PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Lin, Wen-Ching
Abstract
A numerical conversion method for a public key cryptography system includes accumulating a first value by using a first modular addition loop according to the first value for generating a second value after a first predetermined loop count is reached, accumulating the second value by using a second modular addition loop according to the second value for generating a third value after a second predetermined loop count is reached, inputting the third value to a Montgomery modular exponentiation function for generating a Montgomery conversion parameter, and converting a first conversion value in an integer domain into a second conversion value in a Montgomery domain.
G06F 7/72 - Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations using residue arithmetic
2.
ENTROPY SOURCE CIRCUIT AND ENTROPY VALUE GENERATION METHOD
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Shao, Chi-Yi
Chuang, Kai-Hsin
Wu, Meng-Yi
Abstract
An entropy source circuit, comprising: a first adjustable ring oscillator for operating under a first setting or a second setting according to a first control signal, for respectively generating a first oscillation clock signal and a second oscillation clock signal which have different frequencies under the first setting and the second setting; a first sampling circuit, for sampling the first oscillating clock signal according to the sampling frequency to generate first sampling values, or sampling the second oscillating clock signal according to the sampling frequency to generate second sampling values; a first detection circuit detecting a first distribution of the first sampling values; and a control circuit generating the first control signal to switch the first setting to the second setting when the first distribution does not meet a predetermined distribution. The entropy source circuit outputs entropy values according to the first sample value or the second sample value.
H03K 17/687 - Electronic switching or gating, i.e. not by contact-making and -breaking characterised by the use of specified components by the use, as active elements, of semiconductor devices the devices being field-effect transistors
H03K 19/21 - EXCLUSIVE-OR circuits, i.e. giving output if input signal exists at only one input; COINCIDENCE circuits, i.e. giving output only if all input signals are identical
3.
METHOD FOR GENERATING RANDOM NUMBER FOR GAMING BASED ON BLOCKCHAIN NETWORK AND GAMING SYSTEM
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Chuang, Kai-Hsin
Wang, Yu-Hsin
Abstract
A method for generating random numbers for gaming based on a blockchain network is provided, which includes generating and broadcasting a random number request packet to the blockchain network by a game server of the blockchain network in response to occurrence of a random event in gaming, generating a plurality of random numbers by a plurality of random number supplier nodes of the blockchain network in response to receiving the random number request packet, determining if the respective generated random number conforms to a selection criterion by the plurality of random number supplier nodes, adding an added block corresponding to a first valid random number to the blockchain network by one of the random number supplier nodes and obtaining a target random number corresponding to the added block by the game server.
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
You, Chun-Heng
Chuang, Kai-Hsin
Shao, Chi-Yi
Abstract
An entropy source circuit is provided. The entropy source circuit includes a digital circuit, a determination circuit and a time-to-digital converter (TDC), wherein the determination circuit is coupled to the digital circuit, and the TDC is coupled to the determination circuit. The digital circuit is configured to generate result data at a second time point according to input data received at a first time point, and the determination circuit is configured to perform determination on reference data with dynamic output generated by the digital circuit, to generate a determination result, wherein the reference data is equal to the result data. In addition, the TDC is configured to perform a time-to-digital conversion on a delay of the digital circuit for generating the result data according to the input data with aid of the determination signal, in order to generate entropy data corresponding to the delay.
H03K 3/84 - Generating pulses having a predetermined statistical distribution of a parameter, e.g. random pulse generators
G04F 10/00 - Apparatus for measuring unknown time intervals by electric means
H03K 19/21 - EXCLUSIVE-OR circuits, i.e. giving output if input signal exists at only one input; COINCIDENCE circuits, i.e. giving output only if all input signals are identical
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Wu, Meng-Yi
Shao, Chi-Yi
Yang, Ching-Sung
Abstract
An entropy generator includes a physically unclonable function, a dynamic entropy source and an entropy enhancement engine. The physically unclonable function is used to provide a truly random static entropy. The dynamic entropy source is used to generate a dynamic entropy. The entropy enhancement engine is coupled to the physically unclonable function and the dynamic entropy source, and is used to generate an enhanced entropy according to the truly random static entropy and the dynamic entropy. The expected hamming distance is an expected value of a hamming distance between a truly random static entropy and another truly random static entropy provided by a physically unclonable function (PUF).
