公开(公告)号：US09697359B2

公开(公告)日：2017-07-04

申请号：US14687783

申请日：2015-04-15

Applicant: QUALCOMM Incorporated

Inventor： Alexander Gantman ,  David Merrill Jacobson

IPC: G06F21/57 ,  G06F21/44 ,  G06F21/51 ,  G06F21/64 ,  H04L9/32

CPC classification number: G06F21/572 ,  G06F21/44 ,  G06F21/51 ,  G06F21/575 ,  G06F21/64 ,  G06F2221/033 ,  H04L9/3242 ,  H04L9/3247

Abstract: A first time software is loaded for execution by a device, the software stored in non-secure storage is authenticated. Authenticating the software may involve a cryptographic operation over the software and a digital signature of the software. A verification tag may be generated for the software if authentication of the software is successful, the verification tag based on the software and at least a device-specific secret data. The verification tag may be stored within the device. Each subsequent time the software is loaded for execution it may be verified (not authenticated) by using the verification tag to confirm that the software being loaded is the same as the one used to generate the verification tag while avoiding authentication of the software.

公开(公告)号：US20160306976A1

公开(公告)日：2016-10-20

申请号：US14687783

申请日：2015-04-15

Applicant: QUALCOMM Incorporated

Inventor： Alexander Gantman ,  David Merrill Jacobson

IPC: G06F21/57 ,  G06F21/51 ,  H04L9/32 ,  G06F21/44

CPC classification number: G06F21/572 ,  G06F21/44 ,  G06F21/51 ,  G06F21/575 ,  G06F21/64 ,  G06F2221/033 ,  H04L9/3242 ,  H04L9/3247

Abstract: A first time software is loaded for execution by a device, the software stored in non-secure storage is authenticated. Authenticating the software may involve a cryptographic operation over the software and a digital signature of the software. A verification tag may be generated for the software if authentication of the software is successful, the verification tag based on the software and at least a device-specific secret data. The verification tag may be stored within the device. Each subsequent time the software is loaded for execution it may be verified (not authenticated) by using the verification tag to confirm that the software being loaded is the same as the one used to generate the verification tag while avoiding authentication of the software.

Abstract translation: 第一个软件被加载以由设备执行，存储在非安全存储器中的软件被认证。 验证软件可能涉及对软件的加密操作和软件的数字签名。 如果软件的认证成功，则可以为软件生成验证标签，基于软件的验证标签和至少特定于设备的秘密数据。 验证标签可以存储在设备内。 在随后的软件加载执行之后，可以通过使用验证标签来确认正在加载的软件与用于生成验证标签的软件相同，同时避免软件的认证来验证（未认证）。

公开(公告)号：US09489504B2

公开(公告)日：2016-11-08

申请号：US14045740

申请日：2013-10-03

Applicant: QUALCOMM Incorporated

Inventor： Yafei Yang ,  Xu Guo ,  David Merrill Jacobson ,  Brian Marc Rosenberg ,  Adam John Drew

IPC: G06F21/00 ,  G06F21/44 ,  H04L9/32 ,  G09C1/00

CPC classification number: G06F21/44 ,  G09C1/00 ,  H04L9/3278

Abstract: A method is provided for using obtaining a reproducible device identifier from a physically unclonable function. An authentication device may receive a first physically unclonable function (PUF) dataset from the electronic device, the first PUF dataset including characteristic information generated from a physically unclonable function in the electronic device. The authentication device may then identify a pre-stored PUF dataset corresponding to the electronic device. Authentication of the electronic device may be performed by correlating the pre-stored PUF dataset and the first PUF dataset for the electronic device, wherein such correlation is based on a pattern or distribution correlation the pre-stored PUF dataset and the first PUF dataset. Because such correlation is performed on datasets, and not individual points, systematic variations can be recognized by the correlation operation leading to higher correlation than point-by-point comparisons.

Abstract translation: 提供了一种用于从物理上不可克隆的功能获得可重现设备标识符的方法。 认证设备可以从电子设备接收第一物理不可克隆功能（PUF）数据集，第一PUF数据集包括从电子设备中的物理不可克隆功能产生的特征信息。 然后，认证设备可以识别对应于电子设备的预存储的PUF数据集。 可以通过将预先存储的PUF数据集和电子设备的第一PUF数据集相关联来执行电子设备的认证，其中这种相关性基于预先存储的PUF数据集和第一PUF数据集的模式或分布相关性。 由于这种相关性对数据集进行，而不是单个点，所以相关运算可以识别系统变化，从而导致相对于逐点比较的相关性更高。

公开(公告)号：US09755831B2

公开(公告)日：2017-09-05

申请号：US14161185

申请日：2014-01-22

Applicant: QUALCOMM Incorporated

Inventor： Steven Douglas Laver ,  Xu Guo ,  Brian Marc Rosenberg ,  David Merrill Jacobson

IPC: H04L9/08 ,  G06F21/57

CPC classification number: H04L9/0894 ,  G06F21/575 ,  H04L9/0866

Abstract: One feature pertains to a method for extracting a secret key during a secure boot flow of an integrated circuit. Specifically, the secure boot flow includes powering ON a first volatile memory circuit to generate a plurality of initial logical state values, deriving secret data based on the plurality of initial logical state values, storing the secret data in a secure volatile memory circuit that is secured by a secure execution environment (SEE), clearing the plurality of initial logical state values in the first volatile memory circuit, executing a cryptographic algorithm at the SEE to extract a secret key based on the secret data, and storing the secret key in the secure volatile memory circuit. The secure boot flow controls access to the first volatile memory circuit to secure the secret data and the plurality of initial logical state values from the insecure applications.

