Programmable logic device with improved security

US 9,171,185 B1
Filed: 07/14/2014
Issued: 10/27/2015
Est. Priority Date: 12/03/2009
Status: Active Grant

First Claim

Patent Images

1. A logic device comprising:

at least one logic block driven by a first clock signal; and

a decryption core configured to process encrypted input data, the decryption core driven by a second clock signal, the second clock signal being one or both of decoupled from the first clock signal and asynchronous to the first clock signal;

wherein;

the decryption core generates plaintext output data to configure the at least one logic block.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques of the present invention impede power consumption measurements of an encryption engine on a logic device by running the encryption engine with an independent clock. This clock produces a signal that is decoupled from and asynchronous to clock signals feeding other circuits on the device. The clock feeding the encryption engine is not accessible externally to the device. Circuits may be employed to intentionally slow down or add jitter to one or more of the clock signals.

48 Citations

20 Claims

1. A logic device comprising:
- at least one logic block driven by a first clock signal; and
  
  a decryption core configured to process encrypted input data, the decryption core driven by a second clock signal, the second clock signal being one or both of decoupled from the first clock signal and asynchronous to the first clock signal;
  
  wherein;
  
  the decryption core generates plaintext output data to configure the at least one logic block.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The logic device in accordance with claim 1, further comprisingan encryption engine and a first memory to buffer data between the encryption engine and other components of the logic device.
  - 3. The logic device in accordance with claim 1, wherein the second clock signal is not accessible externally to the logic device.
  - 4. The logic device in accordance with claim 1, wherein the second clock signal is undetectable from outside the logic device.
  - 5. The logic device in accordance with claim 1, further comprising circuitry configured to keep the second clock signal out of phase with the first clock signal.
  - 6. The logic device in accordance with claim 1, further comprising circuitry to compare a plurality of clock signals and select the slowest clock signal in the plurality as the first clock signal.
  - 7. The logic device in accordance with claim 1, further comprising a third clock signal asynchronous with the first and second clock signals, the third clock signal driving other components of the logic device.
  - 8. The logic device in accordance with claim 1, further comprising a jitter component configured to induce jitter in the second clock signal.

9. A method for encrypting data on a logic device, the method comprising:
- driving a plurality of logic elements on the logic device with a first clock signal;
  
  generating a second clock signal, the second logic signal being one or both of decoupled from the first clock signal and asynchronous to the first clock signal; and
  
  driving an encryption engine located in the logic device with the second clock signal, the encryption engine processing input data from the plurality of logic elements and returning output data to the plurality of logic elements.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method in accordance with claim 9, further comprisingbuffering input data to the encryption engine from the plurality of logic elements in a first memory on the logic device;
    - andbuffering output data from the encryption engine to the plurality of logic elements in a second memory on the logic device.
  - 11. The method in accordance with claim 10, wherein the encryption engine processes data from a source other than the first memory and discards the results if the first memory does not contain any input data.
  - 12. The method in accordance with claim 9, wherein the first clock signal is provided by an external device.
  - 13. The method in accordance with claim 9, further comprising generating a third clock signal asynchronous with the first and second clock signals, and driving other logic components of the device with the third clock signal.
  - 14. The method in accordance with claim 9, further comprising inducing jitter in the second clock signal.
  - 15. The method in accordance with claim 9, wherein the second clock signal is not accessible externally to the logic device.
  - 16. The method in accordance with claim 9, wherein the second clock signal is undetectable from outside the logic device.

17. A non-transitory computer readable storage medium comprising instructions for configuring a logic device todrive at least one logic block on the logic device with a first clock signal;
- generate a second clock signal, the second clock signal being one or both of decoupled from the first clock signal and asynchronous to the first clock signal; and
  
  drive an encryption engine located in the logic block with the second clock signal, the encryption engine processing input data from the logic block and returning output data to the logic block.
- View Dependent Claims (18, 19, 20)
- - 18. The non-transitory computer readable storage medium in accordance with claim 17 wherein the instructions further configure the device tobuffer input data to the encryption engine from the at least one logic block in a first memory on the logic block;
    - andbuffer output data from the encryption engine to the at least one logic block in a second memory on the logic block.
  - 19. The non-transitory computer readable storage medium in accordance with claim 17 wherein the second clock signal is not accessible externally to the logic device.
  - 20. The non-transitory computer readable storage medium in accordance with claim 17 wherein the wherein the second clock signal is undetectable from outside the logic device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Altera Corporation (Intel Corporation)
Inventors
Pedersen, Bruce B.
Primary Examiner(s)
Gee, Jason K.
Assistant Examiner(s)
BUCKNOR, OLANREWAJU J

Application Number

US14/331,016
Time in Patent Office

470 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/76 in application-specific int...

Programmable logic device with improved security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

48 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Programmable logic device with improved security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

48 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links