Disclosed is a device and method to secure software update information for authorized entities. In one embodiment, a device for receiving secured software update information from a server, the device includes: a physical unclonable function (PUF) information generator, comprising a PUF cell array, configured to generate PUF information, wherein the PUF information comprises at least one PUF response output, wherein the at least one PUF response output is used to encrypt the software update information on the server so as to generate encrypted software update information; a first encrypter, configured to encrypt the PUF information from the PUF information generator using one of at least one public key from the server so as to generate encrypted PUF information; and a second encrypter, configured to decrypt the encrypted software update information using one of the at least one PUF response output so as to obtain the software update information.

The present invention provides various aspects for processing multiple types of substrates within cleanspace fabricators or for processing multiple or single types of substrates in multiple types of cleanspace environments particularly to form hardware based encryption devices and hardware based encryption equipped communication devices and multi-chip modules such as chiplets. In some embodiments, a collocated composite cleanspace fabricator may be capable of processing semiconductor devices into integrated circuits and then performing assembly operations to result in product in packaged form. Customized smart devices, smart phones and touchscreen devices may be fabricated in examples of a cleanspace fabricator. The assembly processing may include steps to form hardware based encryption.

In a digital communication system, using a symmetric key encryption protocol, the identifier of a transmitter included in a message transmitted to a receiver is encrypted. The identifier is divided into P parts, P being an integer number at least equal to two. The parts are ordered and associated, respectively, with ranks varying between one and P. For at least one part of rank greater than or equal to two, an encryption key is determined on the basis of the values of the parts of preceding rank and is encrypted with the encryption key thus determined. An encrypted identifier is then determined from the one or more encrypted parts thus obtained. The message to be transmitted is then formed from the encrypted identifier thus determined, and then transmitted to the receiver.

A method for authenticating a passive RFID tag includes acquiring a tag fingerprint of a first tag as a first tag fingerprint, the first tag being the genuine tag; acquiring a tag fingerprint of a second tag as a second tag fingerprint, the second tag being the tag to be authenticated; comparing the first tag fingerprint with the second tag fingerprint: if the first tag fingerprint is consistent with the second tag fingerprint, determining that the second tag is a genuine tag, otherwise determining the second tag is a forged tag. The tag fingerprint is the persistence time enabling the passive RFID tag to operate normally during discharge after fully charging. The beneficial effects include being high in robustness to the change of environment and high in authentication accuracy and capable of being directly deployed on an existing commercial RFID device without modifying hardware of the tag and reader.

Systems, methods, and computer-readable media for facilitating an authentication processing service are provided.

A physically unclonable function (PUF) device includes first and second inverters, each of which includes a common gate node and a common drain node. The common drain node of the first inverter is electrically connected to the common gate node of the second inverter. The PUF device also includes a common output node, a first resistive memory device (RMD) electrically connected to the common drain node of the first inverter and the common output node, and a second RMD electrically connected to the common drain node of the second inverter and the common output node.

A method performed by a user device is disclosed. The method comprising generating a secret and measuring a biometric template of a user operating the user device. The method then generates a plurality of secret shares of the secret and of the biometric template. The user device then transmits the secret shares of the secret and of the biometric template to a plurality of recovery devices. After, the user device may then initiate a recovery of the secret and measure a biometric measurement of the user. Data of the biometric measurement may be transmitted to the plurality of recovery devices, where the recovery devices perform a partial computation. The user device use the plurality of partial computations to determine a match between the biometric template and the biometric measurement. If the two biometrics match, the user device can reconstruct the secret using shares of the secret from the recovery devices.

To conduct a payment transaction at a merchant's point of sale using a mobile device, the mobile device initiates an authenticated communication session with a payment agent. The payment agent is an entity responsible for facilitating a payment transaction between the merchant and purchaser via their respective financial institutions. During the authenticated communication session, response to an input indicating the user of the mobile device wishes to make a payment, the mobile device generates a unique payment key that is based on at least one unique data of the mobile device. The mobile device transmits the payment key to the payment agent, and then transfers a copy of the payment key to the point of sale system. The merchant's payment system that transmits the payment key to the payment agent in a transaction request. The payment agent then verifies that the received payment key is the same as they received from the mobile device, and that the authenticated communication session is still valid, and then approves the transaction.

Methods, apparatus, systems and articles of manufacture (e.g., physical storage media) for software defined silicon security are disclosed. Example apparatus include a trusted agent determiner to (i) determine respective reputation scores associated with a plurality of agents in a mesh network, the plurality of agents associated with a plurality of semiconductor devices, respective ones of the semiconductor devices including circuitry configurable to provide one or more features, and (ii) select, based on the respective reputation scores, a first agent from the plurality of the agents to transmit a request to activate or deactivate at least one of the one or more features. Example apparatus also include an agent interface to, in response to the request, broadcast an activation or deactivation of the least one of the one or more features to the mesh network to cause the trusted agent determiner to update the reputation score of the first agent.

A computer storage device having a host interface, a controller, non-volatile storage media, and firmware. The firmware instructs the controller to: limit a crypto key to be used in data access requests made in a first namespace allocated on the non-volatile storage media of the computer storage device; store data in the first namespace in an encrypted form that is to be decrypted using the crypto key; free a portion of the non-volatile storage media from the first namespace, the portion storing the data; and make the portion of the non-volatile storage media available in a second namespace without erasing the data stored in the portion of the non-volatile storage media.