Patents by Inventor John Ross Wallrabenstein
John Ross Wallrabenstein has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11245680Abstract: This application describes systems and methods for using a garbled circuit and a physical unclonable function (PUF) value to authenticate a device. During enrollment, the device and at least one computer collaboratively construct multiple garbled circuits corresponding to bits of an enrollment PUF value generated by PUF circuitry coupled to the device. During authentication, the device and at least one computer evaluate the multiple garbled circuits using an authentication PUF value. Using the results of this evaluation, the at least one computer compares the enrollment PUF value with the authentication PUF value and determines a distance between them. The at least one computer may authenticate the device when the calculated distance is less than a threshold value.Type: GrantFiled: March 1, 2019Date of Patent: February 8, 2022Assignee: Analog Devices, Inc.Inventor: John Ross Wallrabenstein
-
Patent number: 11044107Abstract: This application describes systems and methods for using a physical unclonable function (PUF) to authenticate a device, which may include circuitry for generating PUF values that may uniquely identify the device. According to one aspect, the device may provide enrollment PUF values to an authentication device. The device may later be authenticated if PUF values generated by the device are within a threshold distance of the enrollment PUF values. Since the PUF values are compared using a distance, it may not necessary to apply an error correcting code to the PUF values. The enrollment values and/or the calculated distance may be adjusted to compensate for time variations in the PUF values due to circuit aging. Systems and methods are also described herein for authenticating the device without revealing new PUF values to any second party, for example using a cryptographic technique known as a garbled circuit.Type: GrantFiled: May 1, 2018Date of Patent: June 22, 2021Assignee: Analog Devices, Inc.Inventors: Robert W. Adams, John Ross Wallrabenstein, Deniz Karakoyunlu
-
Patent number: 10999082Abstract: According to various aspects of the present application, systems and methods are provided for implementing a garbled circuit on a device. Doing so allows the device to perform computations while protecting the computations from being observed or accessed by an adversarial entity. A garbled circuit involves two parties, known as the generator and the evaluator, jointly evaluating a function. Conventionally, a garbled circuit is executed on two different devices in order for the two different parties to jointly calculate the function without each party revealing to the other party private information such as input values to the function. Some embodiments provide for execution of the garbled circuit on a single device by implementing both parties on the device as separate processes. Some embodiments prevent an adversarial entity with physical access to the device from being able to observe calculations performed by the device to evaluate a function.Type: GrantFiled: September 28, 2018Date of Patent: May 4, 2021Assignee: Analog Devices, Inc.Inventor: John Ross Wallrabenstein
-
Patent number: 10958452Abstract: A system and device, including reconfigurable physical unclonable functions (‘RPUFs’) and threshold cryptography, use cryptographic and physical means of security. A plurality of reconfigurable physical unclonable functions (‘RPUFs’) and a memory are connected to a processor that is configured to derive information associating the RPUFs with cryptographic shares of a sensitive value, store such information in the memory, and reconfigure a RPUF upon powering up of the device such that information stored in the memory is not valid for the reconfigured RPUF.Type: GrantFiled: June 6, 2017Date of Patent: March 23, 2021Assignee: Analog Devices, Inc.Inventors: John Ross Wallrabenstein, Thomas Joseph Brindisi
-
Patent number: 10938580Abstract: One or more hardware identity circuits (which may be reconfigurable) may be employed in a device or system in order to impose a tampering penalty, preferably without relying on battery-backed volatile memory to do so. The device or system may also include a cryptographic division and distribution (‘sharing’) of a secret internal to the device or system.Type: GrantFiled: June 6, 2017Date of Patent: March 2, 2021Assignee: Analog Devices, Inc.Inventors: Douglas J. Gardner, John Ross Wallrabenstein
-
