Tamper-protected hardware and method for using same

US 9,071,446 B2
Filed: 03/12/2012
Issued: 06/30/2015
Est. Priority Date: 03/11/2011
Status: Active Grant

First Claim

Patent Images

1. A tamper-protected semiconductor module comprising:

a hardware module comprising one or more emitters for emitting a predetermined excitation that can be measured as a physical measurand, and one or more sensors for sensing the (back-) scatter of the excitation in form of the physical measurand in a contactless and/or contact-based manner, anda cocoon housing the hardware module, the cocoon being adapted to influence the (back-) scatter of the predetermined excitation to be sensed by the sensors, wherein the measured (back-) scatter of the predetermined excitation influenced by the cocoon provides a Physical Unclonable Function (PUF),wherein the hardware module is adapted to use the PUF provided by the measured (back-) scatter of the predetermined excitation influenced by the cocoon to detect a tampering of the tamper-protected semiconductor module, andwherein the tamper-protected semiconductor module is adapted to generate a digital measured fingerprint of the tamper-protected semiconductor module from the measured values of (back-) scatter of the excitation provided by the sensors, andwherein the tamper-protected semiconductor module further comprises a processor unit for receiving Helper-Data from a storage, and for generating a secret based on the digital measured fingerprint and the Helper-Data, wherein the secret, wherein in case the digital measured fingerprint is not corresponding to a fingerprint of the un-tampered tamper-protected semiconductor module, the generated secret is incorrect due to the PUF properties of the measured (back-) scatter of the predetermined excitation influenced by the cocoon.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One of the various aspects of the invention is related to suggesting various techniques for improving the tamper-resistibility of hardware. The tamper-resistant hardware may be advantageously used in a transaction system that provides the off-line transaction protocol. Amongst these techniques for improving the tamper-resistibility are trusted bootstrapping by means of secure software entity modules, a new use of hardware providing a Physical Unclonable Function, and the use of a configuration fingerprint of a FPGA used within the tamper-resistant hardware.

57 Citations

View as Search Results

22 Claims

1. A tamper-protected semiconductor module comprising:
- a hardware module comprising one or more emitters for emitting a predetermined excitation that can be measured as a physical measurand, and one or more sensors for sensing the (back-) scatter of the excitation in form of the physical measurand in a contactless and/or contact-based manner, anda cocoon housing the hardware module, the cocoon being adapted to influence the (back-) scatter of the predetermined excitation to be sensed by the sensors, wherein the measured (back-) scatter of the predetermined excitation influenced by the cocoon provides a Physical Unclonable Function (PUF),wherein the hardware module is adapted to use the PUF provided by the measured (back-) scatter of the predetermined excitation influenced by the cocoon to detect a tampering of the tamper-protected semiconductor module, andwherein the tamper-protected semiconductor module is adapted to generate a digital measured fingerprint of the tamper-protected semiconductor module from the measured values of (back-) scatter of the excitation provided by the sensors, andwherein the tamper-protected semiconductor module further comprises a processor unit for receiving Helper-Data from a storage, and for generating a secret based on the digital measured fingerprint and the Helper-Data, wherein the secret, wherein in case the digital measured fingerprint is not corresponding to a fingerprint of the un-tampered tamper-protected semiconductor module, the generated secret is incorrect due to the PUF properties of the measured (back-) scatter of the predetermined excitation influenced by the cocoon.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The tamper-protected semiconductor module according to claim 1, wherein the hardware module is adapted to make itself temporarily or permanently unusable, in case the hardware module detects a tampering of the tamper-protected semiconductor module.
  - 3. The tamper-protected semiconductor module according to claim 1, being adapted to generate a digital measured fingerprint of the tamper-protected semiconductor module from the measured values of the (back-) scatter of the excitation provided by the respective sensors, andfurther being adapted to detect an attempt to tamper the tamper-protected semiconductor module by comparing the digital measured fingerprint with a fingerprint of the un-tampered tamper-protected semiconductor module.
  - 4. The tamper-protected semiconductor module according to claim 1, wherein the one or more emitters is/are circuitry and/or integrated circuits of the hardware module.
  - 5. The tamper-protected semiconductor module according to claim 1, wherein the one or more emitters are provided as one or more oscillators comprised by the hardware modules, wherein the oscillators in combination emit the predetermined excitation.
  - 6. The tamper-protected semiconductor module according to claim 1, wherein the excitation is electromagnetic, electric, magnetic, acoustic and/or optical.
  - 7. The tamper-protected semiconductor module according to claim 1, wherein the cocoon comprises a shielding to prevent interference with the predetermined excitation from the outside of the tamper-protected hardware.
  - 8. The tamper-protected semiconductor module according to claim 7, wherein the shielding is at least one of an electromagnetic shielding, a magnetic shielding, an acoustic shielding and/or an optical shielding.
  - 9. The tamper-protected semiconductor module according to claim 1, wherein the cocoon comprises a coating and/or a potting compound including a material or material mixture influencing the (back-) scatter of the predetermined excitation.
  - 10. The tamper-protected semiconductor module according to claim 9, wherein granules of the material or the material mixture influence the (back-) scatter of the predetermined excitation.
  - 11. The tamper-protected semiconductor module according to claim 10, wherein the granules of the material or the material mixture are non-regularly distributed in the potting material thereby influencing the (back-) scatter of the predetermined excitation in way unique to the tamper-protected semiconductor module.
  - 12. The tamper-protected semiconductor module according to claim 9, wherein the material or the material mixture or the granules thereof is/are similar to chemical and physical character of the material mixture of the hardware module and/or its bonding.
  - 13. The tamper-protected semiconductor module according to claim 1, wherein the tamper-protected semiconductor module deactivates integrated circuit parts of the hardware module during a measurement cycle in which the one or more sensors sense the (back-) scatter of the predetermined excitation.
  - 14. The tamper-protected semiconductor module according to claim 13, wherein the deactivation is a deep power down to minimize the interference of the integrated circuit parts with the (back-) scatter of the predetermined excitation.

