Method and system for electronically securing an electronic device using physically unclonable functions
First Claim
1. A method comprising:
- generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output;
performing, via a computing device, a statistical selection process on the PUF circuit output to produce a selected PUF circuit output;
performing, via the computing device, a verification process on the selected PUF circuit output, to verify the selected PUF circuit output as a verified PUF circuit output; and
generating, via the computing device, at least one random prime number suitable for generating an asymmetric public key encryption matching key pair, by performing a transfer function algorithm by applying a transfer function parameter to a derivative of the verified PUF circuit output, the transfer function parameter comprising an offset value, and wherein executing the transfer function further comprises;
producing a pseudo random number seed value from the verified PUF circuit output by using a pseudo random number generator on the verified PUF circuit output producing a derivative of the verified PUF circuit output;
the method further comprising;
generating a plurality of random prime numbers suitable for generating an asymmetric public key encryption matching key pair by;
receiving the verified PUF circuit output by a respective one of a plurality of pseudo random number generators to produce a plurality of seed values as derivatives of the respective verified PUF circuit output;
generating each of a plurality of prime numbers by combining a respective seed value with a respective corresponding transfer function offset value; and
generating an asymmetric public key encryption matching key pair using the plurality of prime numbers.
8 Assignments
0 Petitions
Accused Products
Abstract
The invention is directed to a system for securing an integrated circuit chip used in an electronic device by utilizing a circuit or other entity to produce physically unclonable functions (PUF) circuit to generate encryption keys, such as an RSA public or private key. A PUF circuit, according to its name and configuration, performs functions that are substantially difficult to be duplicated or cloned. This allows the invention to provide a unique and extremely secure system for authentication. In operation, the stored parameters can be used to more efficiently and quickly authenticate the device without the need to run the usual more burdensome encryption key generation processes without compromising the level of security in the device. Such a system can be used to substantially eliminate the time to produce encryption keys when a user needs to authenticate the device at power up or other access point.
416 Citations
11 Claims
-
1. A method comprising:
-
generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output; performing, via a computing device, a statistical selection process on the PUF circuit output to produce a selected PUF circuit output; performing, via the computing device, a verification process on the selected PUF circuit output, to verify the selected PUF circuit output as a verified PUF circuit output; and generating, via the computing device, at least one random prime number suitable for generating an asymmetric public key encryption matching key pair, by performing a transfer function algorithm by applying a transfer function parameter to a derivative of the verified PUF circuit output, the transfer function parameter comprising an offset value, and wherein executing the transfer function further comprises; producing a pseudo random number seed value from the verified PUF circuit output by using a pseudo random number generator on the verified PUF circuit output producing a derivative of the verified PUF circuit output; the method further comprising; generating a plurality of random prime numbers suitable for generating an asymmetric public key encryption matching key pair by; receiving the verified PUF circuit output by a respective one of a plurality of pseudo random number generators to produce a plurality of seed values as derivatives of the respective verified PUF circuit output; generating each of a plurality of prime numbers by combining a respective seed value with a respective corresponding transfer function offset value; and generating an asymmetric public key encryption matching key pair using the plurality of prime numbers. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method comprising:
-
generating a plurality of random prime numbers suitable for generating an asymmetric public key encryption matching key pair by; generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output; performing, via a computing device, a statistical selection process on the PUF circuit output to produce a selected PUF circuit output; performing, via the computing device a verification process on the selected PUF circuit output, to verify the selected PUF circuit output as a verified PUF circuit output; and generating, via the computing device, at least one random prime number suitable for generating an asymmetric public key encryption matching key pair, by performing a transfer function algorithm using a derivative of the verified PUF circuit output, along with a transfer function parameter, the transfer function parameter comprising an offset value, and wherein executing the transfer function algorithm further comprises; producing a pseudo random number seed value as a derivative of the verified PUF circuit output by using a pseudo random number generator on the verified PUF circuit output; the method further comprising; providing the verified PUF circuit output to two independent pseudo random number generators to produce two seed values; generating each of two random prime numbers by combining a respective one of the two seed values with a corresponding transfer function parameter offset value; and generating, via the computing device, an asymmetric public key encryption matching key pair using the two prime numbers.
-
-
7. A method comprising
generating a plurality of random prime numbers suitable for generating an asymmetric public key encryption matching key pair by: -
generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output; performing, via a computing device, a statistical selection process on the PUF circuit output to produce a selected PUF circuit output; performing, via the computing device, a verification process on one of the PUF circuit output and the selected PUF circuit output, to verify the one of the PUF circuit output and the selected PUF circuit output as a verified PUF circuit output; and generating, via the computing device, at least one random prime number suitable for generating an asymmetric public key encryption matching key pair, by performing a transfer function algorithm using the verified PUF circuit output, along with a transfer function parameter, the transfer function parameter comprising an offset value, and wherein executing the transfer function further comprises; producing a pseudo random number seed value from the verified PUF circuit output as a derivative of the verified PUF circuit by using a pseudo random number generator on the verified PUF circuit output; the method further comprising; receiving a first verified PUF circuit output as an input to a pseudo random number generator to produce a first seed value derivative of the first verified PUF circuit output and receiving a second verified PUF circuit output as an input to the pseudo random number generator to produce a second seed value derivative of the second verified PUF circuit output; generating a first prime number and a second prime number by combining the respective first seed value and the respective second seed value with a respective first corresponding transfer function parameter offset value and a respective second corresponding transfer function parameter offset value; and generating, via the computing device, an asymmetric public key encryption matching key pair private key and public key using the first prime number and the second prime number to generate each of the private key and the public key. - View Dependent Claims (8)
-
-
9. A method comprising:
-
generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output; performing, via a computing device, a statistical selection process on the PUF circuit output to produce the selected PUF circuit output; performing, via the computing device, a verification process on the selected PUF circuit output, to verify the selected PUF circuit output as a verified PUF circuit output; generating at least one random prime number suitable for generating an asymmetric public key encryption matching key pair by performing, via the computing device, the transfer function algorithm using a derivative of the verified PUF circuit output and the transfer function parameter; wherein the transfer function parameter comprises an offset value, and wherein performing the transfer function algorithm further comprises; producing a pseudo random number seed value as the derivative of the verified PUF circuit output by using a pseudo random number generator on the verified PUF circuit output; the method further comprising; wherein generating the offset value comprises; generating a seed value by applying the verified PUF circuit output to the pseudo random number generator; generating, via the computing device, a prime number using the seed value; and computing a transfer function offset value using the seed value and the prime number.
-
-
10. A method comprising:
-
generating, via a computing device, a plurality of random prime numbers suitable for generating an asymmetric public key encryption matching key pair by; generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output; performing, via a computing device, a statistical selection process on the PUF circuit output to produce a selected PUF circuit output; performing via a computing device a verification process on the selected PUF circuit output, to verify the selected PUF circuit output as a verified PUF circuit output; generating, via a computing device, a random prime number suitable for generating an asymmetric public key encryption matching key pair by performing, via the computing device, the transfer function algorithm using a derivative of the verified PUF circuit output and a transfer function parameter; wherein the transfer function parameter comprises an offset value, and wherein generating the transfer function comprises; receiving a first verified PUF circuit output as an input to a pseudo random number generator to produce a first seed value derivative of the first verified PUF circuit output and receiving a second verified PUF circuit output as an input to the pseudo random number generator to produce a second seed value derivative of the second verified PUF circuit output; generating a first prime number and a second prime number by combining the respective first seed value and the respective second seed value with a respective first corresponding transfer function offset value and a respective second corresponding transfer function offset value; and generating, via the computing device, an asymmetric public key encryption matching key pair private key and public key using the first prime number and the second prime number to generate each of the private key and the public key; wherein the first seed value and the second seed value and the first prime number and the second prime number are integers, and wherein defining the respective transfer function offset values includes calculating respectively the difference between the first seed value and the first prime number and between the second seed value and the second prime number.
-
-
11. A method comprising:
-
generating an output from a physically unclonable function (PUF) circuit to produce a PUF circuit output; performing via the computing device a statistical selection process on the PUF circuit output to produce the selected PUF circuit output; performing, via the computing device, a verification process on the selected PUF circuit output, to verify the selected PUF circuit output as a verified PUF circuit output; generating at least one random prime number suitable for generating an asymmetric public key encryption matching key pair by performing, via the computing device, the transfer function algorithm using a derivative of the verified PUF circuit output and a transfer function parameter, the transfer function parameter comprising an offset value, and wherein generating the transfer function further comprises; producing a pseudo random number seed value as the derivative of the verified PUF circuit output from the verified PUF circuit output by using a pseudo random number generator on the verified PUF circuit output; the method further comprising; wherein generating the first prime number and the second prime number comprises; generating, via the computing device, a first seed value and a second seed value and applying the respective transfer function first offset value and second offset value obtained from memory to each of the first seed value and the second seed value respectively.
-
Specification