US20170046281A1 - Address dependent data encryption - Google Patents

Address dependent data encryption Download PDF

Info

Publication number
US20170046281A1
US20170046281A1 US15/335,479 US201615335479A US2017046281A1 US 20170046281 A1 US20170046281 A1 US 20170046281A1 US 201615335479 A US201615335479 A US 201615335479A US 2017046281 A1 US2017046281 A1 US 2017046281A1
Authority
US
United States
Prior art keywords
data
key
memory
circuitry
function
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US15/335,479
Inventor
Vikas Chandra
Robert Campbell Aitken
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ARM Ltd
Original Assignee
ARM Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ARM Ltd filed Critical ARM Ltd
Priority to US15/335,479 priority Critical patent/US20170046281A1/en
Assigned to ARM LIMITED reassignment ARM LIMITED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: AITKEN, ROBERT CAMPBELL, CHANDRA, VIKAS
Publication of US20170046281A1 publication Critical patent/US20170046281A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C1/00Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/40Specific encoding of data in memory or cache
    • G06F2212/402Encrypted data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/12Transmitting and receiving encryption devices synchronised or initially set up in a particular manner

Definitions

  • This disclosure relates to the field of data processing systems. More particularly, this disclosure relates to the encryption of data within data processing systems.
  • apparatus comprising:
  • key generation circuitry to generate a key as a function of said address
  • encryption circuitry to encrypt said unencrypted data to form said encrypted data as a function of said key.
  • apparatus comprising:
  • memory means for storing encrypted data representing unencrypted data at a storage location specified by an address
  • key generation means for generating a key as a function of said address
  • encryption means for encrypting said unencrypted data to form said encrypted data as a function of said key.
  • the present disclosure provides a method comprising the steps of:
  • apparatus comprising:
  • key generation circuitry to generate a key as a function of said address
  • decryption circuitry to decrypt said encrypted data to form said unencrypted data as a function of said key.
  • apparatus comprising:
  • memory means for storing encrypted data representing unencrypted data at a storage location specified by an address
  • key generation means for generating a key as a function of said address
  • decryption means for decrypting said encrypted data to form said unencrypted data as a function of said key.
  • the present disclosure provides a method comprising the steps of:
  • FIG. 1 schematically illustrates a data processing system
  • FIG. 2 schematically illustrates a mechanism for encrypting unencrypted data upon data write
  • FIG. 3 schematically illustrates a mechanism for decrypting encrypted data upon data read
  • FIG. 4 schematically illustrates a mechanism for both encrypting and decrypting data
  • FIG. 5 is a flow diagram schematically illustrating an encrypting write process
  • FIG. 6 is a flow diagram schematically illustrating a decrypting read process.
  • At least example embodiments of the disclosure provide a low energy and secure mechanism for protecting data whereby the same data written to different addresses within a memory will be encrypted with different keys and accordingly highly likely have a different form. This provides resistance against attacks based upon data remnance as it renders it difficult to identify any particular data within the memory as the same data will highly likely be represented in different forms at different storage locations within the memory.
  • the key generation circuitry comprises physically unclonable function circuitry (PUF circuitry).
  • PAF circuitry physically unclonable function circuitry
  • the address may be used as a challenge input to the physically unclonable function circuitry and the key may be a response output from the physically unclonable function circuitry.
  • the variation from instance to instance of the physically unclonable function circuitry has the result that even if multiple different apparatuses are using the same secret data, the variation in the physically unclonable function circuitry between those different apparatuses will mean that the keys used for the same addresses in the different apparatuses will highly likely be different. Accordingly, such embodiments provide for different keys to be used for different addresses within the same device and for different keys to be used for the same addresses within different devices. This helps resist another form of attack whereby the attacker might seek to analyse multiple devices in order to identify common data at the same addresses within different devices.
  • the encryption circuitry may use the key in a variety of different ways, one particularly secure way in which the encryption circuitry may be configured is so as to perform one-time-pad encryption of the encrypted data using the key.
  • Such one-time-pad encryption in which any form of unencrypted data may be formed from any form of encrypted data by using a suitable key has the advantage that knowledge of the encrypted data will not assist in yielding any information regarding either the key or the unencrypted data.
  • Security may be improved within at least some embodiments in which the key has a character width greater than or equal to the character width of the unencrypted data.
  • the use of keys which are at least as wide as the unencrypted data they protect permits a higher degree of security. In practice, as the secret data in some circumstances is likely to be relatively short, it may generally be possible to provide a key which is at least as great in character width.
  • While the above techniques are generally applicable in providing data security, they can be used with particular advantage to protect systems within which the memory has data remnance behaviour whereby data values stored within the memory induce physical changes within the memory which permit reconstruction of data erased from the memory. Examples of such memories include SRAM memory and DRAM memory.
  • a non-volatile memory is an extreme example of a memory which has data remnance as its nature is that it is intended to provide perfect data remnance.
  • aspects of the present disclosure comprise a mechanism for writing data to a memory in accordance with the present technique and mechanisms for reading data from a memory in accordance with the present techniques. These mechanisms may also be used in combination. Such embodiments may share the key generation circuitry in a manner which ensures that the same key is generated for encryption as for decryption when the same storage location within the memory is being addressed. Such encryption is turned symmetric encryption.
  • FIG. 1 schematically illustrates a data processing system 2 in the form of a system-on-chip integrated circuit for use in an internet-of-things device.
  • Such data processing systems 2 typically have a limited energy supply and accordingly encryption and decryption mechanisms they use are required to meet strict energy requirements.
  • the data processing system 2 includes a processor core 4 for executing program instructions and performing data accesses to a memory 6 via encryption and decryption circuitry 8 .
  • the data processing system 2 communicates with other data processing systems via input/output circuitry 10 and an antenna 12 .
  • the memory 6 is a memory exhibiting data remnance behaviour, such as, for example, an SRAM memory, a DRAM memory or a non-volatile memory.
  • the processor core 4 executes program instructions and manipulates data which are stored within the memory 6 .
  • the program instructions and the data stored within the memory 6 are transformed between an unencrypted form used by the processor core 4 and an encrypted form stored within the memory 6 via the encryption and decryption circuitry 8 .
  • FIG. 2 schematically illustrates a mechanism for transforming unencrypted data [u 31 :u 0 ] in the form of 32-bit data words into encrypted data [e 31 :e 0 ].
  • An address comprising a 32-bit address [a 31 :a 0 ] is supplied as an address to an address input of the memory 6 as well as the input to key generation circuitry 12 , which had the form of physically unclonable function circuitry.
  • the key generation circuitry 12 receives the address as a challenge input to the PUF circuitry and generates the key as a response output from the PUF circuitry.
  • the key is a 32-bit key [k 31 :k 0 ].
  • the nature of the physically unclonable function circuitry 12 is such that different instances of this circuit 12 will have different forms such that the same address when applied as a challenge input to these different instances will highly likely generate a different response output. Such device-to-device variation is part of the security afforded by the use of the physically unclonable function circuitry.
  • An individual instance of the physical unclonable function circuitry will repeatedly generate the same response output from the same challenge input such that the key generated for a given address may be the same on both writing the data into the memory 6 and reading the data out of the memory 6 .
  • the key can thus be used to support symmetric encryption.
  • the key generated by the key generation circuitry 12 is supplied as one input to encryption circuitry 14 which performs a bitwise XOR operation upon the key and the unencrypted data so as to generate the encrypted data.
  • the encryption circuitry may comprise, for example, 32 parallel XOR gates.
  • the encrypted data which is output from the input circuitry 14 is written into the memory 6 at the address specified.
  • FIG. 3 schematically illustrates a mechanism for reading encrypted data from the memory 6 .
  • the address is applied to the same key generation circuitry 12 which was used when writing data into the memory 6 , or at least key generation circuitry which will generate the same key value for the same address as the key generation circuitry which was used during the write operation.
  • the address is applied to the memory 6 and serves to read encrypted data from the storage location specified by the address.
  • the encrypted data is supplied as one input together with the key to decryption circuitry 16 .
  • the decryption circuitry 16 performs a bitwise XOR operation, which may be implemented by 32 parallel XOR gates.
  • the output from the decryption circuitry is the unencrypted data.
  • FIG. 4 schematically illustrates an embodiment employing both mechanisms for encrypting data and decrypting data which share the same encryption circuitry 12 .
  • the encrypted data is applied upon writing to a write port of the memory 6 .
  • the encrypted data is read from a read port of the memory 6 upon a read operation.
  • a signal r/w specifying whether a read or a write operation is being performed is supplied to the memory 6 .
  • the XOR operation performed in a bitwise fashion by the encryption circuitry 14 is reversed by the XOR operation performed by the decryption circuitry 16 .
  • FIG. 5 is a flow diagram schematically illustrating an encrypting write process.
  • processing waits until there is data to write.
  • Step 20 serves to form a key using the physically unclonable function circuitry 12 and the address to which the write data is to be made as the challenge input to the physically unclonable function circuitry 12 .
  • the key is the response output from the physically unclonable function circuitry 12 .
  • the key and the unencrypted data forming the write are subject to a bitwise XOR operation to form the encrypted data.
  • the encrypted data is written into the storage location specified by the address which was used to form the key at step 20 .
  • FIG. 6 schematically illustrates a decrypting read process.
  • processing waits until there is a data read to perform.
  • the key for decrypting the read data is formed from the address specified for the read using the physically unclonable function circuitry 12 .
  • the encrypted data is read from the storage location in the memory 6 specified by the address for the read.
  • the key formed at step 28 and the encrypted data read at step 30 are subject to a bitwise XOR operation to form the unencrypted data, which is then returned to service the data read.

Abstract

Encryption of data within a memory is provided by key generation circuitry which serves to generate a key as a function of the address within the memory being accessed and then encryption circuitry or decryption circuitry which serve respectively to encrypt or decrypt the data as a function of the key that has been generated based upon the address. The encryption and the decryption may be performed using a bitwise XOR operation. The key generation circuitry may have the form of physically unclonable function circuitry, which varies from instance to instance of implementation and that operates to generate the same key for the same address upon both write and read operations within the same instance.

Description

    CROSS-REFERENCE
  • This application is a continuation of U.S. application Ser. No. 14/486,181 filed Sep. 15, 2014, the entire contents of which are incorporated herein by reference in this application.
    • BACKGROUND
  • This disclosure relates to the field of data processing systems. More particularly, this disclosure relates to the encryption of data within data processing systems.
  • It is known to protect sensitive data, such as encryption key data, financial data and the like, using encryption mechanisms within data processing systems. An assumption often made within data processing systems in relation to the protection of data is that when that data is erased from a memory, then it will not be recoverable. For example, when power to a volatile memory is removed, the data within that memory is assumed to be erased. However, in practice there may be physical characteristics of the memory that allow erased data to be reconstructed. Data remnance poses a threat to systems that make this assumption, i.e. that data erased from a memory will not be recoverable.
  • Another potential problem with data encryption mechanisms is that these may consume a disadvantageous amount of energy when encrypting and decrypting data. For example, complex algorithms, such as RSA, can consume many hundreds of thousands of processing cycles to perform their encryption and decryption operations. Within systems with energy budget constraints, such as battery-operated internet-of things devices, the energy consumed by such encryption and decryption mechanisms is a disadvantage.
    • SUMMARY
  • Viewed from one aspect the present disclosure provides apparatus comprising:
  • memory to store encrypted data representing unencrypted data at a storage location specified by an address;
  • key generation circuitry to generate a key as a function of said address;
  • encryption circuitry to encrypt said unencrypted data to form said encrypted data as a function of said key.
  • Viewed from another aspect the present disclosure provides apparatus comprising:
  • memory means for storing encrypted data representing unencrypted data at a storage location specified by an address;
  • key generation means for generating a key as a function of said address;
  • encryption means for encrypting said unencrypted data to form said encrypted data as a function of said key.
  • Viewed from another aspect the present disclosure provides a method comprising the steps of:
  • storing encrypted data representing unencrypted data at a storage location specified by an address;
  • generating a key as a function of said address;
  • encrypting said unencrypted data to form said encrypted data as a function of said key.
  • Viewed from another aspect the present disclosure provides apparatus comprising:
  • memory to store encrypted data representing unencrypted data at a storage location specified by an address;
  • key generation circuitry to generate a key as a function of said address;
  • decryption circuitry to decrypt said encrypted data to form said unencrypted data as a function of said key.
  • Viewed from another aspect the present disclosure provides apparatus comprising:
  • memory means for storing encrypted data representing unencrypted data at a storage location specified by an address;
  • key generation means for generating a key as a function of said address;
  • decryption means for decrypting said encrypted data to form said unencrypted data as a function of said key.
  • Viewed from another aspect the present disclosure provides a method comprising the steps of:
  • storing encrypted data representing unencrypted data at a storage location specified by an address;
  • generating a key as a function of said address;
  • decrypting said encrypted data to form said unencrypted data as a function of said key.
  • Example embodiments will now be described, by way of example only, with reference to the accompanying drawings in which:
    • DRAWINGS
  • FIG. 1 schematically illustrates a data processing system;
  • FIG. 2 schematically illustrates a mechanism for encrypting unencrypted data upon data write;
  • FIG. 3 schematically illustrates a mechanism for decrypting encrypted data upon data read;
  • FIG. 4 schematically illustrates a mechanism for both encrypting and decrypting data;
  • FIG. 5 is a flow diagram schematically illustrating an encrypting write process; and
  • FIG. 6 is a flow diagram schematically illustrating a decrypting read process.
    •  EXAMPLE EMBODIMENTS
  • At least example embodiments of the disclosure provide a low energy and secure mechanism for protecting data whereby the same data written to different addresses within a memory will be encrypted with different keys and accordingly highly likely have a different form. This provides resistance against attacks based upon data remnance as it renders it difficult to identify any particular data within the memory as the same data will highly likely be represented in different forms at different storage locations within the memory.
  • Security is further enhanced when the key generation circuitry comprises physically unclonable function circuitry (PUF circuitry). There are a variety of different possible forms for such physically unclonable function circuitry, as will be known to those in this technical field.
  • The address may be used as a challenge input to the physically unclonable function circuitry and the key may be a response output from the physically unclonable function circuitry. The variation from instance to instance of the physically unclonable function circuitry has the result that even if multiple different apparatuses are using the same secret data, the variation in the physically unclonable function circuitry between those different apparatuses will mean that the keys used for the same addresses in the different apparatuses will highly likely be different. Accordingly, such embodiments provide for different keys to be used for different addresses within the same device and for different keys to be used for the same addresses within different devices. This helps resist another form of attack whereby the attacker might seek to analyse multiple devices in order to identify common data at the same addresses within different devices.
  • While it will be appreciated that the encryption circuitry may use the key in a variety of different ways, one particularly secure way in which the encryption circuitry may be configured is so as to perform one-time-pad encryption of the encrypted data using the key. Such one-time-pad encryption in which any form of unencrypted data may be formed from any form of encrypted data by using a suitable key has the advantage that knowledge of the encrypted data will not assist in yielding any information regarding either the key or the unencrypted data.
  • Security may be improved within at least some embodiments in which the key has a character width greater than or equal to the character width of the unencrypted data. The use of keys which are at least as wide as the unencrypted data they protect permits a higher degree of security. In practice, as the secret data in some circumstances is likely to be relatively short, it may generally be possible to provide a key which is at least as great in character width.
  • While the above techniques are generally applicable in providing data security, they can be used with particular advantage to protect systems within which the memory has data remnance behaviour whereby data values stored within the memory induce physical changes within the memory which permit reconstruction of data erased from the memory. Examples of such memories include SRAM memory and DRAM memory. A non-volatile memory is an extreme example of a memory which has data remnance as its nature is that it is intended to provide perfect data remnance.
  • It will be appreciated that different aspects of the present disclosure comprise a mechanism for writing data to a memory in accordance with the present technique and mechanisms for reading data from a memory in accordance with the present techniques. These mechanisms may also be used in combination. Such embodiments may share the key generation circuitry in a manner which ensures that the same key is generated for encryption as for decryption when the same storage location within the memory is being addressed. Such encryption is turned symmetric encryption.
  • FIG. 1 schematically illustrates a data processing system 2 in the form of a system-on-chip integrated circuit for use in an internet-of-things device. Such data processing systems 2 typically have a limited energy supply and accordingly encryption and decryption mechanisms they use are required to meet strict energy requirements. The data processing system 2 includes a processor core 4 for executing program instructions and performing data accesses to a memory 6 via encryption and decryption circuitry 8. The data processing system 2 communicates with other data processing systems via input/output circuitry 10 and an antenna 12. The memory 6 is a memory exhibiting data remnance behaviour, such as, for example, an SRAM memory, a DRAM memory or a non-volatile memory.
  • In operation the processor core 4 executes program instructions and manipulates data which are stored within the memory 6. The program instructions and the data stored within the memory 6 are transformed between an unencrypted form used by the processor core 4 and an encrypted form stored within the memory 6 via the encryption and decryption circuitry 8.
  • FIG. 2 schematically illustrates a mechanism for transforming unencrypted data [u31:u0] in the form of 32-bit data words into encrypted data [e31:e0]. An address comprising a 32-bit address [a31:a0] is supplied as an address to an address input of the memory 6 as well as the input to key generation circuitry 12, which had the form of physically unclonable function circuitry. There are a variety of different ways in which such physically unclonable function circuitry may be formed, e.g. a memory which boots to contain data dependent upon minor physical variations within the individual memory cells, data derived based upon the outcome of race conditions which vary with minor physical variations within the paths, and other examples. The key generation circuitry 12 receives the address as a challenge input to the PUF circuitry and generates the key as a response output from the PUF circuitry. The key is a 32-bit key [k31:k0].
  • The nature of the physically unclonable function circuitry 12 is such that different instances of this circuit 12 will have different forms such that the same address when applied as a challenge input to these different instances will highly likely generate a different response output. Such device-to-device variation is part of the security afforded by the use of the physically unclonable function circuitry. An individual instance of the physical unclonable function circuitry will repeatedly generate the same response output from the same challenge input such that the key generated for a given address may be the same on both writing the data into the memory 6 and reading the data out of the memory 6. The key can thus be used to support symmetric encryption.
  • As illustrated in FIG. 2, the key generated by the key generation circuitry 12 is supplied as one input to encryption circuitry 14 which performs a bitwise XOR operation upon the key and the unencrypted data so as to generate the encrypted data. The encryption circuitry may comprise, for example, 32 parallel XOR gates. The encrypted data which is output from the input circuitry 14 is written into the memory 6 at the address specified.
  • FIG. 3 schematically illustrates a mechanism for reading encrypted data from the memory 6. The address is applied to the same key generation circuitry 12 which was used when writing data into the memory 6, or at least key generation circuitry which will generate the same key value for the same address as the key generation circuitry which was used during the write operation. The address is applied to the memory 6 and serves to read encrypted data from the storage location specified by the address. The encrypted data is supplied as one input together with the key to decryption circuitry 16. The decryption circuitry 16 performs a bitwise XOR operation, which may be implemented by 32 parallel XOR gates. The output from the decryption circuitry is the unencrypted data.
  • FIG. 4 schematically illustrates an embodiment employing both mechanisms for encrypting data and decrypting data which share the same encryption circuitry 12. The encrypted data is applied upon writing to a write port of the memory 6. The encrypted data is read from a read port of the memory 6 upon a read operation. A signal r/w specifying whether a read or a write operation is being performed is supplied to the memory 6.
  • As illustrated in FIG. 4, the XOR operation performed in a bitwise fashion by the encryption circuitry 14 is reversed by the XOR operation performed by the decryption circuitry 16.
  • FIG. 5 is a flow diagram schematically illustrating an encrypting write process. At step 18 processing waits until there is data to write. Step 20 serves to form a key using the physically unclonable function circuitry 12 and the address to which the write data is to be made as the challenge input to the physically unclonable function circuitry 12. The key is the response output from the physically unclonable function circuitry 12. At step 22, the key and the unencrypted data forming the write are subject to a bitwise XOR operation to form the encrypted data. At step 24 the encrypted data is written into the storage location specified by the address which was used to form the key at step 20.
  • FIG. 6 schematically illustrates a decrypting read process. At step 26 processing waits until there is a data read to perform. At step 28 the key for decrypting the read data is formed from the address specified for the read using the physically unclonable function circuitry 12. At step 30 the encrypted data is read from the storage location in the memory 6 specified by the address for the read. At step 32 the key formed at step 28 and the encrypted data read at step 30 are subject to a bitwise XOR operation to form the unencrypted data, which is then returned to service the data read.
  • Although illustrative embodiments of the invention have been described in detail herein with reference to the accompanying drawings, it is to be understood that the invention is not limited to those precise embodiments, and that various changes, additions and modifications can be effected therein by one skilled in the art without departing from the scope and spirit of the invention as defined by the appended claims. For example, various combinations of the features of the dependent claims could be made with the features of the independent claims without departing from the scope of the present invention.

Claims (18)

We claim:
1. Apparatus comprising:
memory to store encrypted data representing unencrypted data at a storage location specified by an address;
key generation circuitry to generate a key as a function of said address;
encryption circuitry to encrypt said unencrypted data to form said encrypted data as a function of said key.
2. Apparatus as claimed in claim 1, wherein a given data value stored at different storage locations is encrypted using keys generated as a function of different respective addresses.
3. Apparatus as claimed in claim 1, wherein key generation circuitry comprises physically unclonable function circuitry, wherein said address is a challenge input to said physically unclonable function circuitry and said key is a response output from said physically unclonable function circuitry.
4. Apparatus as claimed in claim 1, wherein said encryption circuitry has a configuration to perform one-time-pad encryption of said unencrypted data using said key.
5. Apparatus as claimed in claim 1, wherein said key has a character width greater than or equal to a character width of said unencrypted data.
6. Apparatus as claimed in claim 1, wherein said encryption circuitry has a configuration to perform a bitwise XOR of said unencrypted data with said key to form said encrypted data.
7. Apparatus as claimed in claim 1, wherein said memory has data remanence behaviour whereby data values stored within said memory induce physical changes within said memory to permit reconstruction of data erased from said memory.
8. Apparatus as claimed in claim 7, wherein said memory is one of:
an SRAM memory;
a DRAM memory; and
a non-volatile memory.
9. A method comprising the steps of:
storing encrypted data representing unencrypted data at a storage location specified by an address; and
generating a key as a function of said address;
said method comprising one of:
encrypting said unencrypted data to form said encrypted data as a function of said key; and
decrypting said encrypted data to form said unencrypted data as a function of said key.
10. Apparatus comprising:
memory to store encrypted data representing unencrypted data at a storage location specified by an address;
key generation circuitry to generate a key as a function of said address;
decryption circuitry to decrypt said encrypted data to form said unencrypted data as a function of said key.
11. Apparatus as claimed in claim 10, wherein a given data value stored at different storage locations is encrypted using keys generated as a function of different respective addresses.
12. Apparatus as claimed in claim 10, wherein key generation circuitry comprises physically unclonable function circuitry, wherein said address is a challenge input to said physically unclonable function circuitry and said key is a response output from said physically unclonable function circuitry.
13. Apparatus as claimed in claim 10, wherein said decryption circuitry has a configuration to perform one-time-pad decryption of said encrypted data using said key.
14. Apparatus as claimed in claim 10, wherein said key has a character width greater than or equal to a character width of said encrypted data.
15. Apparatus as claimed in claim 10, wherein said decryption circuitry has a configuration to perform a bitwise XOR of said encrypted data with said key to form said unencrypted data.
16. Apparatus as claimed in claim 10, wherein said memory has data remanence behaviour whereby data values stored within said memory induce physical changes within said memory to permit reconstruction of data erased from said memory.
17. Apparatus as claimed in claim 16, wherein said memory is one of:
an SRAM memory;
a DRAM memory; and
a non-volatile memory.
18. Apparatus as claimed in claim 10, comprising encryption circuitry to encrypt said unencrypted data to form said encrypted data as a function of said key.
US15/335,479 2014-09-15 2016-10-27 Address dependent data encryption Abandoned US20170046281A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US15/335,479 US20170046281A1 (en) 2014-09-15 2016-10-27 Address dependent data encryption

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US14/486,181 US9483664B2 (en) 2014-09-15 2014-09-15 Address dependent data encryption
US15/335,479 US20170046281A1 (en) 2014-09-15 2016-10-27 Address dependent data encryption

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US14/486,181 Continuation US9483664B2 (en) 2014-09-15 2014-09-15 Address dependent data encryption

Publications (1)

Publication Number Publication Date
US20170046281A1 true US20170046281A1 (en) 2017-02-16

Family

ID=54007928

Family Applications (2)

Application Number Title Priority Date Filing Date
US14/486,181 Active US9483664B2 (en) 2014-09-15 2014-09-15 Address dependent data encryption
US15/335,479 Abandoned US20170046281A1 (en) 2014-09-15 2016-10-27 Address dependent data encryption

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US14/486,181 Active US9483664B2 (en) 2014-09-15 2014-09-15 Address dependent data encryption

Country Status (4)

Country Link
US (2) US9483664B2 (en)
CN (1) CN106688027A (en)
GB (1) GB2544672B (en)
WO (1) WO2016042287A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109428712A (en) * 2017-08-24 2019-03-05 上海复旦微电子集团股份有限公司 Data Encrypt and Decrypt method and data Encrypt and Decrypt system
WO2019083258A1 (en) 2017-10-23 2019-05-02 Samsung Electronics Co., Ltd. Data encryption method and electronic apparatus performing data encryption method
CN110298181A (en) * 2019-05-14 2019-10-01 北京航空航天大学 Data encryption storage method, data decryption method and encrypted memory chip
JP2019205031A (en) * 2018-05-22 2019-11-28 東芝メモリ株式会社 Memory system and control method
US11233662B2 (en) * 2018-12-26 2022-01-25 Arizona Board Of Regents On Behalf Of Northern Arizona University Keyless encrypting schemes using physical unclonable function devices
US20220393859A1 (en) * 2021-06-07 2022-12-08 Micron Technology, Inc. Secure Data Storage with a Dynamically Generated Key

Families Citing this family (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017087238A1 (en) 2015-11-16 2017-05-26 Arizona Board Of Regents Acting For And On Behalf Of Northern Arizona University Multi-state unclonable functions and related systems
FR3055734B1 (en) * 2016-09-05 2018-09-28 STMicroelectronics (Grand Ouest) SAS METHOD AND DEVICE FOR MITIGATING ELECTROMAGNETIC INTERFERENCE DURING TRANSFER OF DATA FROM OR TO A MEMORY.
US10185820B2 (en) 2016-11-09 2019-01-22 Arizona Board Of Regents On Behalf Of Northern Arizona University PUF hardware arrangement for increased throughput
US10320573B2 (en) * 2016-11-09 2019-06-11 Arizona Board Of Regents On Behalf Of Northern Arizona University PUF-based password generation scheme
US10050796B2 (en) 2016-11-09 2018-08-14 Arizona Board Of Regents On Behalf Of Northern Arizona University Encoding ternary data for PUF environments
US11362845B2 (en) * 2016-11-30 2022-06-14 Taiwan Semiconductor Manufacturing Co., Ltd. Secure communication between server device and clients utilizing strong physical unclonable functions
WO2018141378A1 (en) * 2017-02-01 2018-08-09 Telefonaktiebolaget Lm Ericsson (Publ) Methods and devices for protecting data
CN106599735B (en) 2017-02-13 2023-10-24 珠海格力电器股份有限公司 Data protection device, method and storage controller
US10972291B2 (en) * 2017-03-31 2021-04-06 Intel Corporation Securing communications
CN108958650B (en) * 2017-05-22 2021-06-15 旺宏电子股份有限公司 Electronic system and method of operating the same
US20190140851A1 (en) * 2017-11-09 2019-05-09 iMQ Technology Inc. Secure logic system with physically unclonable function
CN108229215A (en) * 2017-12-06 2018-06-29 杭州中天微系统有限公司 A kind of scrambled storage device in address and method
FR3074936B1 (en) * 2017-12-11 2020-08-14 Stmicroelectronics (Grenoble 2) Sas PROCESS FOR WRITING A SET OF INFORMATION, FOR EXAMPLE A PROGRAM CODE, ENCRYPTED IN AN EXTERNAL MEMORY OF AN INTEGRATED CIRCUIT AND CORRESPONDING INTEGRATED CIRCUIT
CN108182371A (en) 2017-12-22 2018-06-19 杭州中天微系统有限公司 The chip external memory address scrambling apparatus and method of a kind of system on chip
US11265151B2 (en) * 2018-03-09 2022-03-01 Arizona Board Of Regents On Behalf Of Northern Arizona University Key exchange schemes with addressable elements
CN110287708B (en) * 2018-03-19 2023-07-04 扬智科技股份有限公司 One-time programmable encryption device and encryption method thereof
US11010465B2 (en) * 2018-05-17 2021-05-18 Arizona Board Of Regents On Behalf Of Northern Arizona University Password management with addressable physical unclonable function generators
US11019098B2 (en) * 2018-06-29 2021-05-25 Intel Corporation Replay protection for memory based on key refresh
US11477039B2 (en) * 2018-10-11 2022-10-18 Arizona Board Of Regents On Behalf Of Northern Arizona University Response-based cryptography using physical unclonable functions
CN109522758B (en) * 2018-11-21 2024-01-05 苏州矗联电子技术有限公司 Hard disk data management method and hard disk
WO2020118583A1 (en) * 2018-12-12 2020-06-18 深圳市汇顶科技股份有限公司 Data processing method, circuit, terminal device storage medium
US11343108B2 (en) * 2019-06-12 2022-05-24 Arizona Board Of Regents On Behalf Of Northern Arizona University Generation of composite private keys
CN110598485A (en) * 2019-08-07 2019-12-20 浙江省北大信息技术高等研究院 Data encryption storage device and method
CN110611565B (en) * 2019-08-07 2022-09-02 杭州微纳核芯电子科技有限公司 Data processing system, method and electronic equipment
US11899829B2 (en) 2020-12-01 2024-02-13 Micron Technology, Inc. Memory systems and devices including examples of generating access codes for memory regions using authentication logic
US11537298B2 (en) 2020-12-01 2022-12-27 Micron Technology, Inc. Memory systems and devices including examples of accessing memory and generating access codes using an authenticated stream cipher
EP4047587A1 (en) * 2021-02-22 2022-08-24 HENSOLDT Sensors GmbH Chip device and method for a randomized logic encryption

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030112972A1 (en) * 2001-12-18 2003-06-19 Hattick John B. Data carrier for the secure transmission of information and method thereof
US20100115286A1 (en) * 2008-10-30 2010-05-06 Qualcomm Incorporated Low latency block cipher
US20120246489A1 (en) * 2011-03-22 2012-09-27 Jean-Baptiste Brelot Encrypting and storing confidential data
US20130051552A1 (en) * 2010-01-20 2013-02-28 Héléna Handschuh Device and method for obtaining a cryptographic key
US20130142329A1 (en) * 2011-12-02 2013-06-06 Cisco Technology, Inc. Utilizing physically unclonable functions to derive device specific keying material for protection of information
US20130156183A1 (en) * 2011-12-16 2013-06-20 Yuichi Komano Encryption key generating apparatus and computer program product
US20130254636A1 (en) * 2012-03-22 2013-09-26 Purdue Research Foundation System on chip and method for cryptography using a physically unclonable function

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI222609B (en) * 2001-07-25 2004-10-21 Matsushita Electric Ind Co Ltd A method of producing a decrypting apparatus having a cryptographic device and cryptographic information, a system for providing such device and information, and the decrypting apparatus produced by the production method
KR100604828B1 (en) * 2004-01-09 2006-07-28 삼성전자주식회사 Method for executing encryption and decryption of firmware and apparatus thereof
EP2191410B1 (en) 2007-08-22 2014-10-08 Intrinsic ID B.V. Identification of devices using physically unclonable functions
US8745411B2 (en) 2008-11-07 2014-06-03 Broadcom Corporation Protecting external volatile memories using low latency encryption/decryption
KR101514166B1 (en) * 2011-06-02 2015-04-21 미쓰비시덴키 가부시키가이샤 Key information generation device and key information generation method
US8645735B1 (en) 2012-11-01 2014-02-04 Maxim Integrated Products, Inc. Method for lowering power consumption in secure devices
CN104168264B (en) * 2014-07-11 2017-12-26 南京航空航天大学 A kind of low cost, high security physics unclonable function circuit

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030112972A1 (en) * 2001-12-18 2003-06-19 Hattick John B. Data carrier for the secure transmission of information and method thereof
US20100115286A1 (en) * 2008-10-30 2010-05-06 Qualcomm Incorporated Low latency block cipher
US20130051552A1 (en) * 2010-01-20 2013-02-28 Héléna Handschuh Device and method for obtaining a cryptographic key
US20120246489A1 (en) * 2011-03-22 2012-09-27 Jean-Baptiste Brelot Encrypting and storing confidential data
US20130142329A1 (en) * 2011-12-02 2013-06-06 Cisco Technology, Inc. Utilizing physically unclonable functions to derive device specific keying material for protection of information
US20130156183A1 (en) * 2011-12-16 2013-06-20 Yuichi Komano Encryption key generating apparatus and computer program product
US20130254636A1 (en) * 2012-03-22 2013-09-26 Purdue Research Foundation System on chip and method for cryptography using a physically unclonable function

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109428712A (en) * 2017-08-24 2019-03-05 上海复旦微电子集团股份有限公司 Data Encrypt and Decrypt method and data Encrypt and Decrypt system
US11042489B2 (en) 2017-10-23 2021-06-22 Samsung Electronics Co., Ltd. Data encryption method and electronic apparatus performing data encryption method
WO2019083258A1 (en) 2017-10-23 2019-05-02 Samsung Electronics Co., Ltd. Data encryption method and electronic apparatus performing data encryption method
KR20190044879A (en) * 2017-10-23 2019-05-02 삼성전자주식회사 Data encryption method and electronic apparatus thereof
KR102445243B1 (en) * 2017-10-23 2022-09-21 삼성전자주식회사 Data encryption method and electronic apparatus thereof
CN111263942A (en) * 2017-10-23 2020-06-09 三星电子株式会社 Data encryption method and electronic device for executing data encryption method
JP7109992B2 (en) 2018-05-22 2022-08-01 キオクシア株式会社 Memory system and control method
TWI702498B (en) * 2018-05-22 2020-08-21 日商東芝記憶體股份有限公司 Memory system and control method of non-volatile memory
JP2019205031A (en) * 2018-05-22 2019-11-28 東芝メモリ株式会社 Memory system and control method
US11657163B2 (en) 2018-05-22 2023-05-23 Kioxia Corporation Memory system and method of controlling nonvolatile memory
US11233662B2 (en) * 2018-12-26 2022-01-25 Arizona Board Of Regents On Behalf Of Northern Arizona University Keyless encrypting schemes using physical unclonable function devices
CN110298181A (en) * 2019-05-14 2019-10-01 北京航空航天大学 Data encryption storage method, data decryption method and encrypted memory chip
US20220393859A1 (en) * 2021-06-07 2022-12-08 Micron Technology, Inc. Secure Data Storage with a Dynamically Generated Key

Also Published As

Publication number Publication date
WO2016042287A1 (en) 2016-03-24
GB201701458D0 (en) 2017-03-15
GB2544672B (en) 2019-05-08
CN106688027A (en) 2017-05-17
US20160078252A1 (en) 2016-03-17
GB2544672A (en) 2017-05-24
US9483664B2 (en) 2016-11-01

Similar Documents

Publication Publication Date Title
US9483664B2 (en) Address dependent data encryption
US11347898B2 (en) Data protection device and method and storage controller
US10896267B2 (en) Input/output data encryption
JP7225220B2 (en) Storage data encryption/decryption device and method
US20190384938A1 (en) Storage apparatus and method for address scrambling
US8843767B2 (en) Secure memory transaction unit
KR100445406B1 (en) Apparatus for encrypting the data and method therefor
US10313128B2 (en) Address-dependent key generator by XOR tree
EP3262515B1 (en) Cryptographic-based initialization of memory content
Helfmeier et al. Physical vulnerabilities of physically unclonable functions
US20150242332A1 (en) Self-encrypting flash drive
CN103154963A (en) Scrambling an address and encrypting write data for storing in a storage device
EP2990953B1 (en) Periodic memory refresh in a secure computing system
US10146701B2 (en) Address-dependent key generation with a substitution-permutation network
CN103246852A (en) Enciphered data access method and device
US11019098B2 (en) Replay protection for memory based on key refresh
CN112887077B (en) SSD main control chip random cache confidentiality method and circuit
US20200356285A1 (en) Password protected data storage device and control method for non-volatile memory
CN103154967A (en) Modifying a length of an element to form an encryption key
CN213876729U (en) Random cache secret circuit of SSD main control chip
US11734415B2 (en) Device and method for managing an encrypted software application
US10785031B2 (en) Data encryption of a storage area

Legal Events

Date Code Title Description
AS Assignment

Owner name: ARM LIMITED, UNITED KINGDOM

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:CHANDRA, VIKAS;AITKEN, ROBERT CAMPBELL;SIGNING DATES FROM 20141001 TO 20141006;REEL/FRAME:040146/0167

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION