WO2009077511A2 - Method of encrypting chip identifier - Google Patents

Method of encrypting chip identifier Download PDF

Info

Publication number
WO2009077511A2
WO2009077511A2 PCT/EP2008/067573 EP2008067573W WO2009077511A2 WO 2009077511 A2 WO2009077511 A2 WO 2009077511A2 EP 2008067573 W EP2008067573 W EP 2008067573W WO 2009077511 A2 WO2009077511 A2 WO 2009077511A2
Authority
WO
WIPO (PCT)
Prior art keywords
public
encryption key
chip identifier
chip
way
Prior art date
Application number
PCT/EP2008/067573
Other languages
French (fr)
Other versions
WO2009077511A3 (en
Inventor
Jean-Marc Guiradet
Ed Spittles
Original Assignee
Icera Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Icera Inc filed Critical Icera Inc
Priority to GB1010340.6A priority Critical patent/GB2468086B/en
Publication of WO2009077511A2 publication Critical patent/WO2009077511A2/en
Publication of WO2009077511A3 publication Critical patent/WO2009077511A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the present invention relates to the generation of an encryption key and a public chip identifier for an integrated circuit.
  • a set of electronic fuses are provided and set on a chip, at the production stage, which fuses are known as efuses.
  • the number of efuses is limited. Of the limited number of efuses, some are used for non-secret technical purposes such as, for example, configuration data, electrical tuning, memory redundancy selection.
  • the identification values may be used for public identification and for cryptography. For identification purposes, each chip must have a unique value.
  • a chip In the prior art it is known for a chip to be provided with a unique chip identifier, known as the ChipID.
  • the ChiplD may be encoded into the chip using some or all of the efuses, and uniquely identifies the chip.
  • the unique chip identifier is not a public identifier. Instead, it is known in the art to generate a so-called public chip identifier, known as the public chip ID, based on applying a secure hash algorithm to the ChipID. This protects the chip ID from being publicly distributed, but allows a public unique identification of the chip to be made available. It is also known in the art to generate a master encryption key, known as key Kl, from the ChipID. The encryption key is not a public key.
  • each of the public chip ID and the encryption key is generated independently from the ChipID as defined by the efuses. This is possible where the number of efuses, and hence the number of bits in the ChipID, is sufficiently large.
  • a method of generating an encryption key and a public chip identifier comprising: applying a first one-way hash function to a chip identifier value to produce the encryption key; and applying a second one-way hash function to the encryption key to produce the public chip identifier.
  • the public chip identifier is provided by an efuse.
  • the method may further comprise generating a local signature in dependence on the encryption key.
  • the public chip identifier may be transmitted in an AT cmd.
  • the invention provides an apparatus for generating an encryption key and a public chip identifier, comprising: a first one-way hash function for receiving a chip identifier value and generating an encryption key; and a second one-way hash function for receiving the encryption key and generating the public chip identifier.
  • the apparatus may further comprise an efuse for providing the chip identifier value.
  • the invention provides an improved technique for generating a secret key and/or a public chip identifier.
  • the secret key and/or the public chip identifier are both generated from a single source.
  • the single source is the Chip ID.
  • Such a technique is particularly advantageous where the Chip ID constitutes a limited number of bits.
  • Figure 1 illustrates a technique for generating an encryption key and a public chip identifier
  • FIG. 2 illustrates a use of the encryption key
  • Figure 3 illustrates a technique for generating an encryption key and a public chip identifier
  • Figure 4 illustrates generation of an encryption key and a public chip identifier
  • a chip is provided with a set of efuses which define a ChipID, as denoted by reference numeral 104.
  • the efuses are set in the chip factory during manufacturing.
  • the values represented by the effuses, or at least selected ones of such values, are provided as an input to an advanced encryption standard (AES) functional block denoted by reference numeral 118.
  • AES advanced encryption standard
  • the efuse values form an input to a first one-way function 106.
  • the one-way function generates an encryption key Kl, denoted by reference numeral 108.
  • the encryption key Kl is output on a line 114.
  • the encryption key Kl further forms an input to a second one-way function 110.
  • the one-way function 110 generated a public chip identifier (PCID),denoted by reference numeral 112.
  • PCID is output on a line 1 16.
  • the first one-way function 106 is applied to a set of bits of the ChipID to produce the encryption key, K 1.
  • the first one-way function produces the chip unique secret key, Kl, from the eFuse ChipID (fuse data).
  • the purpose of the first one-way function is to deter reverse engineering. A secret key should not be publicly disclosed.
  • Kl is used during the life of a chip to effect secure communications or storage, such that the chip can trust the integrity and possibly secrecy of certain values in storage and the integrity and possibly secrecy of certain communications.
