公开(公告)号：US12019759B2

公开(公告)日：2024-06-25

申请号：US17143762

申请日：2021-01-07

Applicant: NXP B.V.

Inventor： Wilhelmus Petrus Adrianus Johannus Michiels ,  Jan Hoogerbrugge ,  Ad Arts

IPC: G06F12/1009 ,  G06F21/60 ,  G06F9/455 ,  G06N20/00

CPC classification number: G06F21/60 ,  G06F12/1009 ,  G06F9/45558 ,  G06F2212/657 ,  G06N20/00

Abstract: A data processing system has a processor and a system memory. The system memory may be a dynamic random-access memory (DRAM). The processor includes an embedded memory. The system memory is coupled to the processor and is organized in a plurality of pages. A portion of the code or data stored in the plurality of memory pages is selected for permutation. A permutation order is generated and the memory pages containing the portion of code or data is permuted using a permutation order. The permutation order and/or a reverse permutation order to recover the original order may be stored in the embedded memory. Permuting the memory pages with a permutation order stored in the embedded memory prevents the code or data from being read during a freeze attack on the system memory in a way that is useful to an attacker.

公开(公告)号：US11783055B2

公开(公告)日：2023-10-10

申请号：US17079992

申请日：2020-10-26

Applicant: NXP B.V.

Inventor： Jan Hoogerbrugge ,  Wilhelmus Petrus Adrianus Johannus Michiels ,  Ad Arts

IPC: G06F21/60 ,  G06N20/00

CPC classification number: G06F21/602 ,  G06N20/00

Abstract: A data processing system includes a rich execution environment, a hardware accelerator, a trusted execution environment, and a memory. The REE includes a processor configured to execute an application. A compute kernel is executed on the hardware accelerator and the compute kernel performs computations for the application. The TEE provides relatively higher security than the REE and includes an accelerator controller for controlling operation of the hardware accelerator. The memory has an unsecure portion coupled to the REE and to the TEE, and a secure portion coupled to only the TEE. The secure portion is relatively more secure than the unsecure portion. Data that is to be accessed and used by the hardware accelerator is stored in the secure portion of the memory. In another embodiment, a method is provided for securely executing an application is the data processing system.

公开(公告)号：US20220129566A1

公开(公告)日：2022-04-28

申请号：US17079992

申请日：2020-10-26

Applicant: NXP B.V.

Inventor： Jan Hoogerbrugge ,  Wilhelmus Petrus Adrianus Johannus Michiels ,  Ad Arts

IPC: G06F21/60 ,  G06N20/00

Abstract: A data processing system includes a rich execution environment, a hardware accelerator, a trusted execution environment, and a memory. The REE includes a processor configured to execute an application. A compute kernel is executed on the hardware accelerator and the compute kernel performs computations for the application. The TEE provides relatively higher security than the REE and includes an accelerator controller for controlling operation of the hardware accelerator. The memory has an unsecure portion coupled to the REE and to the TEE, and a secure portion coupled to only the TEE. The secure portion is relatively more secure than the unsecure portion. Data that is to be accessed and used by the hardware accelerator is stored in the secure portion of the memory. In another embodiment, a method is provided for securely executing an application is the data processing system.

公开(公告)号：US20220215103A1

公开(公告)日：2022-07-07

申请号：US17143762

申请日：2021-01-07

Applicant: NXP B.V.

Inventor： Wilhelmus Petrus Adrianus Johannus MICHIELS ,  Jan Hoogerbrugge ,  Ad Arts

IPC: G06F21/60 ,  G06F12/1009

Abstract: A data processing system has a processor and a system memory. The system memory may be a dynamic random-access memory (DRAM). The processor includes an embedded memory. The system memory is coupled to the processor and is organized in a plurality of pages. A portion of the code or data stored in the plurality of memory pages is selected for permutation. A permutation order is generated and the memory pages containing the portion of code or data is permuted using a permutation order. The permutation order and/or a reverse permutation order to recover the original order may be stored in the embedded memory. Permuting the memory pages with a permutation order stored in the embedded memory prevents the code or data from being read during a freeze attack on the system memory in a way that is useful to an attacker.

公开(公告)号：US10007815B2

公开(公告)日：2018-06-26

申请号：US13924356

申请日：2013-06-21

Applicant: NXP B.V.

Inventor： Tvrtko Barbaric ,  Hans de Jong ,  Ad Arts ,  Peter Bukovjan

IPC: G06K7/10 ,  G06K19/07 ,  G06K19/073 ,  H04L9/32 ,  H04W12/06 ,  H04L29/06 ,  H04W12/10

CPC classification number: G06K7/10009 ,  G06K19/0723 ,  G06K19/073 ,  H04L9/3247 ,  H04L63/0823 ,  H04L63/126 ,  H04L2209/805 ,  H04W12/06 ,  H04W12/10

Abstract: The exemplary embodiments of the invention realize an efficient prevention of massive infiltration of cloned RFID transponders into existing and new RFID systems. Furthermore, reader devices used for authentication of RFID transponders do not need to be on-line and do not need to be equipped with a Security Authentication Module (SAM). This simplifies authentication procedures and reduces costs. According to an exemplary embodiment of the invention a transponder-specific originality signature is stored by a transponder manufacturer on the transponder. The transponder-specific originality signature may, for example, be stored in the non-volatile memory (EEPROM) of the transponder during the fabrication of the transponder. This transponder-specific originality signature can be checked at any time in a convenient way, which provides an indication of originality of said transponder.

公开(公告)号：US20130342311A1

公开(公告)日：2013-12-26

申请号：US13924356

申请日：2013-06-21

Applicant: NXP B.V.

Inventor： Tvrtko Barbaric ,  Hans de Jong ,  Ad Arts ,  Peter Bukovjan

IPC: G06K7/10

CPC classification number: G06K7/10009 ,  G06K19/0723 ,  G06K19/073 ,  H04L9/3247 ,  H04L63/0823 ,  H04L63/126 ,  H04L2209/805 ,  H04W12/06 ,  H04W12/10

Abstract: The exemplary embodiments of the invention realize an efficient prevention of massive infiltration of cloned RFID transponders into existing and new RFID systems. Furthermore, reader devices used for authentication of RFID transponders do not need to be on-line and do not need to be equipped with a Security Authentication Module (SAM). This simplifies authentication procedures and reduces costs. According to an exemplary embodiment of the invention a transponder-specific originality signature is stored by a transponder manufacturer on the transponder. The transponder-specific originality signature may, for example, be stored in the non-volatile memory (EEPROM) of the transponder during the fabrication of the transponder. This transponder-specific originality signature can be checked at any time in a convenient way, which provides an indication of originality of said transponder.

Abstract translation: 本发明的示例性实施例实现了有效地防止克隆的RFID应答器大量渗透到现有的和新的RFID系统中。 此外，用于RFID应答器认证的读取器设备不需要在线，并且不需要配备安全认证模块（SAM）。 这简化了认证过程并降低了成本。 根据本发明的示例性实施例，转发器制造商在应答器上存储应答器特定的原始性签名。 例如，应答器特定的原始性签名可以在应答器的制造期间被存储在应答器的非易失性存储器（EEPROM）中。 可以在任何时候以便利的方式检查该应答器特定的原始性签名，这提供了所述应答器的原始性的指示。