Abstract: A key storage device and a method for writing a key value into an one-time-programmable (OTP) device are provided. The key storage device includes an energy harvester, a controller, a hardware key device and the OTP device. The energy harvester is configured to collect energy particles during a fabrication process of a wafer which includes the key storage device, in order to generate a regular voltage. The controller is configured to enable a key transfer procedure when the regular voltage reaches a predetermine level. The hardware key device is configured to provide a pre-existing key value. The controller reads the pre-existing key value from the hardware key device, and writes a key value into the OTP device according to the pre-existing key value. After the OTP device stores the key value, the controller erases the pre-existing key value within the hardware key device.

Abstract: A modular operation device for handling a modular multiplication, comprises a controller, configured to divide a multiplicand into a plurality of multiplicand words, a multiplier into a plurality of multiplier words, and a modulus into a plurality of modulus words; a first plurality of processing elements, coupled to the controller, configured to compute a first plurality of updated carry results and a first plurality of updated sum results; a second plurality of processing elements, coupled to the controller, configured to compute a second plurality of updated carry results and a second plurality of updated sum results; and a reduction element, coupled to the controller, configured to compute a resulting remainder according to the second plurality of updated carry results and the second plurality of updated sum results.

Abstract: A method of operating the physically unclonable function (PUF)-based key management system includes upon receiving a key generation request including a parameter, a load balancer dispatching a key generation request including a parameter from an external device according to workloads of a plurality of key management components (KMCs). A KMC having minimum workload among the plurality of KMCs is designated as the key-generation KMC and the key generation request is dispatched thereto, and remaining KMCs of the plurality of KMCs are designated as backup KMCs. The method further includes the key-generation KMC generating a key according to the parameter and a first PUF sequence, transmitting the key and an identifier associated therewith to the backup KMC via a backup channel, and the backup KMC generating a wrapped key according to the key and a second PUF sequence.

Abstract: An anti-tampering detector and a method for detecting a physical attack are provided, wherein the anti-tampering detector includes a temperature sensor, a voltage detector, a frequency detector and a controller. The temperature sensor is configured to generate a temperature code according to an operation temperature. The voltage detector is configured to generate a voltage code according to a supply voltage and the temperature code. The frequency detector is configured to generate a frequency code according to a system clock, the temperature code and the voltage code. The controller is configured to generate an anti-tampering detection result according to the temperature code, the voltage code and the frequency code. The anti-tampering detection result indicates whether any of the operation temperature, the supply voltage and the system clock is tampered with due to the physical attack.

Abstract: An apparatus and a method for performing an authenticated encryption with associated data (AEAD) operation of an encrypted instruction and a golden tag stored in a memory device in an event of a cache miss are provided. The apparatus includes a bus control circuit, a block buffer, a tag buffer and an AEAD circuit. The bus control circuit receives a read address from a cache for reading the encrypted instruction and the golden tag from the memory device. The block buffer receives and stores the encrypted instruction from the bus control circuit, wherein a size of the block buffer is preset to be N times a size of one cache line. The tag buffer receives and stores the golden tag from the bus control circuit. The AEAD circuit performs the AEAD operation upon the encrypted instruction and the golden tag to check whether the encrypted instruction is tampered or not.

Abstract: A key storage device comprising a first key unit and a second key unit is disclosed. The first key unit is configured to output a first logic value through, comprising: a first setting circuit configured to output a first setting voltage; and a first inverter comprising a first output transistor having a first threshold voltage, configured to receive the first setting voltage and generate the first logic value. The second key unit is configured to output a second logic value through a second node, comprising: a second setting circuit configured to output a second setting voltage; and a second inverter comprising a second output transistor having a second threshold voltage, configured to receive the second setting voltage and generate the second logic value. The absolute value of first threshold voltage is lower than which of the second threshold voltage. The first setting voltage is higher than the second setting voltage.

Abstract: A numerical conversion method for a public key cryptography system includes accumulating a first value by using a first modular addition loop according to the first value for generating a second value after a first predetermined loop count is reached, accumulating the second value by using a second modular addition loop according to the second value for generating a third value after a second predetermined loop count is reached, inputting the third value to a Montgomery modular exponentiation function for generating a Montgomery conversion parameter, and converting a first conversion value in an integer domain into a second conversion value in a Montgomery domain.

Abstract: An entropy source circuit, comprising: a first adjustable ring oscillator for operating under a first setting or a second setting according to a first control signal, for respectively generating a first oscillation clock signal and a second oscillation clock signal which have different frequencies under the first setting and the second setting; a first sampling circuit, for sampling the first oscillating clock signal according to the sampling frequency to generate first sampling values, or sampling the second oscillating clock signal according to the sampling frequency to generate second sampling values; a first detection circuit detecting a first distribution of the first sampling values; and a control circuit generating the first control signal to switch the first setting to the second setting when the first distribution does not meet a predetermined distribution. The entropy source circuit outputs entropy values according to the first sample value or the second sample value.

Abstract: A method for generating random numbers for gaming based on a blockchain network is provided, which includes generating and broadcasting a random number request packet to the blockchain network by a game server of the blockchain network in response to occurrence of a random event in gaming, generating a plurality of random numbers by a plurality of random number supplier nodes of the blockchain network in response to receiving the random number request packet, determining if the respective generated random number conforms to a selection criterion by the plurality of random number supplier nodes, adding an added block corresponding to a first valid random number to the blockchain network by one of the random number supplier nodes and obtaining a target random number corresponding to the added block by the game server.

