DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-14 have been examined.
Priority
Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 09/06/2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 5 and 12 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 12 recites: “wherein said random selector (427) and said random masking bit (402) by way of said series of delay cells (425) and said multiplexer (426) introduce a randomness into the data path (307)”. It is unclear from the rest of the limitations of claim 12 how the random masking bit is introducing a randomness into the data path. Specifically, the claim recites: “said random masking bit (402) is or'd with an output of a first sequential circuit (301); said output of the first sequential circuit (301) is then staged through said series of delay cells (425) as staged inputs into said multiplexer (426)”, i.e., though the output of the first sequential circuit is or’d with the random masking bit, only the output of the first sequential circuit and not the or’d output is staged through the series of delay cells and so, the random masking bit does not introduce any randomness into the data path through the or’d output of the first sequential circuit. The claim also recites: “an output of the mux (426) receiving a chosen staged input is then or'd with the random masking bit (402); and the staged inputs chosen by the random selector (427) then connects to said combinational logic (329)”. Again, though the output of the mux is or’d with the random masking bit only the staged inputs chosen by the random selector and not the or’d output is connected to the combinational logic and so, the random masking bit does not introduce any randomness into the data path through the or’d output of the mux. Therefore, though the random masking bit is recited as being or’d at two different locations, the random masking bit does not introduce any randomness since neither of the or’d outputs is actually used.
Claim 5 recites similar limitations with respect to the or’d outputs as claim 12. Therefore, claim 5 is also unclear with respect to the random masking bit introducing a randomness into the data path.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1-3 and 9 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by FPGA Implementation and Analysis of Random Delay Insertion Countermeasure against DPA by Lu et al (hereinafter Lu).
As per claim 1, Lu teaches:
An electronic device (400) to mitigate power analysis profiling of a side channel attack comprising:
a first sequential circuit (301); a second sequential circuit (302); a combinational logic (320) between said first and second sequential circuits; and a clock (360) (Lu: page 203: left column: paragraph 2: Figure 2 outlines an architecture that can be used to provide RDI, which can randomly change the delay of combinational logic between registers (sequential circuits). Figure 2 shows a first sequential circuit on the left, a second sequential circuit on the right, combinatorial network (combinational logic) between the first and second sequential circuits and a clock);
wherein said sequential circuits are clocked along a data path (307) and whereby said electronic device produces power traces (303-304) with a time delay (340-350) specific to said electronic device (400) (Lu: page 201: right column: lines 4-15: In this research, we investigate the DPA of a cryptographic algorithm implemented on an FPGA device. The FPGA used in this study is the Xilinx Virtex II Pro [2] device and the algorithm selected for analysis is the Advanced Encryption Standard (AES) [3] encryption algorithm. The power measurement setup used to obtain the results outlined in this paper is shown in Figure 1. A resistor is inserted between the power supply and the FPGA device, and the power traces, data and clock signals are observed using a mixed signal oscilloscope. Page 206: right column, paragraph 2: The AES FPGA implementation has a propagation delay tpd = 25.1 ts without the RDI countermeasure),
wherein: a random programmable delay line (401) inserted along said data path (307) from said first sequential circuit (301) to said combinational logic (320) desynchronizes transitions within said first and second sequential circuit (Lu: page 201: right column, last 3 lines and page 202: left column, first paragraph: Random Delay Insertion (RDI), a countermeasure against DPA, was first applied to a microprocessor implementation by Clavier et al. [13]. This technique reduces the correlation between the predicted power model and the actual power consumption of the design by inserting random delays on the input signals of critical data-paths, thus randomizing the power consumption traces in the time-dimension. page 203: left column: paragraph 2: Figure 2 outlines an architecture that can be used to provide RDI, which can randomly change the delay of combinational logic between registers. Figure 2 shows a random delay line represented by the Δs inserted between the first and second circuits), whereby said random programmable delay line (401), constructively produces overlaps (A,B,C) of said power traces (451-453) to maximally span bit value profiles of said first and second sequential circuit (Lu: page 206: left column: section 4.1: We first implement the AES algorithm without the countermeasure, sampling a large amount of power consumption traces from the implementation. These power traces are stored in a database. We then repeat the steps in section 3.3 with different Δmax and δ parameters, and generate power traces for an AES design that includes the RDI countermeasure. Right column: lines 1-20: The correlation coefficients of the power model and the power consumption are shown in Figure 8. The unit of both Δmax and δ is ts=1/fsample. Δmax should always be larger than 2δ. With δ=ts as shown in Figure 8a, the correct key becomes undistinguishable when Δmax is larger than 12 ts. As seen in fig. 8 graphs, the power traces overlap to maximally span bit value profiles of the circuits).
