公开(公告)号：US11962305B2

公开(公告)日：2024-04-16

申请号：US17303839

申请日：2021-06-09

Applicant: NXP B.V.

Inventor： Björn Fay

IPC: H03K3/84 ,  G06F7/58 ,  H03K3/03 ,  H03K21/08

CPC classification number: H03K3/84 ,  G06F7/58 ,  G06F7/588 ,  H03K3/0315 ,  H03K21/08

Abstract: A true random number generator circuit includes a ring oscillator and a plurality of sampling circuits. The ring oscillator includes a plurality of series-connected stages coupled together in a ring. An output of a last stage of the ring oscillator is coupled to an input of a first stage of the ring oscillator. A sampling circuit of the plurality of sampling circuits has an input coupled to a node located between two adjacent stages of the plurality of series-connected stages. Every node of the ring oscillator is coupled to a corresponding sampling circuit of the plurality of sampling circuits. In another embodiment, a method for generating a random number is provided.

公开(公告)号：US11960358B1

公开(公告)日：2024-04-16

申请号：US17937138

申请日：2022-09-30

Applicant: NXP B.V.

Inventor： Björn Fay

IPC: G06F11/00 ,  G06F11/10 ,  G06F21/56

CPC classification number: G06F11/1044 ,  G06F21/566 ,  G06F2221/034

Abstract: Various embodiments relate to a memory controller configured to read data from a memory array, including: an error correction codes (ECC) encoder configured to encode data stored in the memory array; an ECC decoder configured to decode first data read from the memory array based upon a first read request and detect errors in the first data read from the memory array; and a fault controller configured to: command the memory controller to read other data from the memory array when the ECC detects an error; command the memory controller to re-read the first data from the memory array; when the ECC detects an error; compare the re-read first data to the read first data; and signal a fault attack when the re-read first data is different from the read first data.

公开(公告)号：US20240348441A1

公开(公告)日：2024-10-17

申请号：US18132274

申请日：2023-04-07

Applicant: NXP B.V.

Inventor： Joost Roland Renes ,  Björn Fay

IPC: H04L9/30 ,  G06F17/14

CPC classification number: H04L9/3093 ,  G06F17/14

Abstract: Electronic device and method for performing number theoretic transforms (NTTs) on polynomials for cryptography uses an arithmetic transformation on an input polynomial with n coefficients to divide the input polynomial into multiple polynomials each with less than n coefficients such that the coefficients of the multiple polynomials add up to n. An NTT transformation is executed on the multiple polynomials such that the coefficients of each of the multiple polynomials are processed in parallel butterfly operations. A cryptographic operation is performed based on the results of the NTT transformation.

公开(公告)号：US12113550B1

公开(公告)日：2024-10-08

申请号：US18331499

申请日：2023-06-08

Applicant: NXP B.V.

Inventor： Björn Fay

IPC: H03M13/19 ,  G06F11/10 ,  H03M13/00 ,  H03M13/09

CPC classification number: H03M13/19 ,  G06F11/1012 ,  G06F11/1076 ,  H03M13/09

Abstract: A method for encoding data to be stored in a memory, including: encoding the data to be stored in memory with an error correcting code (ECC) as first encoded data, wherein the ECC is configured to have a minimum Hamming distance of at least 4t+1 in order to correct up to t bit errors and detect up to 3t bit errors where t≥1; determining a Hamming weight of the first encoded data; encoding the determined Hamming weight, wherein for all higher Hamming weights the encoding should have at least 2t+1 bit-positions that change from 1 to 0 per Hamming weight; concatenating the first encoded data and the encoded Hamming weight as concatenated data; and storing the concatenated data in the memory.

公开(公告)号：US20230274787A1

公开(公告)日：2023-08-31

申请号：US18313669

申请日：2023-05-08

Applicant: NXP B.V.

Inventor： Soenke Ostertun ,  Björn Fay ,  Vitaly Ocheretny

IPC: G11C29/42 ,  G06F11/10

CPC classification number: G11C29/42 ,  G06F11/1056 ,  G06F11/1068 ,  G06F11/1096

Abstract: Various embodiments relate to a method for storing and reading data from a memory. Data words stored in the memory may be grouped, and word specific parity information and shared parity information is generated, and the shared parity information is distributed among the group of words. During reading of a word, if more errors are detected than can be corrected with word parity data, the shared parity data is retrieved and used to make the error corrections.

公开(公告)号：US12177363B2

公开(公告)日：2024-12-24

申请号：US18045702

申请日：2022-10-11

Applicant: NXP B.V.