Patent number: 10931467Abstract: A device comprising: a physical unclonable function (PUF) device configured to generate an output value based on hardware characteristics of the PUF device; and a processor connected to the PUF device, the processor configured to: execute a cryptographic operation in a sequence of ordered stages including a first stage and a second stage, the executing comprising: in the first stage: recovering a first secret value based on a first output value obtained from the PUF device; executing a first sub-operation using the first secret value; and removing unobscured values from memory prior to execution of a subsequent stage; in the second stage: recovering a second secret value based on a second output value obtained from the PUF device; and executing a second sub-operation using the second secret value to enable execution of a cryptographic operation encoded with at least the first secret value and the second secret value.Type: GrantFiled: February 19, 2019Date of Patent: February 23, 2021Assignee: Analog Devices, Inc.Inventor: John Ross Wallrabenstein
-
Patent number: 10771267Abstract: An authentication system and device including physical unclonable function (PUF) and threshold cryptography comprising: a PUF device having a PUF input and a PUF output and constructed to generate, in response to the input of a challenge, an output value characteristic to the PUF and the challenge; and a processor having a processor input that is connected to the PUF output, and having a processor output connected to the PUF input, the processor configured to: control the issuance of challenges to the PUF input via the processor output, receive output from the PUF output, combine multiple received PUF output values each corresponding to a share of a private key or secret, and perform threshold cryptographic operations. The system and device may be configured so that shares are refreshable, and may be configured to perform staggered share refreshing.Type: GrantFiled: April 24, 2018Date of Patent: September 8, 2020Assignee: Analog Devices, Inc.Inventor: John Ross Wallrabenstein
-
Publication number: 20200280551Abstract: This application describes systems and methods for using a garbled circuit and a physical unclonable function (PUF) value to authenticate a device. During enrollment, the device and at least one computer collaboratively construct multiple garbled circuits corresponding to bits of an enrollment PUF value generated by PUF circuitry coupled to the device. During authentication, the device and at least one computer evaluate the multiple garbled circuits using an authentication PUF value. Using the results of this evaluation, the at least one computer compares the enrollment PUF value with the authentication PUF value and determines a distance between them. The at least one computer may authenticate the device when the calculated distance is less than a threshold value.Type: ApplicationFiled: March 1, 2019Publication date: September 3, 2020Applicant: Analog Devices, Inc.Inventor: John Ross Wallrabenstein
-
Patent number: 10749694Abstract: This application describes systems and methods for using a physical unclonable function (PUF) to authenticate a device, which may include circuitry for generating PUF values that may uniquely identify the device. According to one aspect, the device may provide enrollment PUF values to an authentication device. The device may later be authenticated if PUF values generated by the device are within a threshold distance of the enrollment PUF values. Since the PUF values are compared using a distance, it may not necessary to apply an error correcting code to the PUF values. The enrollment values and/or the calculated distance may be adjusted to compensate for time variations in the PUF values due to circuit aging. Systems and methods are also described herein for authenticating the device without revealing new PUF values to any second party, for example using a cryptographic technique known as a garbled circuit.Type: GrantFiled: May 1, 2018Date of Patent: August 18, 2020Assignee: Analog Devices, Inc.Inventors: Robert W. Adams, John Ross Wallrabenstein, Deniz Karakoyunlu
-
Publication number: 20200106626Abstract: According to various aspects of the present application, systems and methods are provided for implementing a garbled circuit on a device. Doing so allows the device to perform computations while protecting the computations from being observed or accessed by an adversarial entity. A garbled circuit involves two parties, known as the generator and the evaluator, jointly evaluating a function. Conventionally, a garbled circuit is executed on two different devices in order for the two different parties to jointly calculate the function without each party revealing to the other party private information such as input values to the function. Some embodiments provide for execution of the garbled circuit on a single device by implementing both parties on the device as separate processes. Some embodiments prevent an adversarial entity with physical access to the device from being able to observe calculations performed by the device to evaluate a function.Type: ApplicationFiled: September 28, 2018Publication date: April 2, 2020Applicant: Analog Devices, Inc.Inventor: John Ross Wallrabenstein
-