  • Kl is provided on output line 114 and, in the described example, is then used for generation of a mobile local signature for a mobile device in which the chip is installed.
  • the mobile local signature is a cryptographic signature of a data packet, or of a value derived from a data packet, used to ensure that the packet has not been tampered with and that the packet is associated with this chip or this transaction, and not copied from some other chip or transaction.
  • FIG. 2 illustrates a block 202 with which the encryption key is generated, which may correspond to one or more elements of Figure 1.
  • SHA secure hash algorithm
  • AES advanced encryption standard
  • a file content is provided on line 204 to an input o the SHA 206.
  • the SHA 206 provided an output which forms an input to the AES 208.
  • the AES 208 additionally received the encryption key K! from block 202.
  • a signature is provided by the AES 208 on line 210.
  • Figure 2 serves to illustrate how Kl is used to encrypt a hash of file content.
  • Kl serves as a signature of the file content.
  • Kl is unique for each mobile, as it is generated on the basis of the unique eFuse ChiplD.
  • the file content might be technical operating parameters or program code, or an update to the program code, or information of financial value such as the subscriber identity or information enforcing contractual restrictions on the operation of the mobile device on behalf of a subscriber.
  • Some such data should be protected because corrupted or malicious values might impact upon the technical operation of the device and the network, might damage the reputation of the chip manufacturer or network operator, and other such data if corrupted might impact the business model of the network operator or permit fraud.
  • the PCID 1 12 is shown as being transmitted one line 116 as part of a command message "AT and".
  • the public ChipID is used to identify each device for the purpose of filed service and failure analysis. It is also used for asset tracking and collating device history for each device.
  • the two one-way functions are arranged such that a secret value (Kl) is produced first and a public value (PCID) is produced as a function of the secret value.
  • Kl secret value
  • PCID public value
  • the first one-way function 106 serves to obscure the effect of the individual bits of the efuses, and also acts as an expensive operation - for an attacker - which makes it costly to enumerate all possible efuse values.
  • the second one-way function 1 10 serves to prevent reverse engineering of the public chip identifier to gain knowledge of the secret key.
  • the arrangement thus provides for the secure creation of a secret key and a public ID from a small number of efuses providing the ChipID.
  • the small number of efuses may not be sufficient to otherwise provide an independent secret key and a public ID.
  • Each of the first and second one-way functions may be implemented in a number of ways.
  • the implementation of a first one-way function followed by a second one-way function creates a chain of hashes. Such an arrangement is not scalable, and it is necessary to know ahead of time how many 'random' numbers will be needed.
  • Each one-way function may implement encryption of integers, in which negative integers are used for keys and positive integers are used for as a source of entropy.
  • the first one-way functional is optional, and not essential.
  • the first one-way function when implemented, is selectable, and may be changed or updated.
  • a change may be implemented, for example, in case of a compromise or after an unfavorable analysis.
  • the method of signature generation illustrated in Figure 2 could also be achieved by appending the secret to the text and forming the hash.
  • a nonce could be applied to prevent against pre-computation or dictionary attack, allowing more security from a limited initial source of entropy.
  • a nonce can be derived from non-crypto-secure entropy, such as temperature and frequency readings, and possibly radio readings.
  • the PCID number could be derived from the eFuse ChipID using a public key.
  • the transformation may then be reversed using a private key.
  • a random function generates value for a chip identifier, which is used to set the efuses for a chip as denoted by block 304,
  • the efuse values are input to an advanced encryption standard (AES) denoted by block 306.
  • AES advanced encryption standard
  • the block 306 represents the function of block 118 of Figure 1. Thereafter the AES generates an encryption key 310 and a public chip identifier 308.
  • Figure 4 illustrates independent generation of the encryption key Kl and the public chip identifier.
  • the efuse chip ID is input to a first function 406, which mangles the input.
  • An output of the first function 406, which is a mangled EC ⁇ D, is input to a second function 408, which is a secure hash algorithm.
  • the output of the secure hash algorithm on line 410 forms the PCID.
  • the efuse chip ID is input to a first function 412, which mangles the input.
  • An output of the first function 412 which is a mangled ECID, is input to a second function 414, which is a secure hash algorithm.
  • the output of the secure hash algorithm on line 416 forms the PCID,
  • the effuses are set at the time of manufacture according to the objective that each chip should preferably have a unique value, and that very few chips should possibly have the same value.
  • each chip should preferably have a unique value, and that very few chips should possibly have the same value.
  • the value is not controlled or influenced by a malicious party.

