The present disclosure will be understood more fully from the detailed description given below and from the accompanying drawings of various implementations of the disclosure.
Described herein is the generation of a key based on a combination of keys. In some embodiments, a key (i.e., a primary key) may be generated based on a combination of a first key and a second key. For example, a primary key may be generated based on the first key (also referred to as a first key split) and the second key (also referred to as a second key split). The first key may be associated with multiple devices (e.g., a processor, a field programmable gate array, a system on a chip, or any other integrated circuit or an electronic product that incorporates an integrated circuit) and the second key may be associated with a specific device (e.g., a single processor, a single field programmable gate array, a single system on a chip, or one other integrated circuit or one electronic product that incorporates an integrated circuit). For example, the first key may be a key or key split that is provided or assigned to multiple devices. Such a key, common to multitude of devices, is referred as the common key. Furthermore, the second key may be a key or key split that is device dependent or device unique such that each device is provided or assigned a different second key. Such a key may be referred to as a device key.
Each device may include the common key and one or more device keys. In some embodiments, each device may include multiple device keys and a single common key that is identical to a common key of other devices. A primary key may be generated based on a combination of the common key and one of the device keys. For example, the primary key may be generated based on an encryption of the combination of the two separate keys. The primary key may be used to authenticate or authorize operations to be performed by a device. In some embodiments, the primary key may be used by a portion of an integrated circuit to perform an operation or access a particular memory. For example, a first portion (e.g., a key generator as described in further detail below) of an integrated circuit may generate the primary key and a second portion of the integrated circuit may receive the primary key and use the primary key in order to authenticate or authorize an operation or memory access by the second portion of the integrated circuit. In some embodiments, the common key and the device keys may be stored in a one time programmable (OTP) memory of a device (e.g., a portion of an integrated circuit or another integrated circuit incorporated into an electronic product that uses one or more integrated circuits). The common key may be programmed into the OTP memory at a first time (e.g., when the OTP memory is first manufactured) and at a first location (e.g., at a first manufacturing site that manufactures the OTP memory) and the device keys may be programmed into the OTP memory at a second time (e.g., when the OTP memory is integrated into an electronic product that uses one or more integrated circuits) and at a second location (e.g., at a second manufacturing site that assembles the electronic product). Thus, since the programming of the common key into the OTP memory and the device keys into the OTP memory may be performed at different times in different locations (i.e., different manufacturing sites), the required use of both the common key and one of the device keys to generate a primary key may provide a level of security with regard to the primary key. For example, if the common key were leaked or compromised by an unauthorized entity (e.g., an employee involved in the manufacturing of the OTP memory or the programming of the common key into the OTP memory) at the first location (i.e., a first manufacturing location), the primary key would not be known or obtained by the unauthorized entity as the unauthorized entity may not have accessed or compromised the device keys as the device keys may be programmed into the OTP memory at a different location from the first location associated with the unauthorized entity. Thus, the use of the common key and the device keys may provide a greater level of security with regard to the primary key that may be generated based on a combination of the common key and one of the device keys.
In some embodiments that may be constrained by cost or logistics issue, the common key and the device specific key may be programmed by the same entity, or at the same location, or at the same time.
