Method and system for electronically securing an electronic device using physically unclonable functions

US 8,290,150 B2
Filed: 07/17/2007
Issued: 10/16/2012
Est. Priority Date: 05/11/2007
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output;

performing, via a computing device, a statistical selection process on the PUF circuit output to produce a selected PUF circuit output;

performing, via the computing device, a verification process on the selected PUF circuit output, to verify the selected PUF circuit output as a verified PUF circuit output; and

generating, via the computing device, at least one random prime number suitable for generating an asymmetric public key encryption matching key pair, by performing a transfer function algorithm by applying a transfer function parameter to a derivative of the verified PUF circuit output, the transfer function parameter comprising an offset value, and wherein executing the transfer function further comprises;

producing a pseudo random number seed value from the verified PUF circuit output by using a pseudo random number generator on the verified PUF circuit output producing a derivative of the verified PUF circuit output;

the method further comprising;

generating a plurality of random prime numbers suitable for generating an asymmetric public key encryption matching key pair by;

receiving the verified PUF circuit output by a respective one of a plurality of pseudo random number generators to produce a plurality of seed values as derivatives of the respective verified PUF circuit output;

generating each of a plurality of prime numbers by combining a respective seed value with a respective corresponding transfer function offset value; and

generating an asymmetric public key encryption matching key pair using the plurality of prime numbers.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention is directed to a system for securing an integrated circuit chip used in an electronic device by utilizing a circuit or other entity to produce physically unclonable functions (PUF) circuit to generate encryption keys, such as an RSA public or private key. A PUF circuit, according to its name and configuration, performs functions that are substantially difficult to be duplicated or cloned. This allows the invention to provide a unique and extremely secure system for authentication. In operation, the stored parameters can be used to more efficiently and quickly authenticate the device without the need to run the usual more burdensome encryption key generation processes without compromising the level of security in the device. Such a system can be used to substantially eliminate the time to produce encryption keys when a user needs to authenticate the device at power up or other access point.

416 Citations

11 Claims

1. A method comprising:
- generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output;
  
  performing, via a computing device, a statistical selection process on the PUF circuit output to produce a selected PUF circuit output;
  
  performing, via the computing device, a verification process on the selected PUF circuit output, to verify the selected PUF circuit output as a verified PUF circuit output; and
  
  generating, via the computing device, at least one random prime number suitable for generating an asymmetric public key encryption matching key pair, by performing a transfer function algorithm by applying a transfer function parameter to a derivative of the verified PUF circuit output, the transfer function parameter comprising an offset value, and wherein executing the transfer function further comprises;
  
  producing a pseudo random number seed value from the verified PUF circuit output by using a pseudo random number generator on the verified PUF circuit output producing a derivative of the verified PUF circuit output;
  
  the method further comprising;
  
  generating a plurality of random prime numbers suitable for generating an asymmetric public key encryption matching key pair by;
  
  receiving the verified PUF circuit output by a respective one of a plurality of pseudo random number generators to produce a plurality of seed values as derivatives of the respective verified PUF circuit output;
  
  generating each of a plurality of prime numbers by combining a respective seed value with a respective corresponding transfer function offset value; and
  
  generating an asymmetric public key encryption matching key pair using the plurality of prime numbers.
- View Dependent Claims (2, 3, 4, 5)
- - 2. A method according to claim 1, further comprising generating a plurality of random prime numbers suitable for generating an asymmetric public key encryption matching key pair by:
    - receiving the one of the PUF circuit output and the selected PUF circuit output by a respective one of a plurality of pseudo random number generators to produce a respective one of a plurality of seed values;
      
      generating each of a plurality of prime numbers by combining a respective seed value with a respective corresponding transfer function offset value; and
      
      generating an asymmetric public key encryption matching key pair using the plurality of prime numbers.
  - 3. A method according to claim 1, further comprising generating a plurality of random prime numbers suitable for generating an asymmetric public key encryption matching key pair by:
    - receiving a first verified PUF circuit output as an input to a pseudo random number generator to produce a first seed value derivative of the first verified PUF circuit output and receiving a second verified PUF circuit output as an input to the pseudo random number generator to produce a second seed value derivative of the second verified PUF circuit output;
      
