Patent application number | Description | Published |
20090055780 | Simultaneous Power and Timing Optimization in Integrated Circuits by Performing Discrete Actions on Circuit Components - A graph-based iterative method is provided for selecting component modifications in an integrated circuit design that reduce the power consumption to a minimum while still meeting timing constraints. Channel-connected components are represented as nodes in a timing graph and edges in the timing graph represent directed paths. From the timing graph, a move graph is constructed containing a plurality of move nodes. Each move node represents a change to one of the components in one of the timing graph nodes. A given timing graph node can result in a plurality of move nodes. Move nodes can be merged into group nodes, and both the move nodes and group nodes are assigned a weight based on the change in power and timing effects of the associated components changes. These weights are used to select move nodes or group nodes. In general, a set of move or group nodes is selected representing the maximum cumulative weight and the components changes associated with the nodes in the set are performed on the integrated circuit design. Moves that cause timing violations are reversed. The node weights are updated following components changes and the selection of node sets is repeated iteratively until the power consumption converges to a minimum. | 02-26-2009 |
20090192776 | CHARGE-BASED CIRCUIT ANALYSIS - A solution for analyzing a circuit using initial charge information is provided. In particular, one or more nodes in a design for the circuit is initialized with an initial charge. The charge can comprise a non-equilibrium charge, thereby simulating the history effect, the impact of a charged particle, electro-static discharge (ESD), and/or the like. Operation of the circuit is then simulated over a set of input cycles based on the initial charge(s). To this extent, the non-equilibrium initial condition solution enables the state of the circuit to be controlled and solves the initial system based on these values. This capability is very useful to condition the circuit at a worst-case, best-case, and/or the like, status. Further, in one embodiment of the invention, a set of equations are provided to implement the non-equilibrium initial charge analysis, which provide a more efficient initialization of the circuit than current solutions. | 07-30-2009 |
20100262412 | INTEGRATED CIRCUIT MODELING BASED ON EMPIRICAL TEST DATA - In accordance with one embodiment, a plurality of empirical measurements of a fabricated integrated circuit including a fabricated transistor having multiple terminals is received. The plurality of empirical measurements each include an empirical terminal current set and an empirical terminal voltage set for the terminals of the fabricated transistor. A mathematical simulation model of a simulated transistor is also received. Utilizing the mathematical simulation model, an intermediate data set is calculated by determining, for each of a plurality of different terminal voltage sets, a simulated terminal current set and a simulated terminal charge set. A modeling tool processes the intermediate data set to obtain a time domain simulation model of the fabricated transistor that, for each of the plurality of empirical measurements, provides a simulated terminal charge set. The time domain simulation model is stored in a computer-readable data storage medium. | 10-14-2010 |
20100262413 | COMPENSATING FOR VARIATIONS IN DEVICE CHARACTERISTICS IN INTEGRATED CIRCUIT SIMULATION - According to a method of simulation data processing, a difference is determined between a simulated value of a characteristic for a simulated integrated circuit device and a corresponding empirical value of the characteristic for a fabricated integrated circuit device. A data structure containing a simulation model of the fabricated integrated circuit device is accessed, where the data structure includes a plurality of entries each accessed via a unique index and an index used to access the data structure is offset in accordance with the difference between the simulated value and the empirical value. Operation of the simulated integrated circuit device is then simulated utilizing a value obtained from one of the plurality of entries of the data structure. Results of the simulation are stored in a data storage medium. | 10-14-2010 |
20120260117 | Dynamically Tune Power Proxy Architectures - A mechanism is provided for automatically tuning power proxy architectures. Based on the set of conditions related to an application being executed on a microprocessor core, a weight factor to use for each activity in a set of activities being monitored for the microprocessor core is identified, thereby forming a set of weight factors. A power usage estimate value is generated using the set of activities and the set of weight factors. A determination is made as to whether the power usage estimate value is greater than a power proxy threshold value identifying a maximum power usage for the microprocessor core. Responsive to the power usage estimate value being greater than the power proxy threshold value, a set of signals is sent to one or more on-chip actuators in the power proxy unit associated with the microprocessor core and a set of operational parameters associated with the component are adjusted. | 10-11-2012 |
20130320340 | CIRCUIT TECHNIQUE TO ELECTRICALLY CHARACTERIZE BLOCK MASK SHIFTS - A physical test integrated circuit has a plurality of repeating circuit portions corresponding to an integrated circuit design. A first of the portions is fabricated with a nominal block mask location, and additional ones of the portions are deliberately fabricated with predetermined progressive increased offset of the block mask location from the nominal block mask location. For each of the portions, the difference in threshold voltage between a first field effect transistor and a second field effect transistor is determined. The predetermined progressive increased offset of the block mask location is in a direction from the first field effect transistor to the second field effect transistor. The block mask overlay tolerance is determined at a value of the progressive increased offset corresponding to an inflection of the difference in threshold voltage from a zero difference. A method for on-chip monitoring, and corresponding circuits, are also disclosed. | 12-05-2013 |
20140007030 | INTEGRATED DESIGN ENVIRONMENT FOR NANOPHOTONICS | 01-02-2014 |
20140007032 | INTEGRATED DESIGN ENVIRONMENT FOR NANOPHOTONICS | 01-02-2014 |
20150066467 | POWER AND PERFORMANCE SORTING OF MICROPROCESSORS FROM FIRST INTERCONNECT LAYER TO WAFER FINAL TEST - A system, method and computer program product for sorting Integrated Circuits (chips), particularly microprocessor chips, and particularly that predicts chip performance or power for sorting purposes. The system and method described herein uses a combination of performance-predicting parameters that are measured early in the process, and applies a unique method to project where the part, e.g., microprocessor IC, will eventually be sorted. Sorting includes classifying the IC product to a subset of a family of products with the product satisfying certain performance characteristics or specifications, in the early stages of manufacturing, e.g., before the end product is fully fabricated. | 03-05-2015 |
20150179536 | CIRCUIT TECHNIQUE TO ELECTRICALLY CHARACTERIZE BLOCK MASK SHIFTS - A physical test integrated circuit has a plurality of repeating circuit portions corresponding to an integrated circuit design. A first of the portions is fabricated with a nominal block mask location, and additional ones of the portions are deliberately fabricated with predetermined progressive increased offset of the block mask location from the nominal block mask location. For each of the portions, the difference in threshold voltage between a first field effect transistor and a second field effect transistor is determined. The predetermined progressive increased offset of the block mask location is in a direction from the first field effect transistor to the second field effect transistor. The block mask overlay tolerance is determined at a value of the progressive increased offset corresponding to an inflection of the difference in threshold voltage from a zero difference. A method for on-chip monitoring, and corresponding circuits, are also disclosed. | 06-25-2015 |
Patent application number | Description | Published |
20080256151 | WEIGHTED ENTROPY POOL SERVICE - A weighted entropy pool service system and methods. Weights are associated with entropy sources and are used to estimate a quantity of entropy contained in data from the entropy sources. An interface is optionally provided to facilitate connecting user entropy sources to the entropy pool service. The quantity of entropy contained in the system is tracked as entropy is distributed to entropy consumers. A persistent entropy pool state file stores entropy across system restarts. | 10-16-2008 |
20080263361 | Cryptographically strong key derivation using password, audio-visual and mental means - A security system that uses a cryptographic key derived from human interaction with media. The system employs a set of parameters that includes user responses to graphical media and/or audio data, among other parameters. The architecture adds a fourth dimension to the conventional authentication means in order to make at least an offline attack on the key much more difficult. In addition to a standard set of parameters such as password, salt (random bits inserted into the encryption process) and iteration count, the system further utilizes information in the form of “what the user does” by presenting and prompting the user to interact with media in some way. The media can include audio information, video information, and/or image information, for example. | 10-23-2008 |
20090199299 | INTEGRATED USER EXPERIENCE WHILE ALLOCATING LICENSES WITHIN VOLUME LICENSING SYSTEMS - This description provides tools for providing integrated user experiences while allocating licenses within volume licensing systems. These tools may provide methods that include sending information for presenting licensing portals at recipient organizations. The licensing portals may include representations of properties licensed by the organizations, and may include indications of how many licenses remain available for allocation. The methods may include receiving and validating licensing requests. The tools may provide other methods that include requesting and receiving information for presenting the licensing portals, as well as requesting and receiving licensing-related actions from the licensing systems. The tools may provide still other methods that include receiving requests for information to present launch portals, with these requests incorporating user identifiers for particular end-users. These methods may also populate the launch portals with representations of properties for which the end-users are licensed, and may send the information for the launch portals to licensee organizations. | 08-06-2009 |
20100208898 | MANAGING GROUP KEYS - In an example, one or more cryptographic keys may be associated with a group. Any member of the group may use the key to encrypt and decrypt information, thereby allowing members of the group to share encrypted information. Domain controllers (DCs) maintain copies of the group's keys. The DCs may synchronize with each other, so that each DC may have a copy of the group's keys. Keys may have expiration dates, and any client connected to a DC may generate a new key when a key is nearing expiration. The various clients may create new keys at differing amounts of time before expiration on various DCs. DCs that store keys early thus may have time to propagate the newly-created keys through synchronization before other DCs are requested to store keys created by other clients. In this way, the creation of an excessive number of new keys may be avoided. | 08-19-2010 |
20100306554 | DISTRIBUTED KEY ENCRYPTION IN SERVERS - Architecture that stores specific passwords on behalf of users, and encrypts the passwords using encryption keys managed by a distributed key management system. The encryption keys are stored in a directory service (e.g., hierarchical) in an area that is inaccessible by selected entities (e.g., administrative users) having superior permissions such as supervisory administrators, but accessible to the account components that need to access the unencrypted passwords. The distributed key management system makes the encryption key stored in the directory service available to all hardware/software components that need the key to encrypt or decrypt the passwords. | 12-02-2010 |
20110252229 | SECURING PASSWORDS AGAINST DICTIONARY ATTACKS - Described herein are various technologies pertaining to constructions of a password-based authentication protocol that are configured to allow a user to register with and authenticate to an online service without the online service receiving a password or a deterministic function of the password of the user. When registering with an online service, a client computing device establishes a cryptographically strong random secret and stores an encryption of such secret with a data storage device. The storage device also never receives the password or a deterministic function of the password. When the user wishes to authenticate to the online service, the user employs her password to retrieve the encrypted secret from the storage device, decrypts such secret, and utilizes the decrypted secret to answer a cryptographically strong challenge provided to the user by the online service upon the online service receiving a username pertaining to such user. | 10-13-2011 |
20120144459 | REVOKING DELEGATABLE ANONYMOUS CREDENTIALS - The claimed subject matter provides a method for revoking delegatable anonymous credentials. The method includes receiving a request to revoke an anonymous credential. The anonymous credential may be representative of an ability to prove non-membership in an accumulator for a first entity. The method also includes revoking the anonymous credential from the first entity in response to the request to revoke the anonymous credential. Additionally, the method includes revoking the anonymous credential from a second entity in response to the request to revoke the anonymous credential. The first entity delegates the anonymous credential to the second entity. | 06-07-2012 |
20120159577 | ANONYMOUS PRINCIPALS FOR POLICY LANGUAGES - Techniques to allow a security policy language to accommodate anonymous credentials are described. A policy statement in a security policy language can reference an anonymous credential. When the policy statement is evaluated to decide whether to grant access to a resource mediated by the policy statement, the anonymous credential is used. The policy language can be implemented to allow one anonymous credential to delegate access-granting rights to another anonymous credential. Furthermore, an anonymous credential can be re-randomized to avoid linkage between uses of the anonymous credential, which can compromise anonymity. | 06-21-2012 |
20120173885 | KEY MANAGEMENT USING TRUSTED PLATFORM MODULES - Described herein are techniques for distributed key management (DKM) in cooperation with Trusted Platform Modules (TPMs). The use of TPMs strengthens the storage and processing security surrounding management of distributed keys. DKM-managed secret keys are not persistently stored in clear form. In effect, the TPMs of participating DKM nodes provide security for DKM keys, and a DKM key, once decrypted with a TPM, is available to be used from memory for ordinary cryptographic operations to encrypt and decrypt user data. TPM public keys can be used to determine the set of trusted nodes to which TPM-encrypted secret keys can be distributed. | 07-05-2012 |
20120324233 | Verifying Requests for Access to a Service Provider Using an Authentication Component - The subject disclosure is directed towards processing requests for accessing a service provider. After examining at least one security token, a public key and a portion of attribute information are identified. An authentication component is accessed and applied to the public key. A unique user identifier is employed in generating the public key. The authentication component is generated using information from at least one revoked security token or at least one valid security token. The authentication component is configured to prove validity of the at least one security token. | 12-20-2012 |
20130259234 | ROLE-BASED DISTRIBUTED KEY MANAGEMENT - Implementations for providing role-based distributed key management (DKM) replication are described. A server node receives a request from a requester node to perform a DKM create or update function. The server node determines the role of the requester node based on a public key of the requester node. The server node determines whether the role of the requester node indicates that the requester node is authorized to request the DKM create or update function. If the requester node's role is authorized to request the DKM create or update function, then the server node performs the requested function. The DKM create or update function may involve a replication function. Public key and trust chains may be derived from physical cryptographic processors, such as TPMs. | 10-03-2013 |
20130346755 | Homomorphic Signatures and Network Coding Signatures - The subject disclosure is directed towards a technology by which data is securely distributed using a homomorphic signature scheme and homomorphic network coding signature schemes. A homomorphic signature scheme for signing the data is based upon binary pairing with standard prime order groups. Sets of data are signed based upon dividing a larger block of data into smaller blocks, and separately signing each smaller block. The smaller blocks may be distributed to nodes of a network topology that are configured for network coding. In one alternative, the homomorphic signature scheme protects against changes to the block identifier. Proof data may be provided independent of a random oracle, may be provided by providing parameters for verification in a Groth-Sahai proof system, or may be provided by providing parameters for verification independent of a Groth-Sahai proof system. | 12-26-2013 |
20140281525 | MINIMAL DISCLOSURE CREDENTIAL VERIFICATION AND REVOCATION - The subject disclosure is directed towards credential verification for accessing a service provider. A user may prove to the service provider the validity of the credential by communicating a non-revocation component that is based upon a prime-order cryptographic group without a bilinear pairing. In order to authenticate the user, a verification mechanism within an identity management system applies private cryptographic data, including a verifier-designated private key to the non-revocation component, which proves that the user's identity and therefore, the credential is not revoked. The presentation proof includes a hash value that is computed using the credential's commitment and the prime-order cryptographic group. By verifying that the hash value was computed using that commitment, the verification mechanism validates the credential and permits access to the service provider. | 09-18-2014 |
20150195257 | SECURING PASSWORDS AGAINST DICTIONARY ATTACKS - Described herein are various technologies pertaining to constructions of a password-based authentication protocol that are configured to allow a user to register with and authenticate to an online service without the online service receiving a password or a deterministic function of the password of the user. When registering with an online service, a client computing device establishes a cryptographically strong random secret and stores an encryption of such secret with a data storage device. The storage device also never receives the password or a deterministic function of the password. When the user wishes to authenticate to the online service, the user employs her password to retrieve the encrypted secret from the storage device, decrypts such secret, and utilizes the decrypted secret to answer a cryptographically strong challenge provided to the user by the online service upon the online service receiving a username pertaining to such user. | 07-09-2015 |
20150215118 | ROLE-BASED DISTRIBUTED KEY MANAGEMENT - Implementations for providing role-based distributed key management (DKM) replication are described. A server node receives a request from a requester node to perform a DKM create or update function. The server node determines the role of the requester node based on a public key of the requester node. The server node determines whether the role of the requester node indicates that the requester node is authorized to request the DKM create or update function. If the requester node's role is authorized to request the DKM create or update function, then the server node performs the requested function. The DKM create or update function may involve a replication function. Public key and trust chains may be derived from physical cryptographic processors, such as TPMs. | 07-30-2015 |
20150220927 | METHOD, APPARATUS AND SYSTEM FOR PROVIDING TRANSACTION INDEMNIFICATION - Techniques and mechanisms to provide indemnification for a transaction involving communications between networked devices. In an embodiment, attestation logic of a first device sends to a second device attestation information to indicate a trustworthiness level of first device. Based on the attestation information, indemnification logic of the second device determines an indemnification value representing a cost of an indemnification for a first transaction. Indemnification logic of the first device receives the indemnification value and determines, based on the indemnification value, whether a participation in the transaction is to take place. | 08-06-2015 |