Abstract: A system includes a memory device configured to store data at addressable locations in the memory device, a physically unclonable function (PUF) device including an array of PUF elements, and a memory interface coupled to the memory device and the PUF device. The memory interface is configured to receive a request to store first data in the memory device, store the first data in the memory device at a first location of the memory device, and transmit the first data and the first location to the PUF device. The PUF device is configured to create a first challenge value using the first data and the first location, generate a first response value using the first challenge value, and store the first response value as a first data integrity tag in the memory device, wherein the first data integrity tag is associated with the first data.

Abstract: Computing systems with dynamic architectures may be used to secure against code-injection attacks and other exploits. A system may generate multiple representations of instructions or other data associated with each of a set of configurations of the system. The system may periodically or randomly change configurations such that malicious code that is executable in one configuration cannot be executed in another configuration. A system may also detect malicious code by comparing code previously generated in one representation with different representations of the same code. If, during execution of a representation of a program code, the system determines that the representation specifies instructions that differ from other representations of the same program code, they system may stop executing the compromised program code, change its configuration, and continue to execute another representation of the program code that has not been compromised.

Abstract: Systems and methods for secure enrollment of physical unclonable function devices include providing a device with an enrollment controller. The enrollment controller receives an enrollment request from an enrollment system and authenticates the request. If the request is authentic, the enrollment controller generates challenges in a pseudorandom order determined by a random seed that is shared with the enrollment system. The enrollment controller issues the challenges to interrogation circuitry coupled to a PUF array and records the responses. The responses are transmitted in encrypted form, and in the pseudorandom order, to the enrollment system. The responses are encrypted using a random number shared with the enrollment system. The enrollment system and the enrollment controller can independently generate the encryption key using the shared random number and/or other securely shared information.

Abstract: A system and method for the generation of composite private keys are provided. First and second bitstreams are retrieved from an addressable cryptographic table by deriving addresses in the addressable cryptographic table from an initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, and outputting the first bit values as the first bitstream and the second bit values as the second bitstream. The first bitstream is concatenated with data from the first bitstream to form a data stream having a desired length and the second bitstream is concatenated with data from the second bitstream to form a selector stream having the desired length. A first composite encryption key having a length longer than the first and second bitstreams is formed by selecting values of the data stream identified by corresponding bit values of the selector stream.

Abstract: A transmitting device and a receiving device independently generate shared encryption keys by exchanging a ternary datastream composed of trits encoded by polarized photons generated and measured using one of two polarization orientations. The first orientation defines two mutually-orthogonal polarization axes and a mixed polarization state formed by a combination of the two axes for that orientation. The second orientation also define two mutually-orthogonal polarization axes and a mixed polarization state formed by a combination of the two axes for that orientation. The mutually-orthogonal axes of one orientation are combinations of the mutually-orthogonal axes of the other orientation. The sender and receiver independently choose an orientation for each trit and use trits where each party's polarization orientations agree to determine addresses in separate cryptographic tables belonging to each party.

Abstract: Systems and methods for secure communication between devices where one device has a physical unclonable function (“PUF”) array of PUF devices and another device stores data representing characteristics of the PUF array include encryption schemes using repeated application of one-way cryptographic functions to message segments. The devices transmit or receive a processing instruction used to determined PUF devices whose measured characteristics are used to derive encryption keys. Messages are segmented and message information is securely transmitted by repeatedly application of a suitable one-way cryptographic function to each message segment where the number of applications of the function is determined by each message segment.

Abstract: Disclosed herein is a computing system with the capability to execute instructions in different positional notation values. The definition of a positional notation value is given by the general formula that represent a base 10 numeral in any positional notation in the following manner: . . . d3r3+d2r2+d1r1+d0r0, where d is a coefficient, r is the base of the positional number system (i.e. r=2 for binary, or r=3 for ternary), and the exponent is the position of the digit. The computing may provide a configuration which hybridizes the instructions of multiple positional notation values in variable ratios. The computing system may dynamically switch between the multiple hybridized instructions sets. Embodiments may be applied to provide security benefits.

Abstract: Disclosed herein is a computing system with the capability to execute instructions in different positional notation values. The definition of a positional notation value is given by the general formula that represent a base 10 numeral in any positional notation in the following manner: . . . d3r3+d2r2+d1r1+d0r0, where d is a coefficient, r is the base of the positional number system (i.e. r=2 for binary, or r=3 for ternary), and the exponent is the position of the digit. The computing may provide a configuration which hybridizes the instructions of multiple positional notation values in variable ratios. The computing system may dynamically switch between the multiple hybridized instructions sets. Embodiments may be applied to provide security benefits.

Abstract: Systems and methods of encrypted communication between a server and client devices using keyless encryption schemes are disclosed. Client devices with arrays of physical-unclonable-function devices respond to challenges from a server. Characteristics of the arrays are stored by the server during a secure enrollment process. Subsequently, the server issues challenges to the clients. The clients derive a ciphertext according to a variable cipher scheme determined using responses to the challenges issued by the server using characteristics of portions of the arrays specified by the challenges. The server and clients may independently determine encryption and decryption procedures using characteristics of the arrays.

Abstract: Systems and methods of authentication and encrypted communication between a server and client using independently-generated shared encryption keys are disclosed. Clients with arrays of physical-unclonable-function devices respond to server-issued challenges. The clients derive encryption keys from responses to those challenges generated by measuring PUF devices specified by the challenges. The clients send messages encrypted with the encryption keys to the server. The server independently reproduces the client-generated encryption keys using information about the PUF devices. When the keys match, the clients are authenticated. It may be desirable to inject errors into the challenge responses generated by the clients to improve security. When errors are injected, attackers cannot determine correct challenge responses except by brute force.

Abstract: Systems and methods of authentication and encrypted communication between a server and client devices using independently-generated shared encryptions keys are disclosed. Client devices with arrays of physical-unclonable-function devices are respond to challenges from a server. Characteristics of the arrays are stored by the server during a secure enrollment process. Subsequently, the server issues challenges to the clients. The clients derive encryption keys from their responses to those challenges generated by the clients from characteristics of portions of the arrays specified by the challenges. The clients send messages encrypted with the client-generated encryption keys to the server. The server uses the stored characteristics to independently reproduce the client-generated encryption key. When the server-generated encryption key matches the client-generated key, the clients may be authenticated and the clients can communicate securely with the server without exchanging encryption keys.

Abstract: Systems and methods for securing blockchain and other cryptographically signed ledgers are disclosed. Client devices with arrays of physical-unclonable-function devices are respond to challenges from a server. Characteristics of the arrays are stored by the server during a secure enrollment process. Subsequently, the server issues challenges to the clients and receives responses generated by the clients from characteristics of portions of the arrays specified by the challenges. The challenge responses are used to authenticate the clients and are also used as cryptographic private keys for signing transaction blocks. Public keys corresponding to the private keys are generated allowing signed transaction blocks to be validated as well as allowing clients originating the transactions to be authenticated by other clients. Ternary PUF characterization schemes are used to achieve acceptable authentication error rates.

Abstract: Systems and methods for improving security in computer-based authentication systems by using physical unclonable functions are presented. A computing device used to provide authentication includes an array of physical unclonable function devices. Rather than storing user passwords or message digests of passwords, the computing device generates a message digest based on a combination of a user ID and corresponding password. This message digest forms part of challenge (together with instructions for responding to the challenge). A challenge response generated by measuring physical parameters of set of physical unclonable function devices specified by the message digest. This allows the computing device to provide authentication without storing information which could be used by an attacker to compromise user credentials.

Abstract: This invention disclosure describes how the security of existing quantum key distribution protocols can be enhanced with the use of a ternary/binary arithmetic conversion along with shared keys between communicating parties. With these schemes, Bob can detect eavesdropping attacks without exchanging the content of the transmitted data stream with the Alice. Addressable physical unclonable function (PUF) technology can be exploited to design protocols that securely exchange the shared keys.

Abstract: Disclosed herein is a computing system with the capability to execute instructions in different positional notation values. The definition of a positional notation value is given by the general formula that represent a base 10 numeral in any positional notation in the following manner: . . . d3r3+d2r2+d1r1+d0r0, where d is a coefficient, r is the base of the positional number system (i.e. r=2 for binary, or r=3 for ternary), and the exponent is the position of the digit. The computing may provide a configuration which hybridizes the instructions of multiple positional notation values in variable ratios. The computing system may dynamically switch between the multiple hybridized instructions sets. Embodiments may be applied to provide security benefits.

Abstract: An Artificial Neural Network (ANN) is a computational model that is inspired by the way biological neural networks in the human brain process information. The basic computational element (model neuron) is often called a node or unit. It receives input from some other units and/or from external sources. Each input has an associated weight (w), which can be modified so as to model synaptic learning. The present invention disclosures a low-power, controllable, and reconfigurable method to control weights in models neurons. The injection of extremely small electric currents (a few nanoamperes) in each cell forces the resistance to drop abruptly by several orders of magnitudes due to the formation of a conductive path between the two electrodes. These conductive paths dissolve as soon as the current injection stops, and the cells return to their initial state. A repeated injection of currents into the same cell results in an almost identical effect in resistance drop.

Abstract: A computing device includes an array of addressable elements. Each addressable element is a hardware element that generates a substantially consistent response when interrogated. The device includes a processor coupled to the array of addressable elements and configured to communicate using a communication network. The processor receives a public key, and processes the public key to produce at least a set of addresses. Each address in the set of addresses identifies one or more hardware elements in the array of addressable elements. The processor generates a set of responses by interrogating the one or more hardware elements in the array of addressable elements identified by the set of addresses according to a set of reading instructions, appends the responses in the set of responses to generate a private key, receives an encrypted message and decrypts the encrypted message using the private key to generate an unencrypted message.

Abstract: A device has magnetic sensors and magnets in an array on a flexible substrate. Each magnetic sensor is sensitive to immediately proximate magnets. At least one controller evaluates magnetic sensor signals from the magnetic sensors produced in response to deformation of the flexible substrate.

Abstract: A cryptographic infrastructure, which provides a method for generating private keys of variable length from a cryptographic table and a public key. This infrastructure provides an approximation of the one-time pad scheme. The cryptographic table is shared between a message sender and a message recipient by a secure transfer. After sharing the cryptographic table, no new private keys need to be sent—the private keys are independently generated by each party from the data contained within the shared cryptographic tables, using the public key. After public keys are exchanged, private keys may be generated and used to encrypt and decrypt messages and perform authentication cycles, establishing a secure communication environment between the sender and the recipient.

Abstract: A memory circuit using dynamic random access memory (DRAM) arrays. The DRAM arrays can be configured as CAMs or RAMs on the same die, with the control circuitry for performing comparisons located outside of the DRAM arrays. In addition, DRAM arrays can be configured for secure authentication where, after the first authentication performed with a non-volatile secure element, subsequent authentications can be performed by the DRAM array.