Abstract

There is disclosed a method of generating an encryption key and a public chip identifier, comprising: applying a first one-way hash function to a chip identifier value to produce the encryption key; and applying a second one-way hash function to the encryption key to produce the public chip identifier.

Description

Method of Encrypting Chip Identifier
The present invention relates to the generation of an encryption key and a public chip identifier for an integrated circuit. Typically a set of electronic fuses are provided and set on a chip, at the production stage, which fuses are known as efuses. The number of efuses is limited. Of the limited number of efuses, some are used for non-secret technical purposes such as, for example, configuration data, electrical tuning, memory redundancy selection.
Some of the efuses are used for identification purposes. The identification values may be used for public identification and for cryptography. For identification purposes, each chip must have a unique value.
In the prior art it is known for a chip to be provided with a unique chip identifier, known as the ChipID. The ChiplD may be encoded into the chip using some or all of the efuses, and uniquely identifies the chip. The unique chip identifier is not a public identifier. Instead, it is known in the art to generate a so-called public chip identifier, known as the public chip ID, based on applying a secure hash algorithm to the ChipID. This protects the chip ID from being publicly distributed, but allows a public unique identification of the chip to be made available. It is also known in the art to generate a master encryption key, known as key Kl, from the ChipID. The encryption key is not a public key.
In prior art arrangements, each of the public chip ID and the encryption key is generated independently from the ChipID as defined by the efuses. This is possible where the number of efuses, and hence the number of bits in the ChipID, is sufficiently large. A problem arises in chip arrangements with a limited number of efuses, and hence a limited-bit ChipID. In such arrangements, the entropy provided by the efuses is not enough for both a secret key and a public chip identifier to be generated from the same source (ChipID). It is an aim of the invention to provide an improved technique for generating a secret key and/or a public chip identifier from the information encoded in the efuses.
In accordance with the invention there is provided a method of generating an encryption key and a public chip identifier, comprising: applying a first one-way hash function to a chip identifier value to produce the encryption key; and applying a second one-way hash function to the encryption key to produce the public chip identifier.
Preferably the public chip identifier is provided by an efuse.
The method may further comprise generating a local signature in dependence on the encryption key. The public chip identifier may be transmitted in an AT cmd.
The invention provides an apparatus for generating an encryption key and a public chip identifier, comprising: a first one-way hash function for receiving a chip identifier value and generating an encryption key; and a second one-way hash function for receiving the encryption key and generating the public chip identifier. The apparatus may further comprise an efuse for providing the chip identifier value.
The invention provides an improved technique for generating a secret key and/or a public chip identifier. The secret key and/or the public chip identifier are both generated from a single source. The single source is the Chip ID. Such a technique is particularly advantageous where the Chip ID constitutes a limited number of bits.
The invention will now be described by way of example with reference to the accompanying drawings, in which:
Figure 1 illustrates a technique for generating an encryption key and a public chip identifier;
Figure 2 illustrates a use of the encryption key;
Figure 3 illustrates a technique for generating an encryption key and a public chip identifier; and Figure 4 illustrates generation of an encryption key and a public chip identifier.
The invention is now described by way of a discussion of non-limiting examples.
One skilled in the art will appreciate the applicability of the invention beyond the specific examples given herein. In particular, the invention is described with reference to a chip for implementation in a mobile telephone handset. The invention is not limited to such applications.
Reference is made to Figure 1. A chip is provided with a set of efuses which define a ChipID, as denoted by reference numeral 104. As denoted by block 120, the efuses are set in the chip factory during manufacturing. The values represented by the effuses, or at least selected ones of such values, are provided as an input to an advanced encryption standard (AES) functional block denoted by reference numeral 118.
Within the AES 118, the efuse values form an input to a first one-way function 106. The one-way function generates an encryption key Kl, denoted by reference numeral 108. The encryption key Kl is output on a line 114. The encryption key Kl further forms an input to a second one-way function 110. The one-way function 110 generated a public chip identifier (PCID),denoted by reference numeral 112. The PCID is output on a line 1 16.
As shown in Figure 1, the first one-way function 106 is applied to a set of bits of the ChipID to produce the encryption key, K 1. The first one-way function produces the chip unique secret key, Kl, from the eFuse ChipID (fuse data). The purpose of the first one-way function is to deter reverse engineering. A secret key should not be publicly disclosed.
The encryption key Kl is used during the life of a chip to effect secure communications or storage, such that the chip can trust the integrity and possibly secrecy of certain values in storage and the integrity and possibly secrecy of certain communications. By way of example, Kl is provided on output line 114 and, in the described example, is then used for generation of a mobile local signature for a mobile device in which the chip is installed.
The mobile local signature is a cryptographic signature of a data packet, or of a value derived from a data packet, used to ensure that the packet has not been tampered with and that the packet is associated with this chip or this transaction, and not copied from some other chip or transaction.
A further example of the use of the encryption key Kl is given with reference to Figure 2. Figure 2 illustrates a block 202 with which the encryption key is generated, which may correspond to one or more elements of Figure 1. There is also illustrated a secure hash algorithm (SHA) 206 and an advanced encryption standard (AES) 208.
As shown in Figure 2, a file content is provided on line 204 to an input o the SHA 206. The SHA 206 provided an output which forms an input to the AES 208. The AES 208 additionally received the encryption key K! from block 202. A signature is provided by the AES 208 on line 210.
Figure 2 serves to illustrate how Kl is used to encrypt a hash of file content. Kl serves as a signature of the file content. Kl is unique for each mobile, as it is generated on the basis of the unique eFuse ChiplD.
The file content might be technical operating parameters or program code, or an update to the program code, or information of financial value such as the subscriber identity or information enforcing contractual restrictions on the operation of the mobile device on behalf of a subscriber. Some such data should be protected because corrupted or malicious values might impact upon the technical operation of the device and the network, might damage the reputation of the chip manufacturer or network operator, and other such data if corrupted might impact the business model of the network operator or permit fraud.
By way of example, in Figure 1 the PCID 1 12 is shown as being transmitted one line 116 as part of a command message "AT and". The public ChipID is used to identify each device for the purpose of filed service and failure analysis. It is also used for asset tracking and collating device history for each device.
With reference again to Figure 1, the two one-way functions are arranged such that a secret value (Kl) is produced first and a public value (PCID) is produced as a function of the secret value. Use of one-way functions provides that the public nature of the public value gives no assistance to an attacker wishing to determine the secret value.
The first one-way function 106 serves to obscure the effect of the individual bits of the efuses, and also acts as an expensive operation - for an attacker - which makes it costly to enumerate all possible efuse values.
