公开(公告)号：US20230187371A1

公开(公告)日：2023-06-15

申请号：US17550457

申请日：2021-12-14

Applicant: Intel Corporation

Inventor： Rachael J. Parker ,  David Johnston ,  Georgios Dogiamis

IPC: H01L23/544 ,  H01L23/498 ,  H04L9/32

CPC classification number: H01L23/544 ,  H01L23/49838 ,  H04L9/3278 ,  H01L2223/54413

Abstract: A microelectronic assembly is provided, comprising: a first plurality of integrated circuit (IC) dies in a first level, each one of the first plurality of IC dies having respective first physical unclonable function (PUF) circuits; a second IC die having a second PUF circuit and a security circuit; a second plurality of IC dies in a second level, the second level not coplanar with the first level, the first level and the second level being coupled with interconnects having a pitch of less than 10 micrometers between adjacent ones of the interconnects; and conductive pathways between the first plurality of IC dies and the second IC die for communication between the first PUF circuits and the second PUF circuit, the conductive pathways comprising a portion of the interconnects.

公开(公告)号：US20220253525A1

公开(公告)日：2022-08-11

申请号：US17728907

申请日：2022-04-25

Applicant: Intel Corporation

Inventor： Kuan-Yueh Shen ,  David Johnston ,  Rachael J. Parker ,  Javier Dacuna Santos

IPC: G06F21/55 ,  G06F7/58 ,  G06F11/10 ,  G06F21/00 ,  H04L9/08 ,  H04L9/32

Abstract: The disclosure generally provides methods, systems and apparatus for an improved a Physically Unclonable Function (PUF). In one embodiment, the disclosure relates to a method to provide data from a Physically Unclonable Function (PUF) circuit array. The method includes storing a plurality of first data bits into a respective ones of a plurality of first bitcells of the PUF array to form a first dataset; storing a plurality of second data bits into a respective ones of a plurality of second bitcells of the PUF array, the plurality of second data bits defining a helper dataset; reading the first dataset from the plurality of first bitcells to provide a fist read dataset; applying an error correction factor to the first read data dataset to form a security key dataset; and outputting the security key dataset from the PUF circuit array.

公开(公告)号：US20190058578A1

公开(公告)日：2019-02-21

申请号：US15679266

申请日：2017-08-17

Applicant: Intel Corporation

Inventor： David Johnston

IPC: H04L9/06 ,  H04L29/06 ,  G06F11/22

Abstract: Systems, apparatuses and methods may provide for technology that receives entropy data from an entropy source, determines a measurement of a serial correlation of values of bits of the entropy data, and determines, based upon the measurement of the serial correlation, if the entropy data is suitable as a basis for an encryption operation to be performed on data.

公开(公告)号：US20210286594A1

公开(公告)日：2021-09-16

申请号：US16849103

申请日：2020-04-15

Applicant: Intel Corporation

Inventor： Yee Hui Lee ,  Boon Hong Oh ,  David Johnston ,  David Wheeler

IPC: G06F7/58 ,  G06F15/78

Abstract: The disclosure relates to systems, methods and devices to provide race-condition true random number generator (TRNG) for soft intellectual property (IP) in field-programmable gate arrays (FPGAs). In an exemplary embodiment, a pair of long adder chains are raced against one another to complete a full cycle. Due to variances in the silicon, different chains will win each race at different times and thereby produce entropy. A calibration circuit can be used to set up the adder chains in an appropriate initial state to maximize the entropy produced. This structure has been found to be robust to layout changes, and the use of two such adder-chain-pairs reduces interference from other structures. Among others, the soft IP makes adding a robust TRNG to an FPGA much easier without concerns for how the structures are laid out or what other IP is nearby in the layout. The disclosed embodiments reduces the effort to add a TRNG to an FPGA design and improves the robustness of the TRNG making the design FIPS certifiable.

公开(公告)号：US09928036B2

公开(公告)日：2018-03-27

申请号：US14865009

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： Sanu K. Mathew ,  David Johnston ,  Sudhir K. Satpathy

IPC: G06F7/58

CPC classification number: G06F7/588 ,  G06F7/483 ,  G06F2207/58 ,  H04L9/0637 ,  H04L9/0869

Abstract: A processor includes an execution unit to generate a random number. The execution unit includes entropy source circuits, correlation circuits, and an extractor circuit. The entropy source circuits include all-digital components and are to generate an initial randomized bit stream. The correlation circuits are to remove correlations from the initial randomized bit stream to yield an intermediate randomized bit stream. The extractor circuit is to select a subset of the intermediate randomized bit stream as a random output of the execution unit.

公开(公告)号：US09390291B2

公开(公告)日：2016-07-12

申请号：US13730829

申请日：2012-12-29

Applicant: Intel Corporation

Inventor： George W. Cox ,  David Johnston ,  Jiangtao Li ,  Anand Rajan

IPC: G06F21/72 ,  G06F21/73 ,  H04L9/08 ,  G09C1/00

CPC classification number: G06F21/72 ,  G06F21/52 ,  G06F21/73 ,  G09C1/00 ,  H04L9/0866 ,  H04L2209/12

Abstract: A processor of an aspect includes root key generation logic to generate a root key. The root key generation logic includes a source of static and entropic bits. The processor also includes key derivation logic coupled with the root key generation logic. The key derivation logic is to derive one or more keys from the root key. The processor also includes cryptographic primitive logic coupled with the root key generation logic. The cryptographic primitive logic is to perform cryptographic operations. The processor also includes a security boundary containing the root key generation logic, the key derivation logic, and the cryptographic primitive logic. Other processors, methods, and systems are also disclosed.

Abstract translation: 一方面的处理器包括生成根密钥的根密钥生成逻辑。 根密钥生成逻辑包括静态和熵位的源。 处理器还包括与根密钥生成逻辑耦合的密钥导出逻辑。 密钥推导逻辑是从根密钥导出一个或多个密钥。 处理器还包括与根密钥生成逻辑耦合的加密原语逻辑。 加密原语逻辑是执行加密操作。 处理器还包括包含根密钥生成逻辑，密钥导出逻辑和密码原语逻辑的安全边界。 还公开了其他处理器，方法和系统。

公开(公告)号：US20210398909A1

公开(公告)日：2021-12-23

申请号：US16905202

申请日：2020-06-18

Applicant: Intel Corporation

Inventor： Georgios Dogiamis ,  Feras Eid ,  Adel Elsherbini ,  David Johnston ,  Jyothi Bhaskarr Velamala ,  Rachael Parker

IPC: H01L23/544 ,  H01L23/00 ,  H01L23/498 ,  H04L9/32

Abstract: Techniques and mechanisms for providing physically unclonable function (PUF) circuitry at a substrate which supports coupling to an integrated circuit (IC) chip. In an embodiment, the substrate comprises an array of electrodes which extend in a level of metallization at a side of the insulator layer. A cap layer, disposed on the array, is in contact with the electrodes and with a portion of the insulator layer which is between the electrodes. A material of the cap layer has a different composition or microstructure than the metallization. Regions of the cap layer variously provide respective impedances each between a corresponding two electrodes. In other embodiments, the substrate includes (or couples to) integrated circuitry that is operable to determine security information based on the detection of one or more such impedances.

公开(公告)号：US10204532B2

公开(公告)日：2019-02-12

申请号：US14865358

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： Ammon J. Christiansen ,  David Johnston

IPC: H04L9/06 ,  G09C1/00 ,  G06F21/60

Abstract: This disclosure is directed to a multiple input cryptographic engine. In general, an cryptographic engine consistent with the present disclosure may improve on existing systems that generate encrypted data (e.g., ciphertext) from decrypted input data (e.g., plaintext), or that conversely generate decrypted data from encrypted data, in that a second input may be received into the cryptographic engine while a first input is still being processed, allowing multiple inputs to be processed concurrently. An example device may include an input interface to receive data into the device, an output interface to output data from the device and cryptographic circuitry. The cryptographic circuitry may be configured encrypt/decrypt data received via the input interface into encrypted/decrypted data while also converting a least a portion of a second input received via the input interface into second encrypted/decrypted data. The encrypted/decrypted data may then be output via the output interface.

公开(公告)号：US09467430B2

公开(公告)日：2016-10-11

申请号：US14618757

申请日：2015-02-10

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  David Johnston ,  George W. Cox ,  Adi Shaliv

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32

CPC classification number: H04L63/061 ,  H04L9/0822 ,  H04L9/0866 ,  H04L9/3231 ,  H04L63/0861 ,  H04L2209/127

Abstract: A method and device for securely provisioning trust anchors includes generating a database wrapper key as a function of computing device hardware. The database wrapper key encrypts a key database when it is not in use by a trusted execution environment and may be generated using a Physical Unclonable Function (PUF). A local computing device establishes a secure connection and security protocols with a remote computing device. In establishing the secure connection, the local computing device and remote computing device may exchange and/or authenticate cryptographic keys, including Enhanced Privacy Identification (EPID) keys, and establish a session key and device identifier(s). One or more trust anchors are then provisioned depending on whether unilateral, bilateral, or multilateral trust is established. The local computing device may act as a group or domain controller in establishing multilateral trust. Any of the devices may also require user presence to be verified.

公开(公告)号：US08928347B2

公开(公告)日：2015-01-06

申请号：US13631634

申请日：2012-09-28

Applicant: Intel Corporation

Inventor： Kevin C. Gotze ,  Gregory M. Iovino ,  Jiangtao Li ,  David Johnston ,  Sanu K. Mathew ,  George W. Cox ,  Anand Rajan

IPC: H03K19/00 ,  H03K19/003

CPC classification number: H03K19/003 ,  G09C1/00 ,  H04L9/0866 ,  H04L2209/12

Abstract: An integrated circuit substrate of an aspect includes a plurality of exposed electrical contacts. The integrated circuit substrate also includes an inaccessible set of Physically Unclonable Function (PUF) cells to generate an inaccessible set of PUF bits that are not accessible through the exposed electrical contacts. The integrated circuit substrate also includes an accessible set of PUF cells to generate an accessible set of PUF bits that are accessible through the exposed electrical contacts. Other apparatus, methods, and systems are also disclosed.

Abstract translation: 一方面的集成电路基板包括多个暴露的电触点。 集成电路基板还包括不可接近的物理不可克隆功能（PUF）单元组，以生成不能通过暴露的电触点访问的不可访问的PUF位集合。 集成电路基板还包括可访问的PUF单元组，以产生可通过暴露的电触点访问的可访问的PUF位组。 还公开了其他装置，方法和系统。