段から読み出して各入力データに対して得られたj’個のレスポンスを連結し、連結したデータをさらにk’個繰り返して連結(k’は任意の自然数で0<k’≦k。但し、kは任意の自然数。なお、kは、前記i及び前記jが共に1のとき2以上となる。)し、得られたデータをさらに入力データの異なるi個分について連結することによって基準データを生成する第2のステップと、
前記物理複製困難回路に前記i個の入力データを各入力データにつきk回入力して、得られたk個のレスポンスをk’個に加工して得られたk’個の各レスポンスをj’回繰り返して連結し、さらにそのj’個分のレスポンスを全てのk’について連結し各入力データにつき(j’×k’)個分のレスポンスを得て、さらに各入力データにつき(j’×k’)個分のレスポンスを異なる入力データに対しても連結し(i×j’×k’)個分のレスポンスから成る合成出力データを生成する第3のステップと、
前記合成出力データが前記基準データと同一の範囲にあるか否かを判定する第4のステップと、
前記第4のステップにおける前記判定の結果、前記合成出力データの誤り率が予め設定した範囲内であるか否かを判断する第5のステップとを有し、
前記第5のステップにおいて、前記誤り率が前記予め設定した範囲内にないと判断された場合には、前記i、j、j’、k、k’のうち少なくとも一つを変更した上で、前記誤り率が前記予め設定した範囲内に入るまで前記第1から第5までのステップを繰り返すデバイス固有情報の誤り率制御方法。 - 前記第1のステップでは、前記j’が2以上の自然数である場合には、j’個のレスポンスを相互に相違する部分を示す情報に圧縮して前記記憶手段に記憶させる、請求項1に記載のデバイス固有情報の誤り率制御方法。
- 前記i、j、kのうちいずれか一つ若しくは二つのみが定数1である、請求項1又は2に記載のデバイス固有情報の誤り率制御方法。
- 物理複製困難回路への入力データを初期設定する第1のステップと、
i個(iは任意の自然数)の初期設定された前記入力データを前記物理複製困難回路にそれぞれj回(jは任意の自然数)入力し、j個のレスポンスをj’個(j’は任意の自然数で、0<j’≦j)に加工し、各々の前記入力データと対応付けて予め記憶手段に記憶させる第2のステップと、
前記記憶手段に前記i個の入力データを入力して、それぞれ対応する前記j’個のレスポンスを前記記憶手段から読み出して各入力データにつきj’個のレスポンスを連結し、連結したデータをさらにk’個繰り返し連結(k’は任意の自然数で、0<k’≦k。但し、kは任意の自然数。なお、kは、前記i及び前記jが共に1のとき2以上となる。)し各入力データにつき連結された(j’×k’)個分のレスポンスを得て、さらに、得られた前記レスポンスを異なる入力データについても連結することにより(i×j’×k’)個分の連結されたレスポンスを得ることによって基準データを生成する第3のステップと、
前記物理複製困難回路に前記i個の入力データを各入力データにつきk回入力して得られたk個のレスポンスをk’個に加工して得られたk’個のレスポンスを、各レスポンスにつきj’回繰り返して連結し、それをさらに全てのk’に対して連結した(j’×k’)個分の連結レスポンスを、さらに異なる入力データに対しても連結した(i×j’×k’)個分の連結レスポンスを得ることによって合成出力データを生成する第4のステップと、
前記合成出力データが前記基準データと同一の範囲にあるか否かを判定する第5のステップと、
前記第5のステップにおける前記判定の結果、前記合成出力データの誤り率が予め設定した範囲内であるか否かを判断する第6のステップとを有し、
前記第6のステップにおいて、前記誤り率が前記予め設定した範囲内にないと判断された場合には、前記入力データを変更した上で、前記誤り率が前記予め設定した範囲内に入るまで前記第1から第6までのステップを繰り返すデバイス固有情報の誤り率制御方法。 - コンピュータに、
i個(iは任意の自然数)の入力データを物理複製困難回路にそれぞれj回(jは任意の自然数)入力して、j個のレスポンスをj’個(j’は任意の自然数で、0<j’≦j)に加工し、各々の前記入力データと対応付けて予め記憶手段に記憶する第1の手順と、
前記記憶手段に前記i個の入力データを入力し、それぞれ対応する前記j’個のレスポンスを前記記憶手段から読み出し、各入力データにつきj’個のレスポンスを連結し、連結したデータをさらにk’個繰り返し連結(k’は任意の自然数で、0<k’≦k。但し、kは任意の自然数。なお、kは、前記i及び前記jが共に1のときは2以上となる。)し、各入力データにつき連結された(j’×k’)個分のレスポンスを得て、さらに、得られた前記レスポンスを異なる入力データについても連結することにより(i×j’×k’)個分の連結されたレスポンスを得ることによって基準データを生成する第2の手順と、
前記物理複製困難回路に前記i個の入力データを各入力データにつきk回入力し、得られたk個のレスポンスをk’個に加工して得られたk’個のレスポンスを、各レスポンスにつきj’回繰り返して連結し、それをさらに全てのk’に対して連結した(j’×k’)個分の連結レスポンスを、さらに異なる入力データに対しても連結した(i×j’×k’)個分の連結レスポンスを得ることによって合成出力データを生成する第3の手順と、
前記合成出力データが前記基準データと同一の範囲にあるか否かを判定する第4の手順と、
前記第4の手順における前記判定の結果、前記合成出力データの誤り率が予め設定した範囲内であるか否かを判断する第5の手順とを実行させ、
前記第5の手順において、前記誤り率が前記予め設定した範囲内にないと判断された場合には、前記i、j、j’、k、k’のうち少なくとも一つを変更した上で、前記誤り率が前記予め設定した範囲内に入るまで前記第1から第5までの手順を繰り返させるためのデバイス固有情報の誤り率制御プログラム。 - 前記第1の手順では、前記j’が2以上の自然数である場合には、j’個のレスポンスを相互に相違する部分を示す情報に圧縮して前記記憶手段に記憶する、請求項5に記載のデバイス固有情報の誤り率制御プログラム。
- 前記i、j、kのうちいずれか一つ若しくは二つのみが定数1である、請求項5又は6に記載のデバイス固有情報の誤り率制御プログラム。
- コンピュータに、
物理複製困難回路への入力データを初期設定する第1の手順と、
