WO1996021225A1 - On-chip randomly self-programmable non-volatile memory architecture - Google Patents
On-chip randomly self-programmable non-volatile memory architecture Download PDFInfo
- Publication number
- WO1996021225A1 WO1996021225A1 PCT/US1996/000270 US9600270W WO9621225A1 WO 1996021225 A1 WO1996021225 A1 WO 1996021225A1 US 9600270 W US9600270 W US 9600270W WO 9621225 A1 WO9621225 A1 WO 9621225A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- volatile memory
- data block
- controller
- coupled
- chip
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
Definitions
- the invention relates generally to architecture for digi ⁇ tally generating and storing random data, and more spe ⁇ cifically to an on-chip architecture for randomly self- programming non-volatile memories.
- Non-volatile memory components are commonly used in many digital circuit applications, including systems in which an integrated circuit (“IC") containing at least a part of the memory retains a unique identification number used for securing access to the system and/or memory.
- IC integrated circuit
- On-chip generation and storage of a truly undeterministic (e.g. , random) data block would also permit IC manufac ⁇ turers to encode a unique identification for each IC. This would make unauthorized cloning of the IC difficult in that the utility of the undeterministic data block would not be known to the person cloning, and the cost required to attempt to learn the utility and unique key identity would be prohibitive relative to the cost of the IC. Again, however, it is not economically feasible to implement such on-chip protection using prior art ap- proaches. What is needed is a system for generating and storing an undeterministic data block in a non-volatile memory on an IC containing the system.
- the present invention provides such a system.
- An on-chip system for generating and storing an undeter ⁇ ministic data block within a non-volatile memory includes a randomizer that generates a random data block, a con- troller, and the non-volatile memory.
- the randomizer generates the data block, which is input into the non ⁇ volatile memory unit under control of the controller.
- the randomizer provides this input while co-ordinating external or internal programming voltages, for example from an analog programmable circuit that is coupled to the controller and to the non-volatile memory.
- the controller preferably is a state machine that con ⁇ trols address and data flow, as well as access to the randomizer and to the non-volatile memory.
- the control ⁇ ler also determines whether the non-volatile memory is operated in a normal mode, e.g., as a standard memory element, or in a programming mode, e.g., in which the randomizer-generated undeterministic data block is input for storage into the non-volatile memory.
- the storage address for the data block may or may not be known to persons using the IC contain ⁇ ing the system.
- attempts to reprogram the non-volatile memory may be thwarted by storing security bit(s) or a security function within the memory.
- the controller can request and addresses these security bits or function to disable the effect of externally provided voltages used to program the memory.
- FIGURE 1 is a block diagram of a self-programming non ⁇ volatile memory, according to the present invention.
- FIGURE 2 is a flow chart depicting operation of a pre ⁇ ferred embodiment of the present invention.
- FIG. 1 shows an integrated circuit 10 containing the present invention 20, which includes a randomizer 30, a controller 4 and a non-volatile memory 50.
- randomizer 30 is digital and non-determinis ⁇ tic, with maximum entropy. Randomizer 30 generates an undeterministic data block whose length, for security reasons, preferably is at least 64 bits in length.
- a detailed description of one embodiment of a fully digi ⁇ tized randomizer circuit with which the present invention may be practiced is disclosed in applicant's U.S. patent application entitled DIGITAL RANDOMIZER FOR ON-CHIP GEN ⁇ ERATION AND STORAGE OF RANDOM SELF-PROGRAMMING DATA BLOCK, filed simultaneously with the present application and assigned to a common assignee.
- a digital randomizer may be implemented using D-type flip-flops that are forced to function in a metastable state, thus outputting a random data stream.
- Controller 40 preferably is a simple state machine that controls the flow of data and addresses to the non-vola- tile memory 50. Controller 40 also controls access to the randomizer 30 as well as to the memory 50.
- a generic analog programmable circuit 60 receives pro ⁇ gramming voltages from an external source and generates the required signals to burn-in or otherwise program non ⁇ volatile memory 50 with data blocks and other information to be stored. As shown in Figure 1, the controller also controls access to the memory 50 by the programmable circuit 60, for purposes of permitting permanent storage of the undeterministically generated data block. It will be appreciated that programmable circuit 60 is not part of the present invention per se.
- the undeterministic data block generat ⁇ ed by the randomizer 30 may be stored in an address range 70. Depending upon the application at hand, it may also be desired to store seed (or initialization vector) in ⁇ formation or security information in memory 50 at address range 80.