As per claim 2, Lu teaches:
The electronic device of claim 1, wherein said random programmable delay line (401) produces a more numerous and wider time-spread of resulting power trace profiles than without said delay line, thereby impeding deep learning (107) of transistor switching and flipping state behavior when said power traces are analyzed using a Hamming (250,260) Weight or Distance model (Lu: page 203: left column: section 2.2: In DPA attacks, the power consumption traces are compared with a power model (e.g. Hamming-weight model or Hamming-distance model). Right column: line 1-5: The prediction model and thus the key hypothesis are considered to be correct if the correlation is high. Page 206: Right column: lines 1-20: The correlation coefficients of the power model and the power consumption are shown in Figure 8. The unit of both Δmax and δ is ts=1/fsample. Δmax should always be larger than 2δ. With δ=ts as shown in Figure 8a, the correct key becomes undistinguishable when Δmax is larger than 12 ts. Page 207: right column , paragraph 1: Figure 9 shows the results of a DPA attack on the AES FPGA implementation that includes the RDI countermeasure. The correct key is not distinguishable when the number of samples increases. The result of the DPA attack on the same device without any countermeasure technique is shown in Figure 10, where the correct key can be revealed successfully within 100 samples. As seen in fig. 8 and fig. 9 graphs, with random delay line insertion more numerous and wider time-spread of power traces is produced than without the random delay line, i.e., the deep learning of the device behavior is impeded with random delay line insertion).
As per claim 3, Lu teaches:
The electronic device of claim 1, wherein randomizations provided by the random programmable delay line (401) selectively and dynamically modify bus lines of said data path (307), thereby spreading a timing race of each bus line (Lu: page 204: right column: section 3: 3.1. Delay Logic: Delay control logic can be implemented using a 2n-input MUX and 2n buffers obtaining a delay with resolution of 2n−δ, as shown in Figure 5. In this delay logic, the period of delay is controlled by a random number R. The size of R is determined by k (see (6)), where size(R)=log2k. For generating unpredictable delay, a hardware based True Random Number Generator (TRNG) is required).
As per claim 9, Lu teaches:
A random programmable delay line (401) suitable for insertion amongst multiple data paths (307) connecting a first sequential circuit (301) to a combinational logic (320) to a second sequential circuit (302) to desynchronize transitions there between (Lu: figure 2),
wherein: said delay line (401) is programmable and introduces a randomness of data transfer at a bit-level along said data path by way of one or more random delay cells (420) therein, and with said sequential circuit (301) together produce power traces (451-453) with a randomly characteristic time delay (A,B,C) (Lu: page 203: left column: paragraph 2: Figure 2 outlines an architecture that can be used to provide RDI, which can randomly change the delay of combinational logic between registers. Page 204: right column: section 3: 3.1. Delay Logic: Delay control logic can be implemented using a 2n-input MUX and 2n buffers obtaining a delay with resolution of 2n−δ, as shown in Figure 5. In this delay logic, the period of delay is controlled by a random number R. The size of R is determined by k (see (6)), where size(R)=log2k. For generating unpredictable delay, a hardware based True Random Number Generator (TRNG) is required),
wherein said one or more random delay cells (420) constructively produce overlaps (A,B,C) of said power traces (451-453) to maximally span bit-value profiles of said first and second sequential circuit, wherein said randomness selectively and dynamically modifies bus lines of said multiple data paths (307) to spread a timing race of each bus line, thereby imparting said randomly characteristic time delay (Lu: page 201: right column, last 3 lines and page 202: left column, first paragraph: Random Delay Insertion (RDI), a countermeasure against DPA, was first applied to a microprocessor implementation by Clavier et al. [13]. This technique reduces the correlation between the predicted power model and the actual power consumption of the design by inserting random delays on the input signals of critical data-paths, thus randomizing the power consumption traces in the time-dimension. page 203: left column: paragraph 2: Figure 2 outlines an architecture that can be used to provide RDI, which can randomly change the delay of combinational logic between registers. page 206: left column: section 4.1: We first implement the AES algorithm without the countermeasure, sampling a large amount of power consumption traces from the implementation. These power traces are stored in a database. We then repeat the steps in section 3.3 with different Δmax and δ parameters, and generate power traces for an AES design that includes the RDI countermeasure. Right column: lines 1-20: The correlation coefficients of the power model and the power consumption are shown in Figure 8. The unit of both Δmax and δ is ts=1/fsample. Δmax should always be larger than 2δ. With δ=ts as shown in Figure 8a, the correct key becomes undistinguishable when Δmax is larger than 12 ts. As seen in fig. 8 graphs, the power traces overlap to maximally span bit value profiles of the circuits. Page 207: right column , paragraph 1: Figure 9 shows the results of a DPA attack on the AES FPGA implementation that includes the RDI countermeasure. The correct key is not distinguishable when the number of samples increases. The result of the DPA attack on the same device without any countermeasure technique is shown in Figure 10, where the correct key can be revealed successfully within 100 samples. As seen in fig. 8 and fig. 9 graphs, with random delay line insertion more numerous and wider spread of timing races of the bus lines is produced than without the random delay line).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 4, 10, 11, 13, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Lu and US 20110252244 to Lesea et al (hereinafter Lesea).
