公开(公告)号：US20220365927A1

公开(公告)日：2022-11-17

申请号：US17867890

申请日：2022-07-19

申请人： INTRINSIC ID B.V.

发明人： Geert Jan SCHRIJEN ,  Derk Jan MEULEMAN

IPC分类号： G06F16/2458 ,  H04L9/32 ,  G09C1/00

摘要： An assigning device (100) for assigning fixed identifiers to fuzzy identifiers, the assigning device comprising a database storing multiple fuzzy identifiers, and a matching unit (130) arranged to determine if a matching fuzzy identifier exists in the database that matches a fuzzy input identifier according to a matching criterion and to determine if a matching fuzzy identifier does not exist in the database according to an absent criterion.

公开(公告)号：US11429624B2

公开(公告)日：2022-08-30

申请号：US15777305

申请日：2016-11-04

申请人： INTRINSIC ID B.V.

发明人： Geert Jan Schrijen ,  Derk Jan Meuleman

IPC分类号： G06F16/2458 ,  H04L9/06 ,  H04L9/32 ,  G09C1/00

摘要： An assigning device (100) for assigning fixed identifiers to fuzzy identifiers, the assigning device comprising a database storing multiple fuzzy identifiers, and a matching unit (130) arranged to determine if a matching fuzzy identifier exists in the database that matches a fuzzy input identifier according to a matching criterion and to determine if a matching fuzzy identifier does not exist in the database according to an absent criterion.

公开(公告)号：US10554398B2

公开(公告)日：2020-02-04

申请号：US15539900

申请日：2015-12-03

申请人： INTRINSIC ID B.V.

发明人： Vincent Van Der Leest ,  Roel Maes ,  Erik Van Der Sluis ,  Franciscus Maria Joannes Willems

IPC分类号： H04L9/08 ,  G09C1/00

摘要： Some embodiments are directed to an electronic cryptographic device configured to determine a cryptographic key. The cryptographic device has a physically unclonable function, a debiasing unit, and a key reconstruction unit. The PUF is configured to produce a first noisy bit string during an enrollment phase and a second noisy bit string during a reconstruction phase. The debiasing unit (120) is configured to determine debiasing data from the first noisy bit string during the enrollment phase. The debiasing data marks bits in the first noisy bit string as retained or discarded. The key reconstruction unit is configured to determine the cryptographic key from bits in the second noisy bit string marked as retained by the debiasing data, the cryptographic key being independent from bits in the second noisy bit string marked as discarded by the debiasing data.

公开(公告)号：US20170310489A1

公开(公告)日：2017-10-26

申请号：US15513440

申请日：2015-09-22

申请人： INTRINSIC ID B.V.

发明人： Erik VAN DER SLUIS ,  Marten VAN HULST

IPC分类号： H04L9/32 ,  H04L9/08 ,  H04L9/14 ,  H04L9/30

摘要： An electronic cryptographic device (100) comprising a physically unclonable function (PUF) (110) and an enrollment unit (142) arranged to generate a first PUF data during the enrollment phase, the first PUF data being derived from a first noisy bit string of the PUF, the first PUF data uniquely identifying the physically unclonable function, the first PUF data comprising a first helper data. The first PUF data is transmitted to an electronic server during an enrollment phase. The device comprises a use-phase unit (144) arranged to generate a second PUF data derived from a second noisy bit string during a use phase. The first helper data is received from the server in response to transmitting the second PUF data. An error corrector (160) is arranged to apply the first helper data to the second noisy bit string.

公开(公告)号：US09430406B2

公开(公告)日：2016-08-30

申请号：US14426728

申请日：2013-09-10

申请人： INTRINSIC ID B.V.

发明人： Erik Van Der Sluis ,  Marten Van Hulst

IPC分类号： H04L9/08 ,  G06F12/14 ,  H04L9/32

CPC分类号： G06F12/1408 ,  G06F7/588 ,  G06F2212/1052 ,  H04L9/0866 ,  H04L9/0869 ,  H04L9/3278 ,  H04L2209/24

摘要： An electronic system 100 for generating a cryptographic key, the system comprising a memory 110 used as a physically unclonable function, the memory being writable, volatile and configured such that upon each powering-up of the memory the memory settles into a memory content which depends upon at least partially random physical characteristics of the memory, the memory being accessible through a memory interface, and a key derivation unit 150 configured to derive the cryptographic key from the memory content into which the memory settled, wherein the electronic system for generating a cryptographic key further comprises, a memory read-out unit connected to the memory through the memory interface and to the key derivation unit, the memory read-out unit comprising an address scrambler 140 for retrieving the memory content over the memory interface in a scrambled order.

摘要翻译： 一种用于产生加密密钥的电子系统100，该系统包括用作物理不可克隆功能的存储器110，该存储器是可写入的，易失性的并且被配置成使得在每次上电存储器时，该存储器都将结合到存储器内容中 通过存储器的至少部分随机的物理特征，存储器可通过存储器接口访问，以及密钥导出单元150，被配置为从存储器确定的存储器内容中导出密码密钥，其中用于产生密码的电子系统 键还包括：存储器读出单元，通过存储器接口连接到存储器和密钥导出单元，存储器读出单元包括地址加扰器140，用于以加扰顺序通过存储器接口检索存储器内容。

公开(公告)号：US09247024B2

公开(公告)日：2016-01-26

申请号：US12595671

申请日：2008-04-04

申请人： Johan Cornelis Talstra ,  Pim Theo Tuyls ,  Daniel Willem Elisabeth Schobben

发明人： Johan Cornelis Talstra ,  Pim Theo Tuyls ,  Daniel Willem Elisabeth Schobben

IPC分类号： H04L29/06 ,  H04L29/08 ,  G06F21/10 ,  H04L9/32

CPC分类号： H04L67/34 ,  G06F21/10 ,  H04L9/321 ,  H04L9/3278 ,  H04L63/08 ,  H04L63/10 ,  H04L67/12 ,  H04L2209/60 ,  H04L2209/80

摘要： A method of and system (110) for controlled activation of at least one function in a product or component at a remote location, which activation requires a correct activation data item to be available in the product or component. The method comprises receiving one or more noisy outputs of an unclonable element associated with the component from the remote location, and providing helper data to the remote location, which helper data transforms the one or more noisy outputs to a single value which corresponds to the correct activation data item.

摘要翻译： 一种用于受控激活远程位置的产品或组件中的至少一个功能的方法和系统（110），该激活需要在产品或组件中可用的正确的激活数据项。 该方法包括从远程位置接收与组件相关联的不可克隆元件的一个或多个噪声输出，以及向远程位置提供帮助数据，哪个帮助数据将一个或多个噪声输出转换成对应于正确的单个值 激活数据项。

公开(公告)号：US20150234751A1

公开(公告)日：2015-08-20

申请号：US14426728

申请日：2013-09-10

申请人： INTRINSIC ID B.V.

发明人： Erik Van Der Sluis ,  Marten Van Hulst

IPC分类号： G06F12/14 ,  H04L9/32

CPC分类号： G06F12/1408 ,  G06F7/588 ,  G06F2212/1052 ,  H04L9/0866 ,  H04L9/0869 ,  H04L9/3278 ,  H04L2209/24

摘要： An electronic system 100 for generating a cryptographic key, the system comprising a memory 110 used as a physically unclonable function, the memory being writable, volatile and configured such that upon each powering-up of the memory the memory settles into a memory content which depends upon at least partially random physical characteristics of the memory, the memory being accessible through a memory interface, and a key derivation unit 150 configured to derive the cryptographic key from the memory content into which the memory settled, wherein the electronic system for generating a cryptographic key further comprises, a memory read-out unit connected to the memory through the memory interface and to the key derivation unit, the memory read-out unit comprising an address scrambler 140 for retrieving the memory content over the memory interface in a scrambled order.

摘要翻译： 一种用于产生加密密钥的电子系统100，该系统包括用作物理不可克隆功能的存储器110，该存储器是可写入的，易失性的并且被配置成使得在每次上电存储器时，该存储器都将结合到存储器内容中 通过存储器的至少部分随机的物理特征，存储器可通过存储器接口访问，以及密钥导出单元150，被配置为从存储器确定的存储器内容中导出密码密钥，其中用于产生密码的电子系统 键还包括：存储器读出单元，通过存储器接口连接到存储器和密钥导出单元，存储器读出单元包括地址加扰器140，用于以加扰顺序通过存储器接口检索存储器内容。

公开(公告)号：US08819409B2

公开(公告)日：2014-08-26

申请号：US13501875

申请日：2010-10-20

申请人： Christiaan Kuipers ,  Pim Theo Tuyls

发明人： Christiaan Kuipers ,  Pim Theo Tuyls

IPC分类号： H04L29/06 ,  H04L9/32 ,  H04L9/08 ,  G06F21/10

CPC分类号： H04L9/3278 ,  G06F21/10 ,  G06F2221/0711 ,  G06F2221/0753 ,  G06F2221/0755 ,  H04L9/08 ,  H04L9/0866 ,  H04L9/32 ,  H04L9/3271 ,  H04L2209/34 ,  H04L2209/60 ,  H04L2209/80

摘要： A distribution system and method for distributing digital information is provided, which has high recoverability from a security breach. The distribution system comprises a server (200) and a computing device (110). During an enrollment phase, the computing device obtains a first response from an integrated physically unclonable function (150) integrated in the computing device. The system comprises an enrollment module (130) for determining helper data from a decryption key and the first response to enable later reconstruction of the decryption key from the helper data and a second response obtained from the physically unclonable function. During a reconstruction phase, which occurs after the enrollment phase and typically after a security breach has occurred that revealed data and/or programming code of the computing device, the server may encrypt digital information using an encryption module (220) with a cryptographic encryption key corresponding to the decryption key.

摘要翻译： 提供了一种用于分发数字信息的分发系统和方法，其具有从安全漏洞的高可恢复性。 分配系统包括服务器（200）和计算设备（110）。 在注册阶段，计算设备从集成在计算设备中的集成的物理上不可克隆功能（150）获得第一响应。 该系统包括用于从解密密钥确定帮助数据的登记模块（130）和用于能够从辅助数据稍后重建解密密钥的第一响应以及从物理不可克隆功能获得的第二响应。 在重建阶段期间，其在注册阶段之后发生，并且通常在发生了显示计算设备的数据和/或编程代码的安全漏洞之后，使用具有密码加密密钥的加密模块（220）来加密数字信息 对应于解密密钥。

公开(公告)号：US10803900B2

公开(公告)日：2020-10-13

申请号：US14517848

申请日：2014-10-18

申请人： INTRINSIC ID B.V.

发明人： Boris Skoric ,  Pim Theo Tuyls ,  Antonius Hermanus Maria Akkermans ,  Willem Gerard Ophey

IPC分类号： H04L29/06 ,  G11B20/00 ,  H04L9/32 ,  G06F21/10

摘要： The present invention relates to a method of enabling authentication of an information carrier, the information carrier comprising a writeable part and a physical token arranged to supply a response upon receiving a challenge, the method comprising the following steps; applying a first challenge to the physical token resulting in a first response, and detecting the first response of the physical token resulting in a detected first response data, the method being characterized in that it further comprises the following steps; forming a first authentication data based on information derived from the detected first response data, signing the first authentication data, and writing the signed authentication data in the writeable part of the information carrier. The invention further relates to a method of authentication of an information carrier, as well as to devices for both enabling authentication as well as authentication of an information carrier.

公开(公告)号：US09383969B2

公开(公告)日：2016-07-05

申请号：US14110009

申请日：2012-04-05

申请人： Erik Van Der Sluis ,  Geert Jan Schrijen ,  Helena Handschuh

发明人： Erik Van Der Sluis ,  Geert Jan Schrijen ,  Helena Handschuh

IPC分类号： G06F7/58 ,  H04L9/08

CPC分类号： G06F7/588 ,  H04L9/0866

摘要： A random number generating system for generating a sequence of random numbers comprising a memory, the memory being writable, volatile and configured such that the memory contains an at least partially random memory content upon each powering-up of the memory, an instantiating unit configured for seeding the random number generating system with a seed dependent upon the at least partially random memory content, the sequence of random numbers being generated in dependence upon the seed, and an over-writing unit configured for over-writing at least part of the memory with random numbers generated by the random number generating system in dependence upon the seed.

摘要翻译： 一种用于产生随机数序列的随机数生成系统，包括存储器，所述存储器是可写入的，易失性的并且被配置为使得所述存储器在每次上电存储器时包含至少部分随机的存储器内容，所述实例单元被配置为 根据所述至少部分随机存储器内容种子具有种子的随机数生成系统，所述随机数序列依赖于所述种子生成;以及重写单元，被配置为用于将所述至少部分所述存储器重写， 由随机数生成系统根据种子生成的随机数。