- controller 40 in a normal mode can cause memory 50 to operate as a standard non-volatile memory unit, by permitting access to stored information via address, control and data busses. Howev ⁇ er, in a programming mode, control signals cause control ⁇ ler 40 to generate the proper addresses, and control information to cause a random data block generated by randomizer 30 to be stored within memory 50, e.g., at location 70.
- IC 10 may also contain other on-chip circuitry, shown as 90, that is coupled to receive information from memory 50, under control of the controller 40.
- circuitry 90 may include communications interfaces, access to which requires a user to have a priori knowledge of the random number block stored at location 70 within non-volatile memory 50. Absent knowledge of the random number block,
- circuity 90 may also be used to prevent re-programming of the non-volatile memory 50, after initial programming has occurred.
- non-volatile memory 50 can be programmed to store one or more security bits or a security function, perhaps at memory range 80.
- the security bits or security function may reside external to memory 50, per ⁇ haps within circuitry 90.
- controller 40 can re ⁇ quest and address the memory range within memory 50 con ⁇ taining such security bit(s) or security function. Once so accessed (and such accessing can occur but once) , the security bit(s) or security function can thereafter dis- able the effect upon memory 50 of reprogramming voltages provided by programmable circuit 60. In this fashion, the contents of non-volatile memory 50 are permanently protected against reprogramming. If desired, such perma ⁇ nent disablement can be made effective for some but not necessarily all address ranges within memory 50.
- Figure 2 depicts operation of the present invention, wherein the above-described use of security bit(s) or a security function may optionally be implemented.
- the initial program sequence begins, typically when controller 40 receives appropriate control signals.
- controller 40 reads the output of randomizer 30, which output is a non-deterministic data block.
- the controller causes non-volatile memory 50 to persistently store this data block.
- step 400 verification is made to confirm the newly stored contents of the non-volatile memory 50.
- step 500 a one-time programming of security bits or a security function within memory 50 occurs.
- step 600 the programming sequence terminates.
Abstract
An on-chip system for generating and storing a non-deterministic data block within a non-volatile memory includes a randomizer (30) that generates a random data block, a controller (40), and the non-volatile memory (50). The randomizer (30) generates the data block, which is input to the non-volatile memory unit (50) under control of the controller (40), preferably a state machine. The randomizer (30) also coordinates external or internal programming voltages, for example from an analog programmable circuit (60) that is coupled to the controller (40) and to the non-volatile memory (50). The controller (40) controls address and data flow, as well as access to the randomizer (30) and to the non-volatile memory (50). The controller (40) also determines whether the non-volatile memory (50) is operated in a normal mode as a standard memory element, or in a programming mode, in which the randomizer-generated undeterministic data block is input for storage into the non-volatile memory (50).
Description
ON-CHIP RANDOMLY SELF-PROGRAMMABLE NON-VOLATILE MEMORY ARCHITECTURE
FIELD OF THE INVENTION The invention relates generally to architecture for digi¬ tally generating and storing random data, and more spe¬ cifically to an on-chip architecture for randomly self- programming non-volatile memories.
BACKGROUND OF THE INVENTION Non-volatile memory components are commonly used in many digital circuit applications, including systems in which an integrated circuit ("IC") containing at least a part of the memory retains a unique identification number used for securing access to the system and/or memory.
In such communication systems, it is known to permanently (or persistently) store an identification number with the non-volatile memory such that persons seeking to access other information stored in the memory must first proper¬ ly replicate the identification number. In a so-called public-key encryption system, for example, the data block, or sequence of digital bits that define the pri- vate deciphering key, must be maintained in secrecy to preserve integrity of the system. One method of preserv¬ ing secrecy of such keys is to generate the key randomly, and then store the key in non-volatile memory. A prefer¬ ably random so-called seed (or initialization vector) routine, that need not be kept secret due to its undeterministic nature, produces a random bit stream in cryptographic applications.
For example, it is known in the art to use analog genera- tion of white or Schott noise to provide a pseudo random signal that may then be quantized to produce what hope¬ fully are at least pseudo random numbers. However, be-
cause such noise is generated using non-ideal components, e.g., a zener diode, the resultant noise spectrum is not truly random.
It is also known in the art to use digital circuits such as pseudo random number ("PRN") generators, and linear feedback linear shift register ("LSFR") generators to provide what are hopefully pseudo random numbers. For example, if an LSFR circuit is 200 bits in length, theo- retically the output pattern should not repeat itself more than once in 2 w bits, which is indeed random. Unfortunately, generating true random numbers is diffi¬ cult in practice, and can require an excessive number of components and operating power.
To further enhance security, in many applications it would be desirable to generate a random number and then store the number in non-volatile memory, all on a single integrated circuit ("IC") chip. Depending upon the ap- plication, the random number may or may not be allowed to be read-out of the memory. However the nature and com¬ plexity of prior art approaches required to implement such on-chip security is prohibitive.
On-chip generation and storage of a truly undeterministic (e.g. , random) data block would also permit IC manufac¬ turers to encode a unique identification for each IC. This would make unauthorized cloning of the IC difficult in that the utility of the undeterministic data block would not be known to the person cloning, and the cost required to attempt to learn the utility and unique key identity would be prohibitive relative to the cost of the IC. Again, however, it is not economically feasible to implement such on-chip protection using prior art ap- proaches.
What is needed is a system for generating and storing an undeterministic data block in a non-volatile memory on an IC containing the system.
The present invention provides such a system.
SUMMARY OF THE INVENTION An on-chip system for generating and storing an undeter¬ ministic data block within a non-volatile memory includes a randomizer that generates a random data block, a con- troller, and the non-volatile memory. The randomizer generates the data block, which is input into the non¬ volatile memory unit under control of the controller. The randomizer provides this input while co-ordinating external or internal programming voltages, for example from an analog programmable circuit that is coupled to the controller and to the non-volatile memory.
The controller preferably is a state machine that con¬ trols address and data flow, as well as access to the randomizer and to the non-volatile memory. The control¬ ler also determines whether the non-volatile memory is operated in a normal mode, e.g., as a standard memory element, or in a programming mode, e.g., in which the randomizer-generated undeterministic data block is input for storage into the non-volatile memory. Depending upon the application, the storage address for the data block may or may not be known to persons using the IC contain¬ ing the system.
To further enhance security, attempts to reprogram the non-volatile memory may be thwarted by storing security bit(s) or a security function within the memory. The controller can request and addresses these security bits or function to disable the effect of externally provided voltages used to program the memory.
Other features and advantages of the invention will ap¬ pear from the following description in which the pre¬ ferred embodiments have been set forth in detail, in conjunction with the accompanying drawings.
BRIEF DESCRIPTION OF THE DRAWINGS FIGURE 1 is a block diagram of a self-programming non¬ volatile memory, according to the present invention;
FIGURE 2 is a flow chart depicting operation of a pre¬ ferred embodiment of the present invention.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT Figure 1 shows an integrated circuit 10 containing the present invention 20, which includes a randomizer 30, a controller 4 and a non-volatile memory 50.
Preferably randomizer 30 is digital and non-determinis¬ tic, with maximum entropy. Randomizer 30 generates an undeterministic data block whose length, for security reasons, preferably is at least 64 bits in length. A detailed description of one embodiment of a fully digi¬ tized randomizer circuit with which the present invention may be practiced is disclosed in applicant's U.S. patent application entitled DIGITAL RANDOMIZER FOR ON-CHIP GEN¬ ERATION AND STORAGE OF RANDOM SELF-PROGRAMMING DATA BLOCK, filed simultaneously with the present application and assigned to a common assignee. As disclosed therein, a digital randomizer may be implemented using D-type flip-flops that are forced to function in a metastable state, thus outputting a random data stream.
Controller 40 preferably is a simple state machine that controls the flow of data and addresses to the non-vola- tile memory 50. Controller 40 also controls access to the randomizer 30 as well as to the memory 50.
A generic analog programmable circuit 60 receives pro¬ gramming voltages from an external source and generates the required signals to burn-in or otherwise program non¬ volatile memory 50 with data blocks and other information to be stored. As shown in Figure 1, the controller also controls access to the memory 50 by the programmable circuit 60, for purposes of permitting permanent storage of the undeterministically generated data block. It will be appreciated that programmable circuit 60 is not part of the present invention per se.
Within memory 50, the undeterministic data block generat¬ ed by the randomizer 30 may be stored in an address range 70. Depending upon the application at hand, it may also be desired to store seed (or initialization vector) in¬ formation or security information in memory 50 at address range 80.
Depending upon the control signals, controller 40 in a normal mode can cause memory 50 to operate as a standard non-volatile memory unit, by permitting access to stored information via address, control and data busses. Howev¬ er, in a programming mode, control signals cause control¬ ler 40 to generate the proper addresses, and control information to cause a random data block generated by randomizer 30 to be stored within memory 50, e.g., at location 70.
IC 10 may also contain other on-chip circuitry, shown as 90, that is coupled to receive information from memory 50, under control of the controller 40. Such circuitry 90 may include communications interfaces, access to which requires a user to have a priori knowledge of the random number block stored at location 70 within non-volatile memory 50. Absent knowledge of the random number block,
IC 10 will be of little use to an unauthorized person attempting to use the IC.
As indicated by signal path 100, circuity 90 may also be used to prevent re-programming of the non-volatile memory 50, after initial programming has occurred. For example, non-volatile memory 50 can be programmed to store one or more security bits or a security function, perhaps at memory range 80. Alternatively, the security bits or security function may reside external to memory 50, per¬ haps within circuitry 90.
After initial memory programming, controller 40 can re¬ quest and address the memory range within memory 50 con¬ taining such security bit(s) or security function. Once so accessed (and such accessing can occur but once) , the security bit(s) or security function can thereafter dis- able the effect upon memory 50 of reprogramming voltages provided by programmable circuit 60. In this fashion, the contents of non-volatile memory 50 are permanently protected against reprogramming. If desired, such perma¬ nent disablement can be made effective for some but not necessarily all address ranges within memory 50.
Figure 2 depicts operation of the present invention, wherein the above-described use of security bit(s) or a security function may optionally be implemented. At step 200, the initial program sequence begins, typically when controller 40 receives appropriate control signals.
At step 300, controller 40 reads the output of randomizer 30, which output is a non-deterministic data block. At step 300, the controller causes non-volatile memory 50 to persistently store this data block.
At step 400, verification is made to confirm the newly stored contents of the non-volatile memory 50.
At optional step 500, a one-time programming of security bits or a security function within memory 50 occurs.
At step 600, the programming sequence terminates.
Modifications and variations may be made to the disclosed embodiments without departing from the subject and spirit of the invention as defined by the following claims.
Claims
1. An on-IC chip system for generating and storing a non-deterministic data block, the system comprising: a randomizer generating a non-deterministic data block; a non-volatile memory, coupled in a normal mode to provide access to data stored within, and coupled in a program mode to receive externally provided programming signals and to receive and persistently store said non- deterministic data block within; and a controller, coupled to said memory, coupled to said controller, and coupled to receive externally pro¬ vided data, address and control signals; said controller in response to at least one of said control signals causing said non-volatile memory to oper¬ ate in a chosen one of said normal mode and said program mode.
2. The system of claim 1, wherein said controller is a state machine.
3. The system of claim 1, wherein the IC chip containing said system further includes circuitry coupled to said system; said circuitry permanently disabling said externally provided programming signals from reprogramming at least a portion of said non-volatile memory.
4. The system of claim 1, wherein said non-deter¬ ministic data block stored by said non-volatile memory provides an identification number for the IC chip con¬ taining said system.
5. The system of claim 1, wherein said system includes means for requiring a user of said system to properly identify said non-deterministic data block stored by said non-volatile memory before using said system.
6. A method for generating on an IC chip and for storing on said IC chip a non-deterministic data block, the method including the following steps:
(a) providing means for generating a non-determin¬ istic data block;
(b) providing a non-volatile memory, coupled in a normal mode to provide access to data stored within, and coupled in a program mode to receive externally provided programming signals and to receive and persistently store said non-deterministic data block within; and
(c) providing a controller, coupled to said memory, coupled to said controller, and coupled to receive exter¬ nally provided data, address and control signals; said controller in response to at least one of said control signals causing said non-volatile memory to oper¬ ate in a chosen one of said normal mode and said program mode.
7. The method of claim 6, wherein step (c) includes implementing said controller as a state machine.
8. The method of claim 6, including a further step (d) of providing on said IC chip, means for permanently disabling said externally provided programming signals from reprogramming at least a portion of said non-vola¬ tile memory.
9. The method of claim 6, wherein said non-deter¬ ministic data block stored by said non-volatile memory provides an identification number for the IC chip con¬ taining said system.
10. The method of claim 6, wherein said system includes means for requiring a user of said system to properly identify said non-deterministic data block stored by said non-volatile memory before using said system.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US36922095A | 1995-01-06 | 1995-01-06 | |
US08/369,220 | 1995-01-06 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1996021225A1 true WO1996021225A1 (en) | 1996-07-11 |
Family
ID=23454597
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US1996/000270 WO1996021225A1 (en) | 1995-01-06 | 1996-01-03 | On-chip randomly self-programmable non-volatile memory architecture |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO1996021225A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004088484A1 (en) * | 2003-03-31 | 2004-10-14 | Nds Limited | Method and apparatus for preventing cloning of security elements |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4679236A (en) * | 1984-12-21 | 1987-07-07 | Davies Richard E | Identification verification method and system |
US4959860A (en) * | 1989-02-07 | 1990-09-25 | Compaq Computer Corporation | Power-on password functions for computer system |
US5014311A (en) * | 1985-07-03 | 1991-05-07 | Siemens Aktiengesellschaft | Integrated circuit with an access-controlled data memory |
US5191608A (en) * | 1990-09-12 | 1993-03-02 | Gemplus Card International | Method for the management of an application program loaded in a microcircuit medium |
US5502765A (en) * | 1992-09-18 | 1996-03-26 | Nippon Telegraph And Telephone Corporation | Method and apparatus for settlement of accounts by IC cards |
-
1996
- 1996-01-03 WO PCT/US1996/000270 patent/WO1996021225A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4679236A (en) * | 1984-12-21 | 1987-07-07 | Davies Richard E | Identification verification method and system |
US5014311A (en) * | 1985-07-03 | 1991-05-07 | Siemens Aktiengesellschaft | Integrated circuit with an access-controlled data memory |
US4959860A (en) * | 1989-02-07 | 1990-09-25 | Compaq Computer Corporation | Power-on password functions for computer system |
US5191608A (en) * | 1990-09-12 | 1993-03-02 | Gemplus Card International | Method for the management of an application program loaded in a microcircuit medium |
US5502765A (en) * | 1992-09-18 | 1996-03-26 | Nippon Telegraph And Telephone Corporation | Method and apparatus for settlement of accounts by IC cards |
Non-Patent Citations (1)
Title |
---|
IBM TECHNICAL DISCLOSURE BULLETIN, Volume 24, No. 7B, December 1981, Y.J. VAN DER MEULEN and W.E. PROEBSTER, "Memory Access to A Chip Card", pages 3883-3884. * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004088484A1 (en) * | 2003-03-31 | 2004-10-14 | Nds Limited | Method and apparatus for preventing cloning of security elements |
US7370192B2 (en) | 2003-03-31 | 2008-05-06 | Nds Ltd. | Method and apparatus for preventing cloning of security elements |
KR100948043B1 (en) * | 2003-03-31 | 2010-03-19 | 엔디에스 리미티드 | Method and apparatus for preventing cloning of security elements |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US4974193A (en) | Circuit arrangement for protecting access to a data processing system with the assistance of a chip card | |
US5008935A (en) | Efficient method for encrypting superblocks of data | |
US4316055A (en) | Stream/block cipher crytographic system | |
US5479512A (en) | Method and apparatus for performing concryption | |
US5857025A (en) | Electronic encryption device and method | |
US5363449A (en) | Personal identification encryptor and method | |
US4593353A (en) | Software protection method and apparatus | |
US6112187A (en) | Encryption communication system for generating passwords on the basis of start information on both parties of communication | |
US4747139A (en) | Software security method and systems | |
US4751733A (en) | Substitution permutation enciphering device | |
US7945791B2 (en) | Protected storage of a datum in an integrated circuit | |
WO1999038078A1 (en) | Storage device, encrypting/decrypting device, and method for accessing nonvolatile memory | |
KR20000075917A (en) | Electronic data processing device and system | |
JPH11175403A (en) | Test method for storage device and memory provided with test function | |
US4133974A (en) | System for locally enciphering prime data | |
US7191340B2 (en) | Generation of a secret quantity based on an identifier of an integrated circuit | |
US20040162864A1 (en) | System and method for generating pseudo-random numbers | |
JP3586475B2 (en) | Method and circuit device for generating pseudo-random number sequence | |
US8249253B2 (en) | Semiconductor integrated circuit having encrypter/decrypter function for protecting input/output data transmitted on internal bus | |
US20020168067A1 (en) | Copy protection method and system for a field-programmable gate array | |
US7272856B2 (en) | Decryption device | |
US6581078B1 (en) | Random number generating circuit and process | |
WO1996021225A1 (en) | On-chip randomly self-programmable non-volatile memory architecture | |
JP2000235523A (en) | Circuit device for processing electronic data | |
US20070140482A1 (en) | Method for storing data in a random access memory and encryption and decryption device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): JP KR |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
122 | Ep: pct application non-entry in european phase |