Non-volatile memory with physical unclonable function and random number generator
US-10855477-B2 · Dec 1, 2020 · US
Protection against differential power analysis attacks involving initialization vectors
US11582021B1 · US · B1
| Field | Value |
|---|---|
| Publication number | US-11582021-B1 |
| Application number | US-201916690097-A |
| Country | US |
| Kind code | B1 |
| Filing date | Nov 20, 2019 |
| Priority date | Nov 20, 2019 |
| Publication date | Feb 14, 2023 |
| Grant date | Feb 14, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Disclosed approaches for validating initialization vectors determining by a configuration control circuit whether or not an input initialization vector is within a range of valid initialization vectors. In response to determining that the initialization vector is within the range of valid initialization vectors, the configuration control circuit decrypts the ciphertext into plaintext using the input initialization vector and configures a memory circuit with the plaintext. In response to determining that the first initialization vector is outside the range of valid initialization vectors, the configuration control circuit signals that the first initialization vector is invalid.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: inputting a first initialization vector and associated ciphertext to a configuration control circuit; determining by the configuration control circuit whether or not the first initialization vector is within a range of a plurality of valid initialization vectors; decrypting the ciphertext into first plaintext by the configuration control circuit using the first initialization vector in response to determining that the first initialization vector is within the range of the plurality of valid initialization vectors; configuring a memory circuit with the first plaintext after the decrypting; signaling that the first initialization vector is invalid by the configuration control circuit in response to determining that the first initialization vector is outside the range of the plurality of valid initialization vectors; inputting a second initialization vector and associated ciphertext; determining by the configuration control circuit whether or not the second initialization vector is within the range of the plurality of valid initialization vectors; decrypting the ciphertext associated with the second initialization vector into second plaintext by the configuration control circuit using the second initialization vector in response to determining that the second initialization vector is within the range of the plurality of valid initialization vectors. 2. The method of claim 1 , further comprising: configuring a memory circuit with the second plaintext after the decrypting; and signaling that the second initialization vector is invalid by the configuration control circuit in response to determining that the second initialization vector is outside the range of the plurality of valid initialization vectors. 3. The method of claim 1 , wherein the determining includes inputting a value specified by states of a plurality of one-time programmable storage circuits that specify the range of the plurality of valid initialization vectors. 4. The method of claim 3 , wherein: a first subset of the plurality of one-time programmable storage circuits specify a pattern, and a second subset of the plurality of one-time programmable storage circuits specify a threshold; and the determining includes: comparing a first portion of the first initialization vector to the first subset of the plurality of one-time programmable storage circuits, comparing a second portion of the first initialization vector to the second subset of the plurality of one-time programmable storage circuits, and determining that the first initialization vector is within the range of the plurality of valid initialization vectors in response to: the first portion of the first initialization vector matching the first subset of the plurality of one-time programmable storage circuits and, a value of the second portion of the first initialization vector being greater than or equal to a value of the second subset of the plurality of one-time programmable storage circuits. 5. The method of claim 4 , further comprising changing the pattern to another pattern by changing state of one or more of the first subset of the plurality of one-time programmable storage circuits, rendering invalid all previously valid initialization vectors. 6. The method of claim 4 , further comprising changing the threshold to another threshold by changing state of one or more of the second subset of the plurality of one-time programmable storage circuits, reducing a number of previously valid initialization vectors. 7. The method of claim 1 , wherein: a first subset of a plurality of bits specify a pattern, and a second subset of the plurality of bits specify a threshold; and the determining includes: comparing a first portion of the first initialization vector to the first subset of the plurality of bits, comparing a second portion of the first initialization vector to the second subset of the plurality of bits, and determining that the first initialization vector is within the range of the plurality of valid initialization vectors in response to: the first portion of the first initialization vector matching the first subset of the plurality of bits and, a value of the second portion of the first initialization vector being greater than or equal to a value of the second subset of the plurality of bits. 8. The method of claim 1 , wherein the configuring includes storing the first plaintext in configuration memory of programmable logic circuitry. 9. The method of claim 1 , wherein the configuring includes storing the first plaintext as program code that is executable by a processor of a system-on-chip. 10. A circuit arrangement comprising: storage circuitry configured to store an initialization control vector that specifies a range of a plurality of valid initialization vectors; a memory circuit; a configuration control circuit coupled to the storage circuitry and to the memory circuit, the configuration control circuit configured to: input a first initialization vector and associated ciphertext; determine whether or not the first initialization vector is within the range of the plurality of valid initialization vectors; decrypt the ciphertext into first plaintext using the first initialization vector in response to determining that the first initialization vector is within the range of the plurality of valid initialization vectors; store the first plaintext in the memory circuit; and signal that the first initialization vector is invalid in response to determining that the first initialization vector is outside the range of the plurality of valid initialization vectors; input a second initialization vector and associated ciphertext; determining by the configuration control circuit whether or not the second initialization vector is within the range of the plurality of valid initialization vectors; decrypt the ciphertext associated with the second initialization vector into second plaintext by the configuration control circuit using the second initialization vector in response to determining that the second initialization vector is within the range of the plurality of valid initialization vectors. 11. The circuit arrangement of claim 10 , wherein the configuration control circuit is configured to: configure a memory circuit with the second plaintext after the decrypting; and signal that the second initialization vector is invalid by the configuration control circuit in response to determining that the second initialization vector is outside the range of the plurality of valid initialization vectors. 12. The circuit arrangement of claim 10 , wherein: the storage circuitry includes a plurality of one-time programmable storage circuits; and wherein the configuration control circuit is configured to input a value represented by states of the plurality of one-time programmable storage circuits and indicating the range of the plurality of valid initialization vectors. 13. The circuit arrangement of claim 12 , wherein: a first subset of the plurality of one-time programmable storage circuits specify a pattern, and a second subset of the plurality of one-time programmable storage circuits specify a threshold; and the configuration control circuit is configured to: compare a first portion of the first initialization vector to the first subset of the plurality of one-time programmable storage circuits, compare a second portion of the first initialization vector to the second subset of the plurality of one-time programmable storage circuits, and determine that the first initialization vector is within the range of the plurality of valid initialization vectors in re
Assignees
Inventors
Classifications
for security · CPC title
Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM] · CPC title
- H04L9/003Primary
for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA] · CPC title
Write once memory, i.e. allowing changing of memory content by writing additional bits · CPC title
using electrically-fusible links · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11582021B1 cover?
- Disclosed approaches for validating initialization vectors determining by a configuration control circuit whether or not an input initialization vector is within a range of valid initialization vectors. In response to determining that the initialization vector is within the range of valid initialization vectors, the configuration control circuit decrypts the ciphertext into plaintext using the …
- Who is the assignee on this patent?
- Xilinx Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/003. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 14 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).