G06F 7/58 - Random or pseudo-random number generators
H03M 13/15 - Cyclic codes, i.e. cyclic shifts of codewords produce other codewords, e.g. codes defined by a generator polynomial, Bose-Chaudhuri-Hocquenghem [BCH] codes
6.
ELECTRONIC DEVICE AND METHOD FOR PERFORMING PERMISSION MANAGEMENT OF STORAGE DEVICE
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Wu, Meng-Yi
Wu, Chia-Cho
Yang, Ching-Sung
Abstract
An electronic device and a method for performing permission management of a storage device are provided. The storage device includes multiple storage blocks. The electronic device includes a controller and multiple dedicated interfaces, wherein the multiple dedicated interfaces are coupled to multiple ports of the controller. The controller is configured to perform access control of the storage device. The multiple dedicated interfaces correspond to the multiple storage blocks, and each dedicated interface of the multiple dedicated interfaces is configured to provide a dedicated channel for accessing one of the multiple storage blocks corresponding to said each dedicated interface via the controller.
G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Chuang, Kai-Hsin
Shao, Chi-Yi
You, Chun-Heng
Abstract
A key storage device comprising a first key unit and a second key unit is disclosed. The first key unit is configured to output a first logic value through, comprising: a first setting circuit configured to output a first setting voltage; and a first inverter comprising a first output transistor having a first threshold voltage, configured to receive the first setting voltage and generate the first logic value. The second key unit is configured to output a second logic value through a second node, comprising: a second setting circuit configured to output a second setting voltage; and a second inverter comprising a second output transistor having a second threshold voltage, configured to receive the second setting voltage and generate the second logic value. The absolute value of first threshold voltage is lower than which of the second threshold voltage. The first setting voltage is higher than the second setting voltage.
G11C 11/4078 - Safety or protection circuits, e.g. for preventing inadvertent or unauthorised reading or writing; Status cells; Test cells
G11C 7/24 - Memory cell safety or protection circuits, e.g. arrangements for preventing inadvertent reading or writing; Status cells; Test cells
G11C 11/412 - Digital stores characterised by the use of particular electric or magnetic storage elements; Storage elements therefor using electric elements using semiconductor devices using transistors forming cells with positive feedback, i.e. cells not needing refreshing or charge regeneration, e.g. bistable multivibrator or Schmitt trigger using field-effect transistors only
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
You, Chun-Heng
Shao, Chi-Yi
Chuang, Kai-Hsin
Wu, Meng-Yi
Abstract
A random number generator and a random number generating method are provided. The random number generator includes a first stage generator and a second stage generator. The first stage generator outputs a first random number and a second random number at a first time point and a second time point, respectively. The second stage generator generates a final output at least according to the first random number. More particularly, the second stage generator includes a reseed circuit for generating a reseed signal, to control whether to generate the final output according to the second random number. In addition, when the second stage generator generates the final output at a current data cycle without using the second random number, the first stage generator holds the second random number for generating the final output at a next data cycle.
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Chuang, Kai-Hsin
Abstract
A method and a control circuit for managing information of an electronic device are provided, where the electronic device includes the control chip. The method includes: utilizing a static entropy source of the control circuit to provide static entropy data; utilizing a cryptographic circuit of the control circuit to generate a public key and a private key according to the static entropy data, where the public key is to be registered into a blockchain by an identifier (ID) management device; and utilizing a signature generating circuit to generate a digital signature at least according to the private key, where the information of the electronic device is to be uploaded to the blockchain in conjunction with the digital signature.
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Liu, Yung-Hsiang
Wu, Meng-Yi
Yang, Ching-Sung
Abstract
A method of operating the physically unclonable function (PUF)-based key management system includes upon receiving a key generation request including a parameter, a load balancer dispatching a key generation request including a parameter from an external device according to workloads of a plurality of key management components (KMCs). A KMC having minimum workload among the plurality of KMCs is designated as the key-generation KMC and the key generation request is dispatched thereto, and remaining KMCs of the plurality of KMCs are designated as backup KMCs. The method further includes the key-generation KMC generating a key according to the parameter and a first PUF sequence, transmitting the key and an identifier associated therewith to the backup KMC via a backup channel, and the backup KMC generating a wrapped key according to the key and a second PUF sequence.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
11.
Method and secure boot control circuit for controlling secure boot of electronic device and method for controlling enrollment of electronic device
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Wu, Meng-Yi
Wu, Chia-Cho
Yang, Ching-Sung
Abstract
A method and a secure boot control circuit for controlling a secure boot of an electronic device. The method is applicable to the secure boot control circuit, and the electronic device includes the secure boot control circuit. The method includes: checking randomness of an output of an entropy source of the secure boot control circuit to generate a check result; utilizing the entropy source to provide a random number sequence; generating a reference code according to the random number sequence; comparing the reference code with an activation code stored in the secure boot control circuit to generate a comparison result; and determining whether to enable at least one function of the electronic device according to at least one of the check result and the comparison result.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
12.
Built-in self-test circuit and built-in self-test method for physical unclonable function quality check
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Shao, Chi-Yi
Chuang, Kai-Hsin
You, Jun-Heng
Wu, Meng-Yi
Abstract
A built-in self-test (BIST) circuit and a BIST method for Physical Unclonable Function (PUF) quality check are provided. The BIST circuit may include a PUF array, a readout circuit coupled to the PUF array, and a first comparing circuit coupled to the readout circuit. The PUF array may include a plurality of PUF units, wherein each of the PUF units includes a first cell and a second cell. The readout circuit may be configured to output an output bit from the first cell and output a parity bit from the second cell. The first comparing circuit may be configured to compare an output string with a parity string to generate a parity check result, wherein the output string includes output bits respectively read from selected PUF units of the PUF units, and the parity string includes parity bits read from the selected PUF units.
G06F 11/10 - Adding special bits or symbols to the coded information, e.g. parity check, casting out nines or elevens
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
13.
Method for controlling device activation and associated electronic device
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Chen, Yung-Chih
Wu, Chia-Cho
Abstract
A method for controlling device activation and an associated electronic device are provided. The method includes: utilizing a static entropy source of the electronic device to provide a static entropy; utilizing a first message authentication code (MAC) operator of the electronic device to execute a predetermined algorithm for generating a reference code according to the static entropy and an embedded key of the electronic device; receiving an activation code from outside of the electronic device; utilizing a comparing circuit to compare the activation code with the reference code for generating a comparison result; and determining whether to activate at least one functional circuit of the electronic device according to the comparison result.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
14.
Device and Method of Handling a Modular Multiplication
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Lin, Wen-Ching
Abstract
A modular operation device for handling a modular multiplication, comprises a controller, configured to divide a multiplicand into a plurality of multiplicand words, a multiplier into a plurality of multiplier words, and a modulus into a plurality of modulus words; a first plurality of processing elements, coupled to the controller, configured to compute a first plurality of updated carry results and a first plurality of updated sum results; a second plurality of processing elements, coupled to the controller, configured to compute a second plurality of updated carry results and a second plurality of updated sum results; and a reduction element, coupled to the controller, configured to compute a resulting remainder according to the second plurality of updated carry results and the second plurality of updated sum results.
G06F 7/72 - Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations using residue arithmetic
G06F 7/505 - Adding; Subtracting in bit-parallel fashion, i.e. having a different digit-handling circuit for each denomination
G06F 5/01 - Methods or arrangements for data conversion without changing the order or content of the data handled for shifting, e.g. justifying, scaling, normalising
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Lin, Wen-Ching
Abstract
A modular operation circuit includes a controller, a modular multiplier and a modular adder. The controller divides a first number into K segments. The modular multiplier performs modular multiplication operations and the modular adder performs modular addition operations to the K segments in (K−1) iterations for deriving a remainder of a division of the first number by a second number.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
16.
