公开(公告)号：US20120290845A1

公开(公告)日：2012-11-15

申请号：US13103451

申请日：2011-05-09

Applicant: William Henry Bares ,  Srinivas Devadas ,  Vivek Khandelwal ,  Zdenek Paral ,  Richard Sowell ,  Tonghang Zhou

Inventor： William Henry Bares ,  Srinivas Devadas ,  Vivek Khandelwal ,  Zdenek Paral ,  Richard Sowell ,  Tonghang Zhou

IPC: H04L9/32

CPC classification number: H04L9/3278 ,  H04L9/3247 ,  H04L2209/805

Abstract: A message is signed using a PUF without having to exactly regenerate a cryptographic key. Another party that shares information about the PUF is able to verify the signature to a high degree of accuracy (i.e., high probability of rejection of a forged signature and a low probably of false rejection of a true signature). In some examples, the information shared by a recipient of a message signature includes a parametric model of operational characteristics of the PUF used to form the signature.

Abstract translation: 使用PUF签名消息，而不必完全重新生成加密密钥。 共享关于PUF的信息的另一方能够以高精确度验证签名（即，拒绝伪造签名的可能性很高，并且可能是真正签名的错误拒绝）。 在一些示例中，消息签名的接收方共享的信息包括用于形成签名的PUF的操作特征的参数模型。

公开(公告)号：US08782396B2

公开(公告)日：2014-07-15

申请号：US12234095

申请日：2008-09-19

Applicant: Thomas Ziola ,  Zdenek Paral ,  Srinivas Devadas ,  Gookwon Edward Suh ,  Vivek Khandelwal

Inventor： Thomas Ziola ,  Zdenek Paral ,  Srinivas Devadas ,  Gookwon Edward Suh ,  Vivek Khandelwal

IPC: H04L9/32

CPC classification number: H04L9/3271 ,  G06F21/31 ,  G06F2221/2129 ,  H04L9/3278 ,  H04L2209/12 ,  H04L2209/805 ,  H04W4/80 ,  H04W12/06

Abstract: Physical Unclonable Functions (PUFs) for authentication can be implemented in a variety of electronic devices including FPGAs, RFIDs, and ASICs. In some implementations, challenge-response pairs corresponding to individual PUFs can be enrolled and used to determine authentication data, which may be managed in a database. Later when a target object with a PUF is intended to be authenticated a set (or subset) of challenges are applied to each PUF device to authenticate it and thus distinguish it from others. In some examples, authentication is achieved without requiring complex cryptography circuitry implemented on the device. Furthermore, an authentication station does not necessarily have to be in communication with an authority holding the authentication data when a particular device is to be authenticated.

Abstract translation: 用于认证的物理不可克隆功能（PUF）可以在包括FPGA，RFID和ASIC的各种电子设备中实现。 在一些实现中，对应于各个PUF的挑战 - 响应对可以被注册并用于确定可以在数据库中管理的认证数据。 之后当具有PUF的目标对象旨在被认证时，将对每个PUF设备应用一组（或子集）的挑战来对其进行认证，从而将其与其他人区分开。 在一些示例中，实现认证，而不需要在设备上实现复杂的加密电路。 此外，当特定设备要被认证时，认证站不一定必须与保存认证数据的机构进行通信。

公开(公告)号：US20120183135A1

公开(公告)日：2012-07-19

申请号：US13009205

申请日：2011-01-19

Applicant: Zdenek Paral ,  Srinivas Devadas

Inventor： Zdenek Paral ,  Srinivas Devadas

IPC: H04L9/06

CPC classification number: H04L9/0866 ,  G09C1/00

Abstract: A method is used to reliably provision and re-generate a finite and exact sequence of bits, for use with cryptographic applications, e.g., as a key, by employing one or more challengeable Physical Unclonable Function (PUF) circuit elements. The method reverses the conventional paradigm of using public challenges to generate secret PUF responses; it exposes the response and keeps the particular challenges that generate the response secret.