As per claim 4, Lu teaches:
The electronic device of claim 1, wherein the random programmable delay line (401) comprises: one or more random delay cells (420) each comprising a series of delay cells (425), and a multiplexer (426) (Lu: Fig. 2 shows plurality of random delay cells. Page 204: right column: section 3: 3.1. Delay Logic: Delay control logic can be implemented using a 2n-input MUX and 2n buffers (series of delay cells) obtaining a delay with resolution of 2n−δ, as shown in Figure 5);
and
a random selector (427) to said multiplexer (426); wherein said random selector (427) (Lu: page 203: left column: paragraph 2: Figure 2 outlines an architecture that can be used to provide RDI, which can randomly change the delay of combinational logic between registers. It is inherent that the random delay desynchronizes the transitions of the registers (first and second sequential circuits). Page 204: right column: section 3: 3.1. Delay Logic: Delay control logic can be implemented using a 2n-input MUX and 2n buffers obtaining a delay with resolution of 2n−δ, as shown in Figure 5. In this delay logic, the period of delay is controlled by a random number R. The size of R is determined by k (see (6)), where size(R)=log2k. For generating unpredictable delay, a hardware based True Random Number Generator (TRNG) is required. Fig. 5 shows the random selector R applied to the mux).
Lu does not teach: wherein each random delay cell receives as staged input: a random masking bit (402) to said series of delay cells (425); and wherein said random masking bit (402) …introduce randomness into the data path (307). However, Lesea teaches:
wherein each random delay cell receives as staged input: a random masking bit (402) to said series of delay cells (425); and wherein said random masking bit (402) …introduce randomness into the data path (307) (Lesea: [0041]: FIG. 2 shows a block diagram of a circuit for encryption/decryption configured according to one or more embodiments of the invention. The circuit includes a number of adjustable delay elements 206 coupled to receive signals from inputs 210, and output the data values to the cryptographic processing circuit 208 after a particular delay has passed. The amount of time by which a signal is delayed by an adjustable delay circuit 206 is controlled by delay controller 204. The delay controller 204 acts with spreading sequence generator 202, to randomize delay times. The delay controller 204 uses a spreading sequence output from the spreading sequence generator 202 to determine a respective delay value for each adjustable delay 206. The amount of time by which a signal is delayed by an adjustable delay circuit 206 is controlled by delay controller 204. The delay controller 204 acts with spreading sequence generator 202, to randomize delay times. The delay controller 204 uses a spreading sequence output from the spreading sequence generator 202 to determine a respective delay value for each adjustable delay 206. In some embodiments, the spreading sequence generator may be implemented using a random or pseudo-random number generator to output pseudo-random numbers that will be used as the spreading sequence. [0042]: In one example implementation, a delay value may be taken directly from one or more bits of the output of the spreading sequence generator. Claim 1: a spreading sequence generator configured to output a sequence of pseudo-random numbers; a delay control circuit having an input coupled to an output of the spreading sequence number generator and one or more outputs (random masking bit) coupled to respective delay adjustment inputs of the adjustable delay circuits; and wherein the delay control circuit is configured to adjust the adjustable delay circuits based on the pseudo-random numbers, i.e., the adjustable delay cells receive a random masking bit as input).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Lesea in the invention of Lu to include the above limitations. The motivation to do so would be to produce power fluctuations that are resistant to power analysis (Lesea: [0013]).
