Abstract: A secure system includes a data port, a network on chip (NoC) module, a processor communicatively coupled to the NoC module, a communication interface operatively coupled to the processor and to the data port, an electronic field-programmable gate array (eFPGA) configuration module operatively coupled to the NoC module, and a clock operatively coupled to the NoC module. In a first modality, the communication interface is at least partially disabled. In a second modality, the communication interface is at least partially disabled, boundary scan operations are disabled, a RESET signal is held in a constant state, and/or redacted code is rendered inoperable. In a third modality, the communication interface is at least partially enabled to send and receive commands and data via the data port, the boundary scan operations are enabled, the RESET signal is not held in the constant state, and/or the redacted code is operable.

Abstract: The disclosed embodiments relate to securing operations accessing a non-volatile storage area of a memory device. In one embodiment, a method is disclosed comprising generating, by firmware of a memory device, a cryptographic key using a value of a physically unclonable function (PUF); writing, by the firmware, the cryptographic key to a volatile storage area; receiving, by the firmware, a command accessing a non-volatile storage area from a host processor; and processing, by the firmware, the command using the cryptographic key.

Abstract: Systems, methods, and computer-readable storage media for improving cybersecurity protections across entities. One system includes a response system including one or more processing circuits including memory and at least one processor configured to identify a plurality of first level configurations corresponding to at least one of an operational or security action performed on the a plurality of computing systems of an entity of a plurality of entities. The at least one processor further configured to encrypt or tokenize the plurality of first level configurations. The at least one processor further configured to record the plurality of first level configurations on the distributed ledger or data source.

Abstract: Various embodiments provide methods, systems, computer program products, apparatuses, and/or the like for assessing vulnerability of an IC design to fault injection attacks, such as through a security property-driven vulnerability assessment framework for efficiently evaluating faults with respect to certain security properties associated with the IC design. In one embodiment, a method is provided. The method includes generating, using a fault-injection technique specification, one or more fault models describing attributes of one or more faults. The method further includes selecting, using the fault models and executable security properties associated with a design file of an IC design, a fault list identifying a plurality of possible faults for the IC design. The method further includes identifying, based at least in part on performing a fault simulation on the design file with the fault list, critical locations of the IC design.

Abstract: Systems and methods for the generation and use of session keys supporting secure communications between a client and server device are disclosed. The client hashes each of a series of passwords a first number of times. The hashed passwords are sent to a server. The server applies the hashed password to an array of PUF devices, and receives an initial response bitstream which is stored. The client later hashes each of the series of passwords a second number of times, which is less than the first number, and these are sent to the server. The server continues to hash the second message digest, generate PUF responses, and compare the result to the initially stored responses. For each password, the number of hashes necessary to achieve a match is a partial session key. Latency is improved by an array of separately addressable PUFs, each producing a partial session key.

Abstract: A distributed processing system with multiple systems connected by an inter-system communication interface. Each system has a memory programmed with multiple firmware images each having a distinct entry point, a processor, a writable (by another system of the distributed processing system) hardware register initially seeded with an initial firmware image entry point, and a controller external to the processor that, prior to an initial reset, reads the entry point from the hardware register and causes the processor to begin fetching instructions at the initial entry point. Prior to a subsequent reset of the processor, the external controller facilitates a transition to another firmware image by reading its entry point from the hardware register and causing the processor to begin fetching instructions at the other entry point. Each system may have multiple processors and multiple associated hardware registers writeable by another processor of the system or a by host processor.

Abstract: Systems and methods for the generation and use of session keys supporting secure communications between a client and server device are disclosed. The client device has or receives a password, which it hashes a predetermined first number of times. The hashed password is sent as a message digest to a server. The server applies the hashed password to a an array of PUF devices, and receives a response bitstream which is stored. The client later hashes the password a second predetermined number of times, which is less than the first predetermined number, and this second message digest is sent to the server. The server continues to hash the second message digest, generate PUF responses, and compare the result to the initially stored responses. The number of hashes necessary to achieve a match is the session key.

