WO1996021225A1 - On-chip randomly self-programmable non-volatile memory architecture - Google Patents

On-chip randomly self-programmable non-volatile memory architecture Download PDF

Info

Publication number
WO1996021225A1
WO1996021225A1 PCT/US1996/000270 US9600270W WO9621225A1 WO 1996021225 A1 WO1996021225 A1 WO 1996021225A1 US 9600270 W US9600270 W US 9600270W WO 9621225 A1 WO9621225 A1 WO 9621225A1
Authority
WO
WIPO (PCT)
Prior art keywords
volatile memory
data block
controller
coupled
chip
Prior art date
Application number
PCT/US1996/000270
Other languages
French (fr)
Inventor
Richard J. Takahashi
Original Assignee
Vlsi Technology, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Vlsi Technology, Inc. filed Critical Vlsi Technology, Inc.
Publication of WO1996021225A1 publication Critical patent/WO1996021225A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress

Definitions

  • the invention relates generally to architecture for digi ⁇ tally generating and storing random data, and more spe ⁇ cifically to an on-chip architecture for randomly self- programming non-volatile memories.
  • Non-volatile memory components are commonly used in many digital circuit applications, including systems in which an integrated circuit (“IC") containing at least a part of the memory retains a unique identification number used for securing access to the system and/or memory.
  • IC integrated circuit
  • On-chip generation and storage of a truly undeterministic (e.g. , random) data block would also permit IC manufac ⁇ turers to encode a unique identification for each IC. This would make unauthorized cloning of the IC difficult in that the utility of the undeterministic data block would not be known to the person cloning, and the cost required to attempt to learn the utility and unique key identity would be prohibitive relative to the cost of the IC. Again, however, it is not economically feasible to implement such on-chip protection using prior art ap- proaches. What is needed is a system for generating and storing an undeterministic data block in a non-volatile memory on an IC containing the system.
  • the present invention provides such a system.
  • An on-chip system for generating and storing an undeter ⁇ ministic data block within a non-volatile memory includes a randomizer that generates a random data block, a con- troller, and the non-volatile memory.
  • the randomizer generates the data block, which is input into the non ⁇ volatile memory unit under control of the controller.
  • the randomizer provides this input while co-ordinating external or internal programming voltages, for example from an analog programmable circuit that is coupled to the controller and to the non-volatile memory.
  • the controller preferably is a state machine that con ⁇ trols address and data flow, as well as access to the randomizer and to the non-volatile memory.
  • the control ⁇ ler also determines whether the non-volatile memory is operated in a normal mode, e.g., as a standard memory element, or in a programming mode, e.g., in which the randomizer-generated undeterministic data block is input for storage into the non-volatile memory.
  • the storage address for the data block may or may not be known to persons using the IC contain ⁇ ing the system.
  • attempts to reprogram the non-volatile memory may be thwarted by storing security bit(s) or a security function within the memory.
  • the controller can request and addresses these security bits or function to disable the effect of externally provided voltages used to program the memory.
  • FIGURE 1 is a block diagram of a self-programming non ⁇ volatile memory, according to the present invention.
  • FIGURE 2 is a flow chart depicting operation of a pre ⁇ ferred embodiment of the present invention.
  • FIG. 1 shows an integrated circuit 10 containing the present invention 20, which includes a randomizer 30, a controller 4 and a non-volatile memory 50.
  • randomizer 30 is digital and non-determinis ⁇ tic, with maximum entropy. Randomizer 30 generates an undeterministic data block whose length, for security reasons, preferably is at least 64 bits in length.
  • a detailed description of one embodiment of a fully digi ⁇ tized randomizer circuit with which the present invention may be practiced is disclosed in applicant's U.S. patent application entitled DIGITAL RANDOMIZER FOR ON-CHIP GEN ⁇ ERATION AND STORAGE OF RANDOM SELF-PROGRAMMING DATA BLOCK, filed simultaneously with the present application and assigned to a common assignee.
  • a digital randomizer may be implemented using D-type flip-flops that are forced to function in a metastable state, thus outputting a random data stream.
  • Controller 40 preferably is a simple state machine that controls the flow of data and addresses to the non-vola- tile memory 50. Controller 40 also controls access to the randomizer 30 as well as to the memory 50.
  • a generic analog programmable circuit 60 receives pro ⁇ gramming voltages from an external source and generates the required signals to burn-in or otherwise program non ⁇ volatile memory 50 with data blocks and other information to be stored. As shown in Figure 1, the controller also controls access to the memory 50 by the programmable circuit 60, for purposes of permitting permanent storage of the undeterministically generated data block. It will be appreciated that programmable circuit 60 is not part of the present invention per se.
  • the undeterministic data block generat ⁇ ed by the randomizer 30 may be stored in an address range 70. Depending upon the application at hand, it may also be desired to store seed (or initialization vector) in ⁇ formation or security information in memory 50 at address range 80.
  • controller 40 in a normal mode can cause memory 50 to operate as a standard non-volatile memory unit, by permitting access to stored information via address, control and data busses. Howev ⁇ er, in a programming mode, control signals cause control ⁇ ler 40 to generate the proper addresses, and control information to cause a random data block generated by randomizer 30 to be stored within memory 50, e.g., at location 70.
  • IC 10 may also contain other on-chip circuitry, shown as 90, that is coupled to receive information from memory 50, under control of the controller 40.
  • circuitry 90 may include communications interfaces, access to which requires a user to have a priori knowledge of the random number block stored at location 70 within non-volatile memory 50. Absent knowledge of the random number block,
  • circuity 90 may also be used to prevent re-programming of the non-volatile memory 50, after initial programming has occurred.
  • non-volatile memory 50 can be programmed to store one or more security bits or a security function, perhaps at memory range 80.
  • the security bits or security function may reside external to memory 50, per ⁇ haps within circuitry 90.
  • controller 40 can re ⁇ quest and address the memory range within memory 50 con ⁇ taining such security bit(s) or security function. Once so accessed (and such accessing can occur but once) , the security bit(s) or security function can thereafter dis- able the effect upon memory 50 of reprogramming voltages provided by programmable circuit 60. In this fashion, the contents of non-volatile memory 50 are permanently protected against reprogramming. If desired, such perma ⁇ nent disablement can be made effective for some but not necessarily all address ranges within memory 50.
  • Figure 2 depicts operation of the present invention, wherein the above-described use of security bit(s) or a security function may optionally be implemented.
  • the initial program sequence begins, typically when controller 40 receives appropriate control signals.
  • controller 40 reads the output of randomizer 30, which output is a non-deterministic data block.
  • the controller causes non-volatile memory 50 to persistently store this data block.
  • step 400 verification is made to confirm the newly stored contents of the non-volatile memory 50.
  • step 500 a one-time programming of security bits or a security function within memory 50 occurs.
  • step 600 the programming sequence terminates.

