公开(公告)号：US09407434B2

公开(公告)日：2016-08-02

申请号：US14759417

申请日：2013-07-10

Applicant: Cisco Technology, Inc.

Inventor： Michael Kara-Ivanov ,  Aviad Kipnis ,  Tzachy Reinman ,  Efraim Mangell ,  Erez Waisbard ,  Yaacov Belenky

IPC: H04L9/08

CPC classification number: H04L9/0861 ,  H04L9/0869

Abstract: A method, system and apparatus for deriving a secondary secret from a root secret are described, the method, system and apparatus including reserving a memory buffer included in an integrated circuit, the memory buffer being large enough to contain all of the bits which will include the secondary secret, receiving a plurality of bits from a root secret, the root secret being stored in a secure memory of the integrated circuit, inputting the plurality of bits from the root secret and at least one control bit into a permutation network, and thereby producing a multiplicity of output bits, the at least one control bit including one of one bit of a value g, and one bit an output of a function which receives g as an input, receiving the multiplicity of output bits from the permutation network, inputting the multiplicity of output bits from the permutation network into a plurality of logic gates, thereby combining the multiplicity of output bits, wherein a fixed number of bits is output from the logic gates, inputting the fixed number of bits output by the logic gates into an error correcting code module, the fixed number of bits output by the logic gates including a first group of intermediate output bits and a second group of intermediate output bits and receiving output bits from the error correcting code module, the output bits of the error correcting code module including the first group of intermediate output bits as changed by the error correcting code module, where the change depends on the second group of intermediate output bits, filling non-filled registers in the reserved memory buffer with the first group of intermediate output bits as changed by the error correcting code module, and repeating the steps of “receiving a plurality of bits from a root secret” through “filling non-filled registers in the reserved memory buffer” until the entire secondary secret is derived, wherein the steps of “receiving a plurality of bits from a root secret” through “filling non-filled registers in the reserved memory buffer” are performed in a single clock cycle of the integrated circuit. Related apparatus, methods and systems are also described.

公开(公告)号：US10176882B1

公开(公告)日：2019-01-08

申请号：US15636778

申请日：2017-06-29

Applicant: Cisco Technology, Inc.

Inventor： Tzachy Reinman ,  Tsion Shamay ,  Yair Fodor

IPC: G11C17/00 ,  G11C17/16 ,  G11C17/18 ,  H01L27/112 ,  G11C16/10 ,  G11C16/26 ,  G11C7/12

Abstract: In one embodiment, an apparatus includes a non-volatile memory, a one-time programmable (OTP) memory, and a processor operative to write data values to the non-volatile memory and then initiate programming of a first bit of the OTP memory, the first bit being associated with locking the non-volatile memory from further data being written thereto, and after the non-volatile memory has been locked from further data being written thereto, initiate programming of the second bit of the OTP memory in order to lock the non-volatile memory from further data being erased therefrom.