i個(iは任意の自然数)の初期設定された前記入力データを前記物理複製困難回路にそれぞれj回(jは任意の自然数)入力し、j個のレスポンスをj’個(j’は任意の自然数で、0<j’≦j)に加工し、各々の前記入力データと対応付けて予め記憶手段に記憶させる第2の手順と、
前記記憶手段に前記i個の入力データを入力して、それぞれ対応する前記j’個のレスポンスを前記記憶手段から読み出し、各入力データにつきj’個のレスポンスを連結し、連結したデータをさらにk’個繰り返し連結(k’は任意の自然数で、0<k’≦k。但し、kは任意の自然数。なお、前記i及び前記jが共に1のときは2以上となる。)し、各入力データにつき連結された(j’×k’)個分のレスポンスを得て、さらに、得られた前記レスポンスを異なる入力データについても連結することにより(i×j’×k’)個分の連結されたレスポンスを得ることによって基準データを生成する第3の手順と、
前記物理複製困難回路に前記i個の入力データを各入力データにつきk回入力して、得られたk個のレスポンスをk’個に加工して得られたk’個のレスポンスを、各レスポンスにつきj’回繰り返して連結し、それをさらに全てのk’に対して連結した(j’×k’)個分の連結レスポンスを、さらに異なる入力データに対しても連結した(i×j’×k’)個分の連結レスポンスを得ることによって合成出力データを生成する第4の手順と、
前記合成出力データが前記基準データと同一の範囲にあるか否かを判定する第5の手順と、
前記第5の手順における前記判定の結果、前記合成出力データの誤り率が予め設定した範囲内であるか否かを判断する第6の手順とを実行させ、
前記第6の手順において、前記誤り率が前記予め設定した範囲内にないと判断された場合には、前記入力データを変更した上で、前記誤り率が前記予め設定した範囲内に入るまで前記第1から第6までの手順を繰り返させるためのデバイス固有情報の誤り率制御プログラム。
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/507,105 US10402248B2 (en) | 2014-08-29 | 2015-08-20 | Method for controlling error rate of device-specific information and program for controlling error rate of device-specific information |
KR1020177005552A KR101956487B1 (ko) | 2014-08-29 | 2015-08-20 | 디바이스 고유 정보의 에러율 제어 방법과 디바이스 고유 정보의 에러율 제어 프로그램 |
CN201580045333.9A CN106576040B (zh) | 2014-08-29 | 2015-08-20 | 设备固有信息的错误率控制方法 |
EP15835986.9A EP3188403B1 (en) | 2014-08-29 | 2015-08-20 | Method for controlling error rate of device-specific information, and program for controlling error rate of device-specific information |
JP2016545474A JP6445570B2 (ja) | 2014-08-29 | 2015-08-20 | デバイス固有情報の誤り率制御方法とデバイス固有情報の誤り率制御プログラム |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2014-175824 | 2014-08-29 | ||
JP2014175824 | 2014-08-29 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2016031682A1 true WO2016031682A1 (ja) | 2016-03-03 |
Family
ID=55399575
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2015/073433 WO2016031682A1 (ja) | 2014-08-29 | 2015-08-20 | デバイス固有情報の誤り率制御方法とデバイス固有情報の誤り率制御プログラム |
Country Status (6)
Country | Link |
---|---|
US (1) | US10402248B2 (ja) |
EP (1) | EP3188403B1 (ja) |
JP (1) | JP6445570B2 (ja) |
KR (1) | KR101956487B1 (ja) |
CN (1) | CN106576040B (ja) |
WO (1) | WO2016031682A1 (ja) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2018046341A (ja) * | 2016-09-12 | 2018-03-22 | 株式会社東芝 | 認証サーバ、認証システムおよび認証方法 |
US11283632B2 (en) | 2017-12-28 | 2022-03-22 | Mitsubishi Heavy Industries, Ltd. | Integrated circuit, control device, information distribution method, and information distribution system |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017021254A1 (en) * | 2015-08-06 | 2017-02-09 | Intrinsic Id B.V | Cryptographic device having physical unclonable function |
JP7036709B2 (ja) | 2018-12-26 | 2022-03-15 | 日鉄テックスエンジ株式会社 | 交換システム |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2326043A1 (en) * | 2009-11-18 | 2011-05-25 | Irdeto Access B.V. | Preventing cloning of receivers of encrypted messages |