Furthermore, in some embodiments, the common key may be modified or diversified based on a device identification and/or a selection of one of the device keys. For example, as previously described, the OTP memory of a device may be associated with multiple device keys. One of the device keys in the OTP memory of the device may be selected based on a device key selection signal or input. In some embodiments, the device key selection signal or input may be received from another portion of an integrated circuit. For example, an electronic product may incorporate an integrated circuit that includes an OTP memory and a control logic portion of the integrated circuit may transmit a device key selection signal. The use of the device key selection signal may allow the programming or retrieving of individual device keys into the OTP memory at specific locations in the OTP memory. For example, the OTP memory may include eight memory locations to store eight device keys and each of the eight memory locations may be identified by the device key selection signal to either retrieve the device key or store a device key at the OTP memory location identified by the device key selection signal. Thus, the device key selection signal or input may specify a particular device key of the multiple device keys that may be selected or retrieved from the OTP memory of the device. Furthermore, the device key selection signal or input may be used in a process to diversify or modify the common key of the device. Such diversification or modification of the common key may provide additional protection from possible compromise by an unauthorized entity of the common key that is used in the process to generate the primary key. For example, the diversification or modification of the common key may protect the use of the common key in the generation of the primary key from side channel attacks (e.g., an attack based on information gained from the physical implementation of a cryptographic system such as the circuitry of the device that is used to generate the primary key). Examples of side channel attacks are, but not limited to, differential power analysis (DPA), simple power analysis (SPA), timing analysis, etc. The diversification or modification of the common key may be performed by a key tree, which is described in further detail below, may perform a diversification or modification operation on the common key. The internal operations of the key tree may be implemented so that if an unauthorized entity performs a DPA analysis on the key tree, the information obtained by the DPA analysis may be infeasible to derive the output of the key tree. Thus, the use of a key tree may be used to improve the protection of the primary key from such side channel attacks. In some embodiments, the common key may also be modified or diversified based on a device identification.
Thus, the generation of the primary key based on two keys or key splits (e.g., the common key and one of the device keys) and the diversification or modification of the common key based on a device identification and/or a selection of one of the device keys may result in improved security for the process that is used to generate the primary key.
As shown in
As shown in
The key generator 200 may further receive a device identification (ID) 230 and a device key select 240. In some embodiments, the device key select 240 may be received from another portion of an integrated circuit that includes the key generator 200 or may be received as a signal from off-chip (e.g., the device key select 240 is received at an input buffer to the integrated circuit from another source such as another integrated circuit). Furthermore, the device ID 230 may be received from a memory location of the device (e.g., another portion of an integrated circuit that may include the key generator 200). In some embodiments, the device identification 230 may be a form of identification that is unique to a device. For example, the device identification may include, but is not limited to, a serial number of the device or any other information or number that may uniquely identify a specific device. Furthermore, the device key select 240 may be used to select a specific device key 210. For example, each device may be associated with multiple device keys. As an example, each device may be associated with eight device keys that are stored in OTP memory and the device key select 240 may be used to select one of the eight device keys that are stored in the OTP memory.
Referring to
As previously discussed, the OTP memory 300 may be a type of programmable read-only memory where the programming or setting of the common key 320 and the device keys 310-317 is permanent and cannot be changed after a programming of the common key 320 and the device keys 310-317.
The common key 320 and the device keys 310-317 may each be secret keys used in a cryptography process or algorithm to generate a third key (e.g., the primary key). Each of the common key 320 and the device keys 310-317 may be information or a parameter that determines the functional output of a cryptographic process or algorithm (e.g., the primary key). Thus, the common key 320 may be considered a first key of a pair of keys (i.e., a first key split) needed to generate the primary key and one of the device keys 310-317 may be considered a second key of the pair of keys (i.e., a second key split) that is needed to generate the primary key. In some embodiments, the primary key may be considered a working key that may be used by a device for authentication or performing authorized operations.
In some embodiments, the common key 320 may be associated with multiple devices. For example, the common key 320 may be stored in the OTP memory of a single type or class of devices. Thus, the OTP memory 300 of multiple devices of a same type or same class may include an identical common key 320 that is considered to be common to all devices of the type of device. In some embodiments, the device keys 310-317 may also be stored in the OTP memory of a device, but the device keys 310-317 may be different between devices so that the device keys 310-317 may be considered to be device dependent or unique to each device. Thus, as an example, a first device and a second device may be of a first type of device and a third device may be of a second type of device. The first device and the second device may be associated with a first common key and the third device may be associated with a second common key. The device keys for each of the first device, second device, and the third device may all be different or unique relative to the device keys of the other devices.
Although
As shown in
As shown, the key generator 420 may receive a common key 411, device keys 412-419, a device identification 431, and a device key select signal 432. In some embodiments, one of the device keys 412-419 and a combination of the common key 411, device identification 431, and the device key select signal 432 may be used to generate or create the primary key 461. For example, as shown, the key generator 420 may include a hash algorithm component 430 in which inputs of the hash algorithm component 430 include the device identification 431 and the device key select signal 432. The hash algorithm component 430 may receive the inputs and perform a hash function that combines or maps the input data (e.g., the device identification 431 and the device key select signal 432) into a hash data signal 433 of a fixed length. In some embodiments, the hash algorithm component 430 may perform, but is not limited to, a cryptographic hash function such as a secure hash algorithm (SHA). Examples of an SHA include, but are not limited to, SHA-1, SHA-2, and SHA-3. Thus, the hash algorithm component 430 may receive the device identification 431 and the device key select signal 432 and generate a hash number or value that corresponds to the hash data signal 433. Although a hash algorithm component 430 is illustrated, in other embodiments, other operations may be used to generate the hash data signal 433. For example, an XOR logic operation and/or a truncation of the bits corresponding to the device identification 431 and the device key select signal 432 may be used to generate the hash data signal 433.
Referring to
The key generator 420 may further include a selection unit such as a multiplexer 450. In some embodiments, the multiplexer 450 may receive and select one of the device keys 412-419 and forward the selected device key to an output line in response to the device key selection signal 432. For example, the device key selection signal 432 input of the multiplexer 450 may determine which of the device keys 412-419 may be forwarded as the output of the multiplexer 450. Thus, a value of the device key selection signal 432 may correspond to one of the device keys 412-419. In some embodiments, the output of the multiplexer 450 may be the device key split 451. Although a multiplexer 450 is shown as being part of the key generator 420, in some embodiments where a device or an OTP memory of a device includes a single device key as opposed to multiple device keys, the output of the OTP memory may not go through a selection unit 450 such as a multiplexer.
Referring to
In some embodiments, the AES component 460 may be considered invertible. For example, as previously described, the AES component 460 may receive the common key split 442 and the device key split 451 and generate the primary key 461 based on the common key split 442 and the device key split 451. In some embodiments, the primary key 461 may be an input to the AES component 460 and one of the device key split that is derived from a device key or a common key split that is derived from a common key may be provided to the AES component 460 and the AES component 460 may provide or output either a common key (if a device key is provided) or a device key (if a common key is provided). Further details with regard to the invertible process performed by the AES component 460 are disclosed with regard to
As such, the key generator 420 may receive a common key and a device key that is selected based on a device key selection signal. In some embodiments, the common key (i.e., first key) may be diversified or modified with a unique device identification and/or the device key selection signal to generate or create a modified common key (i.e., the common key split). The primary key may be generated based on a combination of the modified common key (i.e., the common key split) and the selected device key (i.e., the device key split).
As shown in
The processing logic may further receive a device key split (block 520). For example, an AES component (e.g., the AES component 460) of the processing logic may receive the device key split. In some embodiments, if the device including the processing logic includes multiple device keys then the device key corresponding to the device key split that is received may be based on a device key selection signal. Such a selected device key may be referred to as the device key split. Further details with regard to the selection of the device key to be used as a device key split are discussed with regard to
Returning to
As shown in
As such, the common key split (also referred to as the modified common key) may be created based on diversifying or modifying a common key with a device identification. Furthermore, in some embodiments with a device that is associated with multiple device keys, the common key split may be further based on the device key selection signal that is also used to select one of the device keys.
As shown in
In some embodiments, the key tree 800 may perform an entropy redistribution operation. As used herein, an “entropy redistribution operation” (or “entropy distribution operation”) may be an operation that mixes its input(s) (e.g., the hash data signal 433 and the common key split 442) such that unknown information about input bits is redistributed among the output bits. For example, suppose an x bit cryptographic key K0 is processed repeatedly with an entropy redistribution operation f such that key Ki=f(Ki-1) for each i>1. Next, suppose an adversary obtains y bits of information (e.g., obtained as part of an attempted external monitoring attack) about each of n different keys Ki, providing more than enough information to solve for key K0 (e.g., y*n>x). The use of the entropy distribution operation f may make such solution computationally infeasible. A cryptographic hash function H is an example of an operation that may be used as an entropy redistribution operation. For example, consider a strong hash function H that produces a 256-bit result. Given a random 256-bit initial key K0, let Ki=H(Ki-1) for each i>1. An adversary with knowledge of (for example) the least-significant bit of each K0 . . . K999,999 has 1,000,000 bits of data related to K0. A hypothetical adversary with infinite computing power could find K0 by testing all possible 2256 values for K0 to identify a value which is consistent with the known sequence of least-significant bits. Actual adversaries have finite computational power available, however, and the entropy redistribution operation prevents there from being a computationally practical way to solve for K0 (or any other Ki) given the information leaked through attempted external monitoring attacks.
Entropy redistribution operations may be implemented, without limitation, using cryptographic hash functions, operations constructed using block ciphers (such as AES), pseudorandom transformations, pseudorandom permutations, other cryptographic operations, or combinations thereof. As a matter of convenience, certain exemplary embodiments are described with respect to a hash, but those skilled in the art will understand that, pursuant to the foregoing, other entropy redistribution functions may also be used instead or in addition.
Multiple entropy redistribution operations may also be constructed from a base operation. By way of example, if two 256-bit entropy redistribution operations f0( ) and fi( ) are required, f0( ) could comprise applying the SHA-256 cryptographic hash function to the operation identifier string “f0” concatenated with the input to f0( ) while f1( ) could comprise applying SHA-256 to the operation identifier string “f1” concatenated with the input to f1( ). Entropy redistribution operations can be construed using the well-known AES block cipher. For example, to implement f0( ) . . . fb-1( ) each fi( ) can use its input as an AES-256 key to encrypt a pair of 128-bit input blocks that are unique to the choice of i within 0 . . . b−1, yielding 256 bits of output.
The key tree 800 may be able to compute a set of non-linear cryptographic entropy redistribution operations f0( ), f1( ), . . . fb-1( ), where b>1 is a positive integer. These b entropy redistribution functions can be configured in a tree structure. For example, a simple b-ary tree structure of height Q (i.e., having Q+1 levels, from 0 through Q) can be created by using b distinct entropy distribution functions, f0( ) . . . fb-1( ), to represent the b possible branches of this b-ary tree at each node of the tree, each node representing a possible derived key. In such a tree, starting from a root cryptographic key KSTART (which is at level 0), b possible derived keys can be computed at level 1: f0(KSTART) for the leftmost branch; f1(KSTART) for the next branch; and continuing until fb-1(KSTART) for the rightmost branch. At level 2, b2 possible keys can be derived, since each of f0( ) . . . fb-1( ) could be applied to each of the b possible level 1 keys. Of course, computing a specific level 2 node only requires two, not b2, computations (i.e., the nodes not on the path are not computed). The tree continues for successive levels 1 through Q, where each possible key (i.e., a different node) of a prior level can be processed by applying f0( ) . . . fb-1( ) in turn to derive b additional possible derived keys. The entire key tree has Q+1 levels, starting with a single node at level 0, continuing with bi nodes at level i, and ending with bQ nodes at level Q. Thus, there are bQ possible paths from the root node at level 0 to the bQ final nodes at level Q. Each such possible path, corresponding to a unique the sequence of functions applied at the different levels, can be represented as a sequence of Q integers, each integer being selected from (0 . . . b−1). For example, in an exemplary embodiment, b=2. Thus, two entropy redistribution operations, f0( ) and f1( ) are used (and may be constructed from a base operation, e.g., as described above). If Q=128 (i.e., the height is 128), 2128 paths are possible and 128 entropy redistribution function computations are required to derive the level Q key from the level 0 node (i.e., the starting key).
As a variation, embodiments may involve more variety in the choice of b, such as varying the value of b among levels, and/or varying b based on the route taken to a particular level. Likewise, the entropy redistribution operations can also be varied, such as by making the entropy redistribution operations fi( ) differ at different levels or making these operations depend on the sequence taken to a particular level.
