Patents by Inventor Bjorn Fay
Bjorn Fay has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240146535Abstract: Various embodiments relate to a fault detection system and method for a digital signature algorithm, including: producing a digital signature of a message using a digital signature algorithm; storing parameters from a last round of the digital signature algorithm; executing the last round of the digital signature algorithm using the stored parameters to produce a check signature; comparing the digital signature to the check signature; and outputting the digital signature when the digital signature is the same as the check signature.Type: ApplicationFiled: October 11, 2022Publication date: May 2, 2024Inventors: Joost Roland Renes, Melissa Azouaoui, Joppe Willem Bos, Björn Fay, Tobias Schneider
-
Publication number: 20240137214Abstract: Various embodiments relate to a data processing system comprising instructions embodied in a non-transitory computer readable medium, the instructions for a cryptographic operation including matrix multiplication for lattice-based cryptography in a processor, the instructions, including: applying a first function to the rows of a matrix of polynomials to generate first outputs, wherein the first function excludes the identity function; adding an additional row to the matrix of polynomials to produce a modified matrix, wherein each element in the additional row is generated by a second function applied to a column of outputs associated with each element in the additional row; multiplying the modified matrix with a vector of polynomials to produce an output vector of polynomials; applying a verification function to the output vector that produces an indication of whether a fault occurred in the multiplication of the modified matrix with the vector of polynomials; and carrying out a cryptographic operation usingType: ApplicationFiled: October 6, 2022Publication date: April 25, 2024Inventors: Melissa Azouaoui, Joppe Willem Bos, Tobias Schneider, Joost Roland Renes, Björn Fay
-
Patent number: 11960358Abstract: Various embodiments relate to a memory controller configured to read data from a memory array, including: an error correction codes (ECC) encoder configured to encode data stored in the memory array; an ECC decoder configured to decode first data read from the memory array based upon a first read request and detect errors in the first data read from the memory array; and a fault controller configured to: command the memory controller to read other data from the memory array when the ECC detects an error; command the memory controller to re-read the first data from the memory array; when the ECC detects an error; compare the re-read first data to the read first data; and signal a fault attack when the re-read first data is different from the read first data.Type: GrantFiled: September 30, 2022Date of Patent: April 16, 2024Assignee: NXP B.V.Inventor: Björn Fay
-
Patent number: 11962305Abstract: A true random number generator circuit includes a ring oscillator and a plurality of sampling circuits. The ring oscillator includes a plurality of series-connected stages coupled together in a ring. An output of a last stage of the ring oscillator is coupled to an input of a first stage of the ring oscillator. A sampling circuit of the plurality of sampling circuits has an input coupled to a node located between two adjacent stages of the plurality of series-connected stages. Every node of the ring oscillator is coupled to a corresponding sampling circuit of the plurality of sampling circuits. In another embodiment, a method for generating a random number is provided.Type: GrantFiled: June 9, 2021Date of Patent: April 16, 2024Assignee: NXP B.V.Inventor: Björn Fay
-
Publication number: 20240111624Abstract: Various embodiments relate to a memory controller configured to read data from a memory array, including: an error correction codes (ECC) encoder configured to encode data stored in the memory array; an ECC decoder configured to decode first data read from the memory array based upon a first read request and detect errors in the first data read from the memory array; and a fault controller configured to: command the memory controller to read other data from the memory array when the ECC detects an error; command the memory controller to re-read the first data from the memory array; when the ECC detects an error; compare the re-read first data to the read first data; and signal a fault attack when the re-read first data is different from the read first data.Type: ApplicationFiled: September 30, 2022Publication date: April 4, 2024Applicant: NXP B.V.Inventor: Björn FAY
-
Patent number: 11917089Abstract: Embodiments of a physical unclonable function (PUF) device and a method for generating helper data for a PUF device with an array of cells are disclosed. In an embodiment, the PUF device comprises an array of cells, wherein each cell of the array generates an output signal, a reliable cell group detector coupled to the array of cells to find reliable groups of cells in the array of cells having sufficient reliable cells and output addresses of the reliable groups of cells, and a storage device coupled to the reliable cell group detector to store the addresses of the reliable groups of cells to be used as helper data for PUF response operations.Type: GrantFiled: September 28, 2021Date of Patent: February 27, 2024Assignee: NXP B.V.Inventor: Björn Fay
-