Inventor： Joost Roland Renes ,  Melissa Azouaoui ,  Joppe Willem Bos ,  Björn Fay ,  Tobias Schneider

IPC: H04L29/06 ,  G06F21/52 ,  H04L9/30 ,  H04L9/32

Abstract: Various embodiments relate to a fault detection system and method for a digital signature algorithm, including: producing a digital signature of a message using a digital signature algorithm; storing parameters from a last round of the digital signature algorithm; executing the last round of the digital signature algorithm using the stored parameters to produce a check signature; comparing the digital signature to the check signature; and outputting the digital signature when the digital signature is the same as the check signature.

公开(公告)号：US20240356748A1

公开(公告)日：2024-10-24

申请号：US18135922

申请日：2023-04-18

Applicant: NXP B.V.

Inventor： Joost Roland Renes ,  Björn Fay

IPC: H04L9/30

CPC classification number: H04L9/3093

Abstract: System and method for masking secret polynomials for cryptography receives a secret polynomial function in a polynomial ring, which is masked with one or more masking polynomials in which at least some coefficients have a same value. An arithmetic operation is performed on coefficients of the masking polynomials with repeated coefficients to produce an output having integer values. A cryptographic operation is then performed with the output of the arithmetic operation.

公开(公告)号：US20230063743A1

公开(公告)日：2023-03-02

申请号：US17445742

申请日：2021-08-24

Applicant: NXP B.V.

Inventor： Björn Fay ,  Miroslav Knezevic ,  Durgesh Pattamatta ,  Alexander Vogt

IPC: G06F21/60 ,  H04L9/08 ,  H04L9/32 ,  H04L9/06

Abstract: A method is provided for secure provisioning of a device. In the method, a plurality of integrated circuit (IC) devices is manufactured by a first entity for use in the device. The first entity provides signed provisioning software and stores in at least one provisioning IC device one or more keys used for provisioning the plurality of ICs. The provisioning device with the signed provisioning software is provided to a second entity. The second entity verifies the provisioning software using a stored key. The provisioning software encrypts provisioning assets provided by the second entity and provides the encrypted provisioning assets to the third entity. The signed provisioning software is provided to a third entity by the first entity. During manufacturing of the manufactured products by the third entity, the provisioning software verifies and decrypts the encrypted provisioning assets of the second entity to provision all the plurality of IC devices.

公开(公告)号：US11595195B2

公开(公告)日：2023-02-28

申请号：US17226770

申请日：2021-04-09

Applicant: NXP B.V.

Inventor： Tobias Schneider ,  Joppe Willem Bos ,  Björn Fay ,  Marc Gourjon ,  Joost Roland Renes ,  Christine van Vredendaal

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/30 ,  G06F7/76 ,  G06F7/02

Abstract: Various embodiments relate to a method for masked decoding of a polynomial a using an arithmetic sharing a to perform a cryptographic operation in a data processing system using a modulus q, the method for use in a processor of the data processing system, including: subtracting an offset δ from each coefficient of the polynomial a; applying an arithmetic to Boolean (A2B) function on the arithmetic shares of each coefficient ai of the polynomial a to produce Boolean shares âi that encode the same secret value ai; and performing in parallel for all coefficients a shared binary search to determine which of coefficients ai are greater than a threshold t to produce a Boolean sharing value {circumflex over (b)} of the bitstring b where each bit of b decodes a coefficient of the polynomial a.

公开(公告)号：US20240313963A1

公开(公告)日：2024-09-19

申请号：US18183310

申请日：2023-03-14

Applicant: NXP B.V.

Inventor： Christine van Vredendaal ,  Björn Fay ,  Mario Lamberger

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0894 ,  H04L9/0891 ,  H04L9/3263

Abstract: A method for provisioning a plurality of IC devices, the method including: providing, by a first entity, the plurality of IC devices; storing, by the first entity, in one of the plurality of IC devices used as a provisioning device, one or more keys, and a public key, wherein the one or more keys include a reprovisioning key for reprovisioning the remaining IC devices; installing, by the first entity, provisioning software in the provisioning device; signing, by the first entity, provisioning software using a private key, the private key corresponding to the public key; provisioning the remaining IC devices by the provisioning device including providing cryptographic assets to the remaining IC devices, wherein the cryptographic assets include cryptographic code and keys; and reserving space in the remaining IC devices for reprovisioning the remaining IC devices with updated cryptographic assets.