Volatile Device Keys And Applications Thereof

US 20090254981A1
Filed: 06/16/2009
Published: 10/08/2009
Est. Priority Date: 11/12/2004
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving identification information from a device;

sending a first challenge to a device, the first challenge selected from a database associated with the received identification information, the database including a plurality of first challenges and a plurality of stored responses, each stored response associated with a first challenge;

receiving a volatile response from the device, the volatile response determined in the device according to a sequence of challenge values generated in the device on the basis of the first challenge; and

authenticating the device by comparing the received volatile response with the stored response associated with the sent first challenge.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A key is determined from a volatile response using circuitry on the device. The volatile response depend on process variation in fabrication of the device. Error control data that depends on the first volatile response can be computed, stored externally to the device, and then used to generate the key using a volatile response using the circuit. Applications of volatile keys include authentication and rights management for content and software.

92 Citations

View as Search Results

27 Claims

1. A method comprising:
- receiving identification information from a device;
  
  sending a first challenge to a device, the first challenge selected from a database associated with the received identification information, the database including a plurality of first challenges and a plurality of stored responses, each stored response associated with a first challenge;
  
  receiving a volatile response from the device, the volatile response determined in the device according to a sequence of challenge values generated in the device on the basis of the first challenge; and
  
  authenticating the device by comparing the received volatile response with the stored response associated with the sent first challenge.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the device comprises a proximity device.
  - 3. The method of claim 2, wherein the device comprises a radio frequency identification device (RFID).
  - 4. The method of claim 1, wherein the sequence of challenges is generated by operating on the first challenge with a linear-feedback shift register.
  - 5. The method of claim 1, wherein each challenge included in the generated sequence of challenges includes at least 64 bits.
  - 6. The method of claim 1, wherein each challenge in the sequence of challenges is applied to a circuit in the device to generate a corresponding part of the volatile response.
  - 7. The method of claim 6, wherein each challenge in the sequence of challenges is applied to a corresponding one of a plurality of circuits in the device, each circuit generating a partial response, the volatile response formed from the plurality of partial responses.
  - 8. The method of claim 6, wherein each challenge in the sequence of challenges is applied to the circuit to generate a corresponding one of a plurality of partial responses, the volatile response formed from the plurality of partial responses.
  - 9. The method of claim 6, wherein the circuit is configurable to form any of a plurality of signal paths and application of a challenge to the circuit includes configuration of one of the signal paths.
  - 10. The method of claim 1, wherein the volatile response is dependent on process variation during fabrication of the device.
  - 11. The method of claim 1, wherein the device is one of a group of devices fabricated according to a same design, the volatile response unique in the group to that device.

12. An integrated circuit comprising:
- a communication module configured to communication with an authentication device; and
  
  circuitry configured to generate a volatile response, the volatile response determined according to a sequence of challenge values generated in the integrated circuit on the basis of a first challenge received from the authentication device;
  
  wherein the volatile response is sent by the communication module to the authentication device for authentication of the integrated circuit.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The integrated circuit of claim 12, wherein the integrated circuit forms a component of a proximity device.
  - 14. The integrated circuit of claim 13, wherein the integrated circuit forms a component of a radio frequency identification device (RFID).
  - 15. The integrated circuit of claim 12, wherein the communication module is configured to send identification information to the authentication device and to receive the first challenge from the authentication device, wherein the first challenge is selected by the authentication device on the basis of the identification information.
  - 16. The integrated circuit of claim 12, wherein the circuitry to generate the volatile response includes a linear-feedback shift register configured to generate the sequence of challenges based on the first challenge.
  - 17. The integrated circuit of claim 12, wherein each challenge included in the sequence of challenges includes at least 64 bits.
  - 18. The integrated circuit of claim 12, wherein the circuitry to generate the volatile response includes a plurality of subcircuits, each subcircuit configured to accept one of the challenges in sequence of challenges and to generate a corresponding partial response based on the accepted challenge, the volatile response being formed from the plurality of partial responses.
  - 19. The integrated circuit of claim 12, wherein the circuitry is configured to accept each challenge in the sequence of challenges and, for each challenge, to generate a corresponding partial response, the volatile response being formed from the plurality of partial responses.
  - 20. The integrated circuit of claim 12, wherein the circuitry is configurable to form any of a plurality of signal paths and wherein, in response to an application of a challenge in the sequence of challenges to the circuitry, one of the signal paths is configured.
  - 21. The integrated circuit of claim 12, wherein the volatile response is dependent on process variation during fabrication of the integrated circuit.
  - 22. The integrated circuit of claim 12, wherein the integrated circuit is one of a group of integrated circuits fabricated according to a same design, the volatile response unique in the group to that integrated circuit.

23. A system for authenticating a device on the basis of identification information received from the device, comprising:
- a database storing a plurality of first challenges and a plurality of stored responses, each stored response associated with a first challenge;
  
  a selection module configured to select from the database a first challenge associated with the received identification information;
  
  a communication module configured tosend the selected first challenge to the device, andreceive a volatile response from the device, the volatile response determined in the device according to a sequence of challenge values generated in the device on the basis of the first challenge; and
  
  an authentication module configured to compare the received volatile response with the stored response associated with the selected first challenge.
- View Dependent Claims (24, 25, 26, 27)
- - 24. The system of claim 23, wherein the device comprises a proximity device.
  - 25. The system of claim 24, wherein the device comprises a radio frequency identification device (RFID).
  - 26. The system of claim 23, wherein the device is one of a group of devices fabricated according to a same design, the volatile response determined in the device unique in the group to that device.
  - 27. The system of claim 23, wherein the volatile response is dependent on process variation during fabrication of the device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verayo, Inc.
Original Assignee
Verayo, Inc.
Inventors
Devadas, Srinivas, Ziola, Thomas

Granted Patent

US 7,839,278 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 21/31   User authentication

G06F 21/445   by mutual authentication, e...

G06F 21/602   Providing cryptographic fac...

G06F 21/76   in application-specific int...

G06F 2221/2129   Authenticate client device ...

G11C 16/20   Initialising; Data preset; ...

G11C 16/22   Safety or protection circui...

G11C 2029/4402   Internal storage of test re...

G11C 2029/5002   Characteristic

G11C 7/24   Memory cell safety or prote...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/603   Digital right managament [DRM]

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/0838   Key agreement, i.e. key est...

H04L 9/0877   using additional device, e....

H04L 9/304   based on error correction c...

H04L 9/3278   using physically unclonable...

Volatile Device Keys And Applications Thereof

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

92 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Volatile Device Keys And Applications Thereof

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

92 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links