As per claim 10, Lu teaches:
The random programmable delay line (401) of claim 9, wherein said one or more random delay cells (420) each comprise: a series of delay cells (425), and a multiplexer (426) (Lu: Fig. 2 shows plurality of random delay cells. Page 204: right column: section 3: 3.1. Delay Logic: Delay control logic can be implemented using a 2n-input MUX and 2n buffers (series of delay cells) obtaining a delay with resolution of 2n−δ, as shown in Figure 5);
and
a random selector (427) to said multiplexer (426); wherein said random selector (427) (Lu: page 203: left column: paragraph 2: Figure 2 outlines an architecture that can be used to provide RDI, which can randomly change the delay of combinational logic between registers. It is inherent that the random delay desynchronizes the transitions of the registers (first and second sequential circuits). Page 204: right column: section 3: 3.1. Delay Logic: Delay control logic can be implemented using a 2n-input MUX and 2n buffers obtaining a delay with resolution of 2n−δ, as shown in Figure 5. In this delay logic, the period of delay is controlled by a random number R. The size of R is determined by k (see (6)), where size(R)=log2k. For generating unpredictable delay, a hardware based True Random Number Generator (TRNG) is required. Fig. 5 shows the random selector R applied to the mux).
Lu does not teach: wherein each random delay cell (420) receives as input: a random masking bit (402) to said series of delay cells (425); and wherein said random masking bit (402) …introduce randomness into the data path (307). However, Lesea teaches:
wherein each random delay cell (420) receives as input: a random masking bit (402) to said series of delay cells (425); and wherein said random masking bit (402) …introduce randomness into the data path (307) (Lesea: [0041]: FIG. 2 shows a block diagram of a circuit for encryption/decryption configured according to one or more embodiments of the invention. The circuit includes a number of adjustable delay elements 206 coupled to receive signals from inputs 210, and output the data values to the cryptographic processing circuit 208 after a particular delay has passed. The amount of time by which a signal is delayed by an adjustable delay circuit 206 is controlled by delay controller 204. The delay controller 204 acts with spreading sequence generator 202, to randomize delay times. The delay controller 204 uses a spreading sequence output from the spreading sequence generator 202 to determine a respective delay value for each adjustable delay 206. The amount of time by which a signal is delayed by an adjustable delay circuit 206 is controlled by delay controller 204. The delay controller 204 acts with spreading sequence generator 202, to randomize delay times. The delay controller 204 uses a spreading sequence output from the spreading sequence generator 202 to determine a respective delay value for each adjustable delay 206. In some embodiments, the spreading sequence generator may be implemented using a random or pseudo-random number generator to output pseudo-random numbers that will be used as the spreading sequence. [0042]: In one example implementation, a delay value may be taken directly from one or more bits of the output of the spreading sequence generator. Claim 1: a spreading sequence generator configured to output a sequence of pseudo-random numbers; a delay control circuit having an input coupled to an output of the spreading sequence number generator and one or more outputs (random masking bit) coupled to respective delay adjustment inputs of the adjustable delay circuits; and wherein the delay control circuit is configured to adjust the adjustable delay circuits based on the pseudo-random numbers, i.e., the adjustable delay cells receive a random masking bit as input).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Lesea in the invention of Lu to include the above limitations. The motivation to do so would be to produce power fluctuations that are resistant to power analysis (Lesea: [0013]).
As per claim 11, Lu in view of Lesea teaches:
The random programmable delay line (401) of claim 10, wherein each random delay cell (420) is programmatically turned off or on for performance tuning at the macro-level; and each individual cell in said series of delay cells (425) is programmatically turned off or on for performance tuning at the micro-level (Lesea: [0043]: The adjustable delay may also be implemented using one or more switchable buffers, such as an inverter. For example, the delay may be increased by enabling a number of buffers in the signal path. The delay may be decreased by bypassing or disabling one or more of the buffers (performance tuning)), wherein said performance tuning imparts said randomly characteristic time delay to said power traces (451-453) (Lesea: [0037]: By adjusting the delays, different logical portions of the encryption/decryption circuitry will be triggered at slightly different times. Because different logical portions are triggered at different times, transistors will not change state in a uniform consistent fashion. Rather, the transistors will switch on or off according to the programmed delay. Although the amount of delay is not enough to affect the logical functions of the circuit, the adjustment has a significant effect on DPA. When transistors are synchronized to switch on at substantially the same time, a large peak is created in the power consumption waveform. By distributing variation in the time in which transistor switching occurs, peaks of the power consumption waveform are smoothed and widened. In this manner, it becomes more difficult to identify or distinguish different cryptographic operations using DPA).
