INSTANT HARDWARE ERASE FOR CONTENT RESET AND PSEUDO-RANDOM NUMBER GENERATION

US 20090300312A1
Filed: 05/30/2008
Published: 12/03/2009
Est. Priority Date: 05/30/2008
Status: Active Grant

First Claim

Patent Images

1. A system that facilitates securing data associated with a memory component, comprising:

a secure memory component comprising of a plurality of storage locations in which data is stored, the secure memory component is associated with the memory component;

a security component that transmits a reset signal to facilitate erase or reset of a subset of the plurality of storage locations in response to a detected security-related event based in part on predetermined reset criteria.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods that facilitate securing data associated with a memory from security breaches are presented. A memory component includes nonvolatile memory, and a secure memory component (e.g., volatile memory) used to store information such as secret information related to secret processes or functions (e.g., cryptographic functions). A security component detects security-related events, such as security breaches or completion of security processes or functions, associated with the memory component and in response to a security-related event, the security component can transmit a reset signal to the secure memory component to facilitate efficiently erasing or resetting desired storage locations in the secure memory component in parallel and in a single clock cycle to facilitate data security. A random number generator component can facilitate generating random numbers after a reset based on a change in scrambler keys used by a scrambler component to descramble data read from the reset storage locations.

48 Citations

View as Search Results

20 Claims

1. A system that facilitates securing data associated with a memory component, comprising:
- a secure memory component comprising of a plurality of storage locations in which data is stored, the secure memory component is associated with the memory component;
  
  a security component that transmits a reset signal to facilitate erase or reset of a subset of the plurality of storage locations in response to a detected security-related event based in part on predetermined reset criteria.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The system of claim 1, the secure memory component receives the reset signal and propagates the reset signal to each of the subset of the plurality of storage locations at the same or substantially the same time and the subset of the plurality of storage locations are erased or reset in a single clock cycle to remove content stored therein.
  - 3. The system of claim 1, the security-related event is at least one of a security breach or completion of at least one of a security process, a security function, or a security computation.
  - 4. The system of claim 3, the at least one of a security process, a security function, or a security computation relates to at least one of cryptography, authentication, or random number generation.
  - 5. The system of claim 3, the security breach relates to at least one of temperature level, voltage level, a voltage glitch, authentication of an entity, an attack using ultraviolet (UV) light, an attack using a laser, an attack using a white light, an attack using pressure variations, an attack using heavy ions, an attack using radio frequency (RF) energy, an attack using clock transients, an attack using power transients, variance in a resistance level of a shield, or integrity of a casing, associated with the memory component.
  - 6. The system of claim 1, the predetermined reset criteria relates to at least one of type of memory;
    - expected value or range of values of a security-related attribute(s);
      
      type of security breach;
      
      level of severity of the security breach;
      
      or performance or completion of a secure process(es), a secure function(s), or a secure computation(s).
  - 7. The system of claim 1, further comprising:
    - a sensor component that monitors and evaluates activity associated with the memory component to determine whether a security-related event is detected, and in response to a detected security-related event, the sensor component automatically transmits a reset signal to the secure memory component to facilitate automatic erase or reset of a subset of the plurality of storage locations, the security-related event comprises a security breach.
  - 8. The system of claim 1, further comprising:
    - a scrambler component that descrambles a specified number of sets of data, respectively associated with a specified number of storage locations, as a function of a disparate scrambler key to facilitate generating at least one random number, a first scrambler key is changed to a disparate scrambler key after a reset of the specified number of storage locations and prior to descrambling the specified number of sets of data; and
      
      a random number generation component that receives the descrambled sets of data and generates at least one random number based in part on the descrambled sets of data and predetermined random-number criteria.
  - 9. The system of claim 8, the sets of data are read from the respective storage locations and are descrambled as a function of the disparate scrambler key to facilitate generation of a specified number of random numbers based in part on memory addresses respectively associated with the respective storage locations and the predetermined random-number criteria, wherein a random number is generated for each set of data.
  - 10. The system of claim 1, further comprising:
    - an intelligent component that infers an automated function to automatically perform to facilitate securing data associated with the memory component, the automated function relates to at least one of cryptography, authentication of an entity, or random number generation, associated with the memory component.
  - 11. The system of claim 1, the secure memory component comprises a plurality of blocks that each contain a specified number of storage locations, and each block is associated with a block reset component and each storage location is associated with a storage reset component, wherein the secure memory component receives a reset signal and the reset signal is propagated to at least one selected block reset component, which propagates the reset signal to each storage reset component within the at least one selected block reset component, to facilitate erase or reset of storage locations associated with the at least one selected block reset component in a single clock cycle to remove content stored therein.
  - 12. An electronic device comprising the system of claim 1.
  - 13. The electronic device of claim 12, wherein the electronic device comprises at least one of a computer, a laptop computer, network equipment, a media player, a media recorder, a television, a smart card, a phone, a cellular phone, a smart phone, an electronic organizer, a personal digital assistant, a portable email reader, a digital camera, an electronic game, an electronic device associated with digital rights management, a Personal Computer Memory Card International Association (PCMCIA) card, a trusted platform module (TPM), a Hardware Security Module (HSM), a set-top box, a digital video recorder, a gaming console, a navigation device, a secure memory device with computational capabilities, a device with at least one tamper-resistant chip, an electronic device associated with an industrial control system, or an embedded computer in a machine, wherein the machine comprises one of an airplane, a copier, a motor vehicle, or a microwave oven.

14. A method that facilitates securing data associated with a memory, comprising:
- detecting a security-related event associated with the memory; and
  
  at least one of erasing or resetting a subset of storage locations in a secure memory component in response to the security-related event based in part on predetermined reset criteria.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The method of claim 14, further comprising:
    - monitoring activity associated with the memory;
      
      detecting a security breach associated with the memory;
      
      automatically transmitting a reset signal to a subset of storage locations in a secure memory component in response to the security breach; and
      
      at least one of erasing or resetting to a predefined value the subset of storage locations in a single clock cycle.
  - 16. The method of claim 14, further comprising:
    - monitoring activity associated with the memory;
      
      determining whether a security breach is detected;
      
      determining whether to perform a reset or erase based in part on predetermined reset criteria;
      
      transmitting a reset signal to a subset of storage locations in a secure memory component in response to the security breach; and
      
      at least one of erasing or resetting to a predefined value the subset of storage locations in a single clock cycle.
  - 17. The method of claim 14, further comprising:
    - performing at least one of a secure process, a secure function, or a secure computation;
      
      determining whether the at least one of a secure process, a secure function, or a secure computation is complete;
      
      transmitting a reset signal to a subset of storage locations in a secure memory component if it is determined that the at least one of a secure process, a secure function, or a secure computation is complete; and
      
      at least one of erasing or resetting to a predefined value the subset of storage locations in a single clock cycle.
  - 18. The method of claim 14, further comprising:
    - scrambling one or more sets of data based in part on a first scrambler key;
      
      storing the one or more sets of scrambled data in respective storage locations;
      
      changing the first scrambler key to a different scrambler key;
      
      reading the one or more sets of scrambled data from the respective storage locations;
      
      descrambling the one or more sets of scrambled data based in part on the different scrambler key; and
      
      generating at least one random number based in part on the one or more sets of descrambled data and predetermined random-number criteria.
  - 19. The method of claim 18, generating at least one random number, further comprising:
    - generating a distinct random number for each set of descrambled data based in part on a memory address respectively associated with each storage location in which each set of descrambled data was stored respectively.
  - 20. The method of claim 14, the predetermined reset criteria is associated with at least one of type of memory;
    - expected value or range of values of a security-related attribute(s);
      
      type of security breach;
      
      level of severity of the security breach;
      
      or performance or completion of a secure process(es), a secure function(s), or a secure computation(s).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Monterey Research, LLC (Vector Capital Corporation)
Original Assignee
Spansion LLC (Infineon Technologies AG)
Inventors
Lau, Jimmy, Prawitz, Nicolas, Trichina, Elena, Boscher, Arnaud, Handschuh, Helena, Le Bihan, Joel, Cherpantier, Frederic

Granted Patent

US 8,370,644 B2
Time in Patent Office

Days
Field of Search
US Class Current

711/166
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/554   involving event detection a...

G06F 2221/2143   Clearing memory, e.g. to pr...

Y02D 10/00   Energy efficient computing,...

INSTANT HARDWARE ERASE FOR CONTENT RESET AND PSEUDO-RANDOM NUMBER GENERATION

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

48 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

INSTANT HARDWARE ERASE FOR CONTENT RESET AND PSEUDO-RANDOM NUMBER GENERATION

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

48 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others