公开(公告)号：US09391773B2

公开(公告)日：2016-07-12

申请号：US14245732

申请日：2014-04-04

Applicant: QUALCOMM Incorporated

Inventor： David Merrill Jacobson ,  Billy Bob Brumley

IPC: H04L9/30 ,  G06F7/72 ,  H04L9/00

CPC classification number: H04L9/3066 ,  G06F7/725 ,  G06F2207/7257 ,  H04L9/003 ,  H04L2209/24 ,  H04L2209/72

Abstract: One feature pertains to elliptic curve (EC) point multiplication for use in generating digital signatures. In one aspect, a scalar multiplier (k) of a base point (P) of order (n) is selected on an elliptic curve for use with EC point multiplication. An integer value (r) is then randomly generated from within a range of values constrained so that, regardless of the particular value of (r) obtained within the range, EC point multiplication procedures performed using the scalar multiplier (k) summed with a product of the integer multiplier (r) and the order (n) consume device resources independent of the value of the scalar multiplier (k) to thereby reduce or eliminate side-channel leakage. This may be achieved by determining the range of values for r so that the bit position of the most significant bit of k+(r*n) will be even and fixed for a particular elliptic curve.

Abstract translation: 一个特征涉及用于生成数字签名的椭圆曲线（EC）点乘法。 在一个方面，在椭圆曲线上选择阶数（n）的基点（P）的标量乘数（k），以用于EC点乘法。 然后从受限制的值的范围内随机生成整数值（r），使得不管在该范围内获得的（r）的特定值，使用与乘积相加的标量乘数（k）执行的EC点乘法程序 整数乘法器（r）和顺序（n）消耗与标量乘法器（k）的值无关的设备资源，从而减少或消除侧信道泄漏。 这可以通过确定r的值的范围来实现，使得对于特定的椭圆曲线，k +（r * n）的最高有效位的位位置将是均匀和固定的。

公开(公告)号：US20150288520A1

公开(公告)日：2015-10-08

申请号：US14245732

申请日：2014-04-04

Applicant: QUALCOMM Incorporated

Inventor： David Merrill Jacobson ,  Billy Bob Brumley

IPC: H04L9/30

CPC classification number: H04L9/3066 ,  G06F7/725 ,  G06F2207/7257 ,  H04L9/003 ,  H04L2209/24 ,  H04L2209/72

Abstract: One feature pertains to elliptic curve (EC) point multiplication for use in generating digital signatures. In one aspect, a scalar multiplier k) of a base point (P) of order (n) is selected on an elliptic curve for use with EC point multiplication. An integer value (r) is then randomly generated from within a range of values constrained so that, regardless of the particular value of (r) obtained within the range, EC point multiplication procedures performed using the scalar multiplier (k) summed with a product of the integer multiplier (r) and the order (n) consume device resources independent of the value of the scalar multiplier (k) to thereby reduce or eliminate side-channel leakage. This may be achieved by determining the range of values for r so that the bit position of the most significant bit of k+(r*n) will be even and fixed for a particular elliptic curve.

Abstract translation: 一个特征涉及用于生成数字签名的椭圆曲线（EC）点乘法。 在一个方面，在椭圆曲线上选择阶数（n）的基点（P）的标量乘法器k）以用于EC点乘法。 然后从受限制的值的范围内随机生成整数值（r），使得不管在该范围内获得的（r）的特定值，使用与乘积相加的标量乘数（k）执行的EC点乘法程序 整数乘法器（r）和顺序（n）消耗与标量乘法器（k）的值无关的设备资源，从而减少或消除侧信道泄漏。 这可以通过确定r的值的范围来实现，使得对于特定的椭圆曲线，k +（r * n）的最高有效位的位位置将是均匀和固定的。

公开(公告)号：US20150207624A1

公开(公告)日：2015-07-23

申请号：US14161185

申请日：2014-01-22

Applicant: QUALCOMM Incorporated

Inventor： Steven Douglas Laver ,  Xu Guo ,  Brian Marc Rosenberg ,  David Merrill Jacobson

IPC: H04L9/08 ,  G06F21/57

CPC classification number: H04L9/0894 ,  G06F21/575 ,  H04L9/0866

Abstract: One feature pertains to a method for extracting a secret key during a secure boot flow of an integrated circuit. Specifically, the secure boot flow includes powering ON a first volatile memory circuit to generate a plurality of initial logical state values, deriving secret data based on the plurality of initial logical state values, storing the secret data in a secure volatile memory circuit that is secured by a secure execution environment (SEE), clearing the plurality of initial logical state values in the first volatile memory circuit, executing a cryptographic algorithm at the SEE to extract a secret key based on the secret data, and storing the secret key in the secure volatile memory circuit. The secure boot flow controls access to the first volatile memory circuit to secure the secret data and the plurality of initial logical state values from the insecure applications.

