公开(公告)号：US07996742B2

公开(公告)日：2011-08-09

申请号：US12268226

申请日：2008-11-10

申请人： Marcus Janke ,  Franz Klug ,  Peter Laackmann ,  Dirk Rabe ,  Stefan Rueping

发明人： Marcus Janke ,  Franz Klug ,  Peter Laackmann ,  Dirk Rabe ,  Stefan Rueping

IPC分类号： G06F11/00

CPC分类号： G01R31/3177

摘要： A circuit arrangement comprising a logic circuit to be tested and a test circuit. The logic circuit comprising logic-circuit-internal combinations configured to generate output data from input data based on a predetermined relationship. The logic circuit is configured to detect whether the relationship is satisfied and to provide an error signal if the relationship is not satisfied. The test circuit is configured to alter logic-circuit-internal combinations, to detect the error signal, and to output an alarm signal if the error signal is not detected upon alteration of the logic-circuit-internal combinations.

摘要翻译： 一种包括要测试的逻辑电路和测试电路的电路装置。 所述逻辑电路包括逻辑电路内部组合，其被配置为基于预定关系从输入数据生成输出数据。 所述逻辑电路被配置为检测所述关系是否被满足，并且如果所述关系不满足则提供误差信号。 测试电路被配置为改变逻辑电路内部组合以检测误差信号，并且如果在逻辑电路内部组合改变时未检测到误差信号则输出报警信号。

公开(公告)号：US20090172489A1

公开(公告)日：2009-07-02

申请号：US12268226

申请日：2008-11-10

申请人： Markus Janke ,  Franz Klug ,  Peter Laackmann ,  Dirk Rabe ,  Stefan Rueping

发明人： Markus Janke ,  Franz Klug ,  Peter Laackmann ,  Dirk Rabe ,  Stefan Rueping

IPC分类号： G01R31/3177 ,  G06F11/25

CPC分类号： G01R31/3177

摘要： A circuit arrangement comprising a logic circuit to be tested and a test circuit is provided. The logic circuit is designed to provide output data from input data, said output data being generated from the input data by logic-circuit-internal combinations, such that the output data are in a predetermined relationship with the input data. The logic circuit is designed to detect whether the relationship is fulfilled and to provide an error signal if the relationship is not fulfilled. The test circuit is designed to alter logic-circuit-internal combinations. The test circuit is designed to detect the error signal, and is furthermore designed to output an alarm signal if the error signal is not detected upon alteration of the logic-circuit-internal combinations.

摘要翻译： 提供了包括要测试的逻辑电路和测试电路的电路装置。 逻辑电路被设计成从输入数据提供输出数据，所述输出数据通过逻辑电路内部组合从输入数据产生，使得输出数据与输入数据处于预定关系。 逻辑电路被设计为检测是否满足关系，并且如果不满足关系，则提供错误信号。 测试电路设计用于改变逻辑电路内部组合。 测试电路设计用于检测误差信号，并且还被设计为如果在逻辑电路内部组合的改变时未检测到误差信号则输出报警信号。

公开(公告)号：US08914621B2

公开(公告)日：2014-12-16

申请号：US12417172

申请日：2009-04-02

申请人： Franz Klug ,  Andreas Wenzel

发明人： Franz Klug ,  Andreas Wenzel

IPC分类号： G06F9/30 ,  G06F21/75 ,  G06F11/22

CPC分类号： G06F21/75 ,  G06F11/2284

摘要： A processing unit having a control unit configured to execute after a reset phase a sequence of test instructions to detect a manipulation of the processing unit before the control unit decodes a first instruction for a normal operation.

摘要翻译： 一种处理单元，具有控制单元，其被配置为在复位阶段之后执行一系列测试指令，以便在所述控制单元解码用于正常操作的第一指令之前检测所述处理单元的操纵。

公开(公告)号：US20050262331A1

公开(公告)日：2005-11-24

申请号：US11134612

申请日：2005-05-20

申请人： Franz Klug ,  Oliver Kniffler ,  Steffen Sonnekalb ,  Andreas Wenzel

发明人： Franz Klug ,  Oliver Kniffler ,  Steffen Sonnekalb ,  Andreas Wenzel

IPC分类号： G06F9/30 ,  G06F9/318

CPC分类号： G06F9/30181

摘要： A controller having a receiver for receiving an instruction, a comparator for comparing the received instruction to a predetermined wildcard instruction, the comparator providing a switch signal to a provider for providing a predetermined substitution instruction responsive to the predetermined wildcard instruction. Depending on the switch signal, the provider outputs the received instruction or the other instruction.

摘要翻译： 一种具有用于接收指令的接收器的控制器，用于将接收到的指令与预定通配符指令进行比较的比较器，所述比较器向提供者提供切换信号，以响应于预定的通配符指令提供预定的替换指令。 根据开关信号，提供者输出接收到的指令或其他指令。

公开(公告)号：US20050036618A1

公开(公告)日：2005-02-17

申请号：US10893163

申请日：2004-07-16

申请人： Berndt Gammel ,  Franz Klug ,  Oliver Kniffler

发明人： Berndt Gammel ,  Franz Klug ,  Oliver Kniffler

IPC分类号： G06F7/00 ,  G06F7/57 ,  G06F21/72 ,  G06F21/75 ,  H04K1/00

CPC分类号： G06F7/57 ,  G06F7/00 ,  G06F21/72 ,  G06F21/75 ,  G06F2207/7238

摘要： A calculating unit for performing an arithmetic operation with at least two operands, the at least two operands being encrypted, includes an arithmetic-logic unit with a first input for the first encrypted operand, a second input for the second encrypted operand, a third input for an encryption parameter and an output for an encrypted result of the operation, the arithmetic-logic unit being formed so as to operate on the first input, the second input and the third input by means of arithmetic sub-operations, while considering the type of encryption of the operands, such that at the output, an encrypted result is obtained which equals a value that would be obtained if the first operand was subjected to the arithmetic operation in a non-encrypted state and if the second operand would be subjected to the arithmetic operation in a non-encrypted state, and a result obtained was subsequently encrypted, no decryption of the operands being performed in the arithmetic-logic unit. In this manner, a processor system may be obtained in which no data whatsoever occurs in clear text, i.e. in a non-encrypted form, since no decryption upstream of an arithmetic-logic unit and no encryption downstream of the arithmetic-logic unit are required, as the arithmetic-logic unit operates with encrypted input operands to obtain an encrypted result. Interception attacks on transmission lines of the calculating unit are thus ruled out.

摘要翻译： 一种计算单元，用于利用至少两个操作数执行算术运算，所述至少两个操作数被加密，包括具有用于第一加密操作数的第一输入，第二加密操作数的第二输入和第三输入的算术逻辑单元 对于加密参数和用于操作的加密结果的输出，算术逻辑单元被形成为通过算术子操作在第一输入，第二输入和第三输入上操作，同时考虑类型 使得在输出处获得加密结果，该加密结果等于如果第一操作数在非加密状态下经受算术运算而获得的值，并且如果第二操作数将受到 在未加密状态下的算术运算以及所获得的结果随后被加密，在算术逻辑单元中不执行操作数的解密。 以这种方式，可以获得处理器系统，其中无任何数据以明文形式出现，即以非加密形式出现，因为不需要算术逻辑单元上游的解密，并且不需要算术逻辑单元下游的加密 因为算术逻辑单元用加密的输入操作数操作以获得加密的结果。 因此排除了对计算单元的传输线的拦截攻击。

公开(公告)号：US07979783B2

公开(公告)日：2011-07-12

申请号：US11672652

申请日：2007-02-08

申请人： Michael Goessel ,  Franz Klug ,  Steffen Marc Sonnekalb

发明人： Michael Goessel ,  Franz Klug ,  Steffen Marc Sonnekalb

IPC分类号： G06F11/00 ,  G08C25/00 ,  H03M13/00 ,  H04L1/00

CPC分类号： G06F11/10

摘要： An error detection device for a command decoder is described, the command decoder reading out an associated sequence of control signal words from a command memory based on an input word, wherein the sequence of control signal words has at least one control signal word, having: a controller designed to provide the input word at a first time and the input word at a second time for reading out the command memory, wherein the second time is delayed with respect to the first time, to effect a readout of the sequence of control signal words at a first time and a readout of the sequence of control signal words at a second time; and a comparator designed to receive and compare the associated sequences of control signal words read out at the first and second times, and to output a signal indicating an error if the associated sequences of control signal words read out at the first and second times are different.

摘要翻译： 描述了一种用于命令解码器的错误检测装置，命令解码器基于输入字从命令存储器中读出相关序列的控制信号字，其中控制信号字序列具有至少一个控制信号字，具有： 控制器，其被设计为在第一时间提供输入字，并且输入字在第二时间用于读出指令存储器，其中第二时间相对于第一次被延迟，以实现控制信号序列的读出 第一时间的字和读出控制信号字的序列; 以及比较器，用于接收和比较在第一次和第二次读出的控制信号字的相关序列，并且如果在第一次和第二次读出的相关序列的控制信号字不同，则输出指示错误的信号 。

公开(公告)号：US20070133789A1

公开(公告)日：2007-06-14

申请号：US11539198

申请日：2006-10-06

申请人： Dietmar Scheiblhofer ,  Franz Klug

发明人： Dietmar Scheiblhofer ,  Franz Klug

IPC分类号： H04L9/28

CPC分类号： G06F8/44

摘要： A compiling device for generating a second program sequence from a first program sequence comprises a recognizer for recognizing a first subarea and a second subarea of the first program sequence, and a selector for selecting instructions from a set of instructions of the second program sequence formed to select only instructions of a first security category for mapping a functionality of the first subarea and to select instructions of the second security category for mapping a functionality of the second subarea. Additionally, the compiling device comprises a generator for generating the second program sequence from the instructions selected.

摘要翻译： 一种用于从第一程序序列产生第二程序序列的编译装置，包括用于识别第一程序序列的第一子区域和第二子区域的识别器，以及用于从第二程序序列的一组指令中选择指令的选择器， 仅选择用于映射第一子区域的功能的第一安全类别的指令，并且选择用于映射第二子区域的功能的第二安全类别的指令。 此外，编译装置包括用于根据所选指令生成第二程序序列的发生器。

公开(公告)号：US20080004874A1

公开(公告)日：2008-01-03

申请号：US11405500

申请日：2006-04-18

申请人： Franz Klug ,  Thomas Kunemund ,  Steffen Sonnekalb ,  Andreas Wenzel

发明人： Franz Klug ,  Thomas Kunemund ,  Steffen Sonnekalb ,  Andreas Wenzel

IPC分类号： G10L15/16

CPC分类号： G06F11/08 ,  G06F9/30145 ,  G06F9/3017 ,  G06F9/3879

摘要： Method for protected transmission of data words includes providing a first data word, transforming the first data word into a sequence including at least one second data word using a first transformation rule, transforming at least one of the second data words into a third data word using a second transformation rule, and checking whether a prescribed relationship exists between the third data word and a comparison data word.

摘要翻译： 用于数据字的受保护传输的方法包括：提供第一数据字，使用第一变换规则将第一数据字变换成包括至少一个第二数据字的序列，将第二数据字中的至少一个转换为第三数据字，使用 第二变换规则，并且检查第三数据字和比较数据字之间是否存在规定的关系。

公开(公告)号：US07178168B2

公开(公告)日：2007-02-13

申请号：US10893161

申请日：2004-07-16

申请人： Berndt Gammel ,  Franz Klug ,  Oliver Kniffler

发明人： Berndt Gammel ,  Franz Klug ,  Oliver Kniffler

IPC分类号： G06F9/00 ,  H04L11/00

CPC分类号： G06F5/01 ,  G06F21/72 ,  G06F2207/7219

摘要： A shift device for shifting a first place of a data word, which consists of a plurality of places, to a second place so as to obtain a shifted data word, wherein the first place is encrypted using a first encryption parameter and wherein the second place is encrypted using a second encryption parameter, includes a unit for shifting the first place of the data word to the second place of the data word, a unit for re-encrypting the first place from an encryption using the first encryption parameter into an encryption using the second encryption parameter, and a control for controlling the unit for shifting and the unit for re-encryption so that the first place is first shifted to the second place and is then re-encrypted, or that the first place is first re-encrypted and is then shifted to the second place. This ensures that data encrypted either with the first encryption parameter or with the second encryption parameter are always shifted, thus making it harder for attackers to eavesdrop on clear text data.

摘要翻译： 一种移位装置，用于将由多个位置组成的数据字的第一位移动到第二位置，以便获得移位的数据字，其中，使用第一加密参数对第一位置进行加密，并且其中第二位置 使用第二加密参数加密，包括用于将数据字的第一位移动到数据字的第二位的单元，用于使用第一加密参数从加密重新加密第一位的单元到使用 第二加密参数，以及用于控制用于移位的单元和用于重新加密的单元的控制，使得第一位置首先被移位到第二位置，然后被重新加密，或者首先被重新加密 然后转移到第二个位置。 这样可以确保使用第一加密参数或第二加密参数加密的数据总是被移动，从而使攻击者更难以窃听明文数据。

公开(公告)号：US20060259851A1

公开(公告)日：2006-11-16

申请号：US11355907

申请日：2006-02-15

申请人： Franz Klug ,  Steffen Sonnekalb

发明人： Franz Klug ,  Steffen Sonnekalb

IPC分类号： H03M13/03

CPC分类号： G06F21/52 ,  G06F21/77 ,  G06Q20/341 ,  G07F7/082 ,  G07F7/1008

摘要： Circuit arrangement for secure data processing for program data with a protected data record. An internal memory provides a protected data record having instruction words and a first check word associated with the instruction words. An arithmetic and logic unit has an input coupled to the internal memory and outputs the first check word from the applied protected data record. A checking apparatus has an input coupled between the internal memory and the arithmetic and logic unit, and allocates a second check word to the instruction words in the protected data record. A comparison apparatus has respective inputs coupled to the checking apparatus and the arithmetic and logic unit, and compares the first check word with the second check word, and outputs an alarm signal when the first check word does not match the second check word.