15. A method for detecting an attempt to tamper a tamper-protected semiconductor module, comprising the following steps:
- providing a hardware module of the tamper-protected semiconductor module, the hardware module comprising one or more emitters for emitting a predetermined excitation that can be measured as a physical measurand, and one or more sensors for sensing the (back-) scatter of the excitation in form of the physical measurand in a contactless and/or contact-based manner,housing the hardware module in a cocoon, the cocoon being adapted to influence the (back-) scatter of the predetermined excitation to be sensed by the sensors,a) causing the one or more emitters of the hardware module to emit predetermined excitation,b) causing the one or more sensors of the hardware module to sense the (back-) scatter of the predetermined excitation reflected by the cocoon of the tamper-protected semiconductor module,c) generating a digital measured fingerprint from (back-) scatter of the predetermined excitation sensed by the one or more sensors, andd) verifying the integrity of the cocoon by using the digital measured fingerprint recorded.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
- - 16. The method according to claim 15, further comprising the step of:
    - e) producing an interrupt, in case integrity could not be verified in step d), wherein the interrupt causes the hardware module to permanently or temporarily make itself unusable.
  - 17. The method according to claim 15, further comprising the step of:
    - f) deactivating integrated circuit parts of the hardware module during a measurement cycle in which the one or more sensors sense the (back-) scatter of the predetermined excitation.
  - 18. The method according to claim 15, wherein integrity of the cocoon is verified by comparing the digital measured fingerprint with a digital fingerprint of the un-tampered cocoon.
  - 19. The method according to claim 18, wherein the fingerprint of the un-tampered cocoon is stored as a certificate in a memory.
  - 20. The method according to claim 18, further comprising the steps of:
    - g) initializing the hardware module by creating and recording a fingerprint of the un-tampered semiconductor module,h) securing the fingerprint using a certificate signed by an certificate authority, and i) storing the certified fingerprint in a semiconductor non-volatile memory.
  - 21. The method according to claim 15, wherein integrity of the cocoon is verified by a key restoration process generating a key based on Helper-Data and the sensed the (back-) scatter of the predetermined excitation.
  - 22. The method according to claim 21, further comprising the steps of:
    - g) initializing the hardware module by creating and recording a fingerprint of the un-tampered semiconductor module,h) generating the Helper-Data based on the key and the sensed (back-) scatter of the predetermined excitation, andi) storing the Helper-Data in a semiconductor non-volatile memory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emsycon GmbH
Original Assignee
Emsycon GmbH
Inventors
Kreft, Heinz
Primary Examiner(s)
SHOLEMAN, ABU S

Application Number

US14/004,651
Publication Number

US 20140108786A1
Time in Patent Office

1,205 Days
Field of Search

713/156, 713/194, 380/277
US Class Current

1/1
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 21/45   Structures or tools for the...

G06F 21/57   Certifying or maintaining t...

G06F 21/71   to assure secure computing ...

G06F 21/73   by creating or determining ...

G06F 21/87   by means of encapsulation, ...

G06Q 20/223   based on the use of peer-to...

G06Q 20/3821   Electronic credentials

G06Q 20/3825   Use of electronic signatures

G09C 1/00   Apparatus or methods whereb...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/0861   Generation of secret inform...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/3247   involving digital signatures

H04L 9/3263 : involving certificates, e.g...

H04L 9/3268 : using certificate validatio...

H04L 9/3278 : using physically unclonable...

View All

Tamper-protected hardware and method for using same

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

57 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Tamper-protected hardware and method for using same

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

57 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links