The second one-way function 1 10 serves to prevent reverse engineering of the public chip identifier to gain knowledge of the secret key.
The arrangement thus provides for the secure creation of a secret key and a public ID from a small number of efuses providing the ChipID. The small number of efuses may not be sufficient to otherwise provide an independent secret key and a public ID.
Each of the first and second one-way functions may be implemented in a number of ways. The implementation of a first one-way function followed by a second one-way function creates a chain of hashes. Such an arrangement is not scalable, and it is necessary to know ahead of time how many 'random' numbers will be needed. Each one-way function may implement encryption of integers, in which negative integers are used for keys and positive integers are used for as a source of entropy.
The first one-way functional is optional, and not essential.
The first one-way function, when implemented, is selectable, and may be changed or updated. A change may be implemented, for example, in case of a compromise or after an unfavorable analysis.
The method of signature generation illustrated in Figure 2 could also be achieved by appending the secret to the text and forming the hash. A nonce could be applied to prevent against pre-computation or dictionary attack, allowing more security from a limited initial source of entropy.
A nonce can be derived from non-crypto-secure entropy, such as temperature and frequency readings, and possibly radio readings. The PCID number could be derived from the eFuse ChipID using a public key.
The transformation may then be reversed using a private key.
With reference to Figure 3, there is illustrated an example flow diagram in accordance with the inventive principles. As denoted by block 302 a random function generates value for a chip identifier, which is used to set the efuses for a chip as denoted by block 304, The efuse values are input to an advanced encryption standard (AES) denoted by block 306. The block 306 represents the function of block 118 of Figure 1. Thereafter the AES generates an encryption key 310 and a public chip identifier 308.
Figure 4 illustrates independent generation of the encryption key Kl and the public chip identifier. As illustrated in Figure 4, in a sequence 402 the efuse chip ID is input to a first function 406, which mangles the input. An output of the first function 406, which is a mangled ECΪD, is input to a second function 408, which is a secure hash algorithm. The output of the secure hash algorithm on line 410 forms the PCID.
As further illustrated in Figure 4, in a sequence 404 the efuse chip ID is input to a first function 412, which mangles the input. An output of the first function 412, which is a mangled ECID, is input to a second function 414, which is a secure hash algorithm. The output of the secure hash algorithm on line 416 forms the PCID,
Various functions for implementing the one-way functions of blocks 106 and 110 of Figure 1 are known in the art. As a rule of thumb, for every 10 bits of data there is a one thousand-fold increase in the number of unique keys. If there are only a million unique keys, then there may be vulnerability to an attack by exhaustive search of all possible keys. A billion keys (30 bits) confers a degree of safety, but conventionally 56 or 64 bit keys are conventional values to protect an asset of moderate value. A 128 bit key would be a safe number. Depending on production volume and the relative undesirabϋity of two chips bearing the same value, between 24 and 64 bits may be used for a public value, an another 128 bits used for cryptography purposes.
For this purpose, the effuses are set at the time of manufacture according to the objective that each chip should preferably have a unique value, and that very few chips should possibly have the same value. For cryptographic purposes, there is also an aim that the value is not controlled or influenced by a malicious party.
Arrangements in accordance with the present invention allow safe usage of the limited number of bits available for both purposes. The invention has been described herein by way of reference to preferred non- limiting examples. In particular, it should be noted that the invention is not limited in its scope to chips or integrated circuits for use in mobile communication devices, such as mobile telephone handsets, although it may be advantageously implemented in such devices.

