APPARATUS AND METHOD FOR AUTHENTICATION BETWEEN DEVICES BASED ON PUF OVER MACHINE-TO-MACHINE COMMUNICATIONS

US 20140310515A1
Filed: 08/16/2012
Published: 10/16/2014
Est. Priority Date: 08/16/2011
Status: Active Grant

First Claim

Patent Images

1. A terminal device that performs machine-to-machine (M2M) communication, the terminal device comprising:

a physical unclonable function (PUF) embedded in the terminal device to generate an authentication key for password authentication associated with the terminal device; and

an authentication unit to perform the password authentication associated with the terminal device using the authentication key generated by the PUF.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Terminal devices that perform machine-to-machine (M2M) communication may autonomously perform password authentication by autonomously generating a personal identity number (PIN) value, which is not exposed externally, using a physical unclonable function (PUF). A terminal apparatus that performs M2M communication may include a PUF embedded in the terminal apparatus to generate an authentication key for password authentication associated with the terminal apparatus, and an authentication unit to perform the password authentication associated with the terminal apparatus using the authentication key generated by the PUF.

44 Citations

19 Claims

1. A terminal device that performs machine-to-machine (M2M) communication, the terminal device comprising:
- a physical unclonable function (PUF) embedded in the terminal device to generate an authentication key for password authentication associated with the terminal device; and
  
  an authentication unit to perform the password authentication associated with the terminal device using the authentication key generated by the PUF.
- View Dependent Claims (2)
- - 2. The terminal device of claim 1, wherein the PUF is physically isolated from an external environment to prevent the authentication key from being exposed to the outside.

3. A terminal device that performs machine-to-machine (M2M) communication, the terminal device comprising:
- a secret key module to provide a secret key for transferring, using a secret key encryption scheme, a public key used for communication of the terminal device using a public key encryption scheme; and
  
  a private key module to provide a private key for generating the public key,wherein at least one of the secret key module and the private key module includes a physical unclonable function (PUF).
- View Dependent Claims (4, 5, 6, 7, 8, 9)
- - 4. The terminal device of claim 3, further comprising:
    - a fuse unit blocked in response to applying of overcurrent to block a path via which the secret key is extracted.
  - 5. The terminal device of claim 4, wherein the fuse unit blocks the path after the secret key is initially extracted from the terminal device.
  - 6. The terminal device of claim 3, further comprising:
    - a serial number storage to store a serial number of the terminal device; and
      
      a fuse unit to block a path via which the secret key is extracted, after the serial number is stored in the serial number storage and the secret key is extracted.
  - 7. The terminal device of claim 3, further comprising:
    - a public key generator to generate the public key using the private key.
  - 8. The terminal device of claim 3, wherein:
    - the terminal device stores a public key of an external device used for communication of the external device using the public key encryption scheme, andwhen a message is received from the external device, the terminal device decrypts the message using the public key of the external device.
  - 9. The terminal device of claim 8, wherein when the message is decrypted, the terminal device verifies the validity of the external device depending on whether the identity of a serial number of the terminal device is acknowledged.

10. A certification authority (CA) device for managing a terminal device that performs machine-to-machine (M2M) communication, the CA device comprising:
- a personal identity number (PIN) list to store a secret key of the terminal device and a serial number of the terminal device,wherein when a message, in which a public key used for communication using a public key encryption scheme and the serial number of the terminal device are encrypted using the secret key, is transmitted from the terminal device, the CA device decrypts the message using the secret key, andwhen the message is decrypted, the CA device verifies the validity of the external device depending on whether the identity of a serial number of the terminal device is acknowledged.

11. A method of performing, by a terminal device, security authentication in order to perform machine-to-machine (M2M) communication, the method comprising:
- generating, by the terminal device, a private key of the terminal device using a first physical unclonable function (PUF) embedded in the terminal device;
  
  generating, by the terminal device, a public key for performing password authentication using the private key; and
  
  performing the password authentication with an external terminal other than the terminal device or an external certification authority (CA) using the public key.
- View Dependent Claims (12, 13, 14, 19)
- - 12. The method of claim 11, further comprising:
    - generating a secret key for transferring the public key externally using a secret key encryption scheme, using a second PUF different from the first PUF; and
      
      exchanging the public key with the external CA based on a secret key encryption scheme using the secret key.
  - 13. The method of claim 11, further comprising:
    - receiving, from the external CA, a message encrypted using a public key encryption scheme;
      
      decrypting the encrypted message using a pre-stored public key of the external CA; and
      
      completing security authentication with the external CA when a serial number of the terminal device is verified from the decrypted message.
  - 14. The method of claim 12, further comprising:
    - blocking a fuse present in a path via which the secret key is extracted, after a serial number of the terminal device is stored in a serial number storage and the secret key is initially extracted.
  - 19. A non-transitory computer-readable recording medium storing a program to implement the method according to any one of claims 11 through 18.

15. A method of relaying, by a certification authority (CA) device, public key exchange for machine-to-machine (M2M) communication between a first terminal device and a second terminal device, the method comprising:
- receiving, from the second terminal device, a request for a public key of the first terminal device;
  
  generating a first encryption message by encrypting the public key of the first terminal device and a serial number of the second terminal device using a private key of the CA device; and
  
  transmitting the first encryption message to the second terminal device.
- View Dependent Claims (16, 17, 18)
- - 16. The method of claim 15, further comprising:
    - generating a second encryption message by encrypting a public key of the second terminal device and a serial number of the first terminal device using the private key of the CA device; and
      
      transmitting the second encryption message to the first terminal device.
  - 17. The method of claim 15, wherein the second terminal device decrypts the first message using a public key of the CA device corresponding to the private key of the CA device, and trusts the transmitted public key of the first terminal device when the serial number of the second terminal device is verified from the decrypted first message.
  - 18. The method of claim 16, wherein the first terminal device decrypts the second message using a public key of the CA device corresponding to the private key of the CA device, and trusts the transmitted public key of the second terminal device when the serial number of the first terminal device is verified from the decrypted second message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ICTK Holdings Co., Ltd.
Original Assignee
Bong Jae Jin, Byong Deok Choi, Dong Kyue Kim, Kwang Hyun Jee, Sang Seon Park
Inventors
Kim, Dong Kyue, Choi, Byong Deok, Park, Sang Seon, Jee, Kwang Hyun, Jin, Bong Jae

Granted Patent

US 9,787,670 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/445   by mutual authentication, e...

G06F 21/72   in cryptographic circuits

G06F 21/73   by creating or determining ...

G06F 21/85   interconnection devices, e....

G06F 2221/2103   Challenge-response

G06F 2221/2107   File encryption

G09C 1/00   Apparatus or methods whereb...

H04L 2209/12   Details relating to cryptog...

H04L 63/083   using passwords cryptograph...

H04L 63/0876   based on the identity of th...

H04L 9/0866   involving user or device id...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

H04L 9/3278   using physically unclonable...

H04W 4/70   Services for machine-to-mac...

APPARATUS AND METHOD FOR AUTHENTICATION BETWEEN DEVICES BASED ON PUF OVER MACHINE-TO-MACHINE COMMUNICATIONS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

44 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

APPARATUS AND METHOD FOR AUTHENTICATION BETWEEN DEVICES BASED ON PUF OVER MACHINE-TO-MACHINE COMMUNICATIONS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links