US20140201851A1 (en) * | 2013-01-16 | 2014-07-17 | Qualcomm Incorporated | Method and apparatus for using dynamic voltage and frequency scaling with circuit-delay based integrated circuit identification |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1888735B1 (en) | 2005-05-26 | 2013-08-07 | Advanced Technology Materials, Inc. | Copper passivating post-chemical mechanical polishing cleaning composition and method of use |
ATE426968T1 (de) | 2005-11-29 | 2009-04-15 | Koninkl Philips Electronics Nv | Physisches verteilen von geheimnissen und beweisen der nahe unter verwendung von pufs |
EP2008395A2 (en) * | 2006-04-11 | 2008-12-31 | Koninklijke Philips Electronics N.V. | Attack detection with coating puf |
US20110215829A1 (en) | 2007-08-22 | 2011-09-08 | Intrinsic Id B.V. | Identification of devices using physically unclonable functions |
US8468186B2 (en) * | 2009-08-05 | 2013-06-18 | Verayo, Inc. | Combination of values from a pseudo-random source |
US8694778B2 (en) | 2010-11-19 | 2014-04-08 | Nxp B.V. | Enrollment of physically unclonable functions |
WO2015027070A1 (en) * | 2013-08-21 | 2015-02-26 | Carnegie Mellon University | Reliability of physical unclonable function circuits |
US9992031B2 (en) * | 2013-09-27 | 2018-06-05 | Intel Corporation | Dark bits to reduce physically unclonable function error rates |
CN103544410B (zh) * | 2013-09-30 | 2016-02-24 | 华中科技大学 | 一种嵌入式微处理器非可克隆函数密钥认证系统和方法 |
KR101593166B1 (ko) * | 2014-06-02 | 2016-02-15 | 한국전자통신연구원 | 물리적 복제 방지 함수의 오류를 방지하는 장치 및 그 방법 |
-
2015
- 2015-08-20 JP JP2016545474A patent/JP6445570B2/ja active Active
- 2015-08-20 EP EP15835986.9A patent/EP3188403B1/en active Active
- 2015-08-20 CN CN201580045333.9A patent/CN106576040B/zh active Active
- 2015-08-20 WO PCT/JP2015/073433 patent/WO2016031682A1/ja active Application Filing
- 2015-08-20 US US15/507,105 patent/US10402248B2/en active Active
- 2015-08-20 KR KR1020177005552A patent/KR101956487B1/ko active IP Right Grant
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2326043A1 (en) * | 2009-11-18 | 2011-05-25 | Irdeto Access B.V. | Preventing cloning of receivers of encrypted messages |
US20140201851A1 (en) * | 2013-01-16 | 2014-07-17 | Qualcomm Incorporated | Method and apparatus for using dynamic voltage and frequency scaling with circuit-delay based integrated circuit identification |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2018046341A (ja) * | 2016-09-12 | 2018-03-22 | 株式会社東芝 | 認証サーバ、認証システムおよび認証方法 |
US11283632B2 (en) | 2017-12-28 | 2022-03-22 | Mitsubishi Heavy Industries, Ltd. | Integrated circuit, control device, information distribution method, and information distribution system |
Also Published As
Publication number | Publication date |