Electronic device capable of protecting confidential data
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Wu, Chia-Cho
Abstract
An electronic device includes a first non-volatile memory and an application circuit. The first non-volatile memory stores first encrypted data encrypted with a global key. The application circuit includes a second non-volatile memory, a decryption unit, a local key unit, and an encryption unit. The second non-volatile memory stores the global key. The decryption unit is coupled to the first non-volatile memory and the second non-volatile memory. The decryption unit retrieves the global key from the second non-volatile memory and decrypts the first encrypted data with the global key to generate plain data. The local key unit generates or stores a local key. The encryption unit is coupled to the local key unit. The encryption unit encrypts the plain data with the local key to generate second encrypted data and overwrites the first encrypted data in the first non-volatile memory with the second encrypted data.
G06F 3/06 - Digital input from, or digital output to, record carriers
G11B 20/00 - Signal processing not specific to the method of recording or reproducing; Circuits therefor
G06F 21/78 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 21/79 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Yu, Chun-Yuan
Liu, Yung-Hsiang
Chuang, Kai-Hsin
Abstract
A Physical Unclonable Function (PUF) based true random number generator (TRNG), a method for generating true random numbers, and an associated electronic device are provided. The PUF based TRNG may include a first obfuscation circuit, a cryptography circuit coupled to the first obfuscation circuit, and a second obfuscation circuit coupled to the cryptography circuit. The first obfuscation circuit obtains a first PUF value from a PUF pool of the electronic device, and performs a first obfuscation function on a preliminary seed based on the first PUF value to generate a final seed. The cryptography circuit utilizes the final seed as a key of a cryptography function to generate preliminary random numbers. The second obfuscation circuit obtains a second PUF value from the PUF pool, and performs a second obfuscation function on the preliminary random numbers based on the second PUF value to generate final random numbers.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Yang, Ching-Sung
Wu, Meng-Yi
Wu, Chia-Cho
Abstract
A memory device includes a physically unclonable function (PUF) unit, a controller and a memory array. The PUF unit is used to provide a random bit pool. The controller is coupled to the PUF unit and is used to extract a random bit sequence from the random bit pool. The controller includes a masking engine. The masking engine is used to perform a key derivation function to stretch the extracted random bit sequence and to mask an input signal. The memory array is coupled to the masking engine and is used to store according to the masked input signal.
G06F 3/06 - Digital input from, or digital output to, record carriers
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Wu, Meng-Yi
Yang, Ching-Sung
Abstract
An encryption key generating engine includes a random number pool, an entangling string generator, and a control circuit. The random number pool stores a plurality of random bits, and values of the plurality of random bits are generated randomly. The entangling string generator provides an entangling string according to an input key. The control circuit is coupled to the random number pool and the entangling string generator. The control circuit retrieves a sequence of random bits from the plurality of random bits stored in the random number pool according to the input key, receive the entangling string from the entangling string generator, and entangle the entangling string with the sequence of random bits to generate a secret key.
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 7/58 - Random or pseudo-random number generators
20.
Random number generator and method of generating output random number
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Wu, Meng-Yi
Shao, Chi-Yi
Yang, Ching-Sung
Abstract
A random number generator includes a static random number generator, a dynamic entropy source, a counter and a combining circuit. The static random number generator includes an initial random number pool and a static random number pool to output a static random number sequence from one thereof the initial random number pool and the static random number pool. The dynamic entropy source is used to generate a dynamic entropy bit. The counter is used to generate a dynamic random number sequence according to the dynamic entropy bit. The combining circuit is used to output a true random number sequence to a lively random number pool according to the static random number sequence and the dynamic random number sequence. The static random number pool is updated when the lively random number pool is fully updated.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 7/58 - Random or pseudo-random number generators
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
PUFsecurity Corporation (Taiwan, Province of China)
Inventor
Wu, Chia-Cho
Abstract
An electronic system includes a first circuit and a second circuit. The first circuit includes a first activation unit and a first functional unit. The first activation unit receives a first challenge string, generates a first response string according to the first challenge string and a first key, and outputs the first response string. The first functional unit performs first designated function. The second circuit includes a second activation unit and a second functional unit. The second activation unit sends the first challenge string to the first circuit during a first activation operation, and determines whether the first activation operation passes certification or not according to the first challenge string, the first response string and the first key. The second functional unit performs second designated function when the first activation operation is determined to have passed the certification.
G06F 7/04 - Identity comparison, i.e. for like or unlike values
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 9/30 - Arrangements for executing machine instructions, e.g. instruction decode
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs