Abstract: The present invention relates to a method for communicating from a primary station to a plurality of secondary station, comprising the step of at the primary station allocating a resource to the secondary stations over the time on the basis of a hash function, wherein the hash function is such that the probability that two secondary stations are allocated common resources in two sub frames substantially equals the product of the probability that the two secondary stations are allocated a common resource in the first subframe and the probability that the two secondary stations are allocated a common resource in the second subframe.

Abstract: The present invention relates to a method and a device (11) using a physical token (14), which provides measurable parameters, to derive at least one data set. A plurality of values of one or more of the parameters are measured. From these measured values, a measure of variance is calculated. Quantization intervals into which a measured value is to be quantized are then determined. A possible value of a data set, which subsequently can be derived from a measured value provided by the physical token, is associated with each quantization interval. Further, information which subsequently enables determination of these quantization intervals is stored. Hence, an enrolling phase has been completed. When the preparing phase has been completed, a deriving phase may commence. When a data set is to be derived, for example to be used as a cryptographic key, a value of any one of the parameters provided by the PUF is measured.

Abstract: A cuvette (10) for storing a biological sample to be analyzed by means of a predefined detection technique is disclosed. The cuvette (10) is formed from a moldable material that contains particles (15a, 15b) at a concentration within a predefined range. The particles (15a, 15b) are randomly distributed, in order to form a unique pattern. Moreover, the particles (15a, 15b) have measurable physical properties, so that the unique pattern is detectable using the detection technique that is used to analyze the biological sample. The unique properties obtained by the randomly distributed particles (15a, 15b) render copying nearly impossible, since it is more complicated to distribute the particles in a predetermined pattern than to let them distribute randomly.

Abstract: A physical uncloneable function (PUF) pattern is used for verifying a physical condition of an item. The PUF pattern is arranged to be damaged in the event that said item is exposed to a predetermined environmental condition. Verification of the physical condition of the item, is carried out by obtaining a measured response from the PUF pattern, and comparing the measured response with a stored response in respect of the PUF.

Abstract: The invention relates to an optical identifier (30) for generating an identification signal in response to an incident radiation beam (12), and to a corresponding method. In order to provide an optical identifier (30) which can be produced by a simplified process and which has nevertheless a sufficient or even improved stability against environmental interferences it is proposed that said identifier comprises a carrier layer (32), at least partially transparent to said radiation beam (12), having a first scattering face (34) comprising a plurality of randomly oriented partial faces for scattering at least a part of said radiation beam (12), wherein said identification signal is formed by a scattered part of said radiation beam (12). Further, a device comprising said identifier, and a reading apparatus for identifying the identifier are proposed.

Abstract: The present invention relates to a method for communicating from a primary station to a plurality of secondary station, comprising the step of at the primary station allocating a resource to the secondary stations over the time on the basis of a hash function, wherein the hash function is such that the probability that two secondary stations are allocated common resources in two sub frames substantially equals the product of the probability that the two secondary stations are allocated a common resource in the first subframe and the probability that the two secondary stations are allocated a common resource in the second subframe.

Abstract: A system 100 for increasing data security comprises predetermined system data 104 to be protected. A cryptographic unit 108 is used for cryptographic processing of respective blocks of the content data in dependence on respective keys. A key provider 106 determines the respective key used for the processing of a respective block of the content data in dependence on a respective portion 112 of the predetermined system data 104, the portion not including all the predetermined system data, wherein different respective portions of the predetermined system data are selected for the respective blocks of content data. A server system 200 for increasing data security comprises an output 202 for providing processed content data 110 to a client system 100, the client system comprising predetermined system data 104 to be protected. The server system 200 also comprises a cryptographic unit 208 and a key provider 206.

Abstract: A radio frequency identification, RHD, device (116) for use at an article (114) is described that communicates information with a washing machine (100). The RFID device (116) comprises RFID circuitry (118), an antenna (120) connected to the RFID circuitry (118), as well as switching means (122) connected to any of the RFID circuitry (118) and the antenna (120) and configured to react to contact with a fluid (108) in the washing machine (100) by switching the RFID circuitry (118) from a first mode of operation to a second mode of operation. The two modes of operation comprise at least a respective first and second ability to communicate with the washing machine (100).

Abstract: The invention relates to a method for proving authenticity of a prover PRV to a verifier VER, the method comprising generating a secret S using a physical token by the prover PRV. Obtaining a public value PV by the verifier, where the public value PV has been derived from the secret S using a function for which the inverse of said function is computationally expensive. The method further comprising a step for conducting a zero knowledge protocol between the prover PRV and the verifier VER in order to prove to the verifier VER, with a pre-determined probability, that the prover PRV has access to the physical token, where the prover PRV makes use of the secret S and the verifier VER makes use of the public value PV. The invention further relates to a system employing the method, and an object for proving authenticity.

Abstract: A method (100) is disclosed of generating an identifier from a semiconductor device (600) comprising a volatile memory (610) having a plurality of memory cells. The method comprises causing (110) the memory cells to assume a plurality of pseudo-random bit values inherent to variations in the microstructure of the memory cells; retrieving (120) the bit values from at least a subset of the plurality of memory cells; and generating the identifier from the retrieved bit values. The method (100) is based on the realization that a substantial amount of the cells of a volatile memory can assume a bit value that is governed by underlying variations in manufacturing process parameters; this for instance occurs at power-up for an SRAM or after a time period without refresh for a DRAM.