Abstract: Disclosed is a physical unclonable function generator circuit and method. In one embodiment, a physical unclonable function (PUF) generator comprising: a plurality of PUF cells, wherein each of the plurality of PUF cells comprises a first MOS transistor and a second MOS transistor, wherein terminal S of the first MOS transistor is connected to terminal D of the second MOS transistor at a dynamic node, terminal D of the first MOS transistor is coupled to a first bus and terminal G of the first NMOS transistor is coupled to a second bus, and terminals S and G of the second NMOS transistor are coupled to ground; a plurality of dynamic flip-flop (DFF) circuits wherein each of the plurality of DFF circuits is coupled to each of the plurality of PUF cells respectively; a population count circuit coupled to the plurality of DFF circuits; and an evaluation logic circuit having an input coupled to the population count circuit and an output coupled to the plurality of DFF circuits.

Abstract: An input data may be received. A portion of a cryptographic operation may be performed with the received input data at a first function component. During the performance of the cryptographic operation at the first function component, a pre-charge operation may be performed at a second function component. Furthermore, the second function component may be used to perform another portion of the cryptographic operation with a result of the portion of the cryptographic operation performed at the first function component.

Abstract: In one embodiment, the invention is a method and apparatus for designing combinational logics with resistance to hardware Trojan induced data leakage. The invention solves the untrustworthy fabrication risk problem by introducing a design method such that even when the design is entirely known to an attacker and a data leakage Trojan is injected subsequently, no useful information can be obtained. This invention contains several methods as shown in several embodiments. The methods include randomized encoding of binary logic, converting any combinational binary logic into one with randomized encoding, and partitioning a randomized encoded logic for split manufacturing.

Abstract: A multi-die device a first die containing a plurality of first die signal path elements configured to propagate a stimulus signal and a second die containing a plurality of second die signal path elements configured to propagate the stimulus signal. The multi-die device further includes an interposer configured to establish signal communication between the first die and the second die so as to deliver the stimulus signal from the plurality of first die signal path elements to the plurality of second die signal path elements to generate a propagation delay. The propagation delay is used to generate a single unified PUF response that is indicative of the authenticity of the multi-die device.

Abstract: Systems and method are provided for determining a reliability of a physically unclonable function (PUF) cell of a device. One or more activation signals are provided to a PUF cell under a plurality of conditions. A PUF cell output provided by the PUF cell under each of the plurality of conditions is determined. A determination is made of a number of times the PUF cell output of the PUF cell is consistent. And a device classification value is determined based on the determined number of times for a plurality of PUF cells.

Abstract: An apparatus includes a current-based temperature compensation circuit having a reference buffer, a biasing current mirror, and a controller. The reference buffer is configured to receive a biasing reference voltage at a voltage input terminal and replicate the biasing reference voltage to first and second buffer terminals. At least one of the first and second buffer terminals is configured to be electrically connected to at least one gate terminal of an analog complementary metal oxide semiconductor (CMOS) physically unclonable function (PUF) cell. The biasing current mirror is configured to receive a reference current at a current input terminal and replicate the reference current to the first buffer terminal. The controller is configured to compensate an output of the CMOS PUF cell for temperature variation based on a weighted sum of a bandgap current, a current proportional to absolute temperature, and a current complementary to absolute temperature.

Abstract: Combined physical unclonable function (PUFs); methods, apparatuses, systems, and computer program products for enrolling combined PUFs; and methods, apparatuses, systems, and computer program products for authenticating a device physically associated with a combined PUF are described. In an example embodiment, a combined PUF includes a plurality of PUFs and one or more logic gates. Each PUF includes a plurality of stages and an arbiter configured to generate a single PUF response based on response portions generated by the plurality of stages. The one or more logic gates are configured to combine the single PUF response for each of the plurality of PUFs in accordance with a combination function to provide a combined response.

Abstract: An electronic circuit includes a driving cell, one or more driven cells and one or more inverters. The driving cell has two or more inputs and at least one output and is configured to toggle the output between first and second logic states in response to the inputs. Each driven cell has two or more inputs, of which at least one input is configured to be driven by the output of the driving cell. The one or more inverters are placed in a signal network that connects the driving cell to the driven cells. The inverters are configured to balance, over the signal network, (i) a first capacitive load charged by electrical currents caused by transitions from the first logic state to the second logic state and (ii) a second capacitive load charged by electrical currents caused by transitions from the second logic state to the first logic state.

