One embodiment of the invention includes a system comprising: a personal digital key and a computer readable medium that is accessible when authenticated by the personal digital key.

There is provided mechanisms for handling instances of a trusted execution environment on an execution platform. The trusted execution environment is associated with a secure cryptoprocessor. The secure cryptoprocessor holds a register. The trusted execution environment is configured to read from and write to a volatile part of the register at a given index i. A method is performed by the trusted execution environment. The method comprises checking, upon start of a new instance of the trusted execution environment, status of the register at the given index i. The method comprises enabling the new instance to keep running only when successfully reading a first value representing no currently run instance of the trusted execution environment from the register at the index i or if the register at the given index i has its status set to “undefined” when checking the status. The method comprises writing a second value representing one currently run instance of the trusted execution environment to the register at the given index i.

An authentication device (101) for verifying the security of a task being performed on an electronic device (105) operated by a user (102). The authentication device includes an image capture device for capturing image data of the electronic device and of the user interacting with the electronic device. The authentication device also includes processing circuitry for processing the captured image data to determine when the electronic device is performing a security related task and to determine when the electronic device has been subject to an event that has compromised or may compromise the security of the electronic device. The authentication device also includes an audio or visual output for providing instructions to the user to interact with the electronic device and for advising the user that the electronic device has been subject to an event that has compromised or may compromise the security of the electronic device.

The integrated circuit includes a CPU configured to operate according to a program, a PUF information output unit configured to output PUF information while power is being supplied, a key pair output unit configured to output a public key and a private key based on the PUF information while power is being supplied, a public key transmitter configured to transmit the public key output from the key pair output unit to the outside, and a shared encryption key decryption unit configured to decrypt encrypted information produced through encryption with the public key and received from the outside with the private key output from the key pair output unit.

The present invention relates to a system for rendering a content, the rendering of which is subject to conditional access security conditions. A system is described, comprising a host device and a detachable security device, the security device configured to decrypt the encrypted content, re-encrypt it under a local key and to deliver the re-encrypted content to the host device while ensuring that the host device applies or otherwise enforces any conditions associated with the rendering of the content.

An integrated circuit including an input terminal and an output terminal, signal generator circuitry that generates a pseudo-random digital signal provided at the output terminal, and comparator circuitry that compares an input signal received via the input terminal with the pseudo-random digital signal for providing a tamper detection signal indicative thereof. The signal generator circuitry may be a pseudo-random binary sequence generator or may be a linear-feedback shift register with software triggered reloading. The comparator circuitry may include a Boolean logic exclusive-OR gate for comparing the output and input signals. A method of detecting tampering including generating and providing a pseudo-random digital signal at an output terminal and comparing an input signal received via an input terminal with the pseudo-random digital signal for providing a tamper detection signal indicative thereof.

A secure programming system and method for provisioning and programming a target payload into a programmable device mounted in a programmer. The programmable device can be authenticated before programming to verify the device is a valid device produced by a silicon vendor. The authentication process can include a challenge-response validation. The target payload can be programmed into the programmable device and linked with an authorized manufacturer. The programmable device can be verified after programming the target payload by verifying the silicon vendor and the authorized manufacturer. The secure programming system can provision different content into different programmable devices simultaneously to create multiple final device types in a single pass.

A method of receiving and executing a secret software (G) on data in a secure enclave of a first device (DO) includes the following steps implemented in the secure enclave, that is to say a step of generating a public key (B), a step of receiving the encrypted secret software (G.sub.s) coming from a second device (AP), a step of decrypting the encrypted secret software (G.sub.s) from a key (K; P) depending of the public key (B, a step of receiving data; and a step of executing the secret software (G) using the data.

A system for protected data storage in a data memory of a computing device includes an encoder and a decoder. The encoder encrypts unencrypted data using encryption information to generate encrypted data, and stores the encrypted data and the encryption information in data memory. The decoder accesses the encrypted data and the encryption information from the data memory, and decrypts the encrypted data using the encryption information to re-generate the unencrypted data. Each time the unencrypted data is read from data memory or the unencrypted data is to be written to the data memory, the encoder re-encrypts the unencrypted data using newer encryption information to generate newer encrypted data, and replaces previous encrypted data and previous encryption information with the newer encrypted data and the newer encryption information, respectively, in the data memory. The encoder and the decoder are integrated, to operate in a single thread of execution.

An encryption key may be generated based on personalized unit data associated with a software download recipient, for example, a secure processor. In some aspects, the secure processor may generate a decryption key based on its personalized unit data, and a software download may be performed between the software provider and the secure processor using the generated encryption keys. The secure processor may then decrypt and load the software for execution. The encryption and decryption key generation may also be based on a sequence number or other data indicating one or more previous software downloads at the secure processor. Using the sequence number or other data, sequences of multiple encryption and/or decryption keys may be generated to support multiple software downloads to a secure processor.