公开(公告)号：US07702927B2

公开(公告)日：2010-04-20

申请号：US11272995

申请日：2005-11-14

Applicant: Srinivas Devadas ,  Thomas J. Ziola

Inventor： Srinivas Devadas ,  Thomas J. Ziola

IPC: G06F12/14

CPC classification number: H04L9/3278 ,  G06F21/31 ,  G06F21/445 ,  G06F21/602 ,  G06F21/76 ,  G06F2221/2129 ,  G11C7/24 ,  G11C16/20 ,  G11C16/22 ,  G11C2029/4402 ,  G11C2029/5002 ,  H04L9/0838 ,  H04L9/0877 ,  H04L9/304 ,  H04L2209/56 ,  H04L2209/603 ,  H04L2209/805

Abstract: A field configurable device, such as an FPGA, supports secure field configuration without using non-volatile storage for cryptographic keys on the device and without requiring a continuous or ongoing power source to maintain a volatile storage on the device. The approach can be used to secure the configuration data such that it can in general be used on a single or a selected set of devices and/or encryption of the configuration data so that the encrypted configuration data can be exposed without compromising information encoded in the configuration data.

Abstract translation: 诸如FPGA的现场可配置设备支持安全的现场配置，而不需要在设备上使用非易失性存储器用于加密密钥，而不需要连续或正在进行的电源来维护设备上的易失性存储。 该方法可以用于保护配置数据，使得其通常可以在单个或所选择的设备集合上使用和/或配置数据的加密，使得加密的配置数据可以在不损害在 配置数据。

公开(公告)号：US20090158054A1

公开(公告)日：2009-06-18

申请号：US12335083

申请日：2008-12-15

Applicant: Marten Van Dijk ,  Jing Chen ,  Srinivas Devadas

Inventor： Marten Van Dijk ,  Jing Chen ,  Srinivas Devadas

IPC: G06F12/14 ,  G06F7/06 ,  G06F17/30

CPC classification number: G06F7/72 ,  H04L63/0442

Abstract: A method for processing one or more terms includes, at a first computation facility, computing an obfuscated numerical representation for each of the terms. The computed obfuscated representations are provided from the first facility to a second computation facility. A result of an arithmetic computation based on the provided obfuscated values is received at the first facility. This received result represents an obfuscation of a result of application of a first function to the terms. The received result is processed to determine the result of application of the first function to the terms.

Abstract translation: 一种用于处理一个或多个术语的方法包括在第一计算设施处计算每个术语的混淆数字表示。 所计算的混淆表示从第一设施提供给第二计算设施。 在第一设施处接收基于所提供的混淆值的算术运算的结果。 这个收到的结果表示对这个术语应用第一个功能的结果的混淆。 处理接收到的结果以确定第一个功能对该术语的应用结果。

公开(公告)号：US08904154B2

公开(公告)日：2014-12-02

申请号：US13087712

申请日：2011-04-15

Applicant: Srinivas Devadas ,  Omer Khan ,  Mieszko Lis ,  Keun Sup Shim ,  Myong Hyon Cho

Inventor： Srinivas Devadas ,  Omer Khan ,  Mieszko Lis ,  Keun Sup Shim ,  Myong Hyon Cho

IPC: G06F9/315 ,  G06F9/38 ,  G06F9/48

CPC classification number: G06F9/3824 ,  G06F9/3851 ,  G06F9/4856

Abstract: An execution migration approach includes bringing the computation to the locus of the data: when a memory instruction requests an address not cached by the current core, the execution context (current program counter, register values, etc.) moves to the core where the data is cached.

Abstract translation: 执行迁移方法包括将计算引入数据的轨迹：当存储器指令请求未被当前核心缓存的地址时，执行上下文（当前程序计数器，寄存器值等）移动到核心，其中数据 被缓存

公开(公告)号：US08756438B2

公开(公告)日：2014-06-17

申请号：US12763254

申请日：2010-04-20

Applicant: Srinivas Devadas ,  Thomas J. Ziola

Inventor： Srinivas Devadas ,  Thomas J. Ziola

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3278 ,  G06F21/31 ,  G06F21/445 ,  G06F21/602 ,  G06F21/76 ,  G06F2221/2129 ,  G11C7/24 ,  G11C16/20 ,  G11C16/22 ,  G11C2029/4402 ,  G11C2029/5002 ,  H04L9/0838 ,  H04L9/0877 ,  H04L9/304 ,  H04L2209/56 ,  H04L2209/603 ,  H04L2209/805

Abstract: A field configurable device, such as an FPGA, supports secure field configuration without using non-volatile storage for cryptographic keys on the device and without requiring a continuous or ongoing power source to maintain a volatile storage on the device. The approach can be used to secure the configuration data such that it can in general be used on a single or a selected set of devices and/or encryption of the configuration data so that the encrypted configuration data can be exposed without compromising information encoded in the configuration data.