An example key derivation process is diagrammed in
In an implementation, message identifier H1 is decomposed into Q parts P1, P2, . . . PQ. In an example decomposition, each part Pi is an integer from 0 thru (b−1) (e.g., if b=4 then each Pi is a two-bit value (0, 1, 2, or 3)). Likewise, if b=2, each Pi is a single bit (0 or 1). Hence, the path parts P1 . . . PQ can be used to specify a specific path from KSTART to KSTART,PATH by applying functions f0( ), f1( ) . . . , fb-1( ) to produce a plurality of intermediate keys leading to KSTART,PATH as follows. First, the function fP 1 is applied to KSTART (803) to yield an intermediate key KSTART,P 1, followed by the application of fP 2 on KSTART,P 1 to yield the intermediate key KSTART,P 1,P 2 (804) and so on, until the final application of fP Q on the intermediate key KSTART,P 1, P 2, . . . , P Q-1 (805) to yield the final derived key, KSTART,P 1, P 2, . . . , P Q (806). Note that the derivation of each intermediate key depends on at least one predecessor key and the relevant portion of the message identifier. For convenience, this final derived key may be denoted with the notation KSTART,PATH (indicating the key that was reached by starting with KSTART and following PATH).
As shown in
Examples of the device 1000 may include, but are not limited to, a System on a Chip (SoC), field programmable gate array (FPGA), and a processor that may include an integrated circuit. As shown, the integrated circuit of a device 1000 may include an OTP memory 1010, a key generator 1020, device memory 1030, and device components or architecture 1040. In some embodiments, the OTP memory 1010 may be a type of programmable read-only memory that may store a common key and one or more device keys. The integrated circuit of the device 1000 may further include a device memory 1030 which may be a type of random access memory, read-only memory, or other such memory storage. In some embodiments, the memory 1030 may store a device identification. Additionally, the integrated circuit of the device 1000 may include a key generator 1020, as previously described. In some embodiments, the integrated circuit of the device 1000 may further include device components or architecture 1040. The device components or architecture 1040 may include a central processing unit (CPU) or other type of processing device, memory, or other such circuit components. In some embodiments, the device components or architecture 1040 may further include functionality to provide the common key of the device 1000. As an example, a processing unit of the device components 1040 may use a primary key that is generated by the key generator 1020. In some embodiments, the processing unit of the device components 1040 may initiate a request for the generation of the primary key by the key generator 1020. In response, the key generator 1020 may retrieve the common key (e.g., from the OTP memory 1010 or from the device components 1040) and may further retrieve a device key from the OTP memory 1010 and receive a device identification from the device memory 1030 and a device key selection signal from the device components 1040.
The machine may be a personal computer (PC), a tablet PC, a set-top box (STB), a Personal Digital Assistant (PDA), a cellular telephone, a web appliance, a server, a network router, a switch or bridge, or any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine. Further, while a single machine is illustrated, the term “machine” shall also be taken to include any collection of machines that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methodologies discussed herein.
The example computer system includes a processing device 1102, a main memory 1104 (e.g., read-only memory (ROM), flash memory, dynamic random access memory (DRAM) such as synchronous DRAM (SDRAM) or DRAM (RDRAM), etc.), a static memory 1106 (e.g., flash memory, static random access memory (SRAM), etc.), and a data storage device 1118, which communicate with each other via a bus 1130.
Processing device 1102 represents one or more general-purpose processing devices such as a microprocessor, a central processing unit, or the like. More particularly, the processing device may be complex instruction set computing (CISC) microprocessor, reduced instruction set computing (RISC) microprocessor, very long instruction word (VLIW) microprocessor, or processor implementing other instruction sets, or processors implementing a combination of instruction sets. Processing device 1102 may also be one or more special-purpose processing devices such as an application specific integrated circuit (ASIC), a field programmable gate array (FPGA), a digital signal processor (DSP), network processor, or the like. The processing device 1102 is configured to execute instructions 1126 for performing the operations and steps discussed herein.
The computer system may further include a network interface device 1108. The computer system also may include a video display unit 1110 (e.g., a liquid crystal display (LCD) or a cathode ray tube (CRT)), an alphanumeric input device 1112 (e.g., a keyboard), a cursor control device 1114 (e.g., a mouse), a graphics processing unit 1122, a video processing unit 1128, an audio processing unit 1132, and a signal generation device 1116 (e.g., a speaker).
The data storage device 1118 may include a machine-readable storage medium 1124 (also known as a computer-readable medium) on which is stored one or more sets of instructions or software 1126 embodying any one or more of the methodologies or functions described herein. The instructions 1126 may also reside, completely or at least partially, within the main memory 1104 and/or within the processing device 1102 during execution thereof by the computer system, the main memory 1104 and the processing device 1102 also constituting machine-readable storage media.
In one implementation, the instructions 1126 include instructions to implement functionality corresponding to a key generator (e.g., key generator 200 of
Some portions of the preceding detailed descriptions have been presented in terms of algorithms and symbolic representations of operations on data bits within a computer memory. These algorithmic descriptions and representations are the ways used by those skilled in the data processing arts to most effectively convey the substance of their work to others skilled in the art. An algorithm is here, and generally, conceived to be a self-consistent sequence of operations leading to a desired result. The operations are those requiring physical manipulations of physical quantities. Usually, though not necessarily, these quantities take the form of electrical or magnetic signals capable of being stored, combined, compared, and otherwise manipulated. It has proven convenient at times, principally for reasons of common usage, to refer to these signals as bits, values, elements, symbols, characters, terms, numbers, or the like.
It should be borne in mind, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities. Unless specifically stated otherwise as apparent from the above discussion, it is appreciated that throughout the description, discussions utilizing terms such as “identifying” or “determining” or “executing” or “performing” or “collecting” or “creating” or “sending” or the like, refer to the action and processes of a computer system, or similar electronic computing device, that manipulates and transforms data represented as physical (electronic) quantities within the computer system's registers and memories into other data similarly represented as physical quantities within the computer system memories or registers or other such information storage devices.
The present disclosure also relates to an apparatus for performing the operations herein. This apparatus may be specially constructed for the intended purposes, or it may comprise a general purpose computer selectively activated or reconfigured by a computer program stored in the computer. Such a computer program may be stored in a computer readable storage medium, such as, but not limited to, any type of disk including floppy disks, optical disks, CD-ROMs, and magnetic-optical disks, read-only memories (ROMs), random access memories (RAMs), EPROMs, EEPROMs, magnetic or optical cards, or any type of media suitable for storing electronic instructions, each coupled to a computer system bus.
The algorithms and displays presented herein are not inherently related to any particular computer or other apparatus. Various general purpose systems may be used with programs in accordance with the teachings herein, or it may prove convenient to construct a more specialized apparatus to perform the method. The structure for a variety of these systems will appear as set forth in the description below. In addition, the present disclosure is not described with reference to any particular programming language. It will be appreciated that a variety of programming languages may be used to implement the teachings of the disclosure as described herein.
The present disclosure may be provided as a computer program product, or software, that may include a machine-readable medium having stored thereon instructions, which may be used to program a computer system (or other electronic devices) to perform a process according to the present disclosure. A machine-readable medium includes any mechanism for storing information in a form readable by a machine (e.g., a computer). For example, a machine-readable (e.g., computer-readable) medium includes a machine (e.g., a computer) readable storage medium such as a read only memory (“ROM”), random access memory (“RAM”), magnetic disk storage media, optical storage media, flash memory devices, etc.
In the foregoing specification, implementations of the disclosure have been described with reference to specific example implementations thereof. It will be evident that various modifications may be made thereto without departing from the broader spirit and scope of implementations of the disclosure as set forth in the following claims. The specification and drawings are, accordingly, to be regarded in an illustrative sense rather than a restrictive sense.
This application claims the benefit under 35 U.S.C. §119(e) of U.S. Provisional Application 62/022,122 filed on Jul. 8, 2014, which is hereby incorporated by reference.
Number | Name | Date | Kind |
---|---|---|---|
7234058 | Baugher | Jun 2007 | B1 |
Number | Date | Country | |
---|---|---|---|
20160013939 A1 | Jan 2016 | US |
Number | Date | Country | |
---|---|---|---|
62022122 | Jul 2014 | US |