EP3721363A1 - System and method for licensing and for measuring use of an ip block - Google Patents
System and method for licensing and for measuring use of an ip blockInfo
- Publication number
- EP3721363A1 EP3721363A1 EP18833271.2A EP18833271A EP3721363A1 EP 3721363 A1 EP3721363 A1 EP 3721363A1 EP 18833271 A EP18833271 A EP 18833271A EP 3721363 A1 EP3721363 A1 EP 3721363A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- license
- seed
- integrated circuit
- circuit
- received
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims description 16
- 230000004913 activation Effects 0.000 claims description 56
- 238000012795 verification Methods 0.000 claims description 31
- 238000005259 measurement Methods 0.000 claims description 25
- 230000000694 effects Effects 0.000 claims description 4
- 150000001768 cations Chemical class 0.000 claims 4
- 238000007726 management method Methods 0.000 description 13
- 230000006870 function Effects 0.000 description 12
- 238000004891 communication Methods 0.000 description 10
- 238000013461 design Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 5
- 230000001360 synchronised effect Effects 0.000 description 4
- 238000003780 insertion Methods 0.000 description 3
- 230000037431 insertion Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000013478 data encryption standard Methods 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 230000001419 dependent effect Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000003213 activating effect Effects 0.000 description 1
- 230000032683 aging Effects 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000012937 correction Methods 0.000 description 1
- 230000009849 deactivation Effects 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000000691 measurement method Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000001012 protector Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/73—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2103—Challenge-response
Definitions
- the present disclosure relates to the field of integrated circuits and in particular to a method and system for authentication and licensing of IP blocks (Intellectual Property) in an integrated circuit, or more generally authentication and licensing of any circuit or system.
- IP blocks Intelligent Property
- the present disclosure also relates to methods and systems for measuring the use of IP blocks.
- IP blocks are designs of discrete hardware circuits that perform specific functions and can be reused in a variety of different integrated circuits. IP blocks in a given integrated circuit (IC) are generally allocated in the form of license to IC designers by IP block rights holders.
- IP blocks are generally provided to the designers of integrated circuits in the form of software, for example in a hardware description language such as RTL (Register Transfer Level), Verilog or VHDL (from English High-speed integrated circuit Hardware Description Language - hardware description language for high-speed integrated circuits. IP rights holders often license integrated circuit designers to use their IP block in a limited number of integrated circuits and / or a limited number of projects, or claim royalties for each integrated circuit and / or project that incorporate the IP block.
- RTL Registered Transfer Level
- Verilog Verilog
- VHDL from English High-speed integrated circuit Hardware Description Language - hardware description language for high-speed integrated circuits.
- IP rights holders often license integrated circuit designers to use their IP block in a limited number of integrated circuits and / or a limited number of projects, or claim royalties for each integrated circuit and / or project that incorporate the IP block.
- An object of embodiments of the present disclosure is to at least partially solve one or more problems of the prior art.
- an integrated circuit comprising: one or more protected circuits; a license control circuit arranged to request a license issuer to license said one or more protected circuits, the license application including a seed value; and a cryptographic circuit arranged to verify the authenticity of a license received from the license issuer on the basis of the seed value, the license control circuit being arranged to impose a validity limit on the license received, and to request a new license from the license issuer before the validity limit of the license received.
- the integrated circuit further comprises a seed memory arranged for storing one or more of the seed values.
- the license control circuit is arranged to delete in the seed memory seed values associated with invalid licenses.
- the received license includes a message authentication code and the crypto circuit is arranged to verify the authenticity of the license by verifying the message authentication code using the seed value stored in the message. germ memory.
- the integrated circuit further comprises a random value generator adapted to generate a random or pseudo-random value, the license control circuit being arranged to generate the seed value on the basis of the random value or pseudorandom.
- the seed value comprises a device identifier identifying the integrated circuit.
- the license includes a verification code
- the integrated circuit further comprising a circuit activation module adapted to activate a first one of said one or more protected circuits by loading an activation code into a registration register. activation associated with the first protected circuit based on verification of the verification code.
- the cryptographic circuit is further adapted to derive a device key from the seed value and decrypt the received license using the device key to retrieve the verification code.
- the integrated circuit further comprises a usage measurement data generator arranged to receive one or more counter values concerning the activity of said one or more protected circuits, and to generate usage measurement data based on said one or more counter values.
