公开(公告)号：US20110033041A1

公开(公告)日：2011-02-10

申请号：US12850693

申请日：2010-08-05

Applicant: Meng-Day Yu ,  Srinivas Devadas

Inventor： Meng-Day Yu ,  Srinivas Devadas

IPC: H04L9/28 ,  G06F11/07

CPC classification number: G06F11/10 ,  H04L9/0662 ,  H04L9/3278 ,  H04L2209/34

Abstract: Outputs from at least one pseudo-random source are used to encode hidden value. The hidden value is encoded using index based quantities, for example, based on numerically ordering a sequence of outputs from pseudo-random source(s). In some examples, the numerical ordering of re-generated device-specific quantities is used to re-generate the hidden value, without necessarily requiring additional error correction mechanisms. Information leak may be reduced by constructing system whose “syndrome” helper bits are random, as measured, for example, by NIST's Statistical Tests for Randomness In some examples, index based coding provides coding gain that exponentially reduces total error correction code complexity, resulting in efficiently realizable PRS-based key generation systems. In some examples, index based coding allows noisy PRS to be robust across conditions where conventional error correction code cannot error correct.

Abstract translation: 来自至少一个伪随机源的输出用于对隐藏值进行编码。 隐藏值使用基于索引的量来编码，例如，基于从伪随机源的输出序列的数值排序。 在一些示例中，重新生成的设备特定量的数值排序用于重新生成隐藏值，而不需要额外的纠错机制。 信息泄漏可以通过构建其“综合征”辅助位是随机的系统来减少，例如，通过NIST的随机统计测试来测量。在一些示例中，基于索引的编码提供指数地降低总纠错码复杂度的编码增益，导致 有效实现的基于PRS的密钥生成系统。 在一些示例中，基于索引的编码允许有噪声的PRS在常规纠错码不能正确错误的情况下是稳健的。

公开(公告)号：US07839278B2

公开(公告)日：2010-11-23

申请号：US12485479

申请日：2009-06-16

Applicant: Srinivas Devadas ,  Thomas Ziola

Inventor： Srinivas Devadas ,  Thomas Ziola

IPC: G08B1/08

CPC classification number: H04L9/3278 ,  G06F21/31 ,  G06F21/445 ,  G06F21/602 ,  G06F21/76 ,  G06F2221/2129 ,  G11C7/24 ,  G11C16/20 ,  G11C16/22 ,  G11C2029/4402 ,  G11C2029/5002 ,  H04L9/0838 ,  H04L9/0877 ,  H04L9/304 ,  H04L2209/56 ,  H04L2209/603 ,  H04L2209/805

Abstract: A key is determined from a volatile response using circuitry on the device. The volatile response depend on process variation in fabrication of the device. Error control data that depends on the first volatile response can be computed, stored externally to the device, and then used to generate the key using a volatile response using the circuit. Applications of volatile keys include authentication and rights management for content and software.

Abstract translation: 使用设备上的电路从易失性响应中确定密钥。 挥发性响应取决于器件制造过程的变化。 可以计算取决于第一易失性响应的错误控制数据，存储在设备的外部，然后用于使用电路的易失性响应生成密钥。 易失性密钥的应用包括对内容和软件的认证和权限管理。

公开(公告)号：US07702927B2

公开(公告)日：2010-04-20

申请号：US11272995

申请日：2005-11-14

Applicant: Srinivas Devadas ,  Thomas J. Ziola

Inventor： Srinivas Devadas ,  Thomas J. Ziola

IPC: G06F12/14

CPC classification number: H04L9/3278 ,  G06F21/31 ,  G06F21/445 ,  G06F21/602 ,  G06F21/76 ,  G06F2221/2129 ,  G11C7/24 ,  G11C16/20 ,  G11C16/22 ,  G11C2029/4402 ,  G11C2029/5002 ,  H04L9/0838 ,  H04L9/0877 ,  H04L9/304 ,  H04L2209/56 ,  H04L2209/603 ,  H04L2209/805

Abstract: A field configurable device, such as an FPGA, supports secure field configuration without using non-volatile storage for cryptographic keys on the device and without requiring a continuous or ongoing power source to maintain a volatile storage on the device. The approach can be used to secure the configuration data such that it can in general be used on a single or a selected set of devices and/or encryption of the configuration data so that the encrypted configuration data can be exposed without compromising information encoded in the configuration data.

