Anti-theft system and method for semiconductor devices and other electronic components

US 20040170068A1
Filed: 02/27/2003
Published: 09/02/2004
Est. Priority Date: 02/27/2003
Status: Active Grant

First Claim

Patent Images

25. An electronic subsystem for installation into a larger system, said subsystem including:

a stored device identifier, wherein said device identifier is accessible to said larger system;

a stored secret key, wherein said secret key is inaccessible to said larger system;

an input for receiving a system identifier and an authorisation key from said larger system; and

an authorisation unit for enabling or disabling said subsystem in accordance with the stored secret key and the received system identifier and authorisation key.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A semiconductor device includes a stored device identifier that is accessible to external systems, and a stored secret key that is inaccessible to external systems. The device also includes an input, which in operation receives a system identifier, representing the system into which the device is to be incorporated, and an authorisation key. An authorisation unit within the device is then used for enabling or disabling the device in accordance with the values of the stored secret key, the received system identifier and the authorisation key. The authorisation key is typically supplied by a support centre in response to being notified of the device identifier. In one embodiment, the authorisation unit encrypts the system identifier using the stored secret key as the encryption key and then compares the result against the authorisation key.

49 Citations

View as Search Results

63 Claims

25. An electronic subsystem for installation into a larger system, said subsystem including:
- a stored device identifier, wherein said device identifier is accessible to said larger system;
  
  a stored secret key, wherein said secret key is inaccessible to said larger system;
  
  an input for receiving a system identifier and an authorisation key from said larger system; and
  
  an authorisation unit for enabling or disabling said subsystem in accordance with the stored secret key and the received system identifier and authorisation key.

26. An electronic system comprising:
- a system identifier;
  
  at least one component having a stored device identifier and a stored secret key; and
  
  a communications path for supplying said at least one component with said system identifier and with an authorisation key that is dependent on said system identifier and said stored secret key in order to activate said at least one component.
- View Dependent Claims (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
- - 1. A semiconductor device including:
    - a stored device identifier, wherein said device identifier is accessible to external systems;
      
      a stored secret key, wherein said secret key is inaccessible to external systems;
      
      an input for receiving a system identifier and an authorisation key; and
      
      an authorisation unit for enabling or disabling said device in accordance with the stored secret key and the received system identifier and authorisation key.
  - 2. The semiconductor device of claim 1, wherein said authorisation unit incorporates an encryption facility.
  - 3. The semiconductor device of claim 2, wherein said encryption facility is operable to encrypt said system identifier using said secret key as an encryption key.
  - 4. The semiconductor device of claim 3, wherein said authorisation unit further includes a comparator for verifying said authorisation key against the encrypted system identifier.
  - 5. The semiconductor device of claim 1, wherein said authorisation unit further includes logic for determining a value representing a function of the system identifier and the secret key, and a comparator for verifying said authorisation key against said value.
  - 6. The semiconductor device of claim 1, further including a one-time programmable memory for storing said secret key.
  - 7. The semiconductor device of claim 6, wherein said one-time programmable memory comprises a blown-fuse unit.
  - 8. The semiconductor device of claim 1, wherein the authorisation unit enables or disables said device in accordance with the values of the stored secret key and device identifier, and of the received system identifier and authorisation key.
  - 9. The semiconductor device of claim 1, wherein said secret key is inaccessible to external systems when said device is mounted on a printed circuit board (PCB).
  - 10. The semiconductor device of claim 1, further comprising a pin to allow access to said secret key, wherein said pin is configured so as to be inaccessible or inoperative when the device is mounted on a PCB.
  - 11. The semiconductor device of claim 10, wherein the pin is located underneath the device when the device is mounted on the PCB.
  - 12. The semiconductor device of claim 1, further comprising a pin to allow the authorisation unit to be disabled, wherein said pin is configured so as to be inaccessible or inoperative when the device is mounted on a PCB.
  - 13. The semiconductor device of claim 12, wherein the pin is located underneath the device when the device is mounted on the PCB.
  - 14. The semiconductor device of claim 1, wherein the operation of said device is modified according to the received system identifier.
  - 15. The semiconductor device of claim 14, wherein a communications protocol used by the device is modified according to the received system identifier.
  - 16. The semiconductor device of claim 1, wherein the device provides an external indication of whether the authorisation unit is disabling or enabling the device in response to the received system identifier and authorisation key.
  - 17. The semiconductor device of claim 16, wherein said external indication is delayed compared to receipt of the system identifier and authorisation key.
  - 18. The semiconductor device of claim 1, wherein the stored secret key is protected by an error correction code (ECC).
  - 19. The semiconductor device of claim 18, wherein an external indication is provided if the ECC detects an error in the stored secret key.
  - 20. The semiconductor device of claim 1, wherein said input is operable to receive only a single system identifier after power on, and wherein said device must be powered down before a further system identifier can be received.
  - 21. The semiconductor device of claim 1, wherein said input is operable to receive only a single authorisation key after power on, and wherein said device must be powered down before a further authorisation key can be received.
  - 22. The semiconductor device of claim 1, wherein said device is operable for a predetermined timeout period after power-on irrespective of the received system identifier and authorisation key.
  - 23. The semiconductor device of claim 1, wherein the authorisation unit is responsive to input of a master authorisation key to enable the device in accordance with the stored secret key, irrespective of the received system identifier.
  - 24. The semiconductor device of claim 1, further comprising a PROM containing at least one authorisation key for the device.
  - 27. The electronic system of claim 26, wherein said stored device identifier in said at least one component is capable of being accessed by the rest of the system.
  - 28. The electronic system of claim 27, further comprising mappings of authorisation keys against device identifiers, wherein an authorisation key is supplied to a component in accordance with the stored device identifier accessed from that component.
  - 29. The electronic system of claim 28, further comprising an on-line communications link for acquiring from a support centre an authorisation key for a device identifier whose authorisation key is not in said mappings.
  - 30. The electronic system of claim 26, wherein the operation of said at least one component is modified according to the received system identifier.
  - 31. The electronic system of claim 30, wherein a communications protocol used by the at least one component is modified according to the received system identifier.
  - 32. A method of manufacturing a semiconductor device comprising:
    - storing a device identifier and a secret key on the device, wherein said device identifier is accessible to external systems and said secret key is inaccessible to external systems; and
      
      incorporating into the device an authorisation unit for enabling or disabling the device in accordance with the stored secret key and a received system identifier and authorisation key.
  - 33. The method of claim 32, wherein said encryption facility is operable to encrypt said system identifier using said secret key as an encryption key.
  - 34. The method of claim 31, further comprising using a one-time programmable memory for storing said secret key.
  - 35. The method of claim 31, further comprising storing at least one authorisation key appropriate to a predetermined system identifier in the device.
  - 36. The method of claim 31, further comprising mounting said device on a PCB, and wherein said secret key is inaccessible to external systems after it has been mounted said PCB.
  - 37. The method of claim 36, further comprising reading the secret key from the semiconductor device prior to said step of mounting on the PCB.
  - 38. The method of claim 31, further comprising the step of making a record of the device identifier and the secret key stored on the device.

32-1. The method of claim 31, wherein said authorisation unit incorporates an encryption facility.

39. A method of manufacturing an electronic system comprising:
- storing a system identifier in the system;
  
  installing at least one component having a stored device identifier into the system, wherein said at least one component is enabled or disabled for use according to whether it receives a matched system identifier and authorisation key; and
  
  creating in the electronic system for each such said at least one component installed into the system a record of an authorisation key to be used with that component in conjunction with the stored system identifier, wherein the authorisation key is mapped to the device identifier for the component.

40. A method of operating an electronic system comprising:
- accessing a system identifier for the electronic system;
  
  ascertaining a device identifier associated with a component of the electronic system, said component including a secret key;
  
  providing an authorisation key and the system identifier to said component, wherein the correct authorisation key is dependent upon said system identifier and said secret key;
  
  determining within the component whether or not the provided authorisation key is correct, based on the system identifier and the secret key for the component;
  
  disabling or enabling said component according to whether or not the authorisation key is correct.
- View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
- - 41. The method of claim 40, wherein said steps of accessing, ascertaining, and providing are performed at system power-on by a system controller.
  - 42. The method of claim 41, wherein said ascertaining comprises the system controller:
    - sending a request to each component installed in the system;
      
      and receiving a response back including the device identifier for that component.
  - 43. The method of claim 42, further comprising storing a list of authorisation keys within the system, and the system controller accessing said list to retrieve an authorisation key for a component based on the received device identifier for that component.
  - 44. The method of claim 40, further comprising storing at least one authorisation key appropriate to a particular system identifier in association with said component, wherein a stored authorisation key is provided for determining within the component whether or not to disable the component.
  - 45. The method of claim 44, wherein multiple pairs of system identifier and corresponding authorisation key are stored, and further comprising using the accessed system identifier in order to determine the corresponding stored authorisation key.
  - 46. The method of claim 40, wherein said determining includes performing an encryption function on the system identifier using the secret key.
  - 47. The method of claim 40, further comprising:
    - in response to an authorisation key not being available for a component having a particular device identifier, making a request for an authorisation key for that component, wherein said request includes the device identifier for the component; and
      
      receiving an authorisation key for the component in response to the request.
  - 48. The method of claim 47, wherein said request is made on-line to a remote support centre.
  - 49. The method of claim 48, wherein said response is received on-line from the support centre.
  - 50. The method of claim 40, wherein the operation of a component in the electronic system is modified according to the system identifier provided to the component.
  - 51. The method of claim 50, wherein a communications protocol used by a component is modified according to the system identifier provided to the component.

52. A method of operating a support centre comprising the steps of:
- maintaining a database of components, wherein for each component there is a stored device identifier and secret key;
  
  receiving a request to allow a component having a particular device identifier to be used in a system having a particular system identifier;
  
  retrieving the secret key for the component based on the received device identifier;
  
  determining an authorisation key for the component, based on the received system identifier and retrieved secret key; and
  
  providing a response to said request, wherein the response includes the determined authorisation key.
- View Dependent Claims (53, 54, 55, 56, 57, 58, 59)
- - 53. The method of claim 52, wherein said determining step includes performing an encryption function on the received system identifier using the retrieved secret key.
  - 54. The method of claim 52, wherein said request is received and said response provided via a web site.
  - 55. The method of claim 52, wherein said request is received and said response provided via telephone.
  - 56. The method of claim 52, wherein said request is received and said response provided via an on-line connection between said system and said support centre.
  - 57. The method of claim 52, further comprising the step of checking that the system identifier in the request does not correspond to a system that has been reported stolen.
  - 58. The method of claim 52, further comprising the step of checking that the device identifier in the request does not correspond to a device that has been reported stolen.
  - 59. The method of claim 52, further comprising the step of checking that the device identifier in the request does not correspond to a device that is incompatible with the system specified by the system identifier.

60. A semiconductor device including:
- means for storing a device identifier, wherein said device identifier is accessible to external systems;
  
  means for storing a secret key, wherein said secret key is inaccessible to external systems;
  
  means for receiving a system identifier and an authorisation key; and
  
  means for enabling or disabling said device in accordance with the stored secret key and the received system identifier and authorisation key.

61. An electronic system comprising:
- means for storing a system identifier;
  
  at least one component including means for storing a device identifier and a stored secret key;
  
  means for supplying said at least one component with the stored system identifier and with an authorisation key that is dependent on said system identifier and said stored secret key; and
  
  means for enabling or disabling said at least one component in accordance with the supplied authorisation key.

62. A program product comprising machine instructions on a medium for loading into an electronic system, wherein said instructions cause the system to perform the steps of:
- accessing a system identifier for the electronic system;
  
  ascertaining a device identifier associated with a component of the electronic system, said component including a secret key; and
  
  providing an authorisation key and the system identifier to said component, wherein said authorisation key is dependent upon said system identifier and said secret key, and wherein said component is disabled or enabled according to whether or not the correct authorisation key is provided.

63. A program product comprising machine instructions on a medium for loading into a computer, wherein said instructions cause the computer to perform the steps of:
- receiving a request to allow a component having a particular device identifier to be used in a system having a particular system identifier;
  
  accessing a database of components, wherein for each component there is a stored device identifier and secret key;
  
  retrieving from the database a secret key for the component based on the received device identifier;
  
  determining an authorisation key for the component, based on the received system identifier and retrieved secret key; and
  
  providing a response to said request, wherein the response includes the determined authorisation key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emrys J. Williams
Original Assignee
Emrys J. Williams
Inventors
Williams, Emrys J.

Granted Patent

US 7,681,247 B2
Time in Patent Office

Days
Field of Search
US Class Current

365/200
CPC Class Codes

G06F 21/73 by creating or determining ...

G06F 21/88 Detecting or preventing the...

Anti-theft system and method for semiconductor devices and other electronic components

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

49 Citations

63 Claims

Specification

Use Cases

Quick Links

Others

Anti-theft system and method for semiconductor devices and other electronic components

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

63 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others