Patents by Inventor Ziv Hershman
Ziv Hershman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240427882Abstract: An Attack Resilient Computation Circuit (ARCC) in an integrated circuit (IC) includes a first computation stage, a second computation stage, and security circuitry. The first computation stage is configured to process one or more signals so as to produce one or more outputs, the first computation stage having multiple signal propagation paths. The second computation stage is configured to receive and process the outputs of the first computation stage. The security circuitry is configured to generate a synchronization signal indicating that propagation of the signals in the first computation stage has completed, and to inhibit the second processing stage from processing the outputs of the first processing stage for a time interval derived from the synchronization signal.Type: ApplicationFiled: June 26, 2023Publication date: December 26, 2024Inventor: Ziv Hershman
-
Publication number: 20240412806Abstract: A method includes providing one or more signals to an electronic device for performing a test procedure that involves programming a One-Time Programmable (OTP) memory in the electronic device. A verification is made as to whether connection of the one or more signals to the electronic device is stable, by performing a sequence of one or more iterations, each iteration including (i) determining, from among a set of scratchpad addresses in the OTP memory, an address that is available for programming, (ii) writing a test value to the address, and then (iii) reading the test value from the address. If the read test value differs from the written test value, re-tuning of the connection of the one or more signals is initiated. Only when the connection is verified as stable by the sequence of iterations, the OTP memory is programmed in accordance with the test procedure.Type: ApplicationFiled: June 11, 2023Publication date: December 12, 2024Inventors: Ziv Hershman, Dana Agur, Alain Bismuth
-
Patent number: 12126709Abstract: In one embodiment, a processing device includes a symmetric block cipher configured to encrypt plaintext blocks yielding respective ciphertext blocks, obfuscation circuitry configured to obfuscate the respective ciphertext blocks responsively to an obfuscation secret yielding respective obfuscated ciphertext blocks and an interface to send the respective obfuscated ciphertext blocks to at least one remote processing device. In one embodiment, the processing device provides side-channel attack protection within a symmetric key scheme by data obfuscation and by changing encryption/decryption keys using key manipulation so that different blocks or group of blocks of data are encrypted/decrypted using respective encryption/decryption keys.Type: GrantFiled: February 13, 2022Date of Patent: October 22, 2024Assignee: NUVOTON TECHNOLOGY CORPORATIONInventors: Moshe Alon, Ziv Hershman
-
Publication number: 20240061651Abstract: An electronic circuit for Random Number Generation (RNG) includes multiple inverters, a contention-current generator, and digitization circuitry. The multiple inverters are connected to one another in a ring and configured to generate an oscillating signal. The contention-current generator is connected to a node at which an output of an inverter of the ring drives an input of a subsequent inverter of the ring with a drive current. The contention-current generator includes at least a buffer configured to drive the node, at least while a voltage at the node transitions between opposite logic states, with a contention current that opposes the drive current and is weaker than the drive current. The digitization circuitry is configured to generate a sequence of random numbers by sampling the oscillating signal generated in the ring.Type: ApplicationFiled: August 22, 2022Publication date: February 22, 2024Inventors: Ziv Hershman, Tamir Golan
-
Patent number: 11886717Abstract: This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.Type: GrantFiled: November 18, 2022Date of Patent: January 30, 2024Assignee: Google LLCInventors: Eunchan Kim, Michael Stefano Fritz Schaffner, Timothy Jay Chen, Christopher Gori, Ziv Hershman, Miguel Angel Osorio
-
Publication number: 20230401313Abstract: An apparatus for protecting a processor includes an input interface and protection circuitry. The input interface is configured to monitor code instructions that are processed by the processor. One or more of the code instructions include one or more error-detection bits. The protection circuitry is configured to detect one or more errors in the program code using the error-detection bits, and to initiate responsive actions in response to detecting the errors, while accounting for exception events occurring in the processor.Type: ApplicationFiled: August 28, 2023Publication date: December 14, 2023Inventor: Ziv Hershman
-
Patent number: 11799627Abstract: An electronic circuit includes a driving cell, one or more driven cells and one or more inverters. The driving cell has two or more inputs and at least one output and is configured to toggle the output between first and second logic states in response to the inputs. Each driven cell has two or more inputs, of which at least one input is configured to be driven by the output of the driving cell. The one or more inverters are placed in a signal network that connects the driving cell to the driven cells. The inverters are configured to balance, over the signal network, (i) a first capacitive load charged by electrical currents caused by transitions from the first logic state to the second logic state and (ii) a second capacitive load charged by electrical currents caused by transitions from the second logic state to the first logic state.Type: GrantFiled: November 19, 2020Date of Patent: October 24, 2023Assignee: NUVOTON TECHNOLOGY CORPORATIONInventor: Ziv Hershman
-
Patent number: 11783026Abstract: An apparatus for protecting a processor includes an input interface and protection circuitry. The input interface is configured to monitor code instructions that are processed by the processor, one or more of which code instructions including one or more error-detection bits. The protection circuitry is configured to detect an error in the program code using the error-detection bits, and to initiate a responsive action in response to detecting the error.Type: GrantFiled: January 5, 2021Date of Patent: October 10, 2023Assignee: NUVOTON TECHNOLOGY CORPORATIONInventor: Ziv Hershman
-
Publication number: 20230221926Abstract: An integrated circuit includes signal-source circuitry (SSC), an SSC power supply circuit (SSC-PS) and a digitization circuit. The SSC is configured to generate an output signal, which is guaranteed to meet specified electrical parameters provided that a supply voltage to the SSC is within a specified operating voltage range. The SSC-PS is configured to power the SSC with a reduced voltage that is below the specified operating voltage range, thereby causing the output signal to be noisy. The digitization circuit is configured to digitize the noisy output signal so as to generate a respective sequence of random numbers.Type: ApplicationFiled: January 10, 2022Publication date: July 13, 2023Inventors: Ziv Hershman, Tamir Golan
-
Patent number: 11636907Abstract: An Integrated Circuit (IC) includes a non-volatile memory (NVM) and secure power-up circuitry. The NVM is configured to store an operational state of the IC. The secure power-up circuitry is configured to (i) during a power-up sequence of the IC, perform a first readout of the operational state from the NVM while a supply voltage of the IC is within a first voltage range, (ii) if the operational state read from the NVM in the first readout is a state that permits access to a sensitive resource of the IC, verify that the supply voltage is within a second voltage range, more stringent than the first voltage range, and then perform a second readout of the operational state from the NVM, and (iii) initiate a responsive action in response to a discrepancy between the operational states read from the NVM in the first readout and in the second readout.Type: GrantFiled: June 30, 2020Date of Patent: April 25, 2023Assignee: NUVOTON TECHNOLOGY CORPORATIONInventors: Ziv Hershman, Yoel Hayon, Moshe Alon
-
Publication number: 20230099564Abstract: This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.Type: ApplicationFiled: November 18, 2022Publication date: March 30, 2023Applicant: Google LLCInventors: Eunchan Kim, Michael Stefano Fritz Schaffner, Timothy Jay Chen, Christopher Gori, Ziv Hershman, Miguel Angel Osorio
-
Patent number: 11601268Abstract: A device including a network interface, a memory and a processor. The network interface is configured to communicate with a verifier over a communication network. The memory is configured to store multiple layers of mutable code, the layers identifiable by respective measurements. The processor is configured to generate, for a given boot cycle, a nonce associated uniquely with the given boot cycle, to receive a challenge from the verifier for attestation of a given layer of the mutable code, to calculate an attestation key based on (i) a Unique Device Secret (UDS) stored securely in the device, (ii) a measurement of the given layer taken by another layer, and (iii) the nonce generated for the given boot cycle, to calculate a response for the challenge, by signing the challenge using the attestation key, and to send the response to the verifier for verification of the given layer.Type: GrantFiled: August 3, 2020Date of Patent: March 7, 2023Assignee: NUVOTON TECHNOLOGY CORPORATIONInventors: Ziv Hershman, Dan Morav
-
Publication number: 20230037804Abstract: In one embodiment, a processing device includes a symmetric block cipher configured to encrypt plaintext blocks yielding respective ciphertext blocks, obfuscation circuitry configured to obfuscate the respective ciphertext blocks responsively to an obfuscation secret yielding respective obfuscated ciphertext blocks and an interface to send the respective obfuscated ciphertext blocks to at least one remote processing device. In one embodiment, the processing device provides side-channel attack protection within a symmetric key scheme by data obfuscation and by changing encryption/decryption keys using key manipulation so that different blocks or group of blocks of data are encrypted/decrypted using respective encryption/decryption keys.Type: ApplicationFiled: February 13, 2022Publication date: February 9, 2023Inventors: Moshe Alon, Ziv Hershman
-
Patent number: 11574079Abstract: A method for provisioning an electronic device includes providing a semiconductor wafer on which multiple integrated circuit (IC) chips have been fabricated. Each chip includes a secure memory and programmable logic, which is configured to store at least two keys in the secure memory and to compute digital signatures over data using the at least two keys. A respective first key is provisioned into the secure memory of each of the chips via electrical probes applied to contact pads on the semiconductor wafer. After dicing of the wafer, a respective second key is provisioned into the secure memory of each of the chips via contact pins of the chips. A respective provisioning report is received from each of the chips with a digital signature computed by the logic using both of the respective first and second keys. The provisioning is verified based on the digital signature.Type: GrantFiled: May 27, 2021Date of Patent: February 7, 2023Assignee: NUVOTON TECHNOLOGY CORPORATIONInventors: Dan Morav, Ziv Hershman, Oren Tanami
-
Patent number: 11528126Abstract: This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.Type: GrantFiled: February 16, 2021Date of Patent: December 13, 2022Assignee: Google LLCInventors: Eunchan Kim, Michael Stefano Fritz Schaffner, Timothy Jay Chen, Christopher Gori, Ziv Hershman, Miguel Angel Osorio
-
Patent number: 11520940Abstract: A security device includes a bus interface and circuitry. The bus interface is coupled to a bus connecting between a host device and a peripheral device. The circuitry is configured to receive, via the bus interface, a clock signal of the bus, and to produce a delayed clock signal relative to the clock signal. The circuitry is further configured to monitor, using the clock signal, transactions communicated between the host device and the peripheral device, in response to identifying a given transaction, of which a portion is expected to be delayed by a predefined time delay relative to the clock signal, to sample the portion of the given transaction using the delayed clock signal, and in response to identifying, based on the sampled portion, that the given transaction violates a security policy, to apply a security action.Type: GrantFiled: June 21, 2020Date of Patent: December 6, 2022Assignee: NUVOTON TECHNOLOGY CORPORATIONInventors: Ziv Hershman, Victor Adrian Flachs, Natan Keiren, Joram Peer, Yoel Hayon
-
Publication number: 20220382911Abstract: A method for provisioning an electronic device includes providing a semiconductor wafer on which multiple integrated circuit (IC) chips have been fabricated. Each chip includes a secure memory and programmable logic, which is configured to store at least two keys in the secure memory and to compute digital signatures over data using the at least two keys. A respective first key is provisioned into the secure memory of each of the chips via electrical probes applied to contact pads on the semiconductor wafer. After dicing of the wafer, a respective second key is provisioned into the secure memory of each of the chips via contact pins of the chips. A respective provisioning report is received from each of the chips with a digital signature computed by the logic using both of the respective first and second keys. The provisioning is verified based on the digital signature.Type: ApplicationFiled: May 27, 2021Publication date: December 1, 2022Inventors: Dan Morav, Ziv Hershman, Oren Tanami
-
Patent number: 11475170Abstract: A self-correcting memory system comprising an integrated circuit including memory and memory content authentication functionality, which is operative to compare content to be authenticated to a standard and to output “authentic” if the content to be authenticated equals the standard and “non-authentic” otherwise; and error correction functionality which is operative to apply at least one possible correction to at least one erroneous word entity in said memory, yielding a possibly correct word entity, call said authentication for application to the possibly correct word entity, and if the authentication's output is “authentic”, to replace said erroneous word entity in said memory, with said possibly correct word entity thereby to yield error correction at a level of confidence derived from the level of confidence associated with the authentication.Type: GrantFiled: May 28, 2019Date of Patent: October 18, 2022Assignee: NUVOTON TECHNOLOGY CORPORATIONInventors: Ziv Hershman, Ilan Margalit
-
Publication number: 20220263646Abstract: This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.Type: ApplicationFiled: February 16, 2021Publication date: August 18, 2022Applicant: Google LLCInventors: Eunchan Kim, Michael Stefano Fritz Schaffner, Timothy Jay Chen, Christopher Gori, Ziv Hershman, Miguel Angel Osorio
-
Patent number: 11416639Abstract: In one embodiment, a secure chip apparatus, includes a memory to store an encrypted value E and a one-way function output-value H, which is an output value of a one-way function computed with a nonce N as input, an interface to transfer data with an external device, and chip security circuitry to lock a portion of the chip apparatus from use, receive an unlock request from an unlocking hardware security module (HSM) via the interface, provide the encrypted value E to the HSM responsively to the unlock request, receive a value N? from the HSM, the value N? being a decrypted value of the encrypted value E, compute a one-way function output-value H? responsively to the value N?, compare the value H? to the value H, and unlock the portion of the chip apparatus for use responsively to a match between the value H? and the value H.Type: GrantFiled: June 29, 2020Date of Patent: August 16, 2022Assignee: NUVOTON TECHNOLOGY CORPORATIONInventors: Oren Tanami, Ziv Hershman