Abstract: The present invention relates to a method of authenticating, at a verifier (210), a device (101, 201) comprising a physical token (102), a system for performing authentication and a device comprising a physical token which provides measurable parameters. A basic idea of the present invention is to provide a secure authentication protocol in which a low-power device (101, 201), for example an RFID tag, comprising a physical token (102) in the form of a physical uncloneable function (PUF) is relieved from performing cryptographic operations or other demanding operations in terms of processing power. To this end, a PUF device (101, 201) to be authenticated verifies if it in fact is being queried by an authorized verifier. For instance, an RFID tag comprising a PUF (102) may be arranged in a banknote which a bank wishes to authenticate.

Abstract: A record carrier, recording device, read-out device and method is provided which provides a flexible security level to protect user data during transmission over a communication bus, also when the data is recorded on a record carrier such as a recordable optical disc. In accordance with the method, management information comprising encryption indication information indicating that user data stored in an associated sector of a record carrier, such as a recordable optical disk, is to be encrypted by a read-out device before being transmitted over a communication bus.

Abstract: The invention relates to an optical identifier (30) for generating an identification signal in response to an incident radiation beam (12), and to a corresponding method. In order to provide an optical identifier (30) which can be produced by a simplified process and which has nevertheless a sufficient or even improved stability against environmental interferences it is proposed that said identifier comprises a carrier layer (32), at least partially transparent to said radiation beam (12), having a first scattering face (34) comprising a plurality of randomly oriented partial faces for scattering at least a part of said radiation beam (12), wherein said identification signal is formed by a scattered part of said radiation beam (12). Further, a device comprising said identifier, and a reading apparatus for identifying the identifier are proposed.

Abstract: The invention relates the executing of computer readable instructions on a hardware platform (301) comprising a reconfigurable hardware component (311), such as a field-programmable gate array (FPGA). The reconfigurable hardware component is reconfigured in accordance with a reconfiguration set, and a first application is executed at least partly on the reconfigured hardware component, thereby generating an output. The invention provides a way of obfuscating and tamper-proofing software to be executed on a hardware platform.

Abstract: The present invention relates to a method of creating challenge-response pairs, a method of authenticating a plurality of physical tokens, a system for creating challenge-response pairs and a device for authenticating a plurality of physical tokens. A basic idea of the invention is to interconnect a plurality of physical tokens (101, 102, 103), such as a plurality of uncloneable functions (PUFs), in a sequence, provide the sequence with a challenge (Q and use a response of a PUF as a challenge to a subsequent PUF in the sequence. When a final PUF is reached in the sequence and produces a response (R), a challenge-response pair (CRP) has been created, which pair comprises the challenge provided to the sequence of PUFs and the response produced by the final PUF. At least the challenge of this CRP is then stored.

Abstract: The present invention relates to a method and apparatus for encrypting data (105) by means of a first key (115), and a method and apparatus for decrypting encrypted data by means of a second key (185). The present invention alleviates the need for exact key information by allowing encryption of data (105) by means of a first key (115) and subsequent decryption of the encrypted data by means of a second key (185) without the need for the first key (115), provided that the first key (115) and the second key (185) form a sufficient estimate of an encryption/decryption key pair. During encryption, multiple encryption keys (135), at least in part based on the first key (115), are used to encrypt a redundant representation (122) of the data (105). The encrypted data (124) may subsequently be decrypted by using multiple decryption keys (165) based on the second key (185), without the need for the first key (115), provided that the second key (185) forms a sufficient estimate of the first key (115).

Abstract: The invention relates to a method of establishing a shared secret between two or more parties, based on a physical token, wherein helper data from both the enrolment and the authentication measurement is used in such a way that only response data reliable at both measurements is used to generate the shared secret. The generated shared secret is therefore identical to both parties to a high degree of certainty. The invention further relates to a system for generating such a shared secret, comprising a central database server and a terminal, or any one of them.

Abstract: An optical identifier (1) can be used as a Physical Unclonable Function for producing a speckle pattern, as a response, upon being challenged with a light beam, as a challenge. This property can be used for identification of the optical identifier or of an object attached thereto, for the authentication of an information carrier or for generation of transaction keys. Since the response obtained in response to given challenge is highly sensitive to the relative position of the optical identifier, light beam source and detector for the speckle pattern, this relative position has to be accurately adjusted to reliably obtain the same response to a given challenge. To this aim, an optical identifier is proposed having an alignment area (3) for splitting an incident beam into distinct beams (6, 7) which can be detected as alignment signals (10a, 10b, 10c, 10d) on a detector (8) and used for the monitoring and for the adjustment of said relative position.

Abstract: A system 100 for authenticating a physical product 110, such as a banknote, including at least one physical product and a verification device 130. The physical product including a random distribution of a plurality of physically detectable particles 112 in a substrate of the product. In association with the physical product, a digital representation (114) is stored (‘stored representation’) of measured physical properties of the particles including an actual distribution of at least some of the particles, where the physical properties are measured through reflection and transmission. The verification device includes a measurement unit 450 for determining a digital representation (‘measured representation’) based on measurements of physical properties of the particles, including an actual distribution of at least some of the particles, through reflection and transmission; and a comparison unit 470 for comparing the measured representation with the stored representation.

Abstract: The present invention relates to a method and a device (11) using a physical token (14), which provides measurable parameters, to derive at least one data set. A plurality of values of one or more of the parameters are measured. From these measured values, a measure of variance is calculated. Quantization intervals into which a measured value is to be quantized are then determined. A possible value of a data set, which subsequently can be derived from a measured value provided by the physical token, is associated with each quantization interval. Further, information which subsequently enables determination of these quantization intervals is stored. Hence, an enrolling phase has been completed. When the preparing phase has been completed, a deriving phase may commence. When a data set is to be derived, for example to be used as a cryptographic key, a value of any one of the parameters provided by the PUF is measured.