Authenticating a device and a user
US-9158906-B2 · Oct 13, 2015 · US
Device and system with global tamper resistance
US10425235B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10425235-B2 |
| Application number | US-201715613088-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 2, 2017 |
| Priority date | Jun 2, 2017 |
| Publication date | Sep 24, 2019 |
| Grant date | Sep 24, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Various embodiments enhance security and tamper resistance of device or components having a hardware intrinsic identity. For example, devices or components having PUFs can map challenges and helper values to a secret or share of secret to utilize a local identity in cryptographic operations. A plurality of components having individual identities can be extend so that the plurality of components can enroll into a shared global identity. Shares of the global identity can be distributed among the plurality of components or devices such that at least two devices must provide at least two shares of the global identity (or threshold operations on the at least two shares) to successfully use the global identity. Such sharing mitigates adversarial tampering attack on the global identity. Share refresh protocols can provide additional security, enable introduction of new components or devices to the global identity, and allow removal of existing components or devices.
First claim
Opening claim text (preview).
What is claimed is: 1. An authentication system including a plurality of components for jointly executing cryptographic operations based on a shared encoded global identity, the system comprising: at least a first component and a second component having respective hardware intrinsic identity circuits for generating hardware specific outputs, wherein the hardware intrinsic identity circuits are constructed such that physical tampering changes properties of hardware and the hardware specific outputs; and at least one processor configured to: obtain a first plurality of shares associated with a first encoded local identity of the first component using a first hardware intrinsic identity circuit of the first component; recover at least a first and a second share of the encoded global identity based on combining outputs of threshold operations on the first plurality of shares; obtain a second plurality of shares associated with a second encoded local identity of the second component using a second hardware intrinsic identity circuit of the second component; recover at least a third and a fourth share of the encoded global identity based on combining outputs of threshold operations on the second plurality of shares; and enable execution of a cryptographic operation that employs the encoded global identity based on combining outputs of threshold operations on recovered shares of the encoded global identity, wherein the threshold operations obscure the recovered shares of the encoded global identity, and wherein compromise of a threshold number of local identity shares prevents recovery of the encoded global identity. 2. The system of claim 1 , wherein the at least one processor is configured to map challenges and respective helper values to at least some of the first plurality of shares associated with the first encoded local identity of the first component. 3. The system of claim 1 , wherein the at least one processor is configured to map challenges and respective helper values to at least some of the second plurality of shares associated with the second encoded local identity of the second component. 4. The system of claim 1 , wherein only one share of an associated identity is in memory at a time. 5. The system of claim 1 , wherein the first component includes a first processor, and a first communication interface. 6. The system of claim 5 , wherein the second component includes a second processor, and a second communication interface. 7. The system of claim 1 , wherein the at least one processor is configured to enroll at least the first component and the second component into the encoded global identity, and encode respective shares of the encoded global identity based on the first encoded local identity of the first component and the second encoded local identity of the second component. 8. The system of claim 7 , wherein the at least one processor is configured to define, during enrollment, a threshold sharing of the encoded global identity between at least the first component and the second component that requires a minimum of two shares from a minimum of two devices to enable execution of cryptographic operations that employ the encoded global identity. 9. The system of claim 7 , wherein the at least one processor is configured to: during enrollment, define a threshold sharing of the encoded global identity that requires a minimum of two shares from one component to enable cryptographic operations that employ the encoded global identity. 10. A computer implemented method for jointly executing cryptographic operations based on an encoded global identity, the method comprising: obtaining, by at least one processor, a first plurality of shares associated with a first encoded local identity of a first component using a first hardware intrinsic identity circuit of the first component, wherein tampering with the first hardware intrinsic identity circuit changes properties of hardware of the first hardware intrinsic identity circuit; recovering, by the at least one processor, at least a first share and a second share of the encoded global identity based on combining outputs of threshold operations on the first plurality of shares; obtaining, by the at least one processor, a second plurality of shares associated with a second encoded local identity of a second component using a second hardware intrinsic identity circuit of the second component, wherein tampering with the second hardware intrinsic identity circuit changes properties of hardware of the second hardware intrinsic identity circuit; recovering, by the at least one processor, at least a third share and a fourth share of the encoded global identity based on combining outputs of threshold operations on the second plurality of shares; and enabling execution of a cryptographic operation that employs the encoded global identity based on combining outputs of threshold operations on recovered shares of the encoded global identity, wherein the threshold operations obscure the recovered shares of the encoded global identity, and wherein compromise of a threshold number of local identity shares prevents recovery of the encoded global identity. 11. The method of claim 10 , further comprising mapping, by the at least one processor, challenges and respective helper values to the first plurality of shares associated with the first encoded local identity of the first component. 12. The method of claim 10 , further comprising mapping, by the at least one processor, challenges and respective helper values to the second plurality of shares associated with the second encoded local identity of the second component. 13. The method of claim 10 , wherein only one share of an associated identity is in memory at a time. 14. The method of claim 10 , wherein the first component includes the first hardware intrinsic identity circuit, a first processor, and a first communication interface, and an act of combining outputs of threshold operations on the first plurality of shares is executed on the first processor. 15. The method of claim 14 , wherein the second component includes the second hardware intrinsic identity circuit, a second processor, and a second communication interface, and an act of combining, outputs of threshold operations on the second plurality of shares is executed on the second processor. 16. The method of claim 10 , further comprising: enrolling, by the at least one processor, at least the first component and the second component into the encoded global identity; and encoding, by the at least one processor, respective shares of the encoded global identity based on the first encoded local identity of the first component and the second encoded local identity of the second component. 17. The method of claim 16 , wherein the act of enrolling includes defining, by the at least one processor, a threshold sharing of the encoded global identity between at least the first component and the second component to require a minimum of two shares from a minimum of two devices to enable cryptographic operations that employ the encoded global identity. 18. The method of claim 17 , wherein the act of enrolling includes defining, by the at least one processor, a threshold sharing of the encoded global identity to require a minimum of two shares from one component to enable cryptographic operations that employ the encoded global identity. 19. An authentication device including a plurality of components for jointly executing cryptographic operations based on an encoded global identity, the system comprising
Assignees
Inventors
Classifications
Countermeasures against attacks on cryptographic mechanisms (network architectures or network communication protocols for protection against malicious traffic H04L63/1441) · CPC title
- H04L9/3278Primary
using physically unclonable functions [PUF] · CPC title
in cryptographic circuits · CPC title
Details relating to cryptographic hardware or logic circuitry · CPC title
Secret sharing or secret splitting, e.g. threshold schemes · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10425235B2 cover?
- Various embodiments enhance security and tamper resistance of device or components having a hardware intrinsic identity. For example, devices or components having PUFs can map challenges and helper values to a secret or share of secret to utilize a local identity in cryptographic operations. A plurality of components having individual identities can be extend so that the plurality of components…
- Who is the assignee on this patent?
- Analog Devices Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3278. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Sep 24 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).