Abstract translation: 诸如FPGA的现场可配置设备支持安全的现场配置，而不需要在设备上使用非易失性存储器用于加密密钥，而不需要连续或正在进行的电源来维护设备上的易失性存储。 该方法可以用于保护配置数据，使得其通常可以在单个或所选择的设备集合上使用和/或配置数据的加密，使得加密的配置数据可以在不损害在 配置数据。

公开(公告)号：US20090158054A1

公开(公告)日：2009-06-18

申请号：US12335083

申请日：2008-12-15

Applicant: Marten Van Dijk ,  Jing Chen ,  Srinivas Devadas

Inventor： Marten Van Dijk ,  Jing Chen ,  Srinivas Devadas

IPC: G06F12/14 ,  G06F7/06 ,  G06F17/30

CPC classification number: G06F7/72 ,  H04L63/0442

Abstract: A method for processing one or more terms includes, at a first computation facility, computing an obfuscated numerical representation for each of the terms. The computed obfuscated representations are provided from the first facility to a second computation facility. A result of an arithmetic computation based on the provided obfuscated values is received at the first facility. This received result represents an obfuscation of a result of application of a first function to the terms. The received result is processed to determine the result of application of the first function to the terms.

Abstract translation: 一种用于处理一个或多个术语的方法包括在第一计算设施处计算每个术语的混淆数字表示。 所计算的混淆表示从第一设施提供给第二计算设施。 在第一设施处接收基于所提供的混淆值的算术运算的结果。 这个收到的结果表示对这个术语应用第一个功能的结果的混淆。 处理接收到的结果以确定第一个功能对该术语的应用结果。

公开(公告)号：US08811615B2

公开(公告)日：2014-08-19

申请号：US12850693

申请日：2010-08-05

Applicant: Meng-Day Yu ,  Srinivas Devadas

Inventor： Meng-Day Yu ,  Srinivas Devadas

IPC: H04L9/00

CPC classification number: G06F11/10 ,  H04L9/0662 ,  H04L9/3278 ,  H04L2209/34

Abstract: Outputs from at least one pseudo-random source are used to encode hidden value. The hidden value is encoded using index based quantities, for example, based on numerically ordering a sequence of outputs from pseudo-random source(s). In some examples, the numerical ordering of re-generated device-specific quantities is used to re-generate the hidden value, without necessarily requiring additional error correction mechanisms. Information leak may be reduced by constructing system whose “syndrome” helper bits are random, as measured, for example, by NIST's Statistical Tests for Randomness In some examples, index based coding provides coding gain that exponentially reduces total error correction code complexity, resulting in efficiently realizable PRS-based key generation systems. In some examples, index based coding allows noisy PRS to be robust across conditions where conventional error correction code cannot error correct.

Abstract translation: 来自至少一个伪随机源的输出用于对隐藏值进行编码。 隐藏值使用基于索引的量来编码，例如，基于从伪随机源的输出序列的数值排序。 在一些示例中，重新生成的设备特定量的数值排序用于重新生成隐藏值，而不需要额外的纠错机制。 信息泄漏可以通过构建其“综合征”辅助位是随机的系统来减少，例如，通过NIST的随机统计测试来测量。在一些示例中，基于索引的编码提供指数地降低总纠错码复杂度的编码增益，导致 有效实现的基于PRS的密钥生成系统。 在一些示例中，基于索引的编码允许有噪声的PRS在常规纠错码不能正确错误的情况下是稳健的。

公开(公告)号：US08762723B2

公开(公告)日：2014-06-24

申请号：US13543295

申请日：2012-07-06

Applicant: Meng-Day Yu ,  Srinivas Devadas ,  David M'Raihi ,  Eric Duprat

Inventor： Meng-Day Yu ,  Srinivas Devadas ,  David M'Raihi ,  Eric Duprat

IPC: G06F21/00

CPC classification number: H04L9/3278 ,  H04L9/0844 ,  H04L9/0866

Abstract: An approach to cryptographic security uses a “fuzzy” credential, in contrast to a “hard” credential, to eliminate cryptographic algorithmic repeatability on a device that may be subject to physical attacks. By eliminating repeatability performed at an algorithmic (e.g., gate or software) level, a device inherently lacks one of the fundamental setup assumptions associated with certain classes of side channel, fault injection, timing, and related attacks, thus helps to protect the system against such attacks while preserving the cryptographic security of the system.

Abstract translation: 加密安全性的方法使用“模糊”凭据，与“硬”证书相反，以消除可能遭受物理攻击的设备上的加密算法重复性。 通过消除在算法（例如门或软件）级别执行的重复性，设备固有地缺乏与某些类别的侧信道，故障注入，定时和相关攻击相关联的基本设置假设之一，从而有助于保护系统免受 这种攻击同时保留了系统的加密安全性。

公开(公告)号：US20120290845A1

公开(公告)日：2012-11-15

申请号：US13103451

申请日：2011-05-09

Applicant: William Henry Bares ,  Srinivas Devadas ,  Vivek Khandelwal ,  Zdenek Paral ,  Richard Sowell ,  Tonghang Zhou

Inventor： William Henry Bares ,  Srinivas Devadas ,  Vivek Khandelwal ,  Zdenek Paral ,  Richard Sowell ,  Tonghang Zhou

IPC: H04L9/32

CPC classification number: H04L9/3278 ,  H04L9/3247 ,  H04L2209/805

Abstract: A message is signed using a PUF without having to exactly regenerate a cryptographic key. Another party that shares information about the PUF is able to verify the signature to a high degree of accuracy (i.e., high probability of rejection of a forged signature and a low probably of false rejection of a true signature). In some examples, the information shared by a recipient of a message signature includes a parametric model of operational characteristics of the PUF used to form the signature.

