Hardware device binding and mutual authentication
Abstract
Detection and deterrence of device tampering and subversion by substitution may be achieved by including a cryptographic unit within a computing device for binding multiple hardware devices and mutually authenticating the devices. The cryptographic unit includes a physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generates a binding PUF value. The cryptographic unit uses the binding PUF value during an enrollment phase and subsequent authentication phases. During a subsequent authentication phase, the cryptographic unit uses the binding PUF values of the multiple hardware devices to generate a challenge to send to the other device, and to verify a challenge received from the other device to mutually authenticate the hardware devices.
- Inventors:
- Issue Date:
- Research Org.:
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1126879
- Patent Number(s):
- 8667265
- Application Number:
- 12/908,131
- Assignee:
- Sandia Corporation (Albuquerque, NM)
- Patent Classifications (CPCs):
-
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- DOE Contract Number:
- AC04-94AL85000
- Resource Type:
- Patent
- Resource Relation:
- Patent File Date: 2010 Oct 20
- Country of Publication:
- United States
- Language:
- English
- Subject:
- 97 MATHEMATICS AND COMPUTING
Citation Formats
Hamlet, Jason R, and Pierson, Lyndon G. Hardware device binding and mutual authentication. United States: N. p., 2014.
Web.
Hamlet, Jason R, & Pierson, Lyndon G. Hardware device binding and mutual authentication. United States.
Hamlet, Jason R, and Pierson, Lyndon G. Tue .
"Hardware device binding and mutual authentication". United States. https://www.osti.gov/servlets/purl/1126879.
@article{osti_1126879,
title = {Hardware device binding and mutual authentication},
author = {Hamlet, Jason R and Pierson, Lyndon G},
abstractNote = {Detection and deterrence of device tampering and subversion by substitution may be achieved by including a cryptographic unit within a computing device for binding multiple hardware devices and mutually authenticating the devices. The cryptographic unit includes a physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generates a binding PUF value. The cryptographic unit uses the binding PUF value during an enrollment phase and subsequent authentication phases. During a subsequent authentication phase, the cryptographic unit uses the binding PUF values of the multiple hardware devices to generate a challenge to send to the other device, and to verify a challenge received from the other device to mutually authenticate the hardware devices.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2014},
month = {3}
}
Works referenced in this record:
Physical unclonable functions for device authentication and secret key generation
conference, January 2007
- Suh, G. Edward; Devadas, Srinivas
- Proceedings of the 44th annual conference on Design automation - DAC '07
AmIware: Hardware Technology Drivers of Ambient Intelligence
book, January 2006
- Mukherjee, Satyen; Aarts, Ronald M.; Roovers, Raf
- Philips Research
Data processing systems and methods with enhanced bios functionality
patent, May 2008
- Calhoon, Sean; Carr, J. Scott; Rodriguez, Tony F.
- US Patent Document 7,370,190
Data Protection and Cryptographic Functions Using a Device-Specific Value
patent-application, November 2006
- Devadas, Srinivas; Gassend, Blasie
- US Patent Application 11/421582; 20060271792
Identification of Devices using Physically Unclonable Functions
patent-application, September 2011
- Guajardo, Merchen Jorge; Kumar, Sandeep Shankaran; Tuyls, Pim Theo
- US Patent Application 12/674367; 20110215829
Method and system for authentication of a physical object
patent-application, February 2007
- Tuyls, Pim Theo; Denteneer, Theodoru Jacobus Johannes; Linnartz, Johan Paul Marie Gerard
- US Patent Application 10/557628; 20070044139
Integrated Circuit That Uses a Dynamic Characteristic of the Circuit
patent-application, October 2006
- Devadas, Srinivas; Gassend, Blaise
- US Patent Application 11/421577; 20060221686
Reliable generation of a device-specific value
patent, March 2010
- Devadas, Srinivas; Gassend, Blaise
- US Patent Document 7,681,103
Protecting bus-based hardware IP by secret sharing
conference, January 2008
- Roy, Jarrod A.; Koushanfar, Farinaz; Markov, Igor L.
- Proceedings of the 45th annual conference on Design automation - DAC '08
Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data
book, January 2004
- Dodis, Yevgeniy; Reyzin, Leonid; Smith, Adam
- Advances in Cryptology - EUROCRYPT 2004
Cryptographic Binding of Authentication Schemes
patent-application, May 2009
- Kiester, W. Scott; Mashayekhi, Cameron; Ford, Karl E.
- US Patent Application 11/943783; 20090132828
Reliable Generation of a Device-Specific Value
patent-application, November 2006
- Devadas, Srinivas; Gassend, Blasie
- US Patent Application 11/421588; 20060271793
Sharing a secret by using random function
patent-application, March 2008
- Van Dijk, Marten Erik
- US Patent Application 11/575313; 20080059809
Securely field configurable device
patent-application, September 2006
- Devadas, Srinivas; Ziola, Thomas J.
- US Patent Application 11/272995; 20060209584
A technique to build a secret key in integrated circuits for identification and authentication applications
conference, January 2004
- Lee, J. W.; Gassend, B.