Claims

Claims
1. A method of generating an encryption key and a public chip identifier, comprising: applying a first one-way hash function to a chip identifier value to produce the encryption key; and applying a second one-way hash function to the encryption key to produce the public chip identifier.
2. A method according to claim 1 the public chip identifier is provided by an efuse.
3. A method according to claim 1 or claim 2 further comprising generating a local signature in dependence on the encryption key.
4. A method according to any one of claims 1 to 3 wherein the public chip identifier is transmitted in an AT cmd.
5. An apparatus for generating an encryption key and a public chip identifier, comprising: a first one-way hash function for receiving a chip identifier value and generating an encryption key; and a second one-way hash function for receiving the encryption key and generating the public chip identifier.
6. An apparatus according to claim 5 further comprising an efuse for providing the chip identifier value.
PCT/EP2008/067573 2007-12-14 2008-12-15 Method of encrypting chip identifier WO2009077511A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1010340.6A GB2468086B (en) 2007-12-14 2008-12-15 Method of encrypting chip identifier

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0724436.1 2007-12-14
GB0724436A GB0724436D0 (en) 2007-12-14 2007-12-14 Method of encryping chip identifier

Publications (2)

Publication Number Publication Date
WO2009077511A2 true WO2009077511A2 (en) 2009-06-25
WO2009077511A3 WO2009077511A3 (en) 2009-08-27

Family

ID=39048124

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2008/067573 WO2009077511A2 (en) 2007-12-14 2008-12-15 Method of encrypting chip identifier

Country Status (2)

Country Link
GB (2) GB0724436D0 (en)
WO (1) WO2009077511A2 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2406246A (en) * 2003-09-17 2005-03-23 Hewlett Packard Development Co Secure Provision of Image Data
EP1645931A1 (en) * 2004-10-11 2006-04-12 Telefonaktiebolaget LM Ericsson (publ) Secure loading and storing of data in a data processing device
US20060129848A1 (en) * 2004-04-08 2006-06-15 Texas Instruments Incorporated Methods, apparatus, and systems for securing SIM (subscriber identity module) personalization and other data on a first processor and secure communication of the SIM data to a second processor
US20070223704A1 (en) * 2006-03-22 2007-09-27 Ernest Brickell Method and apparatus for authenticated, recoverable key distribution with no database secrets

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2406246A (en) * 2003-09-17 2005-03-23 Hewlett Packard Development Co Secure Provision of Image Data
US20060129848A1 (en) * 2004-04-08 2006-06-15 Texas Instruments Incorporated Methods, apparatus, and systems for securing SIM (subscriber identity module) personalization and other data on a first processor and secure communication of the SIM data to a second processor
EP1645931A1 (en) * 2004-10-11 2006-04-12 Telefonaktiebolaget LM Ericsson (publ) Secure loading and storing of data in a data processing device
US20070223704A1 (en) * 2006-03-22 2007-09-27 Ernest Brickell Method and apparatus for authenticated, recoverable key distribution with no database secrets

Also Published As

Publication number Publication date
GB2468086A (en) 2010-08-25
GB2468086B (en) 2012-05-09
GB201010340D0 (en) 2010-08-04
GB0724436D0 (en) 2008-01-30
WO2009077511A3 (en) 2009-08-27

Similar Documents

Publication Publication Date Title
US9940463B2 (en) System and method for secure authentication
US10581841B2 (en) Authenticated network
RU2399087C2 (en) Safe data storage with integrity protection
US7437574B2 (en) Method for processing information in an electronic device, a system, an electronic device and a processing block
CN110401615B (en) Identity authentication method, device, equipment, system and readable storage medium
CN1808966B (en) Safe data processing method and system
US7502930B2 (en) Secure communications
US20030236983A1 (en) Secure data transfer in mobile terminals and methods therefor
KR101393806B1 (en) Multistage physical unclonable function system
US20080025514A1 (en) Systems And Methods For Root Certificate Update
CN113114475B (en) PUF identity authentication system and protocol based on bit self-checking
CN106100823B (en) Password protection device
EP3358492B1 (en) Electronic device with self-protection and anti-cloning capabilities and related method
JP2005253041A (en) System and method for authentication
WO2018047120A1 (en) A system and method for data block modification detection and authentication codes
US9860062B2 (en) Communication arrangement and method for generating a cryptographic key
CN116318671A (en) Offline password generation and verification method
WO2009077511A2 (en) Method of encrypting chip identifier
WO2018114574A1 (en) Method for secure management of secrets in a hierarchical multi-tenant environment
US20040153659A1 (en) Identification module provided with a secure authentication code
KR101373576B1 (en) Des encryption system
Wu et al. Two new message authentication codes based on APN functions and stream ciphers
CN116527240A (en) System and method for flexible post quantum trust provisioning and updating
KR20200098162A (en) Secure implementation of security data of device devices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08861493

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 1010340

Country of ref document: GB

Kind code of ref document: A

Free format text: PCT FILING DATE = 20081215

WWE Wipo information: entry into national phase

Ref document number: 1010340.6

Country of ref document: GB

122 Ep: pct application non-entry in european phase

Ref document number: 08861493

Country of ref document: EP

Kind code of ref document: A2