Abstract translation: 一种方法用于可靠地提供和重新生成有限和确切的比特序列，以通过采用一个或多个可挑战的物理不可克隆功能（PUF）电路元件与密码应用程序（例如密钥）一起使用。 该方法扭转了使用公共挑战产生秘密PUF响应的常规范例; 它暴露了响应，并保持产生响应秘密的特定挑战。

公开(公告)号：US20090083833A1

公开(公告)日：2009-03-26

申请号：US12234095

申请日：2008-09-19

Applicant: Thomas Ziola ,  Zdenek Paral ,  Srinivas Devadas ,  Gookwon Edward Suh ,  Vivek Khandelwal

Inventor： Thomas Ziola ,  Zdenek Paral ,  Srinivas Devadas ,  Gookwon Edward Suh ,  Vivek Khandelwal

IPC: H04L9/32

CPC classification number: H04L9/3271 ,  G06F21/31 ,  G06F2221/2129 ,  H04L9/3278 ,  H04L2209/12 ,  H04L2209/805 ,  H04W4/80 ,  H04W12/06

Abstract: Physical Unclonable Functions (PUFs) for authentication can be implemented in a variety of electronic devices including FPGAs, RFIDs, and ASICs. In some implementations, challenge-response pairs corresponding to individual PUFs can be enrolled and used to determine authentication data, which may be managed in a database. Later when a target object with a PUF is intended to be authenticated a set (or subset) of challenges are applied to each PUF device to authenticate it and thus distinguish it from others. In some examples, authentication is achieved without requiring complex cryptography circuitry implemented on the device. Furthermore, an authentication station does not necessarily have to be in communication with an authority holding the authentication data when a particular device is to be authenticated.

Abstract translation: 用于认证的物理不可克隆功能（PUF）可以在包括FPGA，RFID和ASIC的各种电子设备中实现。 在一些实现中，对应于各个PUF的挑战 - 响应对可以被注册并用于确定可以在数据库中管理的认证数据。 之后当具有PUF的目标对象旨在被认证时，将对每个PUF设备应用一组（或子集）的挑战来对其进行认证，从而将其与其他人区分开。 在一些示例中，实现认证，而不需要在设备上实现复杂的加密电路。 此外，当特定设备要被认证时，认证站不一定必须与保存认证数据的机构进行通信。

公开(公告)号：US08667283B2

公开(公告)日：2014-03-04

申请号：US13103451

申请日：2011-05-09

Applicant: William Henry Bares ,  Srinivas Devadas ,  Vivek Khandelwal ,  Zdenek Paral ,  Richard Sowell ,  Tonghang Zhou

Inventor： William Henry Bares ,  Srinivas Devadas ,  Vivek Khandelwal ,  Zdenek Paral ,  Richard Sowell ,  Tonghang Zhou

IPC: H04L29/06

CPC classification number: H04L9/3278 ,  H04L9/3247 ,  H04L2209/805

Abstract: A message is signed using a PUF without having to exactly regenerate a cryptographic key. Another party that shares information about the PUF is able to verify the signature to a high degree of accuracy (i.e., high probability of rejection of a forged signature and a low probably of false rejection of a true signature). In some examples, the information shared by a recipient of a message signature includes a parametric model of operational characteristics of the PUF used to form the signature.

Abstract translation: 使用PUF签名消息，而不必完全重新生成加密密钥。 共享关于PUF的信息的另一方能够以高精确度验证签名（即，拒绝伪造签名的可能性很高，并且可能是真正签名的错误拒绝）。 在一些示例中，消息签名的接收方共享的信息包括用于形成签名的PUF的操作特征的参数模型。

公开(公告)号：US07818569B2

公开(公告)日：2010-10-19

申请号：US11421582

申请日：2006-06-01

Applicant: Srinivas Devadas ,  Blaise Gassend

Inventor： Srinivas Devadas ,  Blaise Gassend

IPC: G08B29/00 ,  G06F21/02 ,  H01L23/58

CPC classification number: G06F21/31 ,  G06F21/72 ,  G06F21/73 ,  G06F21/77 ,  G06F21/79 ,  G06F21/86 ,  G06F2221/2103 ,  G06F2221/2121 ,  G06F2221/2129 ,  G06F2221/2153 ,  G06Q20/3674 ,  G09C1/00 ,  H01L23/544 ,  H01L23/576 ,  H01L2223/54433 ,  H01L2223/5444 ,  H01L2223/54473 ,  H01L2924/0002 ,  H04L9/0897 ,  H04L9/3278 ,  H04L2209/34 ,  H04L2209/42 ,  H01L2924/00

Abstract: A digital value is generated in an integrated circuit such that the generated value substantially depends on circuit parameters that vary among like devices. The generated digital value is then used, for example, to access protected information in the device or to perform a cryptographic function in the integrated circuit.

Abstract translation: 在集成电路中产生数字值，使得所产生的值基本上取决于在类似的装置之间变化的电路参数。 所产生的数字值例如用于访问设备中的受保护信息或在集成电路中执行加密功能。

公开(公告)号：US07724760B2

公开(公告)日：2010-05-25

申请号：US10639269

申请日：2003-08-12

Applicant: Hari Balakrishnan ,  Srinivas Devadas ,  Arvind Mithal

Inventor： Hari Balakrishnan ,  Srinivas Devadas ,  Arvind Mithal

IPC: H04L12/56

CPC classification number: H04L47/10 ,  H04L47/24 ,  H04L47/39 ,  H04L47/50 ,  H04L47/52 ,  H04L47/6215 ,  H04L47/6255 ,  H04L49/101 ,  H04L49/254 ,  H04L49/30 ,  H04L49/3045

Abstract: A method for selecting a queue for service across a shared link. The method includes classifying each queue from a group of queues within a plurality of ingresses into one tier of a number “N” of tiers. The number “N” is greater than or equal to 2. Information about allocated bandwidth is used to classify at least some of the queues into the tiers. Each tier is assigned a different priority. The method also includes matching queues to available egresses by matching queues classified within tiers with higher priorities before matching queues classified within tiers with lower priorities.

Abstract translation: 一种用于通过共享链路选择服务队列的方法。 该方法包括将来自多个入口内的一组队列中的每个队列分成层数“N”的一层。 数字“N”大于或等于2.关于分配的带宽的信息用于将至少一些队列分类到层级中。 每个层都有不同的优先级。 该方法还包括通过匹配在具有较低优先级的层级中分类的队列之前匹配在具有较高优先级的层级中分类的队列来匹配队列到可用出口。

公开(公告)号：US07681103B2

公开(公告)日：2010-03-16

申请号：US11421588

申请日：2006-06-01

Applicant: Srinivas Devadas ,  Blaise Gassend

Inventor： Srinivas Devadas ,  Blaise Gassend

IPC: G06F11/00

CPC classification number: G06F21/31 ,  G06F21/72 ,  G06F21/73 ,  G06F21/77 ,  G06F21/79 ,  G06F21/86 ,  G06F2221/2103 ,  G06F2221/2121 ,  G06F2221/2129 ,  G06F2221/2153 ,  G06Q20/3674 ,  G09C1/00 ,  H01L23/544 ,  H01L23/576 ,  H01L2223/54433 ,  H01L2223/5444 ,  H01L2223/54473 ,  H01L2924/0002 ,  H04L9/0897 ,  H04L9/3278 ,  H04L2209/34 ,  H04L2209/42 ,  H01L2924/00

Abstract: A device-specific value is reliably generated in a device. In a first component of the device, a first digital value is generated that is substantially dependent fabrication variation among like device. Redundancy information is computed based on the first digital value. A subsequent digital value is later generated in the first component of the device. The first digital value is then determined in a second component of the device from the subsequent digital value and the redundancy information.

Abstract translation: 设备特定的值在设备中可靠地生成。 在器件的第一部件中，产生第一数字值，其基本上依赖于相似器件之间的制造变化。 基于第一数字值计算冗余信息。 稍后在设备的第一个组件中生成后续的数字值。 然后，在随后的数字值和冗余信息中，在设备的第二分量中确定第一数字值。

公开(公告)号：US20090222672A1

公开(公告)日：2009-09-03

申请号：US12361811

申请日：2009-01-29

Applicant: Dwaine Clarke ,  Blaise Gassend ,  Marten Van Dijk ,  Srinivas Devadas

Inventor： Dwaine Clarke ,  Blaise Gassend ,  Marten Van Dijk ,  Srinivas Devadas

IPC: G06F12/14 ,  G06F19/00 ,  H04L9/32 ,  H03K19/00

CPC classification number: G06F21/31 ,  G06F21/72 ,  G06F21/73 ,  G06F21/77 ,  G06F21/79 ,  G06F21/86 ,  G06F2221/2103 ,  G06F2221/2121 ,  G06F2221/2129 ,  G06F2221/2153 ,  G06Q20/3674 ,  G09C1/00 ,  H01L23/544 ,  H01L23/576 ,  H01L2223/54433 ,  H01L2223/5444 ,  H01L2223/54473 ,  H01L2924/0002 ,  H04L9/0897 ,  H04L9/3278 ,  H04L2209/34 ,  H04L2209/42 ,  H01L2924/00

Abstract: An integrated circuit has a first component that has a dynamic characteristic that varies among like integrated circuits, for example, among integrated circuits fabricated using the same lithography mask. Operating the first component produces an output that is dependent on the dynamic characteristic of the first component. A digital value associated with the integrated circuit is generated using the output of the first component, and then the generated digital value is used in operation of the integrated circuit.

Abstract translation: 集成电路具有第一部件，其具有在类似的集成电路之间变化的动态特性，例如在使用相同的光刻掩模制造的集成电路中。 操作第一组件产生取决于第一组件的动态特性的输出。 使用第一分量的输出产生与集成电路相关联的数字值，然后在集成电路的操作中使用所生成的数字值。

公开(公告)号：US07415477B2

公开(公告)日：2008-08-19

申请号：US10482864

申请日：2001-07-05

Applicant: Srinivas Devadas ,  Hari Balakrishnan ,  Daniel Rosenband

Inventor： Srinivas Devadas ,  Hari Balakrishnan ,  Daniel Rosenband

IPC: G06F15/16 ,  G06F15/173 ,  G06F17/00

CPC classification number: H04L47/10 ,  H04L47/2433 ,  H04L47/2458 ,  H04L47/30 ,  H04L47/39 ,  H04L47/50 ,  H04L47/521 ,  H04L47/6215 ,  H04L49/30 ,  H04L49/90 ,  Y10S707/99942

Abstract: A method and apparatus for selecting a queue for service across a shared link. The method includes determining a priority for each queue (202) within a plurality of ingresses (102), wherein the priority is instantaneous for a given timeslot for data transfer, selecting a queue having a first priority for each group of queues within each ingress (104) having packets destined for a particular egress (104), selecting a queue having a second priority for each subset of queues having first priorities and having packets destined for the particular egress (104), and selecting the queue having the second priority for service across the shared link in the given timeslot.

Abstract translation: 一种用于通过共享链路选择用于服务的队列的方法和装置。 该方法包括确定多个入口（102）内的每个队列（202）的优先级，其中优先级对于给定的时隙用于数据传输是瞬时的，为每个入口内的每组队列选择具有第一优先级的队列（ 104），具有去往特定出口（104）的分组，为具有第一优先级的队列的每个子集选择具有第二优先级的队列并且具有去往特定出口（104）的分组，以及选择具有服务的第二优先级的队列 跨越给定时间段的共享链路。