Abstract translation: 诸如FPGA的现场可配置设备支持安全的现场配置，而不需要在设备上使用非易失性存储器用于加密密钥，而不需要连续或正在进行的电源来维护设备上的易失性存储。 该方法可以用于保护配置数据，使得其通常可以在单个或所选择的设备集合上使用和/或配置数据的加密，使得加密的配置数据可以在不损害在 配置数据。

公开(公告)号：US08683210B2

公开(公告)日：2014-03-25

申请号：US12623045

申请日：2009-11-20

Applicant: Srinivas Devadas

Inventor： Srinivas Devadas

IPC: G06F21/00

CPC classification number: H04L9/3278 ,  H04L2209/805

Abstract: An integrated circuit includes a sequence generator configured to generate a series of challenges; a hidden output generator configured to generate a series of hidden outputs, each hidden output a function of a corresponding challenge in the series of challenges; and bit reduction circuitry configured to generate a response sequence including a plurality of response parts, each response part a function of a corresponding plurality of hidden outputs.

Abstract translation: 集成电路包括被配置为产生一系列挑战的序列发生器; 隐藏的输出发生器被配置为产生一系列隐藏的输出，每个隐藏的输出都是一系列挑战中的相应挑战的功能; 以及比特缩减电路，被配置为生成包括多个响应部分的响应序列，每个响应部分是对应的多个隐藏输出的功能。

公开(公告)号：US20130010957A1

公开(公告)日：2013-01-10

申请号：US13543295

申请日：2012-07-06

Applicant: Meng-Day Yu ,  Srinivas Devadas ,  David M'Raihi ,  Eric Duprat

Inventor： Meng-Day Yu ,  Srinivas Devadas ,  David M'Raihi ,  Eric Duprat

IPC: H04L9/00

CPC classification number: H04L9/3278 ,  H04L9/0844 ,  H04L9/0866

Abstract: An approach to cryptographic security uses a “fuzzy” credential, in contrast to a “hard” credential, to eliminate cryptographic algorithmic repeatability on a device that may be subject to physical attacks. By eliminating repeatability performed at an algorithmic (e.g., gate or software) level, a device inherently lacks one of the fundamental setup assumptions associated with certain classes of side channel, fault injection, timing, and related attacks, thus helps to protect the system against such attacks while preserving the cryptographic security of the system.

Abstract translation: 加密安全性的方法使用与硬凭证相反的模糊凭证来消除可能遭受物理攻击的设备上的加密算法重复性。 通过消除在算法（例如门或软件）级别执行的重复性，设备固有地缺乏与某些类别的侧信道，故障注入，定时和相关攻击相关联的基本设置假设之一，从而有助于保护系统免受 这种攻击同时保留了系统的加密安全性。

公开(公告)号：US20120183135A1

公开(公告)日：2012-07-19

申请号：US13009205

申请日：2011-01-19

Applicant: Zdenek Paral ,  Srinivas Devadas

Inventor： Zdenek Paral ,  Srinivas Devadas

IPC: H04L9/06

CPC classification number: H04L9/0866 ,  G09C1/00

Abstract: A method is used to reliably provision and re-generate a finite and exact sequence of bits, for use with cryptographic applications, e.g., as a key, by employing one or more challengeable Physical Unclonable Function (PUF) circuit elements. The method reverses the conventional paradigm of using public challenges to generate secret PUF responses; it exposes the response and keeps the particular challenges that generate the response secret.

Abstract translation: 一种方法用于可靠地提供和重新生成有限和确切的比特序列，以通过采用一个或多个可挑战的物理不可克隆功能（PUF）电路元件与密码应用程序（例如密钥）一起使用。 该方法扭转了使用公共挑战产生秘密PUF响应的常规范例; 它暴露了响应，并保持产生响应秘密的特定挑战。

公开(公告)号：US20110258420A1

公开(公告)日：2011-10-20

申请号：US13087712

申请日：2011-04-15

Applicant: Srinivas Devadas ,  Omer Khan ,  Mieszko Lis ,  Keun Sup Shim ,  Myong Hyon Cho

Inventor： Srinivas Devadas ,  Omer Khan ,  Mieszko Lis ,  Keun Sup Shim ,  Myong Hyon Cho

IPC: G06F9/312

CPC classification number: G06F9/3824 ,  G06F9/3851 ,  G06F9/4856

Abstract: An execution migration approach includes bringing the computation to the locus of the data: when a memory instruction requests an address not cached by the current core, the execution context (current program counter, register values, etc.) moves to the core where the data is cached.

Abstract translation: 执行迁移方法包括将计算引入数据的轨迹：当存储器指令请求未被当前核心缓存的地址时，执行上下文（当前程序计数器，寄存器值等）移动到核心，其中数据 被缓存

公开(公告)号：US07904731B2

公开(公告)日：2011-03-08

申请号：US12361811

申请日：2009-01-29

Applicant: Srinivas Devadas ,  Blaise Gassend

Inventor： Srinivas Devadas ,  Blaise Gassend

IPC: G06F7/04 ,  G06F19/00 ,  H04L9/32

CPC classification number: G06F21/31 ,  G06F21/72 ,  G06F21/73 ,  G06F21/77 ,  G06F21/79 ,  G06F21/86 ,  G06F2221/2103 ,  G06F2221/2121 ,  G06F2221/2129 ,  G06F2221/2153 ,  G06Q20/3674 ,  G09C1/00 ,  H01L23/544 ,  H01L23/576 ,  H01L2223/54433 ,  H01L2223/5444 ,  H01L2223/54473 ,  H01L2924/0002 ,  H04L9/0897 ,  H04L9/3278 ,  H04L2209/34 ,  H04L2209/42 ,  H01L2924/00

Abstract: An integrated circuit has a first component that has a dynamic characteristic that varies among like integrated circuits, for example, among integrated circuits fabricated using the same lithography mask. Operating the first component produces an output that is dependent on the dynamic characteristic of the first component. A digital value associated with the integrated circuit is generated using the output of the first component, and then the generated digital value is used in operation of the integrated circuit.

Abstract translation: 集成电路具有第一部件，其具有在类似的集成电路之间变化的动态特性，例如在使用相同的光刻掩模制造的集成电路中。 操作第一组件产生取决于第一组件的动态特性的输出。 使用第一分量的输出产生与集成电路相关联的数字值，然后在集成电路的操作中使用所生成的数字值。

公开(公告)号：US07840803B2

公开(公告)日：2010-11-23

申请号：US10407603

申请日：2003-04-04

Applicant: Dwaine Clarke ,  Blaise Gassend ,  Marten Van Dijk ,  Srinivas Devadas

Inventor： Dwaine Clarke ,  Blaise Gassend ,  Marten Van Dijk ,  Srinivas Devadas

IPC: G08B29/00 ,  G06F21/02 ,  H01L23/58

CPC classification number: G06F21/31 ,  G06F21/72 ,  G06F21/73 ,  G06F21/77 ,  G06F21/79 ,  G06F21/86 ,  G06F2221/2103 ,  G06F2221/2121 ,  G06F2221/2129 ,  G06F2221/2153 ,  G06Q20/3674 ,  G09C1/00 ,  H01L23/544 ,  H01L23/576 ,  H01L2223/54433 ,  H01L2223/5444 ,  H01L2223/54473 ,  H01L2924/0002 ,  H04L9/0897 ,  H04L9/3278 ,  H04L2209/34 ,  H04L2209/42 ,  H01L2924/00

Abstract: A group of devices are fabricated based on a common design, each device having a corresponding plurality of measurable characteristics that is unique in the group to that device, each device having a measurement module for measuring the measurable characteristics. Authentication of one of the group of devices is enabled by selective measurement of one or more of the plurality of measurable characteristics of the device.

Abstract translation: 基于共同设计制造一组设备，每个设备具有对于该设备的组中唯一的相应多个可测量特性，每个设备具有用于测量可测量特性的测量模块。 通过选择性地测量设备的多个可测量特性中的一个或多个来启用该组设备之一的认证。