- the license control circuit is further arranged to: include usage measurement data in the application for a new license to the issuer; and / or determine the validity limit of a license received based on usage measurement data.
- a method of applying a license to one or more protected circuits of an integrated circuit comprising: requesting, from a license issuer, a license to activate said one or more protected circuits, the license application including a seed value; verify the authenticity of a license received from the license issuer based on the seed value; and impose a validity limit on the license received and request a new license from the license issuer before the validity limit of the license received.
- FIG. 1 schematically illustrates an electronic device in communication with a license issuer according to an example embodiment of the present description
- FIG. 2 is a flowchart illustrating operations in a method of protecting one or more circuits of an integrated circuit according to an exemplary embodiment of the present description
- Figure 3A schematically illustrates a system for assigning an IP block license according to an exemplary embodiment of the present description
- Fig. 3B illustrates a license generation circuit of Fig. 3A in more detail according to an exemplary embodiment
- FIG. 4 schematically illustrates an electronic device comprising IP licensing components according to an exemplary embodiment of the present description
- FIGS. 5A and 5B schematically illustrate activation circuits of an IP block according to an exemplary embodiment of the present description
- FIG. 6 schematically illustrates a measuring circuit according to an example embodiment of the present description.
- FIG. 7 schematically illustrates a circuit attri ⁇ license bution according to another exemplary embodiment of the present disclosure.
- IP block - a discrete hardware circuit design that performs specific functions and can be reused in a variety of different integrated circuits including FPGAs (Field Programmable Gate Systems);
- protected circuit - a circuit that may correspond to an IP block, a set of IP blocks, or a system comprising one or more integrated circuits, protected by a mechanism such that it is in a disabled state unless be activated by an activation code;
- FIG 1 schematically illustrates an electronic device 102 in communication with a license issuer (LICENSE ISSUER) 104.
- the communication is via a local network.
- the license transmitter 104 and the device 102 could be separated by a larger network such as the Internet.
- the electronic device 102 comprises, for example, protected circuits IPI to IPN.
- Each protected circuit is for example a complex circuit developed to perform a specific function, such as for example an image processor capable of performing image processing operations, an interface for managing standard protocols, or another circuit capable of performing advanced operations, such as a processor, a decoding coding circuit, etc.
- each protected circuit may comprise an FPGA, the functions implemented by the protected circuit being programmed into the FPGA by a programming code.
- the device 102 is for example an integrated circuit, and the protected circuits are IP blocks of the integrated circuit. However, in alternative embodiments, the device 102 could correspond to any electronic device, and each of the protected circuits could comprise a card or a system comprising more than one integrated circuit. In some embodiments, the device 102 is part of a product such as a mobile phone, a tablet computer, a laptop, a game console or the like, or could be a chip mounted on an IC card, which includes the family of cards known as smart cards, such as payment cards, SIM cards (subscriber identity module) or the like.
- smart cards such as payment cards, SIM cards (subscriber identity module) or the like.
- the device 102 may be part of a bank of similar hardware devices providing data processing resources that are available for licensed use.
- the end user can purchase licenses allowing the use of the FPGA of the device 102 and / or the use of one or more protected IP circuits that can be programmed on the FPGA.
- the license issuer 104 is eg commu ⁇ nication with the device 102, and acts as a generator and license provider to the device 102, which allows continuous operation of the equipment and / or one or more protected circuits .
- each license has a limited validity period.
- each license may be considered a token that allows operation of the device 102 and / or one or more of the protected circuits for a given duration.
- Each license can for example provide an authorization for a given duration, such as a few seconds or minutes, or for a given number of clock cycles or operations of a processor.
- the duration of each license may be variable, and its duration may be indicated in the license itself.
- the license may indicate its validity, for example expressed in seconds or minutes, or as the number of clock cycles or processor operations it allows before becoming invalid.
- the device 102 comprises, for example, a license management circuit 106, which generates license requests to the license issuer 104, receives and checks licenses issued by the license issuer 104, and activates an alert signal ALERT. to the license issuer 104 and / or to another entity in the case where there is no valid license present on the device 102.
- the alert signal may include multiple signals.
- the device 102 also includes a license server (LICENSE SERVER) 108, which distributes received licenses to IPI protected circuits to IPN in order to activate them.
- the license management circuit 106 comprises, for example, a license control circuit 110, which for example receives a random value from a generator of random or random values (RANDOM VALUE GENERATOR) 112, and optionally an identifier of device (DEVICE ID) 114, and generates a seed value (SEED). This seed value is for example included in a license request message (LICENSE REQ) generated by the license control circuit 110 and sent to the license issuer 104.
- the license control circuit 110 also stores, for example, the seed value in a seed memory (SEED MEMORY) 116.
- the license management circuit 106 receives licenses (LICENSE) issued by the license transmitter 104, and for example stores them in a license memory (LICENSE MEMORY) 118.
- licenses are transmitted on a network like the Internet
- licenses are encrypted.
- each license includes, for example, an authentication code, such as MAC code (message authentication code), which was generated by the license issuer 104 using the seed value included in the request message. license.
- the licenses received by the license management circuit 106 are for example supplied to a license decryption and verification circuit MAC (LICENSE DECRYPTION + MAC VERIFICATION) 120, which for example decrypts the license in the case where it has been encrypted, and authenticates the license based on its authentication code and using the corresponding seed value from the seed memory 116.
- MAC license decryption and verification circuit
- the circuit 120 informs for example, the license control circuit 110 of the result of the authentication.
- the license management circuit 106 also includes for example a counter (CNTR) 122 which indicates when a new license must be requested. For example, a new license is required for some time before a current license has expired to allow time for the new license to be issued before the current license expires.
- the counter 122 includes periods of a clock signal or the like, so that the count signal can be used to determine whether it is time to apply for a new license.
- the counter 122 may count processor cycles of one or more of the IPI protected circuits to IPN, or the number of operations performed by one or more IPI protected circuits to IPN.
- the alert signal For example, ALERT is activated to inform the license issuer 104, and / or another entity, of the lack of a valid license.
- a user of protected circuits IPI to IPN may be informed by the alert signal that the license has expired, and that one or more of the protected circuits will be disabled in the absence of payment for a new license before a certain deadline.
- one or more of the protected circuits are reset and / or disabled.
- one or more of the protected circuits are in a disabled state, and can only be activated by a verification code.
- This verification code is for example provided with one or more of the licenses issued by the issuer 104.
- a license containing the verification code is for example used to reactivate the protected circuits, while in the case where there is no valid license, the protected circuits remain, for example, deactivated.
- the seed value is for example a simple concatenation of the random or pseudo-random value generated by the generator 112 with the device identifier.
- the device identifier is for example a bit string which identifies the device 102 or a group of devices 102, and which serves for authentication.
- the license that is provided by the license issuer 104 may for example only be used for a device having this identifier, and in some embodiments, the device identifier is unique for each device, so that a given license can only activate the protected circuits of a single device or device 102 given.
- the device identifier is for example based on the generation of a signature which is unique for the device 102. Therefore, even if two integrated circuits are manufactured and / or programmed so as to have identical functionalities, their signatures and so on. their device IDs will be different.
- the device identifier is for example generated or derived by a function PUF (Physically Unclonable Function English - function physically not clonable).
- the PUF value is for example generated by a CPU (of the Central Processing Unit English) of the device 102, and / or on the basis of one or more ring oscillators mounted on the device 102.
- a PUF value is described in more detail in the international patent application published under the number W02017 / 006058.
- another form of device identifier may be used, such as an identifier assigned to the device by the manufacturer of the device.
- FIG. 2 is a flowchart representing operations in a method 200 for applying a license to one or more protected circuits according to an exemplary embodiment, this method being for example implemented by the license management circuit 102 of the figure 1.
- a step 201 it is checked when the counter value CNT_VALUE generated by the counter 122 of Figure 1 has reached a limit. Once this counter value reaches the limit, the process proceeds to a step 202.
- a license request message is generated by the license control circuit 110 based on a new seed value provided by the random value generator 112 and optionally based on the identifier of device 114. This license request message is transmitted to the license issuer 104.
- the new seed value transmitted in the license request is also stored by the license control circuit 110 in the seed memory 116.
- an old seed from the seed memory is for example deleted.
- the license control circuit 110 holds in the seed memory one or more current seed values associated with one or more valid current licenses, and one or more new seed values associated with one or more requests. license, while other seed values are removed to invalidate old licenses.
- a new license is received in response to the license request generated in step 202.
- This license is provided to the license decryption and verification circuit MAC 120, which decrypts the license if it is encrypted, and check the MAC transmitted in the license.
- a step 206 it is then determined whether the MAC is valid or not. If not, the warning signal is for example generated by the license control circuit 110 in an operation 207. On the other hand, if the license is valid, in a step 208, the license control circuit 110 deletes, for example, the old license of the license memory 118. In addition, in the case where the license contains information concerning its period of validity, this information is for example provided by the license holder. license decryption and verification circuit MAC 120 to the license control circuit 110, which uses this information to determine the account limit for requesting a next license.
- Figure 3A schematically illustrates a system 300 for authentication and licensing of protected circuits according to an exemplary embodiment of the present description.
- Some of the elements of the system 300 are similar to elements of the system 100 of FIG. 1, and such elements bear the same numerical references, and will not be described again in detail.
- some or all of the licenses generated by the license transmitter 104 include a verification code to activate protected circuits of the device 102, as will now be described.
- the system 300 includes hardware associated with three main parts, the license issuer (LICENSE ISSUER) 104, a trusted third party (TTP) and an end user (END USER).
- the issuer 104 may be the IP seller, or perhaps in communication with one or more IP sellers.
- the protection is for example based on a unitary activation of one or more protected circuits.
- the end user may have purchased the device 102.
- the end user may be licensing the use of the device 102, for example through a third party serving as an intermediary.
- said one or more IP blocks (IP) on the device 102 are for example initially in a deactivated state before any valid license has been received.
- the end user activates the disabled IP blocks by requesting a license from the license issuer or the TTP.
- the activation may be performed by another party in the supply chain, such as designer of the integrated circuit, or a seller of a product containing device 102.
- Some of the protected circuits may be permanently enabled by an initial license, or remain enabled until a subsequent reset of the device 102. This is because the particular activation type (permanent, until a subsequent reset, for a period limited) may be different for each protected circuit of the device.
- the method described here can be used to activate a single IP block, it can also be applied more generally to the activation of any protected circuit, which can correspond to all IP blocks. a given device, to an IP block in another IP block and / or to an IP block comprising another IP block, to a system or an IC card, to the activation of all the circuits in a design using an IP technology.
- the license could be used to enable or disable only a subset of the functions of an IP block.
- a database (RTL) 304 stores for example one or more IP blocks represented in a hardware description language such as the ordinary code RTL (transfer level of registers).
- An IP (IP PROTECTOR) protection block 306 includes, for example, software for performing an IP protection function, which is used to modify one or more of the IP blocks from the database 304 to render the circuit inactive.
- the IP block is altered so that an activation code is required to unlock its features.
- this step can be performed entirely automatically, although in other modes of realization it can be performed at least partially manually, for example by a designer of the IP block.
- the modification of the IP block implies for example the insertion, in the hardware description file, of one or more logic gates in one or more signal paths of the IP block.
- these logic gates allow for example the propagation of the unaltered signal along the signal path only if one or more correct activation bits are provided to one or more input nodes of the logic gates inserted.
- the activation code may be unique for a given IP design. In other embodiments, the same activation code may be used for more than one IP design. In addition, in some embodiments, there may be more than one activation code to activate an IP block. This can for example facilitate the license generation operation.
- a circuit for managing the IP license which will be called here license client (not shown in Figure 3A) is for example added to each IP block to protect.
- the license client includes, for example, a register for storing the activation code once a valid license has been provided.
- the license client is integrated into each IP block, although as described in more detail below, each license client may also be external to the corresponding IP block.
- the files representing the modified IP blocks are for example also protected by encryption.
- the activation codes, and optionally some or all of the modified IP blocks, are for example stored in a database (PROTECTED IP) 308 of the issuer.
- the license generation task including activation codes has been delegated by one or more IP sellers to the license issuer 104.
- the IP blocks Modified are also provided to a designer of the device 102 so that, as shown by an arrow 310 in Figure 3A, one or more protected IP blocks are implemented as hardware in the device 102.
- the designer The integrated circuit circuitry together various different IP blocks to form an integrated circuit, and one or more of these IP blocks correspond for example to IP blocks protected by an activation code as has been described here.
- the modified IP blocks are programmed in an FPGA of the device 102.
- the licenses provided to the device 102 include, for example, a verification code.
- the term "verification code” is used here to refer to a code that is communicated with the license and allows one or more IP blocks to be activated. This code can be the activation code for one or more IP blocks.
- the activation code is already stored in a protected memory, for example a ROM, of the IP block, and the activation code is not included in the license.
- the verification code is a secret code communicated with the license to the IP block that allows the activation code to be loaded from the protected memory into the activation code register.
- a temporary license may be provided to the IC designer for design and / or testing purposes.
- the device 102 comprises, for example, a license management circuit 106 coupled to the protected circuit.
- the value of the device identifier is read for example by reading a value generated by a PUF circuit or the like.
- the PUF value may change over time due to aging of the integrated circuit, and / or due to other factors such as the environment (temperature, voltage, etc.).
- at least a portion of the generated PUF value is stored in nonvolatile memory, and / or an error correction code is generated to correct the PUF value if some bits of the PUF value deviate from their original value.
- the device identifier is also made available to an access port of the device 102, or otherwise communicated outside the device 102, and is used, for example, to request some or all of the licenses to enable protected IP blocks.
- a separate license is generated for each IP block to be activated.
- a license may be generated to activate a plurality of IP blocks.
- the verification code or codes (CHECK CODE) 315 for unlocking the protected IP block (s) of the device 102 are for example supplied to a license generator (LICENSE GENERATOR) 316 of the license transmitter 104.
- the license generator 316 is used to generate a license (LICENSE), which is for example transmitted to the license management circuit 106 of the device 102.
- the license generator 316 for example receives the seed value from the device 102, and generates the license on the device. basis of this seed value and the verification code (s).
- the license also incorporates Design Rights Management (DRM) data 320.
- DRM Design Rights Management
- the DRM data indicates a particular limit on the duration of activation of a block. IP. For example, they may indicate that the license for a particular protected circuit is valid for a certain period of time, such as a period of seconds or minutes. They may also indicate a limitation of the license to one or more types of hardware, such as ASIC technology, an FPGA family, or specific features of an IP block that need to be unlocked. The type of hardware of the circuit can for example be determined by a specific sensor, and compared to one or more types of authorized hardware to limit the use of the IP block to these types of hardware.
- the DRM data of the license may define limiting data indicating license limits based on other variables that may be measured by sensors of the device.
- the DRM data can for example be checked and applied only once, on an initial activation of one or more IP circuits based on the verification code. Alternatively, DRM data could be verified and applied each time a new license including DRM data is received from the license issuer 104.
- the DRM data modifies the verification code.
- the verification code includes the activation code, and some bits of the activation code are not provided or are incorrect so that only part of the IP block is activated by the code of activation. activation.
- other techniques could be used, techniques that are not based on bit-by-bit activation / deactivation of the IP block.
- FIG. 3B illustrates the license generator 316 in more detail according to an example embodiment.
- the license generator 316 includes, for example, a key deduction function block (KDF1) 322, which generates a device key based on the seed value (SEED) provided by the device 102.
- the license generator 316 comprises also for example a cryptographic circuit (CRYPTO) 324, which applies the device key to the code or verification codes IP blocks to activate, to generate the license.
- the cryptographic circuit 324 encodes the verification code (s) based on the device key by applying an encryption algorithm such as that of the Data Encryption Standard (DES) of the AES standard. (Advance Encryption Standard - standard advanced encryption) or similar.
- DES Data Encryption Standard
- AES Advanced Encryption Standard
- DRM data can also be encrypted and be part of the license.
- the verification code (s) may be encrypted by the IP vendor using an IP vendor key (IP VENDOR KEY), and the key of IP seller is also for example stored by the IP vendor in the IP block, to decrypt the verification code or codes. In this way, even the issuer 104 can not access the verification codes.
- IP VENDOR KEY IP vendor key
- the generated license is then provided to the device 102.
- a symmetric encryption / decryption algorithm is used to encrypt the license by the license generator 316 using the device key, and then to decrypt the license at the device level. device 102, so that if the keys are identical, the verification code will be recovered successfully.
- FIG. 4 schematically illustrates licensing components of the device 102 of FIG. 3A in more detail according to an exemplary embodiment, in the case where the communication between the license server 108 and the IPs is based on a client-client configuration. server.
- a network on chip NoC
- the communications between the license server 108 and the IPs are for example made secure by using encryption. Examples of implementation of the communications interface between the license server 108 and the IPs are for example described in more detail in the international patent application published under the number W02017 / 006058.
- a JTAG interface (of the English Joined Test Action Group) is for example used to transmit the license received from the license generator 316 to a license memory.
- (LICENSE MEMORY) 108 of the device 102 is for example used to transmit the license received from the license generator 316 to a license memory.
- the memory 118 is for example a RAM (random access memory).
- the license memory 118 is, for example, internally coupled to the license server 108.
- the license server 108 communicates, for example, via a license bus (LICENSE BUS) 404, with the protected IP blocks 406.
- a license bus (LICENSE BUS) 404
- the license bus 404 is coupled to a client license circuit (LICENSE CLIENT) 408 associated with each IP block 406, which in turn is coupled to the remainder of the IP block 406, bearing the name IP core (IP CORE) 410 in FIG. 4.
- IP CORE IP core
- N cores IP 1 to N, N being for example equal to an integer equal to or greater than 2.
- each license client 408 of each IP block 406 for example checks the license, and on the basis of this verification, provides the activation code to the corresponding IP core in order to activate its functionalities.
- each license client 408 includes an activation code register 412 in which the activation code is loaded if the license is found to be valid.
- Register 412 of each license client is coupled to the corresponding IP 410 core to activate its features.
- FIGS. 5A and 5B illustrate circuit examples used to make the activation of the IP blocks dependent on one or more bits of an activation code, by inserting logic gates in a signal path of the IP block.
- a circuit portion of the IP block represented by a cloud 502 provides an output signal on a line 504, which is coupled to the input of a synchronous logic device (A) 506.
- A synchronous logic device
- an activation circuit 508 is inserted between the output line 504 and the input of the synchronous device 506.
- the circuit 508 comprises for example an inverter (NOT) 510 having its entry coupled to the line 504, and its output coupled to an input of an EXCLUSIVE OR (XOR) gate 512.
- NOT inverter
- XOR EXCLUSIVE OR
- the other input of the EXCLUSIVE OR gate 512 receives an en_a activation bit, which must be high in order to allow the data signal present on the line 504 to propagate to the synchronous device 506.
- FIG. 5B illustrates another example of an activation circuit 518 inserted in the same signal path as in the example of FIG. 5A.
- circuit 518 includes an EXCLUSIVE OR (XOR) gate 520 having an input coupled to line 504, and its other input coupled to receive an en_b activation bit.
- the activation bit should be low to allow the signal on the line 504 to propagate to the input of the synchronous device (B) 506.
- FIGS. 5A and 5B illustrate examples of circuits that can be inserted to activate circuit portions of IP blocks based on high and low activation bits respectively. Similar circuits can be inserted at various points in the IP block, so that the IP block will not operate without the correct activation code.
- Figures 5A and 5B simply provide some examples of logic gates that can be used to protect the IP block, and many different logic functions could be implemented based on the same principles.
- the insertion is performed randomly, so that the activation code is a random value, and does not depend on the function of the underlying circuit. In alternative embodiments, the insertion could be nonrandom.
- the circuit 508 is used in the case of activation by a "1" bit of the activation code, and that the circuit 518 is used in the case of activation by a bit at "0" of the activation code, in alternative embodiments there are multiple different circuits which are used in the case of a bit activation at "1” and "0", and the selection between these circuits is random.
- the license management circuit 106 of Figure 1 is further arranged to implement a measurement method as will now be described in more detail with reference to FIGS.
- FIG. 6 schematically illustrates a measurement circuit 602 according to an example embodiment of the present description.
- the circuit 602 is for example implemented on the device 102 in order to periodically supply usage measurement data to the issuer 104.
- the usage measurement data correspond, for example, to data concerning the activity of the device. one or more of the protected circuits (IP).
- the circuit 602 comprises N METERING COUNTER IPI (METERING COUNTER IPN) 604, which respectively receive EVENT IPI event signals to EVENT IPN from the corresponding protected circuits IPI to IPN.
- event signals indicate when an event occurs regarding the activity of the circuit.
- an event could be one or more image processing operations, processing one or more packets, executing one or more instructions, and so on.
- the counter values generated by the measurement meters 604 are for example supplied to a usage measurement data generator 606, which uses the usage measurement data to periodically generate M_DATA usage measurement data.
- the usage measurement data corresponds to a count of the events counted by each of the counters 604 during a given time interval.
- usage measurement data M_DATA is supplied to the license control circuit 110 of the license management circuit 106 of FIG. 1, and new utilization measurement data are for example generated and incorporated in each message of FIG. license application.
- usage measurement data may be used to determine the validity period of each license, instead of or in addition to the counter 122.
- usage measurement data could be transmitted independently of the license applications.
- FIG. 7 schematically illustrates a device licensing and measurement system 700 according to an exemplary embodiment of the present disclosure.
- the elements of FIG. 7 which are similar to elements of FIG. 1 have the same reference numerals and will not be described again in detail.
- the device 102 comprises the license management circuit 106 and a software design kit (SDK) 702.
- SDK 702 for example provides a software layer to control the communications between the circuit 106 and
- the license driver 106 generates, for example, periodic license request messages, each comprising a status signal (STATUS), the seed value (SEED) and usage measurement data M_DATA.
- STATUS status signal
- SEED seed value
- M_DATA usage measurement data
- the SDK 702 transmits the license request messages to the license issuer 104, which in this example includes a usage measurement data storage (LICENSE ISSUER AND METERING DATA STORAGE).
- the transmitter 104 extracts the usage measurement data, which may for example be used for billing purposes, and returns the requested license, which is transmitted by the SDK 702 to the license management circuit 106.
- each license request further indicates a user identifier and / or a session identifier associated with the use of the device 102, allowing for example a user account to be associated with the data. measurement of use and / or the license application.
- counters that count upward have been described in the various embodiments, it will be apparent to those skilled in the art that one or more counters could instead count down.
- the counter 122 could be initialized to a counter value based on the validity period of a license, and the renewal or expiration of the license could be triggered when that counter reaches zero.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Mathematical Physics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
- Semiconductor Integrated Circuits (AREA)
- Tests Of Electronic Circuits (AREA)
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR1761778A FR3074933B1 (en) | 2017-12-07 | 2017-12-07 | SYSTEM AND METHOD FOR LICENSE AND MEASUREMENT OF USE OF AN IP BLOCK |
PCT/FR2018/053153 WO2019110945A1 (en) | 2017-12-07 | 2018-12-07 | System and method for licensing and for measuring use of an ip block |
Publications (1)
Publication Number | Publication Date |
---|---|
EP3721363A1 true EP3721363A1 (en) | 2020-10-14 |
Family
ID=62167401
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP18833271.2A Pending EP3721363A1 (en) | 2017-12-07 | 2018-12-07 | System and method for licensing and for measuring use of an ip block |
Country Status (7)
Country | Link |
---|---|
US (1) | US11562050B2 (en) |
EP (1) | EP3721363A1 (en) |
JP (1) | JP2021506050A (en) |
KR (1) | KR20200104868A (en) |
CN (1) | CN111954876A (en) |
FR (1) | FR3074933B1 (en) |
WO (1) | WO2019110945A1 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11245680B2 (en) * | 2019-03-01 | 2022-02-08 | Analog Devices, Inc. | Garbled circuit for device authentication |
GB2609026B (en) * | 2021-07-19 | 2023-08-23 | Chevin Tech Holdings Limited | A method and system for permitting one or more features on a computer program |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4168679B2 (en) * | 2002-06-26 | 2008-10-22 | ソニー株式会社 | Content usage management system, information processing apparatus or method for using or providing content, and computer program |
US7987373B2 (en) * | 2004-09-30 | 2011-07-26 | Synopsys, Inc. | Apparatus and method for licensing programmable hardware sub-designs using a host-identifier |
US8670561B1 (en) * | 2005-06-02 | 2014-03-11 | Altera Corporation | Method and apparatus for limiting use of IP |
JP2010015410A (en) * | 2008-07-04 | 2010-01-21 | Nec Corp | License issuing and managing system, method, and program |
US8966660B2 (en) * | 2008-08-07 | 2015-02-24 | William Marsh Rice University | Methods and systems of digital rights management for integrated circuits |
US20100284539A1 (en) * | 2009-03-09 | 2010-11-11 | The Regents Of The University Of Michigan | Methods for Protecting Against Piracy of Integrated Circuits |
US20150143130A1 (en) * | 2013-11-18 | 2015-05-21 | Vixs Systems Inc. | Integrated circuit provisioning using physical unclonable function |
EP2911086A1 (en) * | 2014-02-19 | 2015-08-26 | Renesas Electronics Europe GmbH | Integrated circuit with parts activated based on intrinsic features |
KR101742666B1 (en) * | 2014-05-29 | 2017-06-15 | 삼성에스디에스 주식회사 | Integrated circuit device and signal processing method thereof |
FR3038757B1 (en) * | 2015-07-07 | 2017-08-11 | Univ Montpellier | SYSTEM AND METHOD FOR AUTHENTICATION AND IP LICENSE |
-
2017
- 2017-12-07 FR FR1761778A patent/FR3074933B1/en active Active
-
2018
- 2018-12-07 US US16/770,547 patent/US11562050B2/en active Active
- 2018-12-07 EP EP18833271.2A patent/EP3721363A1/en active Pending
- 2018-12-07 JP JP2020550921A patent/JP2021506050A/en active Pending
- 2018-12-07 KR KR1020207018962A patent/KR20200104868A/en not_active Application Discontinuation
- 2018-12-07 CN CN201880079136.2A patent/CN111954876A/en active Pending
- 2018-12-07 WO PCT/FR2018/053153 patent/WO2019110945A1/en unknown
Also Published As
Publication number | Publication date |
---|---|
FR3074933A1 (en) | 2019-06-14 |
KR20200104868A (en) | 2020-09-04 |
WO2019110945A1 (en) | 2019-06-13 |
US20200372128A1 (en) | 2020-11-26 |
FR3074933B1 (en) | 2021-05-21 |
CN111954876A (en) | 2020-11-17 |
US11562050B2 (en) | 2023-01-24 |
JP2021506050A (en) | 2021-02-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3320471B1 (en) | System and method for hardware ip modules authentication and licensing | |
EP1072124B1 (en) | Method for verifying the use of public keys generated by an on-board system | |
FR2651347A1 (en) | SINGLE NUMBER GENERATION METHOD FOR MICROCIRCUIT BOARD AND APPLICATION TO COOPERATION OF THE BOARD WITH A HOST SYSTEM. | |
WO1990015384A1 (en) | Method of checking the integrity of software or data, and system for implementing said method | |
WO2007012584A1 (en) | Method for controlling secure transactions using a single multiple dual-key device, corresponding physical device, system and computer programme | |
WO2010012785A1 (en) | Method and system for securing software | |
FR2765985A1 (en) | METHOD FOR MANAGING A SECURE TERMINAL | |
EP3721363A1 (en) | System and method for licensing and for measuring use of an ip block | |
FR2979443A1 (en) | Method for storing data in memory interfacing with secure microcontroller, involves processing input data according to one of data processing methods to achieve data processed in different data formats | |
EP1266364B1 (en) | Cryptographic method for protection against fraud | |
CN117337435A (en) | Method for trading digital assets | |
WO2016207715A1 (en) | Secure management of electronic tokens in a cell phone | |
FR3035248A1 (en) | SECURE-OPERATING-ON-CHIP SYSTEM AND USES THEREOF | |
WO2015032921A1 (en) | Method of managing consistency of caches | |
Adi et al. | VLSI design exchange with intellectual property protection in FPGA environment using both secret and public-key cryptography | |
CH716294A2 (en) | Decentralized signature process, under biometric control and under conditions of personal identification and geolocation, of a transaction intended for a blockchain. | |
FR2985337A1 (en) | Method for securing result of cryptographic calculations against attack by injection of faults in chip card in electronic component, involves providing discretionary value processed by processing unit for one of output values of blocks | |
EP4068681A1 (en) | Method and device for secure decryption of encrypted data | |
CN116911850A (en) | Block chain-based two-stage data transaction method, device, equipment and medium | |
FR3049087A1 (en) | PROCESS ALLOWING DEVICES BY INTERMEDIATE OF KNOWLEDGE AND CROSSED CAPACITIES, TO CARRY OUT TRANSACTIONS THROUGH A DECENTRALIZED COMPUTER NETWORK | |
FR2933560A1 (en) | ELECTRONIC CERTIFICATION DEVICE | |
FR2780835A1 (en) | Encryption system with simple random stop test | |
WO2013045793A1 (en) | Method of distributing contents, device for obtaining and computer program corresponding thereto | |
FR2930065A1 (en) | Smart card data securing method for computer ticketing system, involves decrypting encrypted seal variable, disassembling variable for obtaining seals corresponding to data, and verifying coherence of each seal with corresponding data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: UNKNOWN |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE |
|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20200612 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAV | Request for validation of the european patent (deleted) | ||
DAX | Request for extension of the european patent (deleted) | ||
111L | Licence recorded |
Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR Free format text: EXCLUSIVE LICENSE Name of requester: AXLR, SATT DU LANGUEDOC ROUSSILLON, FR Effective date: 20221007 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
17Q | First examination report despatched |
Effective date: 20231024 |