As per claim 13, Lu in view of Lesea teaches:
The electronic device of claim 1, wherein the first sequential circuit is a temporally-skewed register (510) to desynchronize transitions for mitigating supervised power analysis profiling of a side channel attack (Lu: page 201: right column, last 4 lines and page 202: left column: lines 1-4: Random Delay Insertion (RDI), a countermeasure against DPA (side channel attack), was first applied to a microprocessor implementation by Clavier et al. [13]. This technique reduces the correlation between the predicted power model and the actual power consumption of the design by inserting random delays on the input signals of critical data-paths, thus randomizing the power consumption traces in the time-dimension. Page 203: left column, paragraph 2: Random Delay Insertion (RDI): Delays can be inserted before or during the cryptographic execution to change the position of operations in the time-dimension. Figure 2 outlines an architecture that can be used to provide RDI, which can randomly change the delay of combinational logic between registers. Fig. 2 shows the delay cells are inserted between the first register and the combinatorial network. Therefore, the first register is a temporally skewed register), the temporally-skewed register (510) comprising: one or more flip-flops (521) serially coupled together to produce parallel data that is shifted into the combinational logic (320) by way of said clock (518) (Lu: Page 203: left column, paragraph 2: Random Delay Insertion (RDI): Figure 2 outlines an architecture that can be used to provide RDI, which can randomly change the delay of combinational logic between registers. A register comprises of one or more flipflops that are serially linked to produce data that is shifted into the combinational logic); and the random delay cell (420) inserted at an output of each said flip-flop to desynchronize transitions between said flip-flop and said combinational logic, wherein said random delay cell (420) comprises a series of delay cells (425), and a multiplexer (426) (Lu: Page 204: right column: section 3: 3.1. Delay Logic: Delay control logic can be implemented using a 2n-input MUX and 2n buffers obtaining a delay with resolution of 2n−δ, as shown in Figure 5. In this delay logic, the period of delay is controlled by a random number R. Figure 5 shows the random delay cell is inserted at an output of a flipflop); wherein said random delay cell receives as input: a random selector (427) to said multiplexer (426); wherein said random selector (427) (Lu: Page 204: right column: section 3: 3.1. Delay Logic: In this delay logic, the period of delay is controlled by a random number R. The size of R is determined by k (see (6)), where size(R)=log2k. For generating unpredictable delay, a hardware based True Random Number Generator (TRNG) is required. Fig. 5 shows the random selector R applied to the mux. Page 206: left column: section 4.1: We first implement the AES algorithm without the countermeasure, sampling a large amount of power consumption traces from the implementation. These power traces are stored in a database. We then repeat the steps in section 3.3 with different Δmax and δ parameters, and generate power traces for an AES design that includes the RDI countermeasure. Right column: lines 1-20: The correlation coefficients of the power model and the power consumption are shown in Figure 8. The unit of both Δmax and δ is ts=1/fsample. Δmax should always be larger than 2δ. With δ=ts as shown in Figure 8a, the correct key becomes undistinguishable when Δmax is larger than 12 ts. As seen in fig. 8 graphs, the power traces overlap to maximally span bit value profiles of the flipflops),
wherein said random masking bit (402) and random selector (427), alone or in combination, is sourced by a hardware random number generator (HRNG) (Lu: Page 204: right column: section 3: 3.1. Delay Logic: For generating unpredictable delay, a hardware based True Random Number Generator (TRNG) is required).