Abstract: A method and a control circuit for managing information of an electronic device are provided, where the electronic device includes the control chip. The method includes: utilizing a static entropy source of the control circuit to provide static entropy data; utilizing a cryptographic circuit of the control circuit to generate a public key and a private key according to the static entropy data, where the public key is to be registered into a blockchain by an identifier (ID) management device; and utilizing a signature generating circuit to generate a digital signature at least according to the private key, where the information of the electronic device is to be uploaded to the blockchain in conjunction with the digital signature.

Abstract: A random number generator includes a static random number generator, a dynamic entropy source, a counter and a combining circuit. The static random number generator includes an initial random number pool and a static random number pool to output a static random number sequence from one thereof the initial random number pool and the static random number pool. The dynamic entropy source is used to generate a dynamic entropy bit. The counter is used to generate a dynamic random number sequence according to the dynamic entropy bit. The combining circuit is used to output a true random number sequence to a lively random number pool according to the static random number sequence and the dynamic random number sequence. The static random number pool is updated when the lively random number pool is fully updated.

Abstract: An entropy source circuit is provided. The entropy source circuit includes a digital circuit, a determination circuit and a time-to-digital converter (TDC), wherein the determination circuit is coupled to the digital circuit, and the TDC is coupled to the determination circuit. The digital circuit is configured to generate result data at a second time point according to input data received at a first time point, and the determination circuit is configured to perform determination on reference data with dynamic output generated by the digital circuit, to generate a determination result, wherein the reference data is equal to the result data. In addition, the TDC is configured to perform a time-to-digital conversion on a delay of the digital circuit for generating the result data according to the input data with aid of the determination signal, in order to generate entropy data corresponding to the delay.

Abstract: An entropy generator includes a physically unclonable function, a dynamic entropy source and an entropy enhancement engine. The physically unclonable function is used to provide a truly random static entropy. The dynamic entropy source is used to generate a dynamic entropy. The entropy enhancement engine is coupled to the physically unclonable function and the dynamic entropy source, and is used to generate an enhanced entropy according to the truly random static entropy and the dynamic entropy. The expected hamming distance is an expected value of a hamming distance between a truly random static entropy and another truly random static entropy provided by a physically unclonable function (PUF).

Abstract: A built-in self-test (BIST) circuit and a BIST method for Physical Unclonable Function (PUF) quality check are provided. The BIST circuit may include a PUF array, a readout circuit coupled to the PUF array, and a first comparing circuit coupled to the readout circuit. The PUF array may include a plurality of PUF units, wherein each of the PUF units includes a first cell and a second cell. The readout circuit may be configured to output an output bit from the first cell and output a parity bit from the second cell. The first comparing circuit may be configured to compare an output string with a parity string to generate a parity check result, wherein the output string includes output bits respectively read from selected PUF units of the PUF units, and the parity string includes parity bits read from the selected PUF units.

Abstract: A method and a secure boot control circuit for controlling a secure boot of an electronic device. The method is applicable to the secure boot control circuit, and the electronic device includes the secure boot control circuit. The method includes: checking randomness of an output of an entropy source of the secure boot control circuit to generate a check result; utilizing the entropy source to provide a random number sequence; generating a reference code according to the random number sequence; comparing the reference code with an activation code stored in the secure boot control circuit to generate a comparison result; and determining whether to enable at least one function of the electronic device according to at least one of the check result and the comparison result.

Abstract: A method for controlling device activation and an associated electronic device are provided. The method includes: utilizing a static entropy source of the electronic device to provide a static entropy; utilizing a first message authentication code (MAC) operator of the electronic device to execute a predetermined algorithm for generating a reference code according to the static entropy and an embedded key of the electronic device; receiving an activation code from outside of the electronic device; utilizing a comparing circuit to compare the activation code with the reference code for generating a comparison result; and determining whether to activate at least one functional circuit of the electronic device according to the comparison result.

Abstract: An electronic device and a method for performing permission management of a storage device are provided. The storage device includes multiple storage blocks. The electronic device includes a controller and multiple dedicated interfaces, wherein the multiple dedicated interfaces are coupled to multiple ports of the controller. The controller is configured to perform access control of the storage device. The multiple dedicated interfaces correspond to the multiple storage blocks, and each dedicated interface of the multiple dedicated interfaces is configured to provide a dedicated channel for accessing one of the multiple storage blocks corresponding to said each dedicated interface via the controller.

Abstract: A modular operation circuit includes a controller, a modular multiplier and a modular adder. The controller divides a first number into K segments. The modular multiplier performs modular multiplication operations and the modular adder performs modular addition operations to the K segments in (K?1) iterations for deriving a remainder of a division of the first number by a second number.

Abstract: A key storage device comprising a first key unit and a second key unit is disclosed. The first key unit is configured to output a first logic value through, comprising: a first setting circuit configured to output a first setting voltage; and a first inverter comprising a first output transistor having a first threshold voltage, configured to receive the first setting voltage and generate the first logic value. The second key unit is configured to output a second logic value through a second node, comprising: a second setting circuit configured to output a second setting voltage; and a second inverter comprising a second output transistor having a second threshold voltage, configured to receive the second setting voltage and generate the second logic value. The absolute value of first threshold voltage is lower than which of the second threshold voltage. The first setting voltage is higher than the second setting voltage.

Abstract: An electronic device includes a first non-volatile memory and an application circuit. The first non-volatile memory stores first encrypted data encrypted with a global key. The application circuit includes a second non-volatile memory, a decryption unit, a local key unit, and an encryption unit. The second non-volatile memory stores the global key. The decryption unit is coupled to the first non-volatile memory and the second non-volatile memory. The decryption unit retrieves the global key from the second non-volatile memory and decrypts the first encrypted data with the global key to generate plain data. The local key unit generates or stores a local key. The encryption unit is coupled to the local key unit. The encryption unit encrypts the plain data with the local key to generate second encrypted data and overwrites the first encrypted data in the first non-volatile memory with the second encrypted data.