Abstract translation: 一个特征涉及在集成电路的安全启动流程期间提取密钥的方法。 具体地，安全引导流程包括给开启第一易失性存储器电路以产生多个初始逻辑状态值，基于多个初始逻辑状态值导出秘密数据，将秘密数据存储在安全的易失性存储器电路中 通过安全执行环境（SEE），清除第一易失性存储器电路中的多个初始逻辑状态值，在SEE执行密码算法以基于秘密数据提取密钥，并将秘密密钥存储在安全的执行环境 易失性存储器电路。 安全引导流程控制对第一易失性存储器电路的访问以保护来自不安全应用的秘密数据和多个初始逻辑状态值。

公开(公告)号：US20150101037A1

公开(公告)日：2015-04-09

申请号：US14045740

申请日：2013-10-03

Applicant: QUALCOMM Incorporated

Inventor： Yafei Yang ,  Xu Guo ,  David Merrill Jacobson ,  Brian Marc Rosenberg ,  Adam John Drew

IPC: G06F21/44

CPC classification number: G06F21/44 ,  G09C1/00 ,  H04L9/3278

Abstract: A method is provided for using obtaining a reproducible device identifier from a physically unclonable function. An authentication device may receive a first physically unclonable function (PUF) dataset from the electronic device, the first PUF dataset including characteristic information generated from a physically unclonable function in the electronic device. The authentication device may then identify a pre-stored PUF dataset corresponding to the electronic device. Authentication of the electronic device may be performed by correlating the pre-stored PUF dataset and the first PUF dataset for the electronic device, wherein such correlation is based on a pattern or distribution correlation the pre-stored PUF dataset and the first PUF dataset. Because such correlation is performed on datasets, and not individual points, systematic variations can be recognized by the correlation operation leading to higher correlation than point-by-point comparisons.

Abstract translation: 提供了一种用于从物理上不可克隆的功能获得可重现设备标识符的方法。 认证设备可以从电子设备接收第一物理不可克隆功能（PUF）数据集，第一PUF数据集包括从电子设备中的物理不可克隆功能产生的特征信息。 然后，认证设备可以识别对应于电子设备的预存储的PUF数据集。 可以通过将预先存储的PUF数据集和电子设备的第一PUF数据集相关联来执行电子设备的认证，其中这种相关性基于预先存储的PUF数据集和第一PUF数据集的模式或分布相关性。 由于这种相关性对数据集进行，而不是单个点，所以相关运算可以识别系统变化，从而导致相对于逐点比较的相关性更高。

公开(公告)号：US20150071432A1

公开(公告)日：2015-03-12

申请号：US14077093

申请日：2013-11-11

Applicant: QUALCOMM Incorporated

Inventor： Xiaochun Zhu ,  Steven M. Millendorf ,  Xu Guo ,  David Merrill Jacobson ,  Kangho Lee ,  Seung H. Kang ,  Matthew Michael Nowak

IPC: G11C11/16 ,  H04L9/30

CPC classification number: G11C11/1673 ,  G09C1/00 ,  G11C11/161 ,  G11C11/1659 ,  G11C11/1675 ,  G11C11/1695 ,  H04L9/0866 ,  H04L9/30 ,  H04L9/3278

Abstract: One feature pertains to least one physically unclonable function based on an array of magnetoresistive random-access memory (MRAM) cells. A challenge to the array of MRAM cells may identify some of the cells to be used for the physically unclonable function. Each MRAM cell may include a plurality of magnetic tunnel junctions (MTJs), where the MTJs may exhibit distinct resistances due to manufacturing or fabrication variations. A response to the challenge may be obtained for each cell by using the resistance(s) of one or both of the MTJs for a cell to obtain a value that serves as the response for that cell. The responses for a plurality of cells may be at least partially mapped to provide a unique identifier for the array. The responses generated from the array of cells may serve as a physically unclonable function that may be used to uniquely identify an electronic device.

Abstract translation: 一个特征涉及基于磁阻随机存取存储器（MRAM）单元阵列的至少一个物理上不可克隆的功能。 对MRAM单元阵列的挑战可能会识别要用于物理不可克隆功能的一些单元格。 每个MRAM单元可以包括多个磁隧道结（MTJ），其中MTJ可能由于制造或制造变化而呈现出不同的电阻。 可以通过使用用于单元的MTJ中的一个或两个的电阻来获得用作该单元的响应的值，为每个单元获得对该挑战的响应。 可以至少部分地映射多个小区的响应以提供阵列的唯一标识符。 从单元阵列产生的响应可以用作可以用于唯一地识别电子设备的物理上不可克隆的功能。