In an embodiment an integrated device includes a first physical unclonable function module configured to generate an initial data group and management module configured to generate an output data group from at least the initial data group, authorize only D successive deliveries of the output data group on a first output interface of the device, D being a non-zero positive integer, and prevent any new generation of the output data group.

Securely executing instructions of software on a computerized device by accessing a software of a computerized device, wherein the software includes a plurality of instructions and respective reference message authentication codes (MACs), generating a cryptographic key based at least in part on a key derivation function, wherein arguments of the key derivation function are based at least in part on a unique identifier of the computerized device and a value extended from a measurement of a content of the software of an extension mechanism of a platform configuration register of the computerized device, verifying an instruction of the plurality of instructions of the software based at least in part on the cryptographic key and a reference MAC of the respective reference MACs, and in response to verifying the instruction of the plurality of instructions of the software, executing the instruction.

Embodiments of the present disclosure provide an apparatus including: a sense amplifier coupled to a memory array and having a set of output terminals, a latch coupled to a first output terminal of the sense amplifier, and a comparator coupled to the latch and a second output terminal of the sense amplifier.

In one implementation, a method for providing end-to-end communication security for a controller area network (CANbus) in an automotive vehicle across which a plurality of electronic control units (ECU) communicate is described. Such an automotive vehicle can include, for example, a car or truck with multiple different ECUs that are each configured to control various aspects of the vehicle's operation, such as an infotainment system, a navigation system, various engine control systems, and/or others.

A solid-state imaging device capable of performing encryption processing with enhanced security by quite extremely safely generating unique information and performing encryption processing based on the generated unique information. There is provided a solid-state imaging device including a unique information generation unit that generates predetermined analog information, a unique value generation unit that generates a predetermined unique value based on the predetermined analog information, and an encryption processing unit that performs encryption processing using the predetermined unique value, in which the unique value generation unit includes a detection unit that converts the predetermined analog information into digital information, and a unique value calculation unit that calculates the predetermined unique value using the digital information, in which the solid-state imaging device further includes a high-pass filter that passes a high-frequency signal for at least one of the analog information or the digital information.

Devices and techniques for replay protection nonce generation are described herein. A hash, of a first length, can be produced from a first input. A first subset of the hash can be extracted as a selector. A second subset of the hash can be selected using the selector. Here, the second subset has a second length that is less than the first length. The second subset can be transmitted as a nonce for a freshness value in a replay protected communication.

Disclosed is a software PUF based on an RISC-V processor for IoT security. A 32-bit RISC-V processor is used to generate abnormal information results in an abnormal operating state under a low voltage, and the abnormal information results are used to represent the features of the 32-bit RISC-V processor; 5-bit binary data obtained by comparing the abnormal information results with normal information results has high randomness and uniqueness and it is extremely difficult to directly extract internal abnormal information result from a hardware circuit of the 32-bit RISC-V processor, so modeling attacks based on the 5-bit binary data calculated according to the abnormal information results of the 32-bit RISC-V processor are almost impossible; in addition, when the 32-bit RISC-V processor is in an abnormal operating state, the operating frequency of the 32-bit RISC-V processor is dynamically adjusted through a frequency compensation method.

An integrated circuit is provided which includes a physically unclonable function (PUF). The integrated circuit comprises a PUF block including a plurality of physically unclonable function (PUF) cells configured to output a cell signal having a unique value according to an input, a conversion unit is configured to receive the cell signal as input, convert the cell signal, and output a conversion signal. A select signal generator provides a first selection signal to the conversion unit. A key generator is configured to receive the conversion signal from the conversion unit and generate a security key therefrom, wherein the conversion unit includes a first layer which outputs a second signal obtained by converting a provided first signal on the basis of a bit value of the first selection signal.

The invention relates to an electronic device, and more particularly, to systems, devices and methods of authenticating the electronic device using a challenge-response process that is based on a physically unclonable function (PUF). The electronic device comprises a PUF element, a processor and a communication interface. The PUF element generates an input signal based on at least one PUF that has unique physical features affected by manufacturing variability. A challenge-response database, comprising a plurality of challenges and a plurality of corresponding responses, is set forth by the processor based on the PUF-based input and further provided to a trusted entity. During the trusted transaction, the processor generates a response in response to a challenge sent by the trusted entity based on the PUF-based input, and thereby, the trusted entity authenticates the electronic device by comparing the response with the challenge-response database.

A computer-implemented method for authentication of a queried device having an electrical circuit exhibiting physically unclonable functions (PUFs). The method includes: at the queried device, generating a first random number based on an initial first counter value; matching the first random number against a first value of a record stored in a database of a querying device, the record including second (shuffled) and third values; at the queried device, generating a second random number based on a once incremented first counter value, deterministically generating a de-shuffled second value based on an initial second counter value, determining that the second random number matches the de-shuffled second value, and submitting sub-challenges corresponding to the second random number to the electrical circuit to generate a response; and, at the querying device, determining that the response matches the third value of the record to complete a first authentication of the queried device.