公开(公告)号：US07707445B2

公开(公告)日：2010-04-27

申请号：US11202944

申请日：2005-08-12

申请人： Berndt Gammel ,  Thomas Kunemund

发明人： Berndt Gammel ,  Thomas Kunemund

IPC分类号： G06F1/32

CPC分类号： H03K19/0016 ,  H03K21/403

摘要： An integrated circuit having a first circuit unit, which is put into a power-saving mode by a control apparatus and into a predetermined initial state when changing from the power-saving mode to a regular operating state. A second circuit unit is put into a power-saving mode by the control apparatus, during which the second circuit unit buffer-stores data and/or instructions adopted immediately prior to the power-saving state, with the second circuit unit resuming and providing the data and/or instructions when changing from the power-saving mode to the regular operating state. The second circuit unit has an input connection to which a first potential is applied in order to change to the power-saving mode and during the power-saving mode, and to which a second potential is applied in order to change to the operating state and during the operating state.

摘要翻译： 一种具有第一电路单元的集成电路，其在从省电模式变为正常工作状态时，由控制装置进入省电模式并进入预定的初始状态。 第二电路单元通过控制装置进入省电模式，在此期间第二电路单元缓冲存储紧接在省电状态之前采用的数据和/或指令，第二电路单元恢复并提供 数据和/或指令，从省电模式切换到常规运行状态。 第二电路单元具有施加第一电位的输入连接，以便改变为省电模式，并且在省电模式期间，并且施加第二电位以便改变为操作状态，并且 在运行状态。

公开(公告)号：US20100031026A1

公开(公告)日：2010-02-04

申请号：US12062987

申请日：2008-04-04

申请人： Jurijus Cizas ,  Shrinath Eswarahally ,  Peter Laackmann ,  Berndt Gammel ,  Mark Stafford ,  Joerg Borchet

发明人： Jurijus Cizas ,  Shrinath Eswarahally ,  Peter Laackmann ,  Berndt Gammel ,  Mark Stafford ,  Joerg Borchet

IPC分类号： H04L9/32 ,  H04L29/06 ,  H04L9/30

CPC分类号： G06F21/76 ,  G06F2221/2103

摘要： A system and method for transferring information to a device include sending a first challenge from an information provider to programming equipment, and responding to the first challenge by the programming equipment. A second challenge is sent from the programming equipment to the information provider, which responds to the second challenge. Information is encrypted by the information provider and sent from the information provider to the programming equipment.

摘要翻译： 用于将信息传送到设备的系统和方法包括从信息提供者向编程设备发送第一挑战，并响应编程设备的第一挑战。 第二个挑战是从编程设备发送到信息提供者，这对第二个挑战做出了回应。 信息由信息提供者加密并从信息提供者发送到编程设备。

公开(公告)号：US07657685B2

公开(公告)日：2010-02-02

申请号：US11745916

申请日：2007-05-08

申请人： Gerd Dirscherl ,  Berndt Gammel ,  Christian Peters

发明人： Gerd Dirscherl ,  Berndt Gammel ,  Christian Peters

IPC分类号： G06F13/00 ,  G06F15/00 ,  G06F15/76

CPC分类号： G06K19/07

摘要： Circuit arrangement having a chip card controller with connections which can be used to access the chip card controller in accordance with the ISO standard and which are connected or can be connected to an ISO interface. The connections include at least one first connection, which can be connected to the ISO interface via a switch device. In addition, the circuit arrangement includes a further controller with at least one controller connection which is coupled to the switch device such that the first connection of the chip card controller can be connected to the controller connection via the switch device. The switch device can be switched between a first and a second state, where in the first state the first connection of the chip card controller is decoupled from the controller connection and is connected to the ISO interface, and where in the second state the first connection of the chip card controller is decoupled from the ISO interface and is connected to the controller connection.

摘要翻译： 具有具有连接的芯片卡控制器的电路装置，其可以用于根据ISO标准访问芯片卡控制器，并且连接或可以连接到ISO接口。 连接包括至少一个第一连接，其可以经由开关装置连接到ISO接口。 另外，电路装置还包括具有至少一个控制器连接的另外的控制器，该至少一个控制器连接耦合到开关装置，使得芯片卡控制器的第一连接可经由开关装置连接到控制器连接。 开关装置可以在第一状态和第二状态之间切换，其中在第一状态下，芯片卡控制器的第一连接与控制器连接分离并连接到ISO接口，并且在第二状态下，第一连接 的芯片卡控制器与ISO接口分离并连接到控制器连接。

公开(公告)号：US20080022130A1

公开(公告)日：2008-01-24

申请号：US11368016

申请日：2006-03-02

申请人： Harald Amschler ,  Berndt Gammel

发明人： Harald Amschler ,  Berndt Gammel

IPC分类号： G06F12/14

CPC分类号： G06F21/629 ,  G06F21/54 ,  G06F2221/2101

摘要： A device according to the present invention is configured for a secure execution of a program including a sequence of program commands, wherein the program commands include commands of use and checking commands. The device includes a means for executing the program commands. The means for executing the program commands is implemented to generate a checking value according to a setup regulation when executing a checking command. The device further includes a means for generating a control value according to the setup regulation and means for comparing the checking value to the control value. Means for providing an indication to an insecure execution of the program provides an error indication when the checking value and the control value do not match.

摘要翻译： 根据本发明的设备被配置为用于安全执行包括程序命令序列的程序，其中程序命令包括使用和检查命令的命令。 该装置包括用于执行程序命令的装置。 执行程序命令的装置被执行以在执行检查命令时根据设置规则生成检查值。 该装置还包括用于根据建立规则产生控制值的装置和用于将检查值与控制值进行比较的装置。 提供对程序的不安全执行的指示的装置在检查值和控制值不匹配时提供错误指示。

公开(公告)号：US07181576B2

公开(公告)日：2007-02-20

申请号：US10857617

申请日：2004-05-27

申请人： Berndt Gammel ,  Thomas Kunemund ,  Holger Sedlak

发明人： Berndt Gammel ,  Thomas Kunemund ,  Holger Sedlak

IPC分类号： G06F12/00

CPC分类号： G06F12/1408 ,  G06F12/0804

摘要： Method for synchronizing a cache memory with a main memory, the cache memory provided to buffer-store data between a processor and the main memory, and memory entries of the cache memory each having a data area and an identification area. The processor provides a synchronization value to determine which memory entries of the data area are to be synchronized with the main memory. A cache logic circuit of the cache memory then compares the synchronization value with contents of a memory field of each memory entry. When there is a match, the cache logic circuit checks a flag of a third memory field of the identification area for a first state, which indicates that a change was made to the data area of the memory entry since the last synchronization. When the flag is in the first state, the contents of the data area are transferred to the main memory.

摘要翻译： 用于将高速缓冲存储器与主存储器同步的方法，提供用于在处理器和主存储器之间缓冲存储数据的高速缓冲存储器，以及每个具有数据区域和识别区域的高速缓冲存储器的存储器条目。 处理器提供同步值以确定要与主存储器同步的数据区的哪些存储器条目。 然后，高速缓冲存储器的高速缓存逻辑电路将同步值与每个存储器条目的存储器字段的内容进行比较。 当存在匹配时，高速缓存逻辑电路检查用于第一状态的识别区域的第三存储器字段的标志，其指示自上次同步以来对存储器条目的数据区域进行了改变。 当标志处于第一状态时，数据区的内容被传送到主存储器。

公开(公告)号：US07178168B2

公开(公告)日：2007-02-13

申请号：US10893161

申请日：2004-07-16

申请人： Berndt Gammel ,  Franz Klug ,  Oliver Kniffler

发明人： Berndt Gammel ,  Franz Klug ,  Oliver Kniffler

IPC分类号： G06F9/00 ,  H04L11/00

CPC分类号： G06F5/01 ,  G06F21/72 ,  G06F2207/7219

摘要： A shift device for shifting a first place of a data word, which consists of a plurality of places, to a second place so as to obtain a shifted data word, wherein the first place is encrypted using a first encryption parameter and wherein the second place is encrypted using a second encryption parameter, includes a unit for shifting the first place of the data word to the second place of the data word, a unit for re-encrypting the first place from an encryption using the first encryption parameter into an encryption using the second encryption parameter, and a control for controlling the unit for shifting and the unit for re-encryption so that the first place is first shifted to the second place and is then re-encrypted, or that the first place is first re-encrypted and is then shifted to the second place. This ensures that data encrypted either with the first encryption parameter or with the second encryption parameter are always shifted, thus making it harder for attackers to eavesdrop on clear text data.

摘要翻译： 一种移位装置，用于将由多个位置组成的数据字的第一位移动到第二位置，以便获得移位的数据字，其中，使用第一加密参数对第一位置进行加密，并且其中第二位置 使用第二加密参数加密，包括用于将数据字的第一位移动到数据字的第二位的单元，用于使用第一加密参数从加密重新加密第一位的单元到使用 第二加密参数，以及用于控制用于移位的单元和用于重新加密的单元的控制，使得第一位置首先被移位到第二位置，然后被重新加密，或者首先被重新加密 然后转移到第二个位置。 这样可以确保使用第一加密参数或第二加密参数加密的数据总是被移动，从而使攻击者更难以窃听明文数据。

公开(公告)号：US20060233360A1

公开(公告)日：2006-10-19

申请号：US11390546

申请日：2006-03-24

申请人： Berndt Gammel ,  Dietmar Scheiblhofer

发明人： Berndt Gammel ,  Dietmar Scheiblhofer

IPC分类号： H04K1/06 ,  H04L9/00 ,  H04K1/04

CPC分类号： G06F21/85 ,  H04L9/065 ,  H04L2209/12 ,  H04L2209/34

摘要： A device according to the present invention is configured for transmitting data between two semiconductor chips of a data processor in an encrypted manner, wherein a first semiconductor chip is connected to a second semiconductor chip. The device includes a non-volatile memory element in each of the two semiconductor chips, wherein an encryption initial value for an encryption rule is stored in the memory element of the first semiconductor chip and a decryption initial value associated to the encryption initial value for a decryption rule associated to the encryption rule is stored in the memory element of the second semiconductor chip. Additionally, the first semiconductor chip has a first data transmission interface formed to generate an encryption data stream from an input data stream using the encryption initial value according to the encryption rule. Also, the second semiconductor chip has a second data transmission interface formed to receive the encryption data stream and to generate a decryption data stream from the encryption data stream using the decryption initial value according to the decryption rule and to compare the decryption data stream generated to an expected data stream, wherein the second data transmission interface is also formed to perform a defensive measure against transmitting data from the second data transmission interface to the first data transmission interface when the decryption data stream does not correspond to the expected data stream.

摘要翻译： 根据本发明的装置被配置为以加密的方式在数据处理器的两个半导体芯片之间传输数据，其中第一半导体芯片连接到第二半导体芯片。 该装置包括在两个半导体芯片的每一个中的非易失性存储元件，其中用于加密规则的加密初始值存储在第一半导体芯片的存储元件中，以及与加密初始值相关联的解密初始值 与加密规则相关联的解密规则被存储在第二半导体芯片的存储元件中。 此外，第一半导体芯片具有形成为根据加密规则使用加密初始值从输入数据流生成加密数据流的第一数据传输接口。 此外，第二半导体芯片具有形成为接收加密数据流的第二数据传输接口，并且使用根据解密规则的解密初始值从加密数据流生成解密数据流，并将生成的解密数据流与 预期数据流，其中第二数据传输接口还被形成为当解密数据流不对应于期望的数据流时，执行防止措施以将数据从第二数据传输接口传输到第一数据传输接口。

公开(公告)号：US07106091B2

公开(公告)日：2006-09-12

申请号：US10386332

申请日：2003-03-11

申请人： Berndt Gammel

发明人： Berndt Gammel

IPC分类号： H03K19/00 ,  H03K19/173 ,  G06F7/38 ,  G06F11/30 ,  G06F12/14

CPC分类号： H01L23/576 ,  G01R31/31719 ,  G06F21/75 ,  H01L2924/0002 ,  H01L2924/00

摘要： A circuit configuration for detecting an unwanted attack on an integrated circuit has a signal line to which a clock signal is applied and at least one line pair which is respectively used to code a bit. The signal line and the at least one line pair are connected between a first and a second circuit block in the integrated circuit. The signal line and the at least one line pair are connected to a detector circuit which changes the operating sequence in the integrated circuit on the basis of the signals on the signal line and on the at least one line pair. The detector circuit can be used to the same extent to test for production faults.

公开(公告)号：US07036017B2

公开(公告)日：2006-04-25

申请号：US10160967

申请日：2002-06-03

申请人： Berndt Gammel ,  Oliver Kniffler ,  Holger Sedlak

发明人： Berndt Gammel ,  Oliver Kniffler ,  Holger Sedlak

IPC分类号： G06F11/30 ,  G06F12/14 ,  H04L9/32

CPC分类号： G06F21/85 ,  G06F21/123 ,  G06F21/602 ,  G06F2207/7219

摘要： A microprocessor configuration includes a data bus for data transfer between functional units. On the bus side, each unit contains an encryption/decryption unit that is controlled synchronously by a random number generator. The configuration permits a relatively high level of security against monitoring of the data transferred via the data bus, with a feasible level of additional circuit complexity.

摘要翻译： 微处理器配置包括用于在功能单元之间进行数据传输的数据总线。 在总线一侧，每个单元包含由随机数发生器同步控制的加密/解密单元。 该配置允许相对较高的安全级别，以监视经由数据总线传送的数据，具有可行的附加电路复杂性水平。

公开(公告)号：US20050201195A1

公开(公告)日：2005-09-15

申请号：US11093276

申请日：2005-03-28

申请人： Gerd Dirscherl ,  Berndt Gammel ,  Michael Smola

发明人： Gerd Dirscherl ,  Berndt Gammel ,  Michael Smola

IPC分类号： G06F9/30 ,  G06F9/32 ,  G06F9/40 ,  G06F9/42 ,  G11C8/00

CPC分类号： G11C8/00 ,  G06F9/30054 ,  G06F9/30134 ,  G06F9/30145 ,  G06F9/3806 ,  G06F9/4484

摘要： A processor for processing a program with commands, which has a mother program with a sub-program jump command and a sub-program, which is to be processed in response to the sub-program jump command. The processor has a command processor, which is adapted in the mother program upon occurrence of the sub-program jump command, to extract back-up information about data required in the mother program after processing the sub-program from the sub-program jump command, to back-up data required in the mother program after execution of the sub-program based on the back-up information, to extract a destination address from the sub-program jump command, which refers to the sub-program, and to effect the continuation of the processing of the program with the sub-program based on the destination address.

摘要翻译： 一种用于处理具有命令的程序的处理器，该命令具有子程序跳转命令的母程序和子程序，该程序将响应于子程序跳转命令进行处理。 处理器具有命令处理器，该命令处理器在子程序跳转命令发生时在母程序中适应，以从子程序跳转命令处理子程序之后提取关于母程序中所需的数据的备份信息 ，在根据备用信息执行子程序之后备份母程序所需的数据，从子程序跳转命令中提取目标地址，该命令参考子程序，并且实现 基于目的地地址继续使用子程序处理程序。