Secure physically unclonable function (puf) error correction
US-2017295015-A1 · Oct 12, 2017 · US
Repeatable masking of sensitive data
US10177922B1 · US · B1
| Field | Value |
|---|---|
| Publication number | US-10177922-B1 |
| Application number | US-201615077594-A |
| Country | US |
| Kind code | B1 |
| Filing date | Mar 22, 2016 |
| Priority date | Mar 25, 2015 |
| Publication date | Jan 8, 2019 |
| Grant date | Jan 8, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The various technologies presented herein relate to enabling a value generated based upon a physical unclonable function (PUF) response to be available as needed, while also preventing exposure of the PUF to a malicious entity. A masked PUF response can be generated based upon applying a function to a combination of the PUF response and a data file (e.g., a bitstream), and the masked PUF response is forwarded to a requesting entity, rather than the PUF response. Hence, the PUF is masked from any entity requiring access to the PUF. The PUF can be located in a FPGA, wherein the data file is a bitstream pertinent to one or more configurable logic blocks included in the FPGA. A first masked PUF response generated with a first data file can have a different value to a second masked PUF response generated with a second data file.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, comprising: receiving a response value from a physical unclonable function (PUF); receiving a first data file, the first data file comprising first configuration data that is applied to at least one configurable logic block of a field programmable gate array (FPGA); computing a function, wherein the response value and the first data file are inputs to the function, and further wherein the function, when computed with the response value and the first data file, generates a first masked PUF response, wherein the response value cannot be obtained from the first masked PUF response without knowledge of the first data file; outputting the first masked PUF response to a remotely located device, wherein responsive to receiving the first masked PUF response the remotely located device performs a computing operation based upon the first masked PUF response; receiving a second data file, the second data file comprising second configuration data that is applied to at least one configurable logic block of the FPGA; computing the function, wherein the second data file and the response value are inputs to the function, and further wherein the function, when computed with the second data file and the response value, generates a second masked PUF response, wherein the first masked PUF response and the second masked PUF response have different values; and outputting the second masked PUF response to the remotely located device, wherein responsive to receiving the second masked PUF response the remotely located device is unable to perform the computing operation. 2. The method of claim 1 , wherein the response value is received in response to a stimulus applied to the PUF, the stimulus is applied to the PUF in response to a request for the PUF value. 3. The method of claim 1 , wherein the data file is a binary file, a configuration file, a configuration user-logic bitstream, or a bitstream. 4. The method of claim 1 , wherein the PUF is incorporated into an integrated circuit that comprises the field programmable gate array (FPGA). 5. The method of claim 1 , further comprising: comparing the second masked PUF response with the first masked PUF response; and in response to determining that the first masked PUF response and the second masked PUF response have different values, generating an indication that the first masked PUF response and second masked PUF response were generated with different data files. 6. The method of claim 1 , wherein the function comprises a one way hash function. 7. The method of claim 1 , further comprising: receiving a request for the response value to be generated by the PUF, wherein the request is received from the remotely located device. 8. A system comprising: a processor; and memory, wherein the memory comprises instructions that, when executed by the processor, cause the processor to perform acts comprising: obtaining a response from a physical unclonable function (PUF); receiving a first data file, the first data file comprising first configuration data for a configurable logic block of a field programmable gate array (FPGA); and applying a function to the response and the first data file to generate a first masked PUF response, wherein the response cannot be obtained from the first masked PUF response without knowledge of the first data file; outputting the first masked PUF response to a device that is communicatively coupled to the processor, wherein responsive to receiving the first masked PUF response the device that is communicatively coupled to the processor performs a computing operation based upon the first masked PUF response; receiving a second data file, the second data file comprising second configuration data for the configurable logic block of the FPGA; applying the function to the response and the second data file to generate a second masked PUF response; and outputting the second masked PUF response to the device that is communicatively coupled to the processor, wherein responsive to receiving the second masked PUF response the device that is communicatively coupled to the processor is unable to perform the computing operation. 9. The system of claim 8 , wherein the processor, the memory, and the PUF are included in the FPGA. 10. The system of claim 8 , wherein the processor, the memory, and the PUF are included in an application specific integrated circuit (ASIC), the ASIC further comprising the FPGA. 11. The system of claim 8 , wherein the function comprises a one way hash function. 12. The system of claim 8 , wherein the device comprises the FPGA. 13. A computer-readable storage medium comprising instructions that, when executed by a processor, cause the processor to perform acts comprising: receiving a first data file comprising first configuration data for at least one configurable logic block included in a field programmable gate array (FPGA); in response to receiving the first data file, applying a stimulus to a physical unclonable function (PUF); receiving a response value from the PUF; applying a function to the response value and the first data file to generate a first masked PUF response, wherein the response value cannot be obtained from the first masked PUF response without knowledge of the first data file; outputting the first masked PUF response to a device that is communicatively coupled to the processor, wherein responsive to receiving the first masked PUF response the device that is communicatively coupled to the processor performs a computing operation based upon the first masked PUF response; receiving a second data file, the second data file comprising second configuration data for at least one configurable logic block included in the FPGA; generating a second masked PUF response, Wherein the second masked PUP response is response value cannot be obtained from the second masked PUF response without knowledge of the second data file; and outputting the second masked PUF response to the device that is communicatively coupled to the processor, wherein the device that is communicatively coupled to the processor is unable to perform the computing operation based upon the second masked PUF response. 14. The computer-readable storage medium of claim 13 , the acts further comprising: receiving a request for a value of the physical unclonable function (PUF), wherein the request is generated by the device communicatively coupled to the processor. 15. The computer-readable storage medium of claim 13 , wherein the device comprises the FPGA.
Assignees
Inventors
Classifications
including means for verifying the identity or authority of a user of the system {or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials} · CPC title
Test or assess a computer or a system · CPC title
- H04L9/3278Primary
using physically unclonable functions [PUF] · CPC title
Using hardware token as a secondary aspect · CPC title
Dual mode as a secondary aspect · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10177922B1 cover?
- The various technologies presented herein relate to enabling a value generated based upon a physical unclonable function (PUF) response to be available as needed, while also preventing exposure of the PUF to a malicious entity. A masked PUF response can be generated based upon applying a function to a combination of the PUF response and a data file (e.g., a bitstream), and the masked PUF respon…
- Who is the assignee on this patent?
- Nat Tech & Eng Solutions Sandia Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3278. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jan 08 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).