Abstract

An on-chip system for generating and storing a non-deterministic data block within a non-volatile memory includes a randomizer (30) that generates a random data block, a controller (40), and the non-volatile memory (50). The randomizer (30) generates the data block, which is input to the non-volatile memory unit (50) under control of the controller (40), preferably a state machine. The randomizer (30) also coordinates external or internal programming voltages, for example from an analog programmable circuit (60) that is coupled to the controller (40) and to the non-volatile memory (50). The controller (40) controls address and data flow, as well as access to the randomizer (30) and to the non-volatile memory (50). The controller (40) also determines whether the non-volatile memory (50) is operated in a normal mode as a standard memory element, or in a programming mode, in which the randomizer-generated undeterministic data block is input for storage into the non-volatile memory (50).

Description

ON-CHIP RANDOMLY SELF-PROGRAMMABLE NON-VOLATILE MEMORY ARCHITECTURE
FIELD OF THE INVENTION The invention relates generally to architecture for digi¬ tally generating and storing random data, and more spe¬ cifically to an on-chip architecture for randomly self- programming non-volatile memories.
BACKGROUND OF THE INVENTION Non-volatile memory components are commonly used in many digital circuit applications, including systems in which an integrated circuit ("IC") containing at least a part of the memory retains a unique identification number used for securing access to the system and/or memory.
In such communication systems, it is known to permanently (or persistently) store an identification number with the non-volatile memory such that persons seeking to access other information stored in the memory must first proper¬ ly replicate the identification number. In a so-called public-key encryption system, for example, the data block, or sequence of digital bits that define the pri- vate deciphering key, must be maintained in secrecy to preserve integrity of the system. One method of preserv¬ ing secrecy of such keys is to generate the key randomly, and then store the key in non-volatile memory. A prefer¬ ably random so-called seed (or initialization vector) routine, that need not be kept secret due to its undeterministic nature, produces a random bit stream in cryptographic applications.
For example, it is known in the art to use analog genera- tion of white or Schott noise to provide a pseudo random signal that may then be quantized to produce what hope¬ fully are at least pseudo random numbers. However, be- cause such noise is generated using non-ideal components, e.g., a zener diode, the resultant noise spectrum is not truly random.
It is also known in the art to use digital circuits such as pseudo random number ("PRN") generators, and linear feedback linear shift register ("LSFR") generators to provide what are hopefully pseudo random numbers. For example, if an LSFR circuit is 200 bits in length, theo- retically the output pattern should not repeat itself more than once in 2 w bits, which is indeed random. Unfortunately, generating true random numbers is diffi¬ cult in practice, and can require an excessive number of components and operating power.
To further enhance security, in many applications it would be desirable to generate a random number and then store the number in non-volatile memory, all on a single integrated circuit ("IC") chip. Depending upon the ap- plication, the random number may or may not be allowed to be read-out of the memory. However the nature and com¬ plexity of prior art approaches required to implement such on-chip security is prohibitive.
On-chip generation and storage of a truly undeterministic (e.g. , random) data block would also permit IC manufac¬ turers to encode a unique identification for each IC. This would make unauthorized cloning of the IC difficult in that the utility of the undeterministic data block would not be known to the person cloning, and the cost required to attempt to learn the utility and unique key identity would be prohibitive relative to the cost of the IC. Again, however, it is not economically feasible to implement such on-chip protection using prior art ap- proaches. What is needed is a system for generating and storing an undeterministic data block in a non-volatile memory on an IC containing the system.
The present invention provides such a system.
SUMMARY OF THE INVENTION An on-chip system for generating and storing an undeter¬ ministic data block within a non-volatile memory includes a randomizer that generates a random data block, a con- troller, and the non-volatile memory. The randomizer generates the data block, which is input into the non¬ volatile memory unit under control of the controller. The randomizer provides this input while co-ordinating external or internal programming voltages, for example from an analog programmable circuit that is coupled to the controller and to the non-volatile memory.
The controller preferably is a state machine that con¬ trols address and data flow, as well as access to the randomizer and to the non-volatile memory. The control¬ ler also determines whether the non-volatile memory is operated in a normal mode, e.g., as a standard memory element, or in a programming mode, e.g., in which the randomizer-generated undeterministic data block is input for storage into the non-volatile memory. Depending upon the application, the storage address for the data block may or may not be known to persons using the IC contain¬ ing the system.
To further enhance security, attempts to reprogram the non-volatile memory may be thwarted by storing security bit(s) or a security function within the memory. The controller can request and addresses these security bits or function to disable the effect of externally provided voltages used to program the memory. Other features and advantages of the invention will ap¬ pear from the following description in which the pre¬ ferred embodiments have been set forth in detail, in conjunction with the accompanying drawings.
BRIEF DESCRIPTION OF THE DRAWINGS FIGURE 1 is a block diagram of a self-programming non¬ volatile memory, according to the present invention;
FIGURE 2 is a flow chart depicting operation of a pre¬ ferred embodiment of the present invention.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT Figure 1 shows an integrated circuit 10 containing the present invention 20, which includes a randomizer 30, a controller 4 and a non-volatile memory 50.
Preferably randomizer 30 is digital and non-determinis¬ tic, with maximum entropy. Randomizer 30 generates an undeterministic data block whose length, for security reasons, preferably is at least 64 bits in length. A detailed description of one embodiment of a fully digi¬ tized randomizer circuit with which the present invention may be practiced is disclosed in applicant's U.S. patent application entitled DIGITAL RANDOMIZER FOR ON-CHIP GEN¬ ERATION AND STORAGE OF RANDOM SELF-PROGRAMMING DATA BLOCK, filed simultaneously with the present application and assigned to a common assignee. As disclosed therein, a digital randomizer may be implemented using D-type flip-flops that are forced to function in a metastable state, thus outputting a random data stream.
Controller 40 preferably is a simple state machine that controls the flow of data and addresses to the non-vola- tile memory 50. Controller 40 also controls access to the randomizer 30 as well as to the memory 50. A generic analog programmable circuit 60 receives pro¬ gramming voltages from an external source and generates the required signals to burn-in or otherwise program non¬ volatile memory 50 with data blocks and other information to be stored. As shown in Figure 1, the controller also controls access to the memory 50 by the programmable circuit 60, for purposes of permitting permanent storage of the undeterministically generated data block. It will be appreciated that programmable circuit 60 is not part of the present invention per se.
Within memory 50, the undeterministic data block generat¬ ed by the randomizer 30 may be stored in an address range 70. Depending upon the application at hand, it may also be desired to store seed (or initialization vector) in¬ formation or security information in memory 50 at address range 80.
Depending upon the control signals, controller 40 in a normal mode can cause memory 50 to operate as a standard non-volatile memory unit, by permitting access to stored information via address, control and data busses. Howev¬ er, in a programming mode, control signals cause control¬ ler 40 to generate the proper addresses, and control information to cause a random data block generated by randomizer 30 to be stored within memory 50, e.g., at location 70.
IC 10 may also contain other on-chip circuitry, shown as 90, that is coupled to receive information from memory 50, under control of the controller 40. Such circuitry 90 may include communications interfaces, access to which requires a user to have a priori knowledge of the random number block stored at location 70 within non-volatile memory 50. Absent knowledge of the random number block,
IC 10 will be of little use to an unauthorized person attempting to use the IC. As indicated by signal path 100, circuity 90 may also be used to prevent re-programming of the non-volatile memory 50, after initial programming has occurred. For example, non-volatile memory 50 can be programmed to store one or more security bits or a security function, perhaps at memory range 80. Alternatively, the security bits or security function may reside external to memory 50, per¬ haps within circuitry 90.
After initial memory programming, controller 40 can re¬ quest and address the memory range within memory 50 con¬ taining such security bit(s) or security function. Once so accessed (and such accessing can occur but once) , the security bit(s) or security function can thereafter dis- able the effect upon memory 50 of reprogramming voltages provided by programmable circuit 60. In this fashion, the contents of non-volatile memory 50 are permanently protected against reprogramming. If desired, such perma¬ nent disablement can be made effective for some but not necessarily all address ranges within memory 50.
Figure 2 depicts operation of the present invention, wherein the above-described use of security bit(s) or a security function may optionally be implemented. At step 200, the initial program sequence begins, typically when controller 40 receives appropriate control signals.
At step 300, controller 40 reads the output of randomizer 30, which output is a non-deterministic data block. At step 300, the controller causes non-volatile memory 50 to persistently store this data block.
At step 400, verification is made to confirm the newly stored contents of the non-volatile memory 50.
At optional step 500, a one-time programming of security bits or a security function within memory 50 occurs. At step 600, the programming sequence terminates.
Modifications and variations may be made to the disclosed embodiments without departing from the subject and spirit of the invention as defined by the following claims.

Claims

WHAT IS CLAIMED IS:
1. An on-IC chip system for generating and storing a non-deterministic data block, the system comprising: a randomizer generating a non-deterministic data block; a non-volatile memory, coupled in a normal mode to provide access to data stored within, and coupled in a program mode to receive externally provided programming signals and to receive and persistently store said non- deterministic data block within; and a controller, coupled to said memory, coupled to said controller, and coupled to receive externally pro¬ vided data, address and control signals; said controller in response to at least one of said control signals causing said non-volatile memory to oper¬ ate in a chosen one of said normal mode and said program mode.
2. The system of claim 1, wherein said controller is a state machine.
3. The system of claim 1, wherein the IC chip containing said system further includes circuitry coupled to said system; said circuitry permanently disabling said externally provided programming signals from reprogramming at least a portion of said non-volatile memory.
4. The system of claim 1, wherein said non-deter¬ ministic data block stored by said non-volatile memory provides an identification number for the IC chip con¬ taining said system.
5. The system of claim 1, wherein said system includes means for requiring a user of said system to properly identify said non-deterministic data block stored by said non-volatile memory before using said system.
6. A method for generating on an IC chip and for storing on said IC chip a non-deterministic data block, the method including the following steps:
(a) providing means for generating a non-determin¬ istic data block;
(b) providing a non-volatile memory, coupled in a normal mode to provide access to data stored within, and coupled in a program mode to receive externally provided programming signals and to receive and persistently store said non-deterministic data block within; and
(c) providing a controller, coupled to said memory, coupled to said controller, and coupled to receive exter¬ nally provided data, address and control signals; said controller in response to at least one of said control signals causing said non-volatile memory to oper¬ ate in a chosen one of said normal mode and said program mode.
7. The method of claim 6, wherein step (c) includes implementing said controller as a state machine.
8. The method of claim 6, including a further step (d) of providing on said IC chip, means for permanently disabling said externally provided programming signals from reprogramming at least a portion of said non-vola¬ tile memory.
9. The method of claim 6, wherein said non-deter¬ ministic data block stored by said non-volatile memory provides an identification number for the IC chip con¬ taining said system.
10. The method of claim 6, wherein said system includes means for requiring a user of said system to properly identify said non-deterministic data block stored by said non-volatile memory before using said system.
PCT/US1996/000270 1995-01-06 1996-01-03 On-chip randomly self-programmable non-volatile memory architecture WO1996021225A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US36922095A 1995-01-06 1995-01-06
US08/369,220 1995-01-06

Publications (1)

Publication Number Publication Date
WO1996021225A1 true WO1996021225A1 (en) 1996-07-11

Family

ID=23454597

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1996/000270 WO1996021225A1 (en) 1995-01-06 1996-01-03 On-chip randomly self-programmable non-volatile memory architecture

Country Status (1)

Country Link
WO (1) WO1996021225A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004088484A1 (en) * 2003-03-31 2004-10-14 Nds Limited Method and apparatus for preventing cloning of security elements

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4679236A (en) * 1984-12-21 1987-07-07 Davies Richard E Identification verification method and system
US4959860A (en) * 1989-02-07 1990-09-25 Compaq Computer Corporation Power-on password functions for computer system
US5014311A (en) * 1985-07-03 1991-05-07 Siemens Aktiengesellschaft Integrated circuit with an access-controlled data memory
US5191608A (en) * 1990-09-12 1993-03-02 Gemplus Card International Method for the management of an application program loaded in a microcircuit medium
US5502765A (en) * 1992-09-18 1996-03-26 Nippon Telegraph And Telephone Corporation Method and apparatus for settlement of accounts by IC cards

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4679236A (en) * 1984-12-21 1987-07-07 Davies Richard E Identification verification method and system
US5014311A (en) * 1985-07-03 1991-05-07 Siemens Aktiengesellschaft Integrated circuit with an access-controlled data memory
US4959860A (en) * 1989-02-07 1990-09-25 Compaq Computer Corporation Power-on password functions for computer system
US5191608A (en) * 1990-09-12 1993-03-02 Gemplus Card International Method for the management of an application program loaded in a microcircuit medium
US5502765A (en) * 1992-09-18 1996-03-26 Nippon Telegraph And Telephone Corporation Method and apparatus for settlement of accounts by IC cards

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
IBM TECHNICAL DISCLOSURE BULLETIN, Volume 24, No. 7B, December 1981, Y.J. VAN DER MEULEN and W.E. PROEBSTER, "Memory Access to A Chip Card", pages 3883-3884. *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004088484A1 (en) * 2003-03-31 2004-10-14 Nds Limited Method and apparatus for preventing cloning of security elements
US7370192B2 (en) 2003-03-31 2008-05-06 Nds Ltd. Method and apparatus for preventing cloning of security elements
KR100948043B1 (en) * 2003-03-31 2010-03-19 엔디에스 리미티드 Method and apparatus for preventing cloning of security elements

Similar Documents

Publication Publication Date Title
US4974193A (en) Circuit arrangement for protecting access to a data processing system with the assistance of a chip card
US5008935A (en) Efficient method for encrypting superblocks of data
US4316055A (en) Stream/block cipher crytographic system
US5479512A (en) Method and apparatus for performing concryption
US5857025A (en) Electronic encryption device and method
US5363449A (en) Personal identification encryptor and method
US4593353A (en) Software protection method and apparatus
US6112187A (en) Encryption communication system for generating passwords on the basis of start information on both parties of communication
US4747139A (en) Software security method and systems
US4751733A (en) Substitution permutation enciphering device
US7945791B2 (en) Protected storage of a datum in an integrated circuit
WO1999038078A1 (en) Storage device, encrypting/decrypting device, and method for accessing nonvolatile memory
KR20000075917A (en) Electronic data processing device and system
JPH11175403A (en) Test method for storage device and memory provided with test function
US4133974A (en) System for locally enciphering prime data
US7191340B2 (en) Generation of a secret quantity based on an identifier of an integrated circuit
US20040162864A1 (en) System and method for generating pseudo-random numbers
JP3586475B2 (en) Method and circuit device for generating pseudo-random number sequence
US8249253B2 (en) Semiconductor integrated circuit having encrypter/decrypter function for protecting input/output data transmitted on internal bus
US20020168067A1 (en) Copy protection method and system for a field-programmable gate array
US7272856B2 (en) Decryption device
US6581078B1 (en) Random number generating circuit and process
WO1996021225A1 (en) On-chip randomly self-programmable non-volatile memory architecture
JP2000235523A (en) Circuit device for processing electronic data
US20070140482A1 (en) Method for storing data in a random access memory and encryption and decryption device

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): JP KR

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
122 Ep: pct application non-entry in european phase