Patent number: 10521616Abstract: As a PUF device ages, the response characteristics of the device change. Thus, mappings made on the original PUF outputs can drift and become invalid. Re-enrollment or re-mapping of hidden values to PUF response characteristics can resolve the changing nature of the PUF. Unfortunately, an adversary may tamper with the PUF during re-enrollment compromising security of the PUF. Accordingly, techniques of securely and remotely re-enrolling a PUF device are described. During an initial enrollment of the PUF device, multiple sets of enrollment values of the PUF device can be generated. For remote re-enrollment, a first initial set of enrollment values can be used to authenticate the PUF device. Upon authentication using the first initial set, the PUF device can re-enroll the PUF device and account for changes in PUF characteristics. A second set of initial enrollment values can then be used to verify that the PUF device is unaltered.Type: GrantFiled: November 8, 2017Date of Patent: December 31, 2019Assignee: Analog Devices, Inc.Inventor: John Ross Wallrabenstein
-
Publication number: 20190342104Abstract: This application describes systems and methods for using a physical unclonable function (PUF) to authenticate a device, which may include circuitry for generating PUF values that may uniquely identify the device. According to one aspect, the device may provide enrollment PUF values to an authentication device. The device may later be authenticated if PUF values generated by the device are within a threshold distance of the enrollment PUF values. Since the PUF values are compared using a distance, it may not necessary to apply an error correcting code to the PUF values. The enrollment values and/or the calculated distance may be adjusted to compensate for time variations in the PUF values due to circuit aging. Systems and methods are also described herein for authenticating the device without revealing new PUF values to any second party, for example using a cryptographic technique known as a garbled circuit.Type: ApplicationFiled: May 1, 2018Publication date: November 7, 2019Applicant: Analog Devices, Inc.Inventors: Robert W. Adams, John Ross Wallrabenstein, Deniz Karakoyunlu
-
Publication number: 20190342105Abstract: This application describes systems and methods for using a physical unclonable function (PUF) to authenticate a device, which may include circuitry for generating PUF values that may uniquely identify the device. According to one aspect, the device may provide enrollment PUF values to an authentication device. The device may later be authenticated if PUF values generated by the device are within a threshold distance of the enrollment PUF values. Since the PUF values are compared using a distance, it may not necessary to apply an error correcting code to the PUF values. The enrollment values and/or the calculated distance may be adjusted to compensate for time variations in the PUF values due to circuit aging. Systems and methods are also described herein for authenticating the device without revealing new PUF values to any second party, for example using a cryptographic technique known as a garbled circuit.Type: ApplicationFiled: May 1, 2018Publication date: November 7, 2019Applicant: Analog Devices, Inc.Inventors: Robert W. Adams, John Ross Wallrabenstein, Deniz Karakoyunlu
-
Patent number: 10432409Abstract: An authentication system and device including physical unclonable function (PUF) and threshold cryptography comprising: a PUF device having a PUF input and a PUF output and constructed to generate, in response to the input of a challenge, an output value characteristic to the PUF and the challenge; and a processor having a processor input that is connected to the PUF output, and having a processor output connected to the PUF input, the processor configured to: control the issuance of challenges to the PUF input via the processor output, receive output from the PUF output, combine multiple received PUF output values each corresponding to a share of a private key or secret, and perform threshold cryptographic operations. The system and device may be configured so that shares are refreshable, and may be configured to perform staggered share refreshing.Type: GrantFiled: May 5, 2015Date of Patent: October 1, 2019Assignee: Analog Devices, Inc.Inventor: John Ross Wallrabenstein
-
Patent number: 10425235Abstract: Various embodiments enhance security and tamper resistance of device or components having a hardware intrinsic identity. For example, devices or components having PUFs can map challenges and helper values to a secret or share of secret to utilize a local identity in cryptographic operations. A plurality of components having individual identities can be extend so that the plurality of components can enroll into a shared global identity. Shares of the global identity can be distributed among the plurality of components or devices such that at least two devices must provide at least two shares of the global identity (or threshold operations on the at least two shares) to successfully use the global identity. Such sharing mitigates adversarial tampering attack on the global identity. Share refresh protocols can provide additional security, enable introduction of new components or devices to the global identity, and allow removal of existing components or devices.Type: GrantFiled: June 2, 2017Date of Patent: September 24, 2019Assignee: Analog Devices, Inc.Inventors: John Ross Wallrabenstein, Thomas Joseph Brindisi