Patent number: 11783057Abstract: A method is provided for secure provisioning of a device. In the method, a plurality of integrated circuit (IC) devices is manufactured by a first entity for use in the device. The first entity provides signed provisioning software and stores in at least one provisioning IC device one or more keys used for provisioning the plurality of ICs. The provisioning device with the signed provisioning software is provided to a second entity. The second entity verifies the provisioning software using a stored key. The provisioning software encrypts provisioning assets provided by the second entity and provides the encrypted provisioning assets to the third entity. The signed provisioning software is provided to a third entity by the first entity. During manufacturing of the manufactured products by the third entity, the provisioning software verifies and decrypts the encrypted provisioning assets of the second entity to provision all the plurality of IC devices.Type: GrantFiled: August 24, 2021Date of Patent: October 10, 2023Assignee: NXP B.V.Inventors: Björn Fay, Miroslav Knezevic, Durgesh Pattamatta, Alexander Vogt
-
Publication number: 20230274787Abstract: Various embodiments relate to a method for storing and reading data from a memory. Data words stored in the memory may be grouped, and word specific parity information and shared parity information is generated, and the shared parity information is distributed among the group of words. During reading of a word, if more errors are detected than can be corrected with word parity data, the shared parity data is retrieved and used to make the error corrections.Type: ApplicationFiled: May 8, 2023Publication date: August 31, 2023Inventors: Soenke Ostertun, Björn Fay, Vitaly Ocheretny
-
Patent number: 11694761Abstract: Various embodiments relate to a method for storing and reading data from a memory. Data words stored in the memory may be grouped, and word specific parity information and shared parity information is generated, and the shared parity information is distributed among the group of words. During reading of a word, if more errors are detected than can be corrected with word parity data, the shared parity data is retrieved and used to make the error corrections.Type: GrantFiled: September 17, 2021Date of Patent: July 4, 2023Assignee: NXP B.V.Inventors: Soenke Ostertun, Bjorn Fay, Vitaly Ocheretny
-
Publication number: 20230094237Abstract: Embodiments of a physical unclonable function (PUF) device and a method for generating helper data for a PUF device with an array of cells are disclosed. In an embodiment, the PUF device comprises an array of cells, wherein each cell of the array generates an output signal, a reliable cell group detector coupled to the array of cells to find reliable groups of cells in the array of cells having sufficient reliable cells and output addresses of the reliable groups of cells, and a storage device coupled to the reliable cell group detector to store the addresses of the reliable groups of cells to be used as helper data for PUF response operations.Type: ApplicationFiled: September 28, 2021Publication date: March 30, 2023Inventor: Björn Fay
-
Publication number: 20230089443Abstract: Various embodiments relate to a method for storing and reading data from a memory. Data words stored in the memory may be grouped, and word specific parity information and shared parity information is generated, and the shared parity information is distributed among the group of words. During reading of a word, if more errors are detected than can be corrected with word parity data, the shared parity data is retrieved and used to make the error corrections.Type: ApplicationFiled: September 17, 2021Publication date: March 23, 2023Inventors: Soenke Ostertun, Bjorn Fay, Vitaly Ocheretny
-
Publication number: 20230063743Abstract: A method is provided for secure provisioning of a device. In the method, a plurality of integrated circuit (IC) devices is manufactured by a first entity for use in the device. The first entity provides signed provisioning software and stores in at least one provisioning IC device one or more keys used for provisioning the plurality of ICs. The provisioning device with the signed provisioning software is provided to a second entity. The second entity verifies the provisioning software using a stored key. The provisioning software encrypts provisioning assets provided by the second entity and provides the encrypted provisioning assets to the third entity. The signed provisioning software is provided to a third entity by the first entity. During manufacturing of the manufactured products by the third entity, the provisioning software verifies and decrypts the encrypted provisioning assets of the second entity to provision all the plurality of IC devices.Type: ApplicationFiled: August 24, 2021Publication date: March 2, 2023Inventors: Björn Fay, Miroslav Knezevic, Durgesh Pattamatta, Alexander Vogt
-
Patent number: 11595195Abstract: Various embodiments relate to a method for masked decoding of a polynomial a using an arithmetic sharing a to perform a cryptographic operation in a data processing system using a modulus q, the method for use in a processor of the data processing system, including: subtracting an offset ? from each coefficient of the polynomial a; applying an arithmetic to Boolean (A2B) function on the arithmetic shares of each coefficient ai of the polynomial a to produce Boolean shares âi that encode the same secret value ai; and performing in parallel for all coefficients a shared binary search to determine which of coefficients ai are greater than a threshold t to produce a Boolean sharing value {circumflex over (b)} of the bitstring b where each bit of b decodes a coefficient of the polynomial a.Type: GrantFiled: April 9, 2021Date of Patent: February 28, 2023Assignee: NXP B.V.Inventors: Tobias Schneider, Joppe Willem Bos, Björn Fay, Marc Gourjon, Joost Roland Renes, Christine van Vredendaal
-
Publication number: 20220399883Abstract: A true random number generator circuit includes a ring oscillator and a plurality of sampling circuits. The ring oscillator includes a plurality of series-connected stages coupled together in a ring. An output of a last stage of the ring oscillator is coupled to an input of a first stage of the ring oscillator. A sampling circuit of the plurality of sampling circuits has an input coupled to a node located between two adjacent stages of the plurality of series-connected stages. Every node of the ring oscillator is coupled to a corresponding sampling circuit of the plurality of sampling circuits. In another embodiment, a method for generating a random number is provided.Type: ApplicationFiled: June 9, 2021Publication date: December 15, 2022Inventor: Björn Fay
-
Publication number: 20220337398Abstract: Various embodiments relate to a method for masked decoding of a polynomial a using an arithmetic sharing a to perform a cryptographic operation in a data processing system using a modulus q, the method for use in a processor of the data processing system, including: subtracting an offset ? from each coefficient of the polynomial a; applying an arithmetic to Boolean (A2B) function on the arithmetic shares of each coefficient ai of the polynomial a to produce Boolean shares âi that encode the same secret value ai; and performing in parallel for all coefficients a shared binary search to determine which of coefficients ai are greater than a threshold t to produce a Boolean sharing value {circumflex over (b)} of the bitstring b where each bit of b decodes a coefficient of the polynomial a.Type: ApplicationFiled: April 9, 2021Publication date: October 20, 2022Inventors: Tobias Schneider, Joppe Willem Bos, Björn Fay, Marc Gourjon, Joost Roland Renes, Christine van Vredendaal
-
Patent number: 11271732Abstract: Various embodiments relate to a method for generating a bit stream in a physical unclonable function (PUF) system, including: receiving a set of values from a plurality of physical devices in the PUF system in a first order; sorting the set of values into a second order; for each of the L highest values, setting a corresponding levelTag value to a first bit value and setting a corresponding usageTag value to a first usage value that indicates that the levelTag for the corresponding value is to be used to generate the bit stream, wherein L is a level setting; for each of the L lowest values, setting a corresponding levelTag value to a second bit value and setting a corresponding usageTag value to the first usage value, wherein the first bit value is different from the second bit value; setting the usageTag value for all other values that are not the highest L values or the lowest L values to a second usage value that indicates that the corresponding value is not to be used to generate the bit stream; generatinType: GrantFiled: November 12, 2019Date of Patent: March 8, 2022Assignee: NXP B.V.Inventor: Bjorn Fay
-
Patent number: 11025421Abstract: Various embodiments relate to a key protocol exchange that provide a simple but still secure key exchange protocol. Security of key exchange protocols has many aspects; providing and proving all these properties gets harder with more complex protocols. These security properties may include: perfect forward secrecy; forward deniability; key compromise impersonation resistance; security against unknown key share attack; explicit or implicit authentication; key confirmation; protocol is (session-)key independent; key separation (different keys for encryption and MACing); extendable, e.g., against DOS attacks; support of early messages; small communication footprint; and support of for public-key and/or password authentication.Type: GrantFiled: April 26, 2019Date of Patent: June 1, 2021Assignee: NXP B.V.Inventor: Bjorn Fay
-
Publication number: 20210143994Abstract: Various embodiments relate to a method for generating a bit stream in a physical unclonable function (PUF) system, including: receiving a set of values from a plurality of physical devices in the PUF system in a first order; sorting the set of values into a second order; for each of the L highest values, setting a corresponding levelTag value to a first bit value and setting a corresponding usageTag value to a first usage value that indicates that the levelTag for the corresponding value is to be used to generate the bit stream, wherein L is a level setting; for each of the L lowest values, setting a corresponding levelTag value to a second bit value and setting a corresponding usageTag value to the first usage value, wherein the first bit value is different from the second bit value; setting the usageTag value for all other values that are not the highest L values or the lowest L values to a second usage value that indicates that the corresponding value is not to be used to generate the bit stream; generatinType: ApplicationFiled: November 12, 2019Publication date: May 13, 2021Inventor: Bjorn FAY
-
Patent number: 10944435Abstract: Various embodiments relate to a method and system for encoding data to be stored in a memory, including: encoding the data to be stored in memory with an error detection code (EDC), that can detect up to 4 bit errors, as first encoded data; determining the Hamming weight of the first encoded data; inverting the determined Hamming weight; concatenating the first encoded data and three copies of the inverted Hamming weight as concatenated data; encoding the concatenated data with an error correcting code (ECC), that can correct 1 bit error, as second encoded data; and storing the second encoded data in the memory.Type: GrantFiled: March 27, 2020Date of Patent: March 9, 2021Assignee: NXP B.V.Inventor: Björn Fay
-
Publication number: 20200344052Abstract: Various embodiments relate to a key protocol exchange that provide a simple but still secure key exchange protocol. Security of key exchange protocols has many aspects; providing and proving all these properties gets harder with more complex protocols. These security properties may include: perfect forward secrecy; forward deniability; key compromise impersonation resistance; security against unknown key share attack; explicit or implicit authentication; key confirmation; protocol is (session-)key independent; key separation (different keys for encryption and MACing); extendable, e.g., against DOS attacks; support of early messages; small communication footprint; and support of for public-key and/or password authentication.Type: ApplicationFiled: April 26, 2019Publication date: October 29, 2020Inventor: Bjorn FAY