Abstract translation: 使用PUF签名消息，而不必完全重新生成加密密钥。 共享关于PUF的信息的另一方能够以高精确度验证签名（即，拒绝伪造签名的可能性很高，并且可能是真正签名的错误拒绝）。 在一些示例中，消息签名的接收方共享的信息包括用于形成签名的PUF的操作特征的参数模型。

公开(公告)号：US20100272255A1

公开(公告)日：2010-10-28

申请号：US12763254

申请日：2010-04-20

Applicant: Srinivas Devadas ,  Thomas Ziola

Inventor： Srinivas Devadas ,  Thomas Ziola

IPC: G06F12/14 ,  H04L9/00 ,  G06F9/24

CPC classification number: H04L9/3278 ,  G06F21/31 ,  G06F21/445 ,  G06F21/602 ,  G06F21/76 ,  G06F2221/2129 ,  G11C7/24 ,  G11C16/20 ,  G11C16/22 ,  G11C2029/4402 ,  G11C2029/5002 ,  H04L9/0838 ,  H04L9/0877 ,  H04L9/304 ,  H04L2209/56 ,  H04L2209/603 ,  H04L2209/805

Abstract: A field configurable device, such as an FPGA, supports secure field configuration without using non-volatile storage for cryptographic keys on the device and without requiring a continuous or ongoing power source to maintain a volatile storage on the device. The approach can be used to secure the configuration data such that it can in general be used on a single or a selected set of devices and/or encryption of the configuration data so that the encrypted configuration data can be exposed without compromising information encoded in the configuration data.

Abstract translation: 诸如FPGA的现场可配置设备支持安全的现场配置，而不需要在设备上使用非易失性存储器用于加密密钥，而不需要连续或正在进行的电源来维护设备上的易失性存储。 该方法可以用于保护配置数据，使得其通常可以在单个或所选择的设备集合上使用和/或配置数据的加密，使得加密的配置数据可以在不损害在 配置数据。

公开(公告)号：US20090254981A1

公开(公告)日：2009-10-08

申请号：US12485479

申请日：2009-06-16

Applicant: Srinivas Devadas ,  Thomas Ziola

Inventor： Srinivas Devadas ,  Thomas Ziola

IPC: G06F21/00 ,  H04L9/06

CPC classification number: H04L9/3278 ,  G06F21/31 ,  G06F21/445 ,  G06F21/602 ,  G06F21/76 ,  G06F2221/2129 ,  G11C7/24 ,  G11C16/20 ,  G11C16/22 ,  G11C2029/4402 ,  G11C2029/5002 ,  H04L9/0838 ,  H04L9/0877 ,  H04L9/304 ,  H04L2209/56 ,  H04L2209/603 ,  H04L2209/805

Abstract: A key is determined from a volatile response using circuitry on the device. The volatile response depend on process variation in fabrication of the device. Error control data that depends on the first volatile response can be computed, stored externally to the device, and then used to generate the key using a volatile response using the circuit. Applications of volatile keys include authentication and rights management for content and software.

Abstract translation: 使用设备上的电路从易失性响应中确定密钥。 挥发性响应取决于器件制造过程的变化。 可以计算取决于第一易失性响应的错误控制数据，存储在设备的外部，然后用于使用电路的易失性响应生成密钥。 易失性密钥的应用包括对内容和软件的认证和权限管理。

公开(公告)号：US20070250938A1

公开(公告)日：2007-10-25

申请号：US11626639

申请日：2007-01-24

Applicant: Gookwon Suh ,  Srinivas Devadas

Inventor： Gookwon Suh ,  Srinivas Devadas

IPC: G08B29/00

CPC classification number: G06F21/31 ,  G06F21/73 ,  G06F2221/2129 ,  H04L9/0866 ,  H04L2209/12

Abstract: Subsets of multiple signal generator circuits embodied in a device are selected, and then a volatile value for the device is generated from the selected subsets. The volatile value may be used for authentication of the device and/or for cryptographic procedures performed on the device. The signal generator circuits may each comprise an oscillator circuit, and the selection of the subsets may be according to a comparison of the outputs of the subsets of circuits, for example, according to a comparison of output oscillation frequencies.

Abstract translation: 选择体现在设备中的多个信号发生器电路的子集，然后从所选择的子集产生装置的易失性值。 易失性值可以用于设备的认证和/或用于在设备上执行的密码过程。 信号发生器电路可以各自包括振荡器电路，并且子集的选择可以根据电路子集的输出的比较，例如根据输出振荡频率的比较。