-
Patent number: 10382962Abstract: A network authentication system with dynamic key generation that facilitates the establishment of both endpoint identity, as well as a secure communication channel using a dynamically-generated key between two end devices (potentially on separate local area networks). An interactive or non-interactive authentication protocol is used to establish the identity of the target end device, and dynamic key generation is used to establish a shared symmetric session key for creating an encrypted communication channel between the end devices.Type: GrantFiled: May 22, 2015Date of Patent: August 13, 2019Assignee: Analog Devices, Inc.Inventors: John J. Walsh, John Ross Wallrabenstein, Charles J. Timko
-
Publication number: 20190190726Abstract: A device comprising: a physical unclonable function (PUF) device configured to generate an output value based on hardware characteristics of the PUF device; and a processor connected to the PUF device, the processor configured to: execute a cryptographic operation in a sequence of ordered stages including a first stage and a second stage, the executing comprising: in the first stage: recovering a first secret value based on a first output value obtained from the PUF device; executing a first sub-operation using the first secret value; and removing unobscured values from memory prior to execution of a subsequent stage; in the second stage: recovering a second secret value based on a second output value obtained from the PUF device; and executing a second sub-operation using the second secret value to enable execution of a cryptographic operation encoded with at least the first secret value and the second secret value.Type: ApplicationFiled: February 19, 2019Publication date: June 20, 2019Applicant: Analog Devices, Inc.Inventor: John Ross Wallrabenstein
-
Publication number: 20190138753Abstract: As a PUF device ages, the response characteristics of the device change. Thus, mappings made on the original PUF outputs can drift and become invalid. Re-enrollment or re-mapping of hidden values to PUF response characteristics can resolve the changing nature of the PUF. Unfortunately, an adversary may tamper with the PUF during re-enrollment compromising security of the PUF. Accordingly, techniques of securely and remotely re-enrolling a PUF device are described. During an initial enrollment of the PUF device, multiple sets of enrollment values of the PUF device can be generated. For remote re-enrollment, a first initial set of enrollment values can be used to authenticate the PUF device. Upon authentication using the first initial set, the PUF device can re-enroll the PUF device and account for changes in PUF characteristics. A second set of initial enrollment values can then be used to verify that the PUF device is unaltered.Type: ApplicationFiled: November 8, 2017Publication date: May 9, 2019Applicant: Analog Devices, Inc.Inventor: John Ross Wallrabenstein
-
Publication number: 20180351753Abstract: One or more hardware identity circuits (which may be reconfigurable) may be employed in a device or system in order to impose a tampering penalty, preferably without relying on battery-backed volatile memory to do so. The device or system may also include a cryptographic division and distribution (‘sharing’) of a secret internal to the device or system.Type: ApplicationFiled: June 6, 2017Publication date: December 6, 2018Applicant: Analog Devices, Inc.Inventors: Douglas J. Gardner, John Ross Wallrabenstein
-
Publication number: 20180351752Abstract: Various embodiments enhance security and tamper resistance of device or components having a hardware intrinsic identity. For example, devices or components having PUFs can map challenges and helper values to a secret or share of secret to utilize a local identity in cryptographic operations. A plurality of components having individual identities can be extend so that the plurality of components can enroll into a shared global identity. Shares of the global identity can be distributed among the plurality of components or devices such that at least two devices must provide at least two shares of the global identity (or threshold operations on the at least two shares) to successfully use the global identity. Such sharing mitigates adversarial tampering attack o the global identity. Share refresh protocols can provide additional security, enable introduction of new components or devices to the global identity, and allow removal of existing components or devices.Type: ApplicationFiled: June 2, 2017Publication date: December 6, 2018Applicant: Analog Devices, Inc.Inventors: John Ross Wallrabenstein, Thomas Joseph Brindisi