Apparatus, system and method for providing cryptographic key information with physically unclonable function circuitry
First Claim
1. An apparatus comprising:
- an interface to couple the apparatus to a host and to perform an exchange of data with the host;
physically unclonable function (PUF) circuitry configured to generate a first value;
a first cryptographic engine coupled to receive the first value from the PUF circuitry;
control circuitry coupled to signal the first cryptographic engine to perform a cryptographic operation associated with the exchange of data, wherein the first cryptographic engine is configured to perform the cryptographic operation based on the first value;
a first signal line coupled between the PUF circuitry and the first cryptographic engine, wherein the first cryptographic engine is coupled to receive the first value from the PUF circuitry via the first signal line; and
a bus coupling the first cryptographic engine to the control circuitry or the interface, wherein the first cryptographic engine is coupled to output a result of the cryptographic operation to the bus, wherein any exchange of the first value by the first cryptographic engine and any exchange of the first value by the PUF circuitry is for communication of the first value independent of the bus, wherein the bus is further coupled to the PUF circuitry independent of the first signal line, wherein the PUF circuitry is further configured to output a second value to the bus independent of the second value being exchanged via the first signal line.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques and mechanisms for providing a value from physically unclonable function (PUF) circuitry for a cryptographic operation of a security module. In an embodiment, a cryptographic engine receives a value from PUF circuitry and based on the value, outputs a result of a cryptographic operation to a bus of the security module. The bus couples the cryptographic engine to control logic or interface logic of the security module. In another embodiment, the value is provided to the cryptographic engine from the PUF circuitry via a signal line which is distinct from the bus, where any exchange of the value by either of the cryptographic engine and the PUF circuitry is for communication of the first value independent of the bus.
-
Citations
20 Claims
-
1. An apparatus comprising:
-
an interface to couple the apparatus to a host and to perform an exchange of data with the host; physically unclonable function (PUF) circuitry configured to generate a first value; a first cryptographic engine coupled to receive the first value from the PUF circuitry; control circuitry coupled to signal the first cryptographic engine to perform a cryptographic operation associated with the exchange of data, wherein the first cryptographic engine is configured to perform the cryptographic operation based on the first value; a first signal line coupled between the PUF circuitry and the first cryptographic engine, wherein the first cryptographic engine is coupled to receive the first value from the PUF circuitry via the first signal line; and a bus coupling the first cryptographic engine to the control circuitry or the interface, wherein the first cryptographic engine is coupled to output a result of the cryptographic operation to the bus, wherein any exchange of the first value by the first cryptographic engine and any exchange of the first value by the PUF circuitry is for communication of the first value independent of the bus, wherein the bus is further coupled to the PUF circuitry independent of the first signal line, wherein the PUF circuitry is further configured to output a second value to the bus independent of the second value being exchanged via the first signal line. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method at a security module coupled to a host, the method comprising:
-
performing an exchange of data with the host via an interface of the security module; generating a first value with physically unclonable function (PUF) circuitry; exchanging the first value from the PUF circuitry to a first cryptographic engine with a signal line; in response to signaling by control circuitry of the security module, performing with the first cryptographic engine a cryptographic operation associated with the exchange of data based on the first value; outputting a result of the cryptographic operation from the first cryptographic engine to a bus of the security module, the bus coupling the first cryptographic engine to the control circuitry or the interface, wherein any exchange of the first value by the first cryptographic engine and any exchange of the first value by the PUF circuitry is for communication of the first value independent of the bus; and outputting a second value from the PUF circuitry to the bus independent of any communication of the second value via the signal line. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A system comprising:
-
a host including one or more processor cores; a security module including; an interface coupling the security module to the host, the interface to perform an exchange of data with the host; physically unclonable function (PUF) circuitry configured to generate a first value; a first cryptographic engine coupled to receive the first value from the PUF circuitry; control circuitry coupled to signal the first cryptographic engine to perform a cryptographic operation associated with the exchange of data, wherein the first cryptographic engine is configured to perform the cryptographic operation based on the first value; a first signal line coupled between the PUF circuitry and the first cryptographic engine, wherein the first cryptographic engine is coupled to receive the first value from the PUF circuitry via the first signal line; and a bus coupling the first cryptographic engine to the control circuitry or the interface, wherein the first cryptographic engine is coupled to output a result of the cryptographic operation to the bus, wherein any exchange of the first value by the first cryptographic engine and any exchange of the first value by the PUF circuitry is for communication of the first value independent of the bus, wherein the bus is further coupled to the PUF circuitry independent of the first signal line, wherein the PUF circuitry is further configured to output a second value to the bus independent of the second value being exchanged via the first signal line. - View Dependent Claims (17, 18, 19, 20)
-
Specification