---|---|
KR20170040294A (ko) | 2017-04-12 |
US10402248B2 (en) | 2019-09-03 |
EP3188403B1 (en) | 2021-10-06 |
CN106576040B (zh) | 2020-05-12 |
US20170255503A1 (en) | 2017-09-07 |
JP6445570B2 (ja) | 2018-12-26 |
JPWO2016031682A1 (ja) | 2017-05-25 |
CN106576040A (zh) | 2017-04-19 |
EP3188403A4 (en) | 2018-04-04 |
KR101956487B1 (ko) | 2019-03-08 |
EP3188403A1 (en) | 2017-07-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Islam et al. | Enabling ic traceability via blockchain pegged to embedded puf | |
EP3449452B1 (en) | Implementing logic gate functionality using a blockchain | |
US8782396B2 (en) | Authentication with physical unclonable functions | |
Maes et al. | Physically unclonable functions: A study on the state of the art and future research directions | |
JP6445570B2 (ja) | デバイス固有情報の誤り率制御方法とデバイス固有情報の誤り率制御プログラム | |
EP2999156B1 (en) | Device authenticity determination system and device authenticity determination method | |
CN107113553A (zh) | 统一近场通信基础架构的安全协议 | |
JPWO2012001796A1 (ja) | 個体別情報生成装置及び個体別情報生成方法 | |
WO2013088939A1 (ja) | 識別情報生成装置及び識別情報生成方法 | |
CN107453874A (zh) | 数字印章及其生成方法、服务请求和提供方法和电子设备 | |
CN114629660B (zh) | 一种基于区块链的匿名可信投票方法、装置及相关设备 | |
CN114365134A (zh) | 使用不可克隆函数的安全身份证 | |
US8904508B2 (en) | System and method for real time secure image based key generation using partial polygons assembled into a master composite image | |
CN104598805A (zh) | 密码验证的方法、密码验证系统、控制器 | |
US11863689B1 (en) | Security settlement using group signatures | |
US20190073462A1 (en) | Methods for authenticating a user, input devices, and computer-readable media | |
US20220131684A1 (en) | Hash algorithm method, hash algorithm circuit, and electronic device | |
KR102191803B1 (ko) | 블록체인에 의한 행위정보 증명 방법 | |
CN110288746A (zh) | 一种尾箱柜的动态密码生成和验证方法 | |
RU2809976C2 (ru) | Способы и системы для основанной на токенах привязки физических объектов в среде распределенного реестра | |
KR102196347B1 (ko) | 전자 결제 시스템 및 그 동작 방법 | |
Bu et al. | Weighted group decision making using multi-identity physical unclonable functions | |
US20240119466A1 (en) | Authentication and Identification of Products | |
CN117296295A (zh) | 钱包应用程序实例化、用于使用puf设备对区块链事务进行签名的密钥导出 | |
Talamo et al. | Simulation based verification of concurrent processing on security devices |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 15835986 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2016545474 Country of ref document: JP Kind code of ref document: A |
|
REEP | Request for entry into the european phase |
Ref document number: 2015835986 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2015835986 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 20177005552 Country of ref document: KR Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 15507105 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |