Patent application number | Description | Published |
20090196418 | Encryption Apparatus with Diverse Key Retention Schemes - An encryption apparatus ( | 08-06-2009 |
20090240923 | Computing Device with Entry Authentication into Trusted Execution Environment and Method Therefor - A computing device ( | 09-24-2009 |
20100199077 | AUTHENTICATED DEBUG ACCESS FOR FIELD RETURNS - Under the direction of a first party, an integrated circuit (IC) device is configured to temporarily enable access to a debug interface of the IC device via authentication of the first party by a challenge/response process using a key of the IC device and a challenge value generated at the IC device. The first party then may conduct a software evaluation of the IC device via the debug interface. In response to failing to identify an issue with the IC device from the software evaluation, the first party can permanently enable open access to the debug interface while authenticated and provide the IC device to a second party. Under the direction of the second party, a hardware evaluation of the IC device is conducted via the debug interface that was permanently opened by the first party. | 08-05-2010 |
20100244888 | METHOD AND APPARATUS FOR INCREASING SECURITY IN A SYSTEM USING AN INTEGRATED CIRCUIT - An integrated circuit can be made more secure by programming a one time programmable circuit so that different signals are provided on terminals as compared to when the integrated circuit was not secure. Instead, or in addition, the integrated circuit can be made more secure by providing decode circuitry that can be used with the one time programmable circuit to select different internal address maps in response to an address value. The decode circuitry can use a first address map when the integrated circuit is secure, and a different address map when the integrated circuit is non-secure. | 09-30-2010 |
20100296651 | ENCRYPTION APPARATUS AND METHOD THEREFOR - An encryption apparatus ( | 11-25-2010 |
20100313056 | Secure Computing Device with Monotonic Counter and Method Therefor - A secure computing device ( | 12-09-2010 |
20130262542 | SYSTEMS WITH MULTIPLE PORT RANDOM NUMBER GENERATORS AND METHODS OF THEIR OPERATION - Methods and systems for producing random numbers include a random number generator with a first port and a second port. The first port is configured to receive a first type of random data request, and the random number generator is configured to generate first random data while the first type of request is asserted on the first port. The second port is configured to receive a second type of random data request, and the random number generator is configured to generate only a specified length of second random data in response to receiving the second type of request on the second port. An embodiment of a system also includes a data structure configured to store multiple random values, which are derived from the first random data generated by the random number generator in response to the first type of random data request. | 10-03-2013 |
20130262543 | RANDOM VALUE PRODUCTION METHODS AND SYSTEMS - Embodiments of methods and systems for producing random values include a first module that provides a random data request (e.g., a request for an unspecified length of random data) to a random number generator. The random number generator generates random data in response to the random data request, and multiple random values derived from the random data are stored in a buffer. In response to receiving a request for a random value (e.g., an initialization vector), the first module produces the random value based on the multiple random values stored in the buffer. The system also may be configured to receive requests for other types of random values, and to fulfill those requests using random data that is not buffered (e.g., random data that is received directly from the random number generator in response to a request for a specified length of random data). | 10-03-2013 |
20130290792 | CRYPTOGRAPHIC PROCESSING WITH RANDOM NUMBER GENERATOR CHECKING - Embodiments of an electronic circuit comprise a module, such as a security module, configured to perform cryptographic processing for a predetermined security protocol that includes random number checking. The security module is controlled by a descriptor that includes instructions that cause the security module to access a generated random number, compare the generated random number to a random number stored during a previous execution of the descriptor, and generate an error signal when the generated random number and the previous execution random number are equal. | 10-31-2013 |
20140006804 | VIRTUALIZED TRUSTED DESCRIPTORS | 01-02-2014 |
20140064480 | SECURE PROVISIONING IN AN UNTRUSTED ENVIRONMENT - Embodiments of methods of provisioning an electronic circuit enable security of sensitive data in a design and manufacturing process that includes multiple parties. In an illustrative embodiment, a method of provisioning an electronic circuit includes generating at least one secret value, embedding the at least one secret value into the electronic circuit, programming into the electronic circuit a private key derivation function that derives the private key from the at least one secret value and a trust anchor, and programming into the electronic circuit a public key generation function that generates a public key matching the private key. The method can further include receiving for execution trust anchor-authenticated logic that contacts a predetermined actor of the plurality of distinct actors and communicates to the predetermined actor a message signed with the private key. | 03-06-2014 |
20140068133 | VIRTUALIZED LOCAL STORAGE - Embodiments of electronic circuits, computer systems, and associated methods include a module that accesses memory using virtual addressing, the memory including local memory that is local to the module and nonlocal memory that is accessible via a system bus coupled to the module, the module including logic coupled to the local memory via a local bus. The logic is configured to receive a memory access specified to a virtual address, determine whether the virtual address is within the local memory, and direct the memory access either to the local memory via the local bus or to the nonlocal memory via the system bus based on the determination. | 03-06-2014 |
20140068246 | CIRCUIT FOR SECURE PROVISIONING IN AN UNTRUSTED ENVIRONMENT - Embodiments of electronic circuits enable security of sensitive data in a design and manufacturing process that includes multiple parties. An embodiment of an electronic circuit can include a private key embedded within the electronic circuit that is derived from a plurality of components including at least one component known only to the electronic circuit and at least one immutable value cryptographically bound into messages and residing on the electronic circuit, public key generation logic that generates a public key to match the private key, and message signing logic that signs messages with the private key. | 03-06-2014 |
20140164458 | SYSTEMS WITH ADJUSTABLE SAMPLING PARAMETERS AND METHODS OF THEIR OPERATION - Embodiments include bitstring generators and methods of their operation. A sampling parameter of the bitstring generator is set to a current value, and values of one or more bits are then repeatedly sampled based on the current value of the sampling parameter. The repeated sampling results in a set of test bits, which is analyzed to determine a randomness measurement associated with the set of test bits. A determination is made whether the randomness measurement meets a criterion. If not, the current value of the sampling parameter is changed to a different value that corresponds to a lower probability of being able to correctly predict the values of the one or more bits produced by the bitstring generator. The steps of repeatedly sampling, analyzing the set of test bits, and determining whether the randomness measurement meets the criteria are then repeated. | 06-12-2014 |
20140164779 | SECURE PROVISIONING IN AN UNTRUSTED ENVIRONMENT - Embodiments include methods for securely provisioning copies of an electronic circuit. A first entity (e.g., a chip manufacturer) embeds one or more secret values into copies of the electronic circuit. A second entity (e.g., an OEM): 1) embeds a trust anchor in a first copy of the electronic circuit; 2) causes the electronic circuit to generate a message signing key pair using the trust anchor and the embedded secret value(s); 3) signs provisioning code using a code signing private key; and 4) sends a corresponding code signing public key, the trust anchor, and the signed provisioning code to a third entity (e.g., a product manufacturer). The third entity embeds the trust anchor in a second copy of the electronic circuit and causes the electronic circuit to: 1) generate the message signing private key; 2) verify the signature of the signed provisioning code using the code signing public key; and 3) launch the provisioning code on the electronic circuit. The electronic circuit can authenticate itself to the OEM using the message signing key pair. | 06-12-2014 |
20140201252 | METHOD AND APPARATUS FOR TESTING A RANDOM NUMBER GENERATOR TESTER - A method and apparatus for testing operation of a random number generator (RNG) testing circuit are provided. In accordance with at least one embodiment, a first RNG output value obtained from a RNG is stored in a first register. In response to activation of a test mode to simulate a faulty RNG, the first RNG output value is stored in a second register. The first RNG output value in the first register is compared to the first RNG output value in the second register. In response to the comparing, a RNG failure signal is provided at a RNG testing circuit output of the RNG testing circuit. In accordance with at least one embodiment, sequential and combinational logic can simulate a faulty RNG. Accordingly, simulation of a faulty RNG may be performed to test a RNG testing circuit even when the RNG is not faulty. | 07-17-2014 |
20140205092 | SECURE PROVISIONING IN AN UNTRUSTED ENVIRONMENT - Embodiments include methods for securely provisioning copies of an electronic circuit. A first entity (e.g., a chip manufacturer) embeds one or more secret values into copies of the electronic circuit. A second entity (e.g., an OEM): 1) embeds a trust anchor in a first copy of the electronic circuit; 2) causes the electronic circuit to generate a message signing key pair using the trust anchor and the embedded secret value(s); 3) signs provisioning code using a code signing private key; and 4) sends a corresponding code signing public key, the trust anchor, and the signed provisioning code to a third entity (e.g., a product manufacturer). The third entity embeds the trust anchor in a second copy of the electronic circuit and causes the electronic circuit to: 1) generate the message signing private key; 2) verify the signature of the signed provisioning code using the code signing public key; and 3) launch the provisioning code on the electronic circuit. The electronic circuit can authenticate itself to the OEM using the message signing key pair. | 07-24-2014 |
20140281354 | CONTINUOUS RUN-TIME INTEGRITY CHECKING FOR VIRTUAL MEMORY - A run-time integrity checking (RTIC) method compatible with memory having at least portions that store data that is changed over time or at least portions configured as virtual memory is provided. For example, the method may comprise storing a table of page entries and accessing the table of page entries by, as an example, an operating system or, as another example, a hypervisor to perform RTIC on memory in which, as an example, an operating system, as another example, a hypervisor, or, as yet another example, application software is stored. The table may, for example, be stored in secure memory or in external memory. The page entry comprises a hash value for the page and a hash valid indicator indicating the validity status of the hash value. The page entry may further comprise a residency indicator indicating a residency status of the memory page. | 09-18-2014 |
20150039916 | DATA PROCESSING SYSTEM WITH PROTOCOL DETERMINATION CIRCUITRY - A semiconductor device includes a processing system including a section of power domain circuitry and a section of coin cell power domain circuitry. The coin cell power domain circuitry is configured to, when power is initially provided to the coin cell power domain circuitry, using power provided by a power management circuit as feedback to determine that the power management circuit provides the power in response to a power request signal being a toggle signal, and determine that the power management circuit provides the power in response to the power request signal being a pulse signal. | 02-05-2015 |
20150085557 | MEMORY HAVING ONE TIME PROGRAMMABLE (OTP) ELEMENTS AND A METHOD OF PROGRAMMING THE MEMORY - A method of programming a memory includes selecting a logic state for programming a first bitcell of the memory. A first one-time-programmable (OTP) element of the first bitcell is programmed using a first set of conditions intended to achieve a first target resistance in accordance with the selected logic state which results in a first degree of programming of the first OTP element. A second OTP element of the first bitcell is programmed using a second set of conditions different from the first set of conditions intended to achieve a second target resistance in accordance with the selected logic state which results in a second degree of programming of the second OTP element, wherein the first and second degrees of programming are visually indistinguishable. | 03-26-2015 |