- 2004 Symposium on VLSI Circuits. Digest of Technical Papers (IEEE Cat. No.04CH37525)
Physical Unclonable Functions and Public-Key Crypto for FPGA IP Protection
conference, August 2007
- Guajardo, Jorge; Kumar, Sandeep S.; Schrijen, Geert-Jan
- 2007 International Conference on Field Programmable Logic and Applications
A Digital 1.6 pJ/bit Chip Identification Circuit Using Process Variations
journal, January 2008
- Su, Ying; Holleman, Jeremy; Otis, Brian P.
- IEEE Journal of Solid-State Circuits, Vol. 43, Issue 1
Advances in Cryptology
conference, August 1994
- Desmedt, Yvo G.
- 14th Annual International Cryptology Conference (CRYPTO ’94)
Energy Scalable Universal Hashing
journal, December 2005
- Kaps, J.; Yuksel, K.; Sunar, B.
- IEEE Transactions on Computers, Vol. 54, Issue 12
Volatile device keys and applications thereof
patent-application, September 2006
- Devadas, Srinivas; Ziola, Thomas
- US Patent Application 11/273920; 20060210082
Authentication of integrated circuits
patent-application, October 2003
- Devadas, Srinivas; Gassend, Blaise; Dijk, Marten Van
- US Patent Application 10/407603; 20030204743
System and Method of Reliable Foward Secret Key Sharing with Physical Random Functions
patent-application, February 2008
- Van Dijk, Marten E.
- US Patent Application 10/577756; 20080044027
Extended abstract: The butterfly PUF protecting IP on every FPGA
conference, June 2008
- Kumar, Sandeep S.; Guajardo, Jorge; Maes, Roel
- 2008 IEEE International Workshop on Hardware-Oriented Security and Trust (HOST)
Authentication with Physical Unclonable Functions
patent-application, March 2009
- Ziola, Thomas; Paral, Zdenek; Devadas, Srinivas
- US Patent Application 12/234095; 20090083833
Method for protecting information carrier comprising an integrated circuit
patent-application, February 2007
- Kahlman, Josephus Arnoldus Henricus Maria; Akkermans, Antonius Hermanus Maria
- US Patent Application 10/576393; 20070038871
Controlling Access to Device-Specific Information
patent-application, August 2007
- Devadas, Srinvas; Gassend, Blaise; Clarke, Dwaine
- US Patent Application 11/421609; 20070183194
Volatile Device Keys And Applications Thereof
patent-application, October 2009
- Devadas, Srinivas; Ziola, Thomas
- US Patent Application 12/485479; 20090254981
Works referencing / citing this record:
Resilient device authentication system
patent, February 2016
- Walsh, John J.; Aldridge, Hal A.; Duren, Michael J.
- US Patent Document 9,258,129
Electronic component classification
patent, September 2017
- House, Larry J.; Engelhart, Dale C.
- US Patent Document 9,759,757
Apparatus, system and method for providing cryptographic key information with physically unclonable function circuitry
patent, December 2015
- Areno, Matthew C.
- US Patent Document 9,208,355
Resilient device authentication system
patent, October 2015
- Walsh, John J.; Duren, Michael J.; Aldridge, Hal A.
- US Patent Document 9,154,310
Device authentication using device environment information
patent, September 2015
- Etchegoyen, Craig S.
- US Patent Document 9,143,496
Secure provisioning of secret keys during integrated circuit manufacturing
patent, August 2017
- Gotze, Kevin C.; Iovino, Gregory M.; Li, Jiangtao
- US Patent Document 9,742,563
Systems and methods for maintaining integrity and secrecy in untrusted computing platforms
patent, June 2016
- Merchan, Jorge Guajardo; Owusu, Emmanuel Kwame; McCune, Jonathan M.
- US Patent Document 9,367,701
Challenge-response authentication using a masked response value
patent, August 2017
- Lambert, Robert John
- US Patent Document 9,727,720
Remote recognition of an association between remote devices
patent, September 2017
- Harjanto, Dono; Etchegoyen, Craig S.
- US Patent Document 9,756,133
System and device binding metadata with hardware intrinsic properties
patent, June 2017
- Walsh, John J.; Wallrabenstein, John Ross
- US Patent Document 9,672,342
Portable system and method for remotely accessing data
patent, September 2014
- Lakshminarayanan, Anantharaman; Takru, Kalyan
- US Patent Document 8,826,015
Hardware identity in multi-factor authentication at the application layer
patent, November 2014
- Harjanto, Dono; Davis, Bradley C.
- US Patent Document 8,898,450
Cryptographic circuit and method therefor
patent, March 2015
- Murray, Bruce
- US Patent Document 8,983,067
Registration and authentication of computing devices using a digital skeleton key
patent, August 2017
- Etchegoyen, Craig S.; Harjanto, Dono
- US Patent Document 9,740,849
Applying circuit delay-based physically unclonable functions (PUFs) for masking operation of memory-based PUFs to resist invasive and clone attacks
patent, October 2017
- Guo, Xu; Jacobson, David M.; Yang, Yafei
- US Patent Document 9,787,480