Abstract: A method of verifying that a first device and a second device are physically interconnected is disclosed. The method is performed by a verifier and includes sending a challenge R1 to the first device, for use as basis for input to a first physical unclonable function, PUF, —part of the first device, receiving, a response, RES1, from the second device, the response RES1 being based on an output of a second PUF part of the second device, and verifying that the first device and the second device are interconnected for the case that the received response, RES1, and an expected response fulfills a matching criterion. A method in a first device and a method in a second device and corresponding devices, computer programs and computer program products are also disclosed.

Abstract: Systems and method are provided for determining a reliability of a physically unclonable function (PUF) cell of a device. One or more activation signals are provided to a PUF cell under a plurality of conditions. A PUF cell output provided by the PUF cell under each of the plurality of conditions is determined. A determination is made of a number of times the PUF cell output of the PUF cell is consistent. And a device classification value is determined based on the determined number of times for a plurality of PUF cells.

Abstract: Bit generating cells are subjected to processes that accelerate aging-related characteristics before they are configured for use in the field (enrolled). Aging improves the reliability of the cells by shifting device characteristic in a direction that improves the cell behavior with respect not only to aging but also environment variations. Outputs of the cells are read, and the cells are reconfigured with a bias to output an opposite value, and then aged for enrollment.

Abstract: Methods and systems generate seeds for public-private key pairs by determining a timestamp value associated with a process design kit (PDK) when a user of the PDK triggers a tool of the PDK while designing an integrated circuit device to have a physical unclonable function device (PUF). The methods and systems generate a first value by mapping the timestamp value to data of the user, generate a second value by mapping the timestamp value to configuration data of the PDK, and generate a third value by mapping the timestamp value to layout data of the PDK. A random number is then generated by applying a function to the first value, the second value, and the third value. A public-private encryption key pair is generated using the random number as a first seed number and using a second number generated by the number generation device as a second seed number.

Abstract: A method of identifying primitives for implementing a physical unclonable function providing a response representative of a device comprising a plurality of primitives coupled in pairs, said primitives being configured for being one-time programmable through application of a burning energy to said primitives, by selecting a subset of the pairs, assessing a difference between electrical characteristics values provided by primitives belonging to each pair of said subset, qualifying all pairs of primitives for which the assessed difference is higher than a reference threshold, and identifying said qualified pairs of primitives comprising programming at least one primitive of each pair of primitives for which the assessed difference is lower than said reference threshold, by applying a burning energy to said at least one primitive so as to differentiate qualified pairs of primitives from those that are not qualified.

Abstract: Systems and methods for improving security in computer-based authentication systems by using physical unclonable functions are presented. A computing device used to provide authentication includes multiple arrays of physical unclonable function devices. Rather than storing user passwords or message digests of passwords, the computing device generates a message digest based on a user's credentials. A challenge response generated by measuring physical parameters of set of physical unclonable function devices specified by the message digest. The computing device can provide authentication without storing information which could be used by an attacker to compromise user credentials. Redundancy and robustness to varying loads are provided by the use of multiple PUF arrays which may be used as backups or to provide load balancing. Backdoor access may be provided to trusted parties without exposing user credentials.

Abstract: A memory device includes a memory cell array comprising a plurality of memory cells wherein each of the plurality of memory cells is configured to be in a data state, and a physically unclonable function (PUF) generator. The PUF generator further includes a first sense amplifier, coupled to the plurality of memory cells, wherein while the plurality of memory cells are being accessed, the first sense amplifier is configured to compare accessing speeds of first and second memory cells of the plurality of memory cells, and based on the comparison, provide a first output signal for generating a first PUF signature.

Abstract: The disclosure relates to systems, methods and devices to provide race-condition true random number generator (TRNG) for soft intellectual property (IP) in field-programmable gate arrays (FPGAs). In an exemplary embodiment, a pair of long adder chains are raced against one another to complete a full cycle. Due to variances in the silicon, different chains will win each race at different times and thereby produce entropy. A calibration circuit can be used to set up the adder chains in an appropriate initial state to maximize the entropy produced. This structure has been found to be robust to layout changes, and the use of two such adder-chain-pairs reduces interference from other structures. Among others, the soft IP makes adding a robust TRNG to an FPGA much easier without concerns for how the structures are laid out or what other IP is nearby in the layout. The disclosed embodiments reduces the effort to add a TRNG to an FPGA design and improves the robustness of the TRNG making the design FIPS certifiable.

Abstract: A system and method for pairing two devices for secure communications. A user selects a first device to pair with a second device. The first and second devices have the ability to securely communicate with each other through the use of encrypted communications. An encryption key is written to the first device and then burned into the encryption module on the first device. A corresponding decryption key is written to the second device and then is burned into the decryption module of the second device.

Abstract: An apparatus includes a first feed-forward PUF, a second feed-forward PUF and an exclusive-or circuit configured to perform an exclusive-or operation of an output of the first feed-forward PUF and an output of the second feed-forward PUF.

Abstract: The invention is a secure logic chip with resistance to hardware Trojan induced data leakage. The invention solves the untrustworthy fabrication risk problem by introducing a secure logic chip design such that even when the design is entirely known to an attacker and a data leakage Trojan is injected subsequently, no useful information can be obtained. This invention contains several features including randomized encoding of binary logic, converting any combinational binary logic into one with randomized encoding, and partitioning a randomized encoded logic for split manufacturing.

Abstract: The invention is a secure logic chip with resistance to hardware Trojan induced data leakage. The invention solves the untrustworthy fabrication risk problem by introducing a secure logic chip design such that even when the design is entirely known to an attacker and a data leakage Trojan is injected subsequently, no useful information can be obtained. This invention contains several features including randomized encoding of binary logic, converting any combinational binary logic into one with randomized encoding, and partitioning a randomized encoded logic for split manufacturing.

Abstract: An Integrated Circuit (IC) includes functional circuitry and protection circuitry. The protection circuitry is configured to maintain a counter value, which is indicative of a cumulative amount of hostile attacking attempted on the functional circuitry over a lifetime of the IC, to detect events indicative of suspected hostile attacks on the functional circuitry, to decide, responsively to a detected event, on an update of the counter value depending on a time difference between the detected event and a most recent power-up in the IC, and update the counter value in accordance with the decided update, and to disable at least part of the IC in response to the counter value crossing a threshold.

Abstract: A random number generator includes a counting value generator, an address generator, a static entropy source and a processing circuit. The counting value generator generates a first random number. The address generator generates an address signal. The static entropy source is connected with the address generator to receive the address signal and generates a second random number. The processing circuit is connected with the static entropy source and the counting value generator to receive the first random number and the second random number. After the first random number and the second random number are processed by the processing circuit, the processing circuit generates an output random number.

Abstract: A method for physically unclonable function (PUF) cell-pair remapping includes combining PUF cell-pairs between PUF cells in a first array and PUF cells in a second array, acquiring physical parameters for each of the PUF cell-pairs, selecting PUF cell-pairs based on a comparison of the acquired parameters with a first reference, and remapping the selected PUF cell-pairs.

Abstract: The present disclosure describes systems, apparatuses, and methods for implementing a logic gate circuit structure for operating one or more Boolean functions. Instead of stacking transistors in series to accommodate an increased number of inputs, a parallel configuration is presented that significantly reduces the cascaded number of transistors and the total number of transistors for the same functionality.

Abstract: In accordance with a first aspect of the present disclosure, a radio frequency identification (RFID) transponder is provided, comprising a modulator, a current sensor and a clock recovery circuit, wherein: the modulator is configured to modulate an unmodulated carrier signal received from an external RFID reader; the current sensor is configured to sense a current that flows through one or more transistors comprised in the modulator; and the clock recovery circuit is configured to recover a clock signal using the current sensed by the current sensor. In accordance with a second aspect of the present disclosure, a corresponding method of operating a radio frequency identification (RFID) transponder is conceived.

