公开(公告)号：US20220158820A1

公开(公告)日：2022-05-19

申请号：US17451198

申请日：2021-10-18

Applicant: NXP B.V.

Inventor： Jan-Peter Schat ,  Andreas Lentz ,  Fabrice Poulard

IPC: H04L9/06

Abstract: An apparatus configured to: receive a digital input signal; receive a processing-direction-signal that can have a forward-value or a backward-value; and provide a digital output signal. The apparatus comprising a processor configured to apply an involutional cryptographic function to the digital input signal by: for a first operation: apply a first step of the involutional cryptographic function to the digital input signal in order to implement a forward calculation to move to the next step in the sequence; and perform a plurality of further operations until the forward calculation of a last step is performed. Each further operation comprises: if the processing-direction-signal has a forward-value: then perform the forward calculation for the current step; or if the processing-direction-signal has a backward-value: then perform a backward calculation for the current step.

公开(公告)号：US12047489B2

公开(公告)日：2024-07-23

申请号：US17451198

申请日：2021-10-18

Applicant: NXP B.V.

Inventor： Jan-Peter Schat ,  Andreas Lentz ,  Fabrice Poulard

IPC: H04L9/00 ,  H04L9/06

CPC classification number: H04L9/0631 ,  H04L2209/16

Abstract: An apparatus configured to: receive a digital input signal; receive a processing-direction-signal that can have a forward-value or a backward-value; and provide a digital output signal. The apparatus comprising a processor configured to apply an involutional cryptographic function to the digital input signal by: for a first operation: apply a first step of the involutional cryptographic function to the digital input signal in order to implement a forward calculation to move to the next step in the sequence; and perform a plurality of further operations until the forward calculation of a last step is performed. Each further operation comprises: if the processing-direction-signal has a forward-value: then perform the forward calculation for the current step; or if the processing-direction-signal has a backward-value: then perform a backward calculation for the current step.

公开(公告)号：US20240031143A1

公开(公告)日：2024-01-25

申请号：US18342856

申请日：2023-06-28

Applicant: NXP B.V.

Inventor： Fabrice Poulard ,  Sören Heisrath ,  Timotheus Arthur van Roermund

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0869 ,  H04L9/32

Abstract: In one example, a circuit includes a secure chip storing one of an enclave of key values linked to an update code; a memory to store an updatable data set including the update value which corresponds to and is revised with the update code; and a logic circuit. The logic circuit is to: provide a key value, based to a revision to the update code, from among the enclave of key values, generate an authentication tag as a function of the provided key value, use the authentication tag to verify that the updatable data set is valid and up to date before using the updatable data set in an application specified for the updatable data set, and update the data set by storing a replacement updatable data set in the memory circuit and including, in the replacement updatable data set, a revised update value which corresponds to a revised update code that is used to provide another key value from among the enclave of key values.

公开(公告)号：US11989302B2

公开(公告)日：2024-05-21

申请号：US17341627

申请日：2021-06-08

Applicant: NXP B.V.

Inventor： Sören Heisrath ,  Fabrice Poulard ,  Marius Rotaru

IPC: G06F21/57

CPC classification number: G06F21/575 ,  G06F2221/034

Abstract: A system, method, and apparatus are provided for securely controlling operations of a data processing system in which security subsystem is activated to provide security services by responding to a security service request, evaluating the request against an adjustable set of system security policies to determine if the security service request is granted access to a protected asset, by generating a response to the security service request using the protected asset if the security service request is granted access to the protected asset, by adjusting a security access policy for the protected asset in the adjustable set of system security policies, and by sending the response from the security subsystem to the external application subsystem.

公开(公告)号：US11509461B2

公开(公告)日：2022-11-22

申请号：US17301780

申请日：2021-04-14

Applicant: NXP B.V.

Inventor： Jan-Peter Schat ,  Fabrice Poulard ,  Andreas Lentz

IPC: G06F21/00 ,  H04L9/08 ,  H04L9/32

Abstract: A method for securing an integrated circuit chip includes obtaining a first value from a first storage area in the chip, obtaining a second value from a second storage area in the chip, generating a third value based on the first value and the second value, and converting a first opcode command obfuscated as a second opcode command into a non-obfuscated form of the first opcode command based on the third value. The first value corresponds to a physically unclonable function (PUF) of the chip. The second value is a key including information indicating a type of obfuscation performed to obfuscate the first opcode command as the second opcode command. The third value may be an inversion flag indicating a type of obfuscation performed to obfuscate the first opcode command as the second opcode command.

公开(公告)号：US20210351922A1

公开(公告)日：2021-11-11

申请号：US17301780

申请日：2021-04-14

Applicant: NXP B.V.

Inventor： Jan-Peter Schat ,  Fabrice Poulard ,  Andreas Lentz

IPC: H04L9/08 ,  H04L9/32

Abstract: A method for securing an integrated circuit chip includes obtaining a first value from a first storage area in the chip, obtaining a second value from a second storage area in the chip, generating a third value based on the first value and the second value, and converting a first opcode command obfuscated as a second opcode command into a non-obfuscated form of the first opcode command based on the third value. The first value corresponds to a physically unclonable function (PUF) of the chip. The second value is a key including information indicating a type of obfuscation performed to obfuscate the first opcode command as the second opcode command. The third value may be an inversion flag indicating a type of obfuscation performed to obfuscate the first opcode command as the second opcode command.

公开(公告)号：US20210406381A1

公开(公告)日：2021-12-30

申请号：US17341627

申请日：2021-06-08

Applicant: NXP B.V.

Inventor： Sören Heisrath ,  Fabrice Poulard ,  Marius Rotaru

IPC: G06F21/57

Abstract: A system, method, and apparatus are provided for securely controlling operations of a data processing system in which security subsystem is activated to provide security services by responding to a security service request, evaluating the request against an adjustable set of system security policies to determine if the security service request is granted access to a protected asset, by generating a response to the security service request using the protected asset if the security service request is granted access to the protected asset, by adjusting a security access policy for the protected asset in the adjustable set of system security policies, and by sending the response from the security subsystem to the external application subsystem.