      generating a first prime number and a second prime number by combining each of the respective first seed value and the respective second seed value with a respective first corresponding transfer function offset value and a respective second corresponding transfer function offset value; and
      
      generating, via the computing device, an asymmetric public key encryption matching key pair private key and public key using the first prime number and the second prime number to generate each of the private key and the public key.
  - 4. A method according to claim 1, wherein generating an offset value comprises:
    - generating a seed value by applying the verified PUF circuit output to the pseudo random number generator;
      
      generating, via the computing device, a prime number using the seed value; and
      
      computing a transfer function offset value using the seed value and the prime number.
  - 5. A method according to claim 1, wherein generating the first prime number and the second prime number comprises generating, via the computing device, a first seed value and a second seed value and applying the respective transfer function first offset value and second offset value obtained from memory to each of the first seed value and the second seed value respectively.

6. A method comprising:
- generating a plurality of random prime numbers suitable for generating an asymmetric public key encryption matching key pair by;
  
  generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output;
  
  performing, via a computing device, a statistical selection process on the PUF circuit output to produce a selected PUF circuit output;
  
  performing, via the computing device a verification process on the selected PUF circuit output, to verify the selected PUF circuit output as a verified PUF circuit output; and
  
  generating, via the computing device, at least one random prime number suitable for generating an asymmetric public key encryption matching key pair, by performing a transfer function algorithm using a derivative of the verified PUF circuit output, along with a transfer function parameter, the transfer function parameter comprising an offset value, and wherein executing the transfer function algorithm further comprises;
  
  producing a pseudo random number seed value as a derivative of the verified PUF circuit output by using a pseudo random number generator on the verified PUF circuit output;
  
  the method further comprising;
  
  providing the verified PUF circuit output to two independent pseudo random number generators to produce two seed values;
  
  generating each of two random prime numbers by combining a respective one of the two seed values with a corresponding transfer function parameter offset value; and
  
  generating, via the computing device, an asymmetric public key encryption matching key pair using the two prime numbers.

7. A method comprisinggenerating a plurality of random prime numbers suitable for generating an asymmetric public key encryption matching key pair by:
- generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output;
  
  performing, via a computing device, a statistical selection process on the PUF circuit output to produce a selected PUF circuit output;
  
  performing, via the computing device, a verification process on one of the PUF circuit output and the selected PUF circuit output, to verify the one of the PUF circuit output and the selected PUF circuit output as a verified PUF circuit output; and
  
  generating, via the computing device, at least one random prime number suitable for generating an asymmetric public key encryption matching key pair, by performing a transfer function algorithm using the verified PUF circuit output, along with a transfer function parameter, the transfer function parameter comprising an offset value, and wherein executing the transfer function further comprises;
  
  producing a pseudo random number seed value from the verified PUF circuit output as a derivative of the verified PUF circuit by using a pseudo random number generator on the verified PUF circuit output;
  
  the method further comprising;
  
  receiving a first verified PUF circuit output as an input to a pseudo random number generator to produce a first seed value derivative of the first verified PUF circuit output and receiving a second verified PUF circuit output as an input to the pseudo random number generator to produce a second seed value derivative of the second verified PUF circuit output;
  
  generating a first prime number and a second prime number by combining the respective first seed value and the respective second seed value with a respective first corresponding transfer function parameter offset value and a respective second corresponding transfer function parameter offset value; and
  
  generating, via the computing device, an asymmetric public key encryption matching key pair private key and public key using the first prime number and the second prime number to generate each of the private key and the public key.
- View Dependent Claims (8)
- - 8. A method according to claim 7, wherein the first seed value and the second seed value and the first prime number and the second prime number are integers, and wherein defining the respective transfer function offset values includes calculating respectively the difference between the first seed value and the first prime number and between the second seed value and the second prime number.

9. A method comprising:
- generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output;
  
  performing, via a computing device, a statistical selection process on the PUF circuit output to produce the selected PUF circuit output;
  
  performing, via the computing device, a verification process on the selected PUF circuit output, to verify the selected PUF circuit output as a verified PUF circuit output;
  
  generating at least one random prime number suitable for generating an asymmetric public key encryption matching key pair by performing, via the computing device, the transfer function algorithm using a derivative of the verified PUF circuit output and the transfer function parameter;
  
  wherein the transfer function parameter comprises an offset value, and wherein performing the transfer function algorithm further comprises;
  
  producing a pseudo random number seed value as the derivative of the verified PUF circuit output by using a pseudo random number generator on the verified PUF circuit output;
  
  the method further comprising;
  
  wherein generating the offset value comprises;
  
  generating a seed value by applying the verified PUF circuit output to the pseudo random number generator;
  
  generating, via the computing device, a prime number using the seed value; and
  
  computing a transfer function offset value using the seed value and the prime number.

10. A method comprising:
- generating, via a computing device, a plurality of random prime numbers suitable for generating an asymmetric public key encryption matching key pair by;
  
  generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output;
  
  performing, via a computing device, a statistical selection process on the PUF circuit output to produce a selected PUF circuit output;
  
  performing via a computing device a verification process on the selected PUF circuit output, to verify the selected PUF circuit output as a verified PUF circuit output;
  
  generating, via a computing device, a random prime number suitable for generating an asymmetric public key encryption matching key pair by performing, via the computing device, the transfer function algorithm using a derivative of the verified PUF circuit output and a transfer function parameter;
  
  wherein the transfer function parameter comprises an offset value, and wherein generating the transfer function comprises;
  
  receiving a first verified PUF circuit output as an input to a pseudo random number generator to produce a first seed value derivative of the first verified PUF circuit output and receiving a second verified PUF circuit output as an input to the pseudo random number generator to produce a second seed value derivative of the second verified PUF circuit output;
  
  generating a first prime number and a second prime number by combining the respective first seed value and the respective second seed value with a respective first corresponding transfer function offset value and a respective second corresponding transfer function offset value; and
  
  generating, via the computing device, an asymmetric public key encryption matching key pair private key and public key using the first prime number and the second prime number to generate each of the private key and the public key;
  
  wherein the first seed value and the second seed value and the first prime number and the second prime number are integers, and wherein defining the respective transfer function offset values includes calculating respectively the difference between the first seed value and the first prime number and between the second seed value and the second prime number.

11. A method comprising:
- generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output;
  
  performing via the computing device a statistical selection process on the PUF circuit output to produce the selected PUF circuit output;
  
  performing, via the computing device, a verification process on the selected PUF circuit output, to verify the selected PUF circuit output as a verified PUF circuit output;
  
  generating at least one random prime number suitable for generating an asymmetric public key encryption matching key pair by performing, via the computing device, the transfer function algorithm using a derivative of the verified PUF circuit output and a transfer function parameter, the transfer function parameter comprising an offset value, and wherein generating the transfer function further comprises;
  
  producing a pseudo random number seed value as the derivative of the verified PUF circuit output from the verified PUF circuit output by using a pseudo random number generator on the verified PUF circuit output;
  
  the method further comprising;
  
  wherein generating the first prime number and the second prime number comprises;
  
  generating, via the computing device, a first seed value and a second seed value and applying the respective transfer function first offset value and second offset value obtained from memory to each of the first seed value and the second seed value respectively.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Synaptics Incorporated
Original Assignee
Validity Sensors Incorporated (Synaptics Incorporated)
Inventors
Dean, Gregory L., Schwab, Frank, Erhart, Richard A
Primary Examiner(s)
BROWN, CHRISTOPHER J

Application Number

US11/779,215
Publication Number

US 20080279373A1
Time in Patent Office

1,918 Days
Field of Search

380/44
US Class Current

380/44
CPC Class Codes

H04L 9/302   involving the integer facto...

H04L 9/3249   using RSA or related signat...

H04L 9/3278   using physically unclonable...

Method and system for electronically securing an electronic device using physically unclonable functions

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

416 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for electronically securing an electronic device using physically unclonable functions

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

416 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links