Abstract: Some embodiments relate to an electronic cryptographic device (100) arranged to determine a cryptographic key. The cryptographic device is arranged for an enrollment phase and a later reconstruction phase. The cryptographic device comprising a physically unclonable function (PUF) (110) and a processor circuit. The circuit being configured to determine during the enrollment phase debiasing data (142), first noise reduction data (131) and first noise reduction data. The circuit being configured to during the reconstruction phase compute at least one cryptographic key from first corrected bits and second corrected bits.

Abstract: Some embodiments are directed to an electronic cryptographic device arranged to determine a cryptographic key. The cryptographic device can include a physically unclonable function (PUF) arranged to produce a first noisy bit string during the enrollment phase and a second noisy bit string during the reconstruction phase, and a statistical unit arranged to execute a statistical test for verifying correct functioning of the physical unclonable function. The statistical test computes a statistical parameter for the physical unclonable function using helper data. The statistical test determines correct functioning if the statistical parameter satisfies a criterion of the statistical test.

Abstract: Some embodiments relate to an electronic cryptographic device (100) arranged to determine a cryptographic key. The cryptographic device is arranged for an enrollment phase and a later reconstruction phase. The cryptographic device comprising a physically unclonable function (PUF) (110) and a processor circuit. The circuit being configured to determine during the enrollment phase debiasing data (142), first noise reduction data (131) and first noise reduction data. The circuit being configured to during the reconstruction phase compute at least one cryptographic key from first corrected bits and second corrected bits.

Abstract: A seal including a metal annular body having an inner diameter and an outer diameter, the annular body including a main body portion including a first lip extending axially from the main body portion, the first lip adapted to provide a radial seal; and a second lip extending radially from the main body portion toward the outer diameter, the second lip adapted to provide an axial seal.

Abstract: Some embodiments are directed to an electronic cryptographic device configured to determine a cryptographic key. The cryptographic device has a physically unclonable function, a debiasing unit, and a key reconstruction unit. The PUF is configured to produce a first noisy bit string during an enrollment phase and a second noisy bit string during a reconstruction phase. The debiasing unit (120) is configured to determine debiasing data from the first noisy bit string during the enrollment phase. The debiasing data marks bits in the first noisy bit string as retained or discarded. The key reconstruction unit is configured to determine the cryptographic key from bits in the second noisy bit string marked as retained by the debiasing data, the cryptographic key being independent from bits in the second noisy bit string marked as discarded by the debiasing data.

Abstract: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processor. In one embodiments, a key provisioner/tester apparatus may include a memory device to receive a unique hardware key generated by a first logic of a processor. The key provisioner/tester apparatus may further include a cipher device to permanently store an encrypted first key in nonvolatile memory of the processor, detect whether the stored encrypted first key is valid, and to isolate at least one of the first logic and the nonvolatile memory of the processor from all sources that are exterior to the processor in response to detecting that the stored encrypted first key is valid.

Abstract: A seal including a metal annular body having an inner diameter and an outer diameter, the annular body including a main body portion including a first lip extending axially from the main body portion, the first lip adapted to provide a radial seal; and a second lip extending radially from the main body portion toward the outer diameter, the second lip adapted to provide an axial seal.

Abstract: Some embodiments are directed to an electronic cryptographic device arranged to determine a cryptographic key. The cryptographic device can include a physically unclonable function (PUF) arranged to produce a first noisy bit string during the enrollment phase and a second noisy bit string during the reconstruction phase, and a statistical unit arranged to execute a statistical test for verifying correct functioning of the physical unclonable function. The statistical test computes a statistical parameter for the physical unclonable function using helper data. The statistical test determines correct functioning if the statistical parameter satisfies a criterion of the statistical test.

Abstract: Some embodiments are directed to a cryptographic method for providing an electronic first device, an electronic second device and an electronic intermediary device, the cryptographic method establishing a cryptographically protected communication channel between the first device and the second device. The method comprises establishing a session identifier (SID) between the first device and the intermediary device. The first device sends the session identifier and a first key element to the second device over an out-of-band channel. The second device sends a registration message comprising the session identifier to the intermediary device. The first and derived at the first and second device.

Abstract: Some embodiments are directed to an electronic cryptographic device configured to determine a cryptographic key. The cryptographic device has a physically unclonable function, a debiasing unit, and a key reconstruction unit. The PUF is configured to produce a first noisy bit string during an enrollment phase and a second noisy bit string during a reconstruction phase. The debiasing unit (120) is configured to determine debiasing data from the first noisy bit string during the enrollment phase. The debiasing data marks bits in the first noisy bit string as retained or discarded. The key reconstruction unit is configured to determine the cryptographic key from bits in the second noisy bit string marked as retained by the debiasing data, the cryptographic key being independent from bits in the second noisy bit string marked as discarded by the debiasing data.

Abstract: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processor/apparatus. In one embodiment, the apparatus includes a physically unclonable functions (PUF) circuit to generate a hardware key based on at least one manufacturing variation of the apparatus and a nonvolatile memory coupled to the PUF circuit, the nonvolatile memory to store an encrypted key, the encrypted key comprising a first key encrypted using the hardware key. The apparatus further includes a hardware cipher component coupled to the nonvolatile memory and the PUF circuit, the hardware cipher component to decrypt the encrypted key stored in the nonvolatile memory with at least the hardware key to generate a decrypted copy of the first key and fixed logic circuitry coupled to the PUF circuit and the hardware cipher component, the fixed logic circuitry to verify that the decrypted copy of the first key is valid.

Abstract: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processor. In one embodiments, a key provisioner/tester apparatus may include a memory device to receive a unique hardware key generated by a first logic of a processor. The key provisioner/tester apparatus may further include a cipher device to permanently store an encrypted first key in nonvolatile memory of the processor, detect whether the stored encrypted first key is valid, and to isolate at least one of the first logic and the nonvolatile memory of the processor from all sources that are exterior to the processor in response to detecting that the stored encrypted first key is valid.

Abstract: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processors. A processor may include physically unclonable functions component, which may generate a unique hardware key based at least on at least one physical characteristic of the processor. The hardware key may be employed in encrypting a key such as a secret key. The encrypted key may be stored in a memory of the processor. The encrypted key may be validated. The integrity of the key may be protected by communicatively isolating at least one component of the processor.

Abstract: Some embodiments are directed to a cryptographic method for providing an electronic first device, an electronic second device and an electronic intermediary device, the cryptographic method establishing a cryptographically protected communication channel between the first device and the second device. The method comprises establishing a session identifier (SID) between the first device and the intermediary device. The first device sends the session identifier and a first key element to the second device over an out-of-band channel. The second device sends a registration message comprising the session identifier to the intermediary device. The first and second device can communicate through the intermediary device protected using a shared key derived at the first and second device.

Abstract: A seal assembly includes a lip seal having an axis, a central opening and a radial extension extending radially inward. The radial extension may be adapted to apply a sealing force against a shaft extending through the central opening by bending. The radial extension may extend at least partially along an axial direction. A support member that is resilient may be positioned adjacent the radial extension such that the support member limits bending of the radial extension.

Abstract: Some implementations disclosed herein provide techniques and arrangements for provisioning keys to integrated circuits/processors. A processor may include physically unclonable functions component, which may generate a unique hardware key based at least on at least one physical characteristic of the processor. The hardware key may be employed in encrypting a key such as a secret key. The encrypted key may be stored in a memory of the processor. The encrypted key may be validated. The integrity of the key may be protected by communicatively isolating at least one component of the processor.