Secure Computing Device with Monotonic Counter and Method Therefor

US 20100313056A1
Filed: 06/03/2009
Published: 12/09/2010
Est. Priority Date: 06/03/2009
Status: Active Grant

First Claim

Patent Images

1. A secure computing device which produces a monotonic count value in response to a read operation, said device comprising:

a counter configured to count in response to a count signal and to provide a first portion of said monotonic count value;

a register of at least one independent one-time-programmable bit configured to provide a second portion of said monotonic count value; and

a synchronizer coupled to said counter and to said register, said synchronizer being configured to supply both of said first and second portions of said monotonic count value in response to said read operation and to prevent said counter from altering said monotonic count value between an initiation and a termination of said read operation.

View all claims

27 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure computing device (14) includes a secure processing section (30) having a tamper detection circuit (58) and a monotonic counter (68). The tamper detection circuit (58) detects an event which suggests that the trust associated with the secure processing section (30) may have been compromised. When such an event is detected, a security breach is declared and trusted software (38) is disabled. After a security breach is declared, the monotonic counter (68) may be reclaimed. The monotonic counter (68) provides a monotonic count value (70) that includes an LSB portion (80) and an MSB portion (82). The LSB portion (80) is obtained from a binary counter (72). The MSB portion (82) is obtained from a register (84) of independent one-time-programmable bits. The monotonic counter (68) is reclaimed by programming one of the one-time programmable bits to guarantee that future counting of the monotonic counter will be monotonic relative to all past counting.

Citations

20 Claims

1. A secure computing device which produces a monotonic count value in response to a read operation, said device comprising:
- a counter configured to count in response to a count signal and to provide a first portion of said monotonic count value;
  
  a register of at least one independent one-time-programmable bit configured to provide a second portion of said monotonic count value; and
  
  a synchronizer coupled to said counter and to said register, said synchronizer being configured to supply both of said first and second portions of said monotonic count value in response to said read operation and to prevent said counter from altering said monotonic count value between an initiation and a termination of said read operation.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A secure computing device as claimed in claim 1 wherein said first portion is configured as least significant bits of said monotonic count value and said second portion is configured as most significant bits of said monotonic count value.
  - 3. A secure computing device as claimed in claim 2 additionally comprising a roll-over-error detection circuit coupled to said counter and configured to indicate a roll-over error when said first portion of said monotonic count value rolls over.
  - 4. A secure computing device as claimed in claim 1 wherein said counter is a binary counter.
  - 5. A secure computing device as claimed in claim 1 additionally comprising a battery coupled to said counter so that said counter is continuously energized.
  - 6. A secure computing device as claimed in claim 5 wherein:
    - said register of independent one-time-programmable bits is a non-volatile register; and
      
      said counter includes volatile memory elements which remain continuously energized by said battery.
  - 7. A secure computing device as claimed in claim 1 wherein said register of at least one independent one-time-programmable bit is provided by at least one fusible link.
  - 8. A secure computing device as claimed in claim 1 wherein:
    - said counter is an L-bit counter configured to present up to 2^Lunique values, where L is a first integer number; and
      
      said register is an M-bit register configured to present up to M+1 unique values, where M is a second integer number.
  - 9. A secure computing device as claimed in claim 8 where said integer L is greater than said integer M.

10. A method of operating a secure computing device having a secure processing section which produces a monotonic count value, said method comprising:
- controlling a counter to produce a first portion of said monotonic count value in response to a count signal;
  
  forming a second portion of said monotonic count value in a register of independent one-time-programmable bits; and
  
  supplying both of said first and second portions of said monotonic count value in response to a read operation.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. A method as claimed in claim 10 additionally comprising synchronizing said count signal and said read operation to prevent changes in said first portion of said monotonic count value during said read operation.
  - 12. A method as claimed in claim 10 wherein said first portion is configured as least significant bits of said monotonic count value and said second portion is configured as most significant bits of said monotonic count value.
  - 13. A method as claimed in claim 10 wherein:
    - said register of independent one-time-programmable bits is configured as a non-volatile register; and
      
      said counter includes volatile memory elements which remain continuously energized by said battery.
  - 14. A method as claimed in claim 10 wherein:
    - said counter is an L-bit counter which presents up to 2^Lunique values, where L is a first integer number; and
      
      said register is an M-bit register which presents up to M+1 unique values, where M is a second integer number.
  - 15. A method as claimed in claim 10 additionally comprising detecting a security breach, wherein one of said one-time-programmable bits is programmed in response to detecting said security breach to reclaim said monotonic counter.
  - 16. A method as claimed in claim 15 wherein:
    - said one of said one-time-programmable bits is programmed to cause said monotonic count value to count; and
      
      said method additionally comprises using said secure computing device after detecting said security breach.
  - 17. A method as claimed in claim 16 wherein said secure computing device executes trusted software prior to said detecting operation, and said method additionally comprises:
    - disabling execution of said trusted software in said secure computing device in response to said detecting operation; and
      
      refurbishing said secure computing device after said detecting operation to permit execution of said trusted software, wherein said one of said one-time-programmable bits is programmed during said refurbishing operation.

18. A method of operating a secure computing device having a secure processing section which produces a monotonic count value, said method comprising:
- controlling a counter to produce a least-significant-bits portion of said monotonic count value in response to a count signal;
  
  forming a most-significant-bits portion of said monotonic count value in a register of independent one-time-programmable bits;
  
  programming one of said one-time-programmable bits;
  
  supplying both of said least-significant-bits portion and most-significant-bits portion of said monotonic count value in response to a read operation; and
  
  synchronizing said count signal and said read operation to prevent changes in said least-significant-bits portion of said monotonic count value during said read operation.
- View Dependent Claims (19)
- - 19. A method as claimed in claim 18 wherein:
    - said register of independent one-time-programmable bits is configured as a non-volatile register; and
      
      said counter includes volatile memory elements which remain continuously energized by a battery.

20. A method as claimed in claim 20 additionally comprising detecting, prior to programming said one of said one-time-programmable bits, a security breach in said secure computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NXP USA, Inc. (NXP Semiconductors NV)
Original Assignee
Freescale Semiconductor, Inc. (NXP Semiconductors NV)
Inventors
Margolis, Evgeni, Tkacik, Thomas E.

Granted Patent

US 8,184,812 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/500
CPC Class Codes

G06F 1/263   Arrangements for using mult...

G06F 21/57   Certifying or maintaining t...

G06F 21/72   in cryptographic circuits

Secure Computing Device with Monotonic Counter and Method Therefor

First Claim

27 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure Computing Device with Monotonic Counter and Method Therefor

First Claim

27 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links