Lu does not teach: wherein said random delay cell receives as input: a random masking bit (402) to said series of delay cells (425); and wherein said random masking bit (402) …introduce randomness into the data path (307). However, Lesea teaches:
wherein said random delay cell receives as input: a random masking bit (402) to said series of delay cells (425); and wherein said random masking bit (402) …introduce randomness into the data path (307) (Lesea: [0041]: FIG. 2 shows a block diagram of a circuit for encryption/decryption configured according to one or more embodiments of the invention. The circuit includes a number of adjustable delay elements 206 coupled to receive signals from inputs 210, and output the data values to the cryptographic processing circuit 208 after a particular delay has passed. The amount of time by which a signal is delayed by an adjustable delay circuit 206 is controlled by delay controller 204. The delay controller 204 acts with spreading sequence generator 202, to randomize delay times. The delay controller 204 uses a spreading sequence output from the spreading sequence generator 202 to determine a respective delay value for each adjustable delay 206. The amount of time by which a signal is delayed by an adjustable delay circuit 206 is controlled by delay controller 204. The delay controller 204 acts with spreading sequence generator 202, to randomize delay times. The delay controller 204 uses a spreading sequence output from the spreading sequence generator 202 to determine a respective delay value for each adjustable delay 206. In some embodiments, the spreading sequence generator may be implemented using a random or pseudo-random number generator to output pseudo-random numbers that will be used as the spreading sequence. [0042]: In one example implementation, a delay value may be taken directly from one or more bits of the output of the spreading sequence generator. Claim 1: a spreading sequence generator configured to output a sequence of pseudo-random numbers; a delay control circuit having an input coupled to an output of the spreading sequence number generator and one or more outputs (random masking bit) coupled to respective delay adjustment inputs of the adjustable delay circuits; and wherein the delay control circuit is configured to adjust the adjustable delay circuits based on the pseudo-random numbers, i.e., the adjustable delay cells receive a random masking bit as input).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Lesea in the invention of Lu to include the above limitations. The motivation to do so would be to produce power fluctuations that are resistant to power analysis (Lesea: [0013]).
As per claim 14, Lu in view of Lesea teaches:
The electronic device of claim 1, wherein the first sequential circuit is a temporally-skewed latch (501) to desynchronize for mitigating supervised power analysis profiling of a side channel attack (Lu: page 204: Fig. 5 shows a Delay control logic, also referred to as Random D flip-flop (latch). page 201: right column, last 4 lines and page 202: left column: lines 1-4: Random Delay Insertion (RDI), a countermeasure against DPA (side channel attack), was first applied to a microprocessor implementation by Clavier et al. [13]. This technique reduces the correlation between the predicted power model and the actual power consumption of the design by inserting random delays on the input signals of critical data-paths, thus randomizing the power consumption traces in the time-dimension.), the temporally-skewed latch (501) comprising: a latch (601); and thereto communicatively coupled, the random delay cell (420) inserted along a data path (307) from said latch to a combinational logic (320) to desynchronize transitions between said latch and said combinational logic, wherein said random delay cell (420) comprises a series of delay cells (425), and a multiplexer (426) page 203: left column: paragraph 2: Figure 2 outlines an architecture that can be used to provide RDI, which can randomly change the delay of combinational logic between registers. Page 204: right column: section 3: 3.1. Delay Logic: Delay control logic can be implemented using a 2n-input MUX and 2n buffers obtaining a delay with resolution of 2n−δ, as shown in Figure 5. In this delay logic, the period of delay is controlled by a random number R. Fig. 5 shows a flipflop (latch) coupled to a random delay cell. It is inherent that the random delay desynchronizes the transitions between the latch and the combinational logic); wherein said random delay cell receives as input: a random selector (427) to said multiplexer (426); wherein said random selector (427) (Lu: Page 204: right column: section 3: 3.1. Delay Logic: In this delay logic, the period of delay is controlled by a random number R. The size of R is determined by k (see (6)), where size(R)=log2k. For generating unpredictable delay, a hardware based True Random Number Generator (TRNG) is required. Fig. 5 shows the random selector R applied to the mux. Page 206: left column: section 4.1: We first implement the AES algorithm without the countermeasure, sampling a large amount of power consumption traces from the implementation. These power traces are stored in a database. We then repeat the steps in section 3.3 with different Δmax and δ parameters, and generate power traces for an AES design that includes the RDI countermeasure. Right column: lines 1-20: The correlation coefficients of the power model and the power consumption are shown in Figure 8. The unit of both Δmax and δ is ts=1/fsample. Δmax should always be larger than 2δ. With δ=ts as shown in Figure 8a, the correct key becomes undistinguishable when Δmax is larger than 12 ts. As seen in fig. 8 graphs, the power traces overlap to maximally span bit value profiles of the latch),
wherein said random masking bit (402) and random selector (427), alone or in combination, is sourced by a hardware random number generator (HRNG) (Lu: Page 204: right column: section 3: 3.1. Delay Logic: For generating unpredictable delay, a hardware based True Random Number Generator (TRNG) is required).
Lu does not teach: wherein said random delay cell receives as input: a random masking bit (402) to said series of delay cells (425); wherein said random masking bit (402) …introduce randomness into the data path (307). However, Lesea teaches:
wