18512149. FUSE BASED REPLAY PROTECTION WITH AGGRESSIVE FUSE USAGE AND COUNTERMEASURES FOR FUSE VOLTAGE CUT ATTACKS simplified abstract (Microsoft Technology Licensing, LLC)
Contents
- 1 FUSE BASED REPLAY PROTECTION WITH AGGRESSIVE FUSE USAGE AND COUNTERMEASURES FOR FUSE VOLTAGE CUT ATTACKS
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 FUSE BASED REPLAY PROTECTION WITH AGGRESSIVE FUSE USAGE AND COUNTERMEASURES FOR FUSE VOLTAGE CUT ATTACKS - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Commercial Applications
- 1.9 Prior Art
- 1.10 Frequently Updated Research
- 1.11 Questions about TPM with Programmable Fuses in an SOC
- 1.12 Original Abstract Submitted
FUSE BASED REPLAY PROTECTION WITH AGGRESSIVE FUSE USAGE AND COUNTERMEASURES FOR FUSE VOLTAGE CUT ATTACKS
Organization Name
Microsoft Technology Licensing, LLC
Inventor(s)
Ling Tony Chen of Bellevue WA (US)
Ankur Choudhary of Redmond WA (US)
Bradley Joseph Litterell of Bellevue WA (US)
FUSE BASED REPLAY PROTECTION WITH AGGRESSIVE FUSE USAGE AND COUNTERMEASURES FOR FUSE VOLTAGE CUT ATTACKS - A simplified explanation of the abstract
This abstract first appeared for US patent application 18512149 titled 'FUSE BASED REPLAY PROTECTION WITH AGGRESSIVE FUSE USAGE AND COUNTERMEASURES FOR FUSE VOLTAGE CUT ATTACKS
Simplified Explanation
The patent application describes a Trusted Platform Module (TPM) integrated into a System on Chip (SOC) with programmable fuses. The TPM includes a RAM on-die to store a blown-fuse count and a TPM state with a PIN-attempt-failure count and fuse count read from off-die non-volatile (NV) memory. During initialization, if the blown-fuse count exceeds the TPM state fuse count, the PIN-attempt-failure count is incremented to prevent replay attacks. Access is granted based on a PIN, and if the PIN-attempt-failure count meets a policy, a fuse is blown and the counts are updated accordingly. The TPM state is saved to off-die NV memory after each access attempt.
- The TPM in an SOC has programmable fuses and on-die RAM.
- The TPM state includes a blown-fuse count, PIN-attempt-failure count, and fuse count.
- During initialization, the TPM prevents replay attacks by checking blown-fuse and PIN-attempt-failure counts.
- Access is granted based on a PIN, and the blown-fuse count is updated accordingly.
- The TPM state is saved to off-die NV memory after each access attempt.
Potential Applications
1. Secure authentication systems 2. Hardware security modules 3. IoT devices 4. Secure boot processes
Problems Solved
1. Preventing replay attacks 2. Enhancing hardware security 3. Safeguarding sensitive data 4. Ensuring secure access control
Benefits
1. Improved security measures 2. Protection against unauthorized access 3. Enhanced trust in the system 4. Secure storage of sensitive information
Commercial Applications
Secure Authentication Systems: Implementing secure access control mechanisms in various industries to protect sensitive data and prevent unauthorized access.
Prior Art
There may be prior art related to TPMs with programmable fuses and on-die RAM in SOC applications. Researchers can explore existing patents and publications in the field of hardware security and authentication systems.
Frequently Updated Research
Researchers are continually exploring advancements in hardware security, authentication protocols, and secure access control mechanisms. Stay updated on the latest developments in TPM technology and SOC integration for enhanced security measures.
Questions about TPM with Programmable Fuses in an SOC
How does the blown-fuse count prevent replay attacks?
The blown-fuse count is compared to the TPM state fuse count during initialization. If the blown-fuse count exceeds the TPM state fuse count, the PIN-attempt-failure count is incremented, thwarting potential replay attacks.
What are the potential implications of using programmable fuses in a TPM within an SOC?
Using programmable fuses in a TPM within an SOC enhances security by allowing for secure access control mechanisms and preventing unauthorized access to sensitive data.
Original Abstract Submitted
A TPM with programmable fuses in an SOC includes an on-die RAM storing a blown-fuse count and a TPM state including a PIN-attempt-failure count and a fuse count, read from off-die NV memory. During initialization, if the blown-fuse count is greater than TPM state fuse count, TPM state PIN-attempt-failure count is incremented, thereby thwarting a replay attack. A PIN is received for access, and if the TPM state PIN-attempt-failure count satisfies a policy, a fuse is blown and the blown-fuse count incremented. If the fuse blow fails, TPM activity is halted. If the fuse blow succeeds and the PIN is correct, the TPM state PIN-attempt-failure count is cleared, but if the PIN is incorrect the TPM state PIN-attempt-failure count is incremented. TPM state fuse count is set equal to the blown-fuse count, and the TPM state is saved to off-die NV memory.
