Resilient device authentication system with metadata binding

Assignee

• Analog Devices, Inc. · US

Inventors

• John J. Walsh · La Crescent, US
• John Ross Wallrabenstein · West Lafayette, US
• Hal A. Aldridge · Raleigh, US
• Michael J. Duren · Clearwater, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2212/1052
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A resilient device authentication system for use with one or more managed devices each including a physical unclonable function (PUF), comprises: one or more verification authorities (VA) each including a processor and a memory loaded with a complete verification set (CVS) that includes hardware part-specific data associated with the managed devices' PUFs and metadata, the processor configured to create a limited verification set (LVS) through one-way algorithmic transformation of hardware part-specific data together with metadata from the loaded CVS so as to create a LVS representing both metadata and hardware part-specific data adequate to redundantly verify all of the hardware parts associated with the LVS; and one or more provisioning entities (PE) each connectable to a VA and including a processor and a memory loaded with a LVS, and configured to select a subset of the LVS so as to create an application limited verification set (ALVS). The system may also comprise one or more device management systems each connectable to a PE and to managed devices and including a memory configured to store an ALVS. The VA may also be configured to create a replacement LVS.