One-time programmable memories for key storage

US 7,818,584 B1
Filed: 01/25/2005
Issued: 10/19/2010
Est. Priority Date: 01/25/2005
Status: Active Grant

First Claim

Patent Images

1. A method of preventing an unauthorized access of an integrated circuit, the method comprising:

receiving information at a first circuit of the integrated circuit,providing the information to a memory on the integrated circuit;

asserting a write enable signal for the memory using a second circuit;

writing the information to the memory at a first input of the memory; and

thenpermanently preventing the memory from receiving, at a second input, another write enable signal after the information is stored in the memory, wherein the information is an encoding key used to de code an encrypted configuration bitstream for configuring an integrated circuit, and wherein permanently preventing the memory from receiving another write enable signal is accomplished by disabling the second circuit,determining whether the second circuit is disabled, andif the second circuit is disabled, then reading the key from the memory;

elsepreventing the integrated circuit from being configured using the encrypted configuration bitstream.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Circuits, methods, and apparatus that store and prevent modification or erasure of stored encoding keys, serial identification numbers, or other information. An encoding key stored with an embodiment of the present invention may be used to decode a configuration bitstream on an integrated circuit, such as an FPGA. A serial number may be used to track or authenticate an integrated circuit. Embodiments of the present invention store this information in a memory such as an SRAM, DRAM, EPROM, EEPROM, flash, fuse array, or other type of memory. In order to prevent its erasure or modification, write enable circuitry for the memory is then permanently disabled, and if the memory is volatile, a continuous power supply is provided. Further refinements verify that the write enable circuitry has been disabled before allowing the device to be configured or to be operable.

41 Citations

View as Search Results

14 Claims

1. A method of preventing an unauthorized access of an integrated circuit, the method comprising:
- receiving information at a first circuit of the integrated circuit,providing the information to a memory on the integrated circuit;
  
  asserting a write enable signal for the memory using a second circuit;
  
  writing the information to the memory at a first input of the memory; and
  
  thenpermanently preventing the memory from receiving, at a second input, another write enable signal after the information is stored in the memory, wherein the information is an encoding key used to de code an encrypted configuration bitstream for configuring an integrated circuit, and wherein permanently preventing the memory from receiving another write enable signal is accomplished by disabling the second circuit,determining whether the second circuit is disabled, andif the second circuit is disabled, then reading the key from the memory;
  
  elsepreventing the integrated circuit from being configured using the encrypted configuration bitstream.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1 further comprising:
    - before writing the key to the memory, obfuscating the key.
  - 3. The method of claim 2 further comprising:
    - reading the key from memory; and
      
      de-obfuscating the key read from the memory.
  - 4. The method of claim 1 wherein the memory comprises a fuse.
  - 5. The method of claim 1 permanently preventing the memory from receiving another write enable signal is accomplished by disconnecting a write enable line from the second circuit.

6. An integrated circuit comprising:
- a first circuit configured to receive information;
  
  a memory configured to receive the information from the first circuit and store the information when a signal on a write enable line is asserted, wherein the information is received at a first input of the memory;
  
  a second circuit configured to assert the signal on the write enable line, wherein the asserted signal is adapted to change a voltage value on the write enable line in order to turn on a component of the memory; and
  
  a third circuit configured to allow or prevent the memory from receiving, at a second input, the asserted signal on the write enable line, wherein the first input of the memory is a different input than the second input of the memory, andwherein the third circuit permanently prevents the memory from receiving an asserted signal on the write enable line after the information is stored in the memory,wherein the third circuit comprises a logic gate including;
  
  a first input that receives the asserted signal from the second circuit;
  
  a second input that is coupled with a fourth circuit having a fuse element, the second input being different than the first input; and
  
  an output coupled with the second input of the memory, wherein a state of the fuse element controls whether the memory receives the asserted signal on the write enable line.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14)
- - 7. The integrated circuit of claim 6 wherein the information is an encoding key.
  - 8. The integrated circuit of claim 7 wherein the first circuit is configured to obfuscate the key before it is stored in the memory.
  - 9. The integrated circuit of claim 8 further comprising a fifth circuit configured to read and de-obfuscate the key from the memory.
  - 10. The integrated circuit of claim 6 wherein the information is a serial identification number.
  - 11. The integrated circuit of claim 6 wherein the memory is selected from the group consisting of Flash, electrically erasable programmable read-only memory, erasable programmable read-only memory, dynamic random-access memory, and a static random-access memory.
  - 12. The integrated circuit of claim 6 wherein the memory comprises a fuse.
  - 13. The integrated circuit of claim 6 wherein the third circuit comprises a fuse.
  - 14. The integrated circuit of claim 6 wherein the integrated circuit is a field programmable gate array.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Altera Corporation (Intel Corporation)
Original Assignee
Altera Corporation (Intel Corporation)
Inventors
Langhammer, Martin, Jefferson, David, Joyce, Juju, Streicher, Keone
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
GEE, JASON KAI YIN

Application Number

US11/042,937
Time in Patent Office

2,093 Days
Field of Search

713/189
US Class Current

713/189
CPC Class Codes

G06F 12/1433   for a module or a part of a...

G06F 21/76   in application-specific int...

H04L 2209/12   Details relating to cryptog...

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 9/0894   Escrow, recovery or storing...

One-time programmable memories for key storage

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

41 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

One-time programmable memories for key storage

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links