Abstract: An electronic system (100) having a memory (1 12, 1 14, 1 16) with multiple memory locations, each specific memory location of the multiple memory locations being arranged to produce a respective value, the respective value depending on a physical, at least partially random, configuration of components constructing the specific memory location, the electronic system comprises a key extraction means (130) arranged to retrieve multiple values in a first order from the multiple memory locations and for determining a reproducible cryptographic key in dependency on the multiple values, characterized in that the electronic system further comprises a re-ordering (120) means in between the memory and the key extraction means for providing the multiple values to the key extraction means in a second order, different from the first order, prior to determining the cryptographic key.

Abstract: Systems for generating an identifying response pattern comprising a memory (120) used as a physically unclonable function configured for generating a response pattern dependent on physical, at least partially random characteristics of said memory may be vulnerable to freezing attacks and to aging. A memory-overwriting device (110) configured for overwriting at least a first portion of the plurality of memory locations to obscure the response pattern in the memory avoids freezing attacks. An anti-degradation device (160) configured to write to each respective location of a second portion of the plurality of memory locations an inverse of a response previously read from the memory reduces the effects of aging.

Abstract: A cuvette (10) for storing a biological sample to be analyzed by means of a predefined detection technique is disclosed. The cuvette (10) is formed from a moldable material that contains particles (15a, 15b) at a concentration within a predefined range. The particles (15a, 15b) are randomly distributed, in order to form a unique pattern. Moreover, the particles (15a, 15b) have measurable physical properties, so that the unique pattern is detectable using the detection technique that is used to analyze the biological sample. The unique properties obtained by the randomly distributed particles (15a, 15b) render copying nearly impossible, since it is more complicated to distribute the particles in a predetermined pattern than to let them distribute randomly.

Abstract: The invention provides a method of generating arbitrary numbers given a seed, characterized by providing a challenge derived from the seed to a physical token, receiving an initial response from the physical token, combining the initial response with helper data associated with the challenge to produce a stable response, and generating the arbitrary numbers using a pseudo-random number generator using the stable response as a seed for the generator. Preferably one or more of these pseudo-random permutations are used as one or more round function(s) in a Feistel block cipher. The generated arbitrary numbers may also be used to create a cryptographic key.

Abstract: A method of generating a key for encrypting communications between first and second terminals includes obtaining a measurement of characteristics of a physical identifier of a user; and extracting a key from the physical identifier using a code selected from a collection of codes. Each code in the collection defines an ordered mapping from a set of values of the characteristics to a set of keys. The collection of codes includes at least one code in which the ordered mapping is a permutation of the ordered mapping of one of the other codes in the collection.

Abstract: It is described a RFID device (231a, 231b, 231c, 331) comprising a data memory (236) and an electronic circuit arrangement (237, 238, 239, 247) coupled thereto. The electronic circuit arrangement has a first and a second operational configuration, wherein by receiving a control command (250a) the electronic circuit arrangement can be switched irreversibly from the first to the second configuration. The RFID device further comprises a communication interface (245) being coupled to the electronic circuit arrangement. In the first configuration the RFID device is adapted to communicate with a standard RFID reader (110) via the communication interface. In the second configuration the communication with the standard RFID reader is disabled and the RFID device is adapted to communicate with a readout-RFID device (370). The RFID device may be equipped with a secondary communication interface that can be used to communicate with the RFID device in a privacy-preserving manner.

Abstract: An electric physical unclonable function (PUF) (100) is provided comprising a semiconductor memory element (110) connectable to a PUF control means for reading content from the memory element and for deriving at least in part from said content a digital identifier, such as a secret key. Upon powering the memory element it settles into one of at least two different stable states. The particular stable state into which the memory element settles is dependent at least in part upon random physical characteristics of the memory element introduced during manufacture of the memory element. Settling of the memory element is further dependent upon a control input (112) of the memory element.

Abstract: This invention relates to methods and devices for verifying the identity of a person based on a sequence of feature components extracted from a biometric sample. Thereafter, the feature components are quantized and assigned a data bit sequence in such a way that adjacent quantization intervals have a Hamming distance of 1. The data bit sequences are concatenated into a bit string, and said bit string is combined with a helper data set by using an exclusive disjunction (XOR) operation into a codeword. Finally, the codeword is decoded into a secret V and a secret S is matched with the secret V.

Abstract: A computing device for obtaining a first cryptographic key during an enrollment phase, the computing device comprising a key generator for generating the first cryptographic key in dependence upon a seed, the computing device being configured for storing the first cryptographic key on a storage of the computing device for later cryptographic use of the first cryptographic key on the computing device during a usage phase coming after the enrollment phase wherein, the computing device further comprises a physically unclonable function, the key generator being configured for deriving the seed from an output of the physically unclonable function, and an encryption module for encrypting the first cryptographic key using a second cryptographic key derived from the output of the physically unclonable function, the computing device being configured for storing the first cryptographic key on the storage in encrypted form.

Abstract: The present invention relates to a method and a system of securely computing a measure of similarity for at least two sets of data. A basic idea of the present invention is to securely compare two sets of encrypted data to determine whether the two sets of data resemble each other to a sufficient extent. If the measure of similarity complies with predetermined criteria, the two sets of data from which the encrypted sets of data originate are considered to be identical.

Abstract: A distribution system and method for distributing digital information is provided, which has high recoverability from a security breach. The distribution system comprises a server (200) and a computing device (110). During an enrollment phase, the computing device obtains a first response from an integrated physically unclonable function (150) integrated in the computing device. The system comprises an enrollment module (130) for determining helper data from a decryption key and the first response to enable later reconstruction of the decryption key from the helper data and a second response obtained from the physically unclonable function. During a reconstruction phase, which occurs after the enrollment phase and typically after a security breach has occurred that revealed data and/or programming code of the computing device, the server may encrypt digital information using an encryption module (220) with a cryptographic encryption key corresponding to the decryption key.

Abstract: Systems for generating an identifying response pattern comprising a memory (120) used as a physically unclonable function configured for generating a response pattern dependent on physical, at least partially random characteristics of said memory may be vulnerable to freezing attacks and to aging. A memory-overwriting device (110) configured for overwriting at least a first portion of the plurality of memory locations to obscure the response pattern in the memory avoids freezing attacks. An anti-degradation device (160) configured to write to each respective location of a second portion of the plurality of memory locations an inverse of a response previously read from the memory reduces the effects of aging.

Abstract: In systems for establishing a cryptographic key depending on a physical uncloneable function (PUF) it may be a problem that internal information correlated with the cryptographic key is leaked to the outside of the system via a side-channel. To mitigate this problem a cryptographic system for reproducibly establishing a cryptographic key is presented. The system comprises a physical system comprising a physical, at least partially random, configuration of components from which an initial bit-string is derived. An error corrector corrects deviations occurring in the initial bit-string. Through the use of randomization the error corrector operates on a randomized data. Information leaking through a side channel is thereby reduced. After error correction a cryptographic key may be derived from the initial bit-string.

Abstract: An electronic system (100) having a memory (1 12, 1 14, 1 16) with multiple memory locations, each specific memory location of the multiple memory locations being arranged to produce a respective value, the respective value depending on a physical, at least partially random, configuration of components constructing the specific memory location, the electronic system comprises a key extraction means (130) arranged to retrieve multiple values in a first order from the multiple memory locations and for determining a reproducible cryptographic key in dependency on the multiple values, characterized in that the electronic system further comprises a re-ordering (120) means in between the memory and the key extraction means for providing the multiple values to the key extraction means in a second order, different from the first order, prior to determining the cryptographic key.

Abstract: A system for authenticating a physical object includes an enrolment device, an authentication device, and a storage for storing authentication data. The enrolment device includes an input for receiving a property set Y of the object measured using a measurement procedure. A processor is used for creating a property set I from the measured property set Y that meet a predetermined robustness criterion. It then creating a property set A from the property set I that includes less information on the actual properties than property set Y, and finally generates a control value V in dependence on properties of the property set A. An output is used for supplying the control value to the storage as part of the authentication data. The enrolment device operates in an analogous way.

Abstract: A method of generating a response to a physically unclonable function, said response being uniquely representative of the identity of a device having challengeable memory, the memory comprising a plurality of logical locations each having at least two possible logical states, the method comprising applying a challenge signal to an input of said memory so as to cause each of said logical locations to enter one of said two possible logical states and thereby generate a response pattern of logical states, said response pattern being dependent on said physically unclonable function which is defined by, the physical characteristics of said memory, the method further comprising reading out said response pattern.

Abstract: The invention relates to an optical identifier (30) for generating an identification signal in response to an incident radiation beam (12), and to a corresponding method. In order to provide an optical identifier (30) which can be produced by a simplified process and which has nevertheless a sufficient or even improved stability against environmental interferences it is proposed that said identifier comprises a carrier layer (32), at least partially transparent to said radiation beam (12), having a first scattering face (34) comprising a plurality of randomly oriented partial faces for scattering at least a part of said radiation beam (12), wherein said identification signal is formed by a scattered part of said radiation beam (12). Further, a device comprising said identifier, and a reading apparatus for identifying the identifier are proposed.

Abstract: A physical random function (PUF) is a function that is easy to evaluate but hard to characterize. Controlled physical random functions (CPUFs) are PUFs that can only be accessed via a security program controlled by a security algorithm that is physically bound to the PUF in an inseparable way. CPUFs enable certified execution, where a certificate is produced that proves that a specific computation was carried out on a specific processor. The invention provides an additional layer for generating a proof of execution which any third party can verify. This proof of execution is also useful to provide secure memory and secure interruptible program execution.

Abstract: A method of providing automatically verifiable trust in a content resolution process in which a PDR resolves a content reference identifier (CRID) identifying a content item using a resolution authority record (RAR) to obtain a locator identifying a location where the PDR can obtain the content item. Preferably, the measure comprises computing a digital signature over at least part of the contents of the CRID, the locator and/or the RAR. The method may also comprise encrypting at least a data portion of the CRID, RAR or locator. Digital rights needed to access the content item can be provided with the CRID, RAR or locator.

Abstract: Method of authenticating optical discs (10) to a rendering device (50), wherein the disc (10) comprises media content (90), a second database (80) with second authentication data (81) and a transponder (30), the method comprising the steps of: a) Receiving a challenge (C1) from a rendering device (50) by the transponder (30), b) Determining a response (R1) to the challenge (C1) by the transponder (30), and c) Sending the response (R1) to the rendering device (50) by the transponder (30).