Abstract: A method and data processing system is provided for detecting an attack on a physically unclonable function (PUF). In the method, a first list of PUF responses to challenges is produced during production testing of an integrated circuit comprising the PUF. The first list is stored in a memory on the integrated circuit. A second list of PUF responses to the challenges is produced during normal operation of the integrated circuit in the field. The second list is compared to the first list. A difference between entries of the first and second lists computed. If the difference is greater than a threshold difference, then an indication of a hardware trojan is generated. The method may also include monitoring a series of challenges for an indication of a non-random pattern in the series. Detection of a non-random pattern may indicate a modeling attack.

Abstract: An integrated circuit includes one or more intellectual property (IP) cores, one or more general purposes input/output (GPIO) interfaces, each GPIO interface having one or more ports, and one or more security circuits, each security circuit being coupled between an IP core and a GPIO interface. A security circuit, in operation, selectively enables communications between the IP core and the GPIO interface coupled to the security circuit based on an indication of the security status of the IP core, an indication of the security status of the GPIO interface or both the indication of the security status of the IP core and the indication of the security status of the GPIO interface.

Abstract: This disclosure describes techniques for analyzing statistical quality of bitstrings produced by a physical unclonable function (PUF). The PUF leverages resistance variations in the power grid wires of an integrated circuit. Temperature and voltage stability of the bitstrings are analyzed. The disclosure also describes converting a voltage drop into a digital code, wherein the conversion is resilient to simple and differential side-channel attacks.

Abstract: Disclosed is a method of generating secret information on the basis of a ring oscillator. According to an embodiment of the present disclosure, there is provided an apparatus for generating secret information on the basis of a ring oscillator, the apparatus including: multiple PUF information generation units each including at least one ring oscillator cell and generating physically unclonable function (PUF) information generated by the at least one ring oscillator cell; a phase checking unit cross-checking phases for the multiple pieces of the PUF information that are output from the multiple PUF information generation units, respectively; and a secret key generation unit outputting secret key information based on a result of comparing the multiple phases received from the phase checking unit.

Abstract: Disclosed is a physical unclonable function generator circuit and method. In one embodiment, a physical unclonable function (PUF) generator comprising: a plurality of PUF cells, wherein each of the plurality of PUF cells comprises a first MOS transistor and a second MOS transistor, wherein terminal S of the first MOS transistor is connected to terminal D of the second MOS transistor at a dynamic node, terminal D of the first MOS transistor is coupled to a first bus and terminal G of the first NMOS transistor is coupled to a second bus, and terminals S and G of the second NMOS transistor are coupled to ground; a plurality of dynamic flip-flop (DFF) circuits wherein each of the plurality of DFF circuits is coupled to each of the plurality of PUF cells respectively; a population count circuit coupled to the plurality of DFF circuits; and an evaluation logic circuit having an input coupled to the population count circuit and an output coupled to the plurality of DFF circuits.

Abstract: A secure IC includes multiple functionally-equivalent combinational logic circuits, multiple sets of state-sampling components, and control circuitry. Each combinational logic circuit receives one or more inputs, and applies a combinational-logic operation to the one or more inputs so as to produce one or more outputs. Each set of state-sampling components includes one or more state-sampling components that samples one or more of the outputs of one of the combinational logic circuits and provides one or more of the sampled outputs as inputs to another of the combinational logic circuits. The control circuitry receives multiple sets of input data for processing by the combinational logic circuits, routes the sets of input data to the combinational logic circuits, extracts sets of output data from the combinational logic circuits, and outputs each set of output data in association with the respective set of input data.

Abstract: An authentication protocol using a Hardware-Embedded Delay PUF (“HELP”), which derives randomness from within-die path delay variations that occur along the paths within a hardware implementation of a cryptographic primitive, for example, the Advanced Encryption Standard (“AES”) algorithm or Secure Hash Algorithm 3 (“SHA-3”). The digitized timing values which represent the path delays are stored in a database on a secure server (verifier) as an alternative to storing PUF response bitstrings thereby enabling the development of an efficient authentication protocol that provides both privacy and mutual authentication.

Abstract: A randomization element includes a logic input for inputting a logic signal, a logic output for outputting the input logic signal at a delay and a randomization element. The randomization elements introduces the delay between said logic input and said logic output and operates selectably in static mode and in dynamic mode in accordance with a mode control signal. A logic circuit may be formed with randomization elements interspersed amongst the logic gates, to obtain protection against side channel attacks by inputting a selected control sequence into the randomization elements.

Abstract: An apparatus is provided which comprises: an entropy source to produce a first random sequence of bits, wherein the entropy source comprises an array of bi-stable cross-coupled inverter cells; a first circuitry coupled to the entropy source, wherein the first circuitry to generate an entropy source selection set; and a second circuitry coupled to the entropy source and the first circuitry, wherein the second circuitry is to receive the first random sequence and the entropy source selection set, and wherein the second circuitry is to generate a second random sequence.

Abstract: Methods and system of generating a code are described. A device can receive a request to generate a code. The device can select a set of cells among a plurality of cells. The device can determine current through the selected cells in a forward mode. The device can determine current through the selected cells in a reverse mode. The device can determine a set of differences between the currents of the forward mode and the reverse mode. The set of differences corresponds to the set of selected cells. The device can transform the set of differences into the code. The device can output the code to respond to the request.

Abstract: A device identification is generated for a programmable device. A security key is generated to protect a content of the programmable device. A device birth certificate is generated with the device identification and the security key. The programmable device is programmed with the device birth certificate at time of manufacture of the programmable device.

Abstract: A secret is stored in a computing device. The device generates a value determined based at least in part on a substantially random process. As a result of the value satisfying a condition, the device causes the secret to be unusable to perform cryptographic operations such that the device is unable to cause the secret to be restored. The secret may be programmatically unexportable from the device.

Abstract: A physically unclonable function (PUF) system is provided. The PUF system includes an entropy source, a plurality of selectable paths, a random selection block, and error correction logic. The plurality of selectable paths are formed between the entropy source and an output for providing a PUF response. The random selection block is for randomly selecting one of the plurality of selectable paths in response to receiving a challenge. The error correction logic is coupled to the output for receiving the PUF response and for correcting any errors in the PUF response for the plurality of selectable paths. By using a different path through the entropy source each time a challenge is received, protection is provided against side-channel attacks.

Abstract: A random number generator includes an entropy source comprising a first digital device arranged to apply to an input signal a first delay value to obtain a first signal and a second digital device arranged to apply to the input signal a second delay value different from the first delay value to obtain a second signal; a sampling unit configured to sample one of the first and second signals using the other signal as reference clock, thereby obtaining a sampled signal; measurement means to perform measurements of the sampled signal's delay difference with respect to the reference clock; a controller circuit arranged to monitor the measured delay difference of the sampled signal and to check the values of the measured delay difference and, once a given condition related to the values is met, to output a configuration signal.

Abstract: A first plurality of logic gates and a second plurality of logic gates may be associated with a symmetric configuration. A first output at a first value may be generated by the first plurality of logic gates based on a first portion of input signals. A second output may be generated by the second plurality of logic gates at the first value based on a second portion of the input signals. A subsequent first output at a particular value may be generated by the first plurality of logic gates based on a first portion of a second plurality of input signals and a subsequent second output maybe generated by the second plurality of logic gates based on a second portion of the second plurality of input signals. A value of the subsequent second output may be complementary to the particular value of the subsequent first output.

Abstract: A security system with entropy bits includes a physically unclonable function circuit, and a security key generator. The physically unclonable function circuit provides a plurality of entropy bit strings. The security key generator generates a security key by manipulating a manipulation bit string derived from the plurality of entropy bit strings according to an operation entropy bit string. Each bit of the operation entropy bit string is used to determine whether to perform a corresponding operation to the manipulation bit string.

Abstract: One of the various aspects of the invention is related to suggesting various techniques for improving the tamper-resistibility of hardware. The tamper-resistant hardware may be advantageously used in a transaction system that provides the off-line transaction protocol. Amongst these techniques for improving the tamper-resistibility are trusted bootstrapping by means of secure software entity modules, a new use of hardware providing a Physical Unclonable Function, and the use of a configuration fingerprint of a FPGA used within the tamper-resistant hardware.

Abstract: A semiconductor device includes a first field effect transistor and a second field effect transistor which are respectively coupled to gate electrodes. An insulation property of a gate insulating film of the first field effect transistor is broken down. A resistance value of the gate insulating film of the second field effect transistor is greater than a resistance value of the gate insulating film of the first field effect transistor.