In accordance with an embodiment, a physically unclonable function device includes a set of floating gate transistor pairs, floating gate transistors of the set of floating gate transistor pairs having a randomly distributed effective threshold voltage belonging to a common random distribution; a differential read circuit configured to measure a threshold difference between the effective threshold voltages of floating gate transistors of floating gate transistor pairs of the set of floating gate transistor pairs, and to identify a floating gate transistor pair in which the measured threshold difference is smaller than a margin value as being an unreliable floating gate transistor pair; and a write circuit configured to shift the effective threshold voltage of a floating gate transistor of the unreliable floating gate transistor pair to be inside the common random distribution.

A multi-die device a first die containing a plurality of first die signal path elements configured to propagate a stimulus signal and a second die containing a plurality of second die signal path elements configured to propagate the stimulus signal. The multi-die device further includes an interposer configured to establish signal communication between the first die and the second die so as to deliver the stimulus signal from the plurality of first die signal path elements to the plurality of second die signal path elements to generate a propagation delay. The propagation delay is used to generate a single unified PUF response that is indicative of the authenticity of the multi-die device.

A computer processing system have includes a processing unit operably configured to perform a plurality of exponentiation operations and a cryptosystem controller operably configured to load an exponent from the at least one exponentiation operation from a memory to an algorithm controller by first applying a function, wherein the algorithm controller including at least one set of shift registers operably configured to shift a plurality of digits and operably configured to utilize at least one of the plurality of digits as an output.

Methods and apparatus relating to handling unaligned transactions for inline encryption are described. In an embodiment, cryptographic logic circuitry receives a plurality of incoming packets and store two or more incoming packets from the plurality of incoming packets in memory. The cryptographic logic circuitry is informs software in response to detection of the two or more incoming packets. Other embodiments are also disclosed and claimed.

A device is suggested including a cryptographic module, wherein the device is operable in a secure mode and in a non-secure mode, wherein the cryptographic module is configured in the secure mode by storing a secret key and a seed value in the cryptographic module, and wherein the device is operable in the non-secure mode to generate a signature based on input data utilizing the secret key and the seed value. Also, a method for operating such device is provided.

The present disclosure presents various systems and methods for implementing a physical unclonable function device. One such method comprises providing an integrated circuit having a plurality of set/reset flip flop logic circuits, wherein each of the set/reset flip flop logic circuits enters a metastable state for a particular input sequence. The method includes varying circuit parameters for each of the plurality of set/reset flip flop logic circuits to account for manufacturing variations in the set/reset flip flop logic circuits and enable generating a stable but random output in response to the particular input sequence. Thus, by applying the particular input sequence to the integrated circuit, a unique identifier for the integrated circuit can be derived from an output response of the plurality of set/reset flip flop logic circuits.

An integrated circuit device can include a plurality of nonvolatile memory elements having values that vary randomly or pseudo-randomly from one another; a selection circuit configured to select a plurality of nonvolatile memory elements that vary randomly or pseudo-randomly in response to a received challenge value; and sense circuits configured to generate a response value based on the values of the selected nonvolatile memory elements. Related methods and systems are also disclosed.

An integrated circuit includes a system memory, a security processor and a non-security processor. An attack against the integrated circuit is made more difficult based on using a key generated by the security processor. The security processor, as an example, reads a program image from the system memory and generates the key based on the program image. In some instances, a dedicated communication channel is provided for communication between the non-security processor and the security processor. The dedicated channel may be used to provide the key to the non-security processor for performance of a security operation.

A PUF generator includes a difference generator circuit with first and second transistors having a first predetermined VT. The difference generator circuit is configured to provide a first output signal for generating a PUF signature based on respective turn on times of the first and second transistors. An amplifier includes a plurality of transistors having a second predetermined VT. The amplifier is configured to receive the first output signal and output the PUF signature.

Systems and methods of generating a security key for an integrated circuit device include generating a plurality of key bits with a physically unclonable function (PUF) device. The PUF can include a random number generator that can create random bits. The random bits may be stored in a nonvolatile memory. The number of random bits stored in the nonvolatile memory allows for a plurality of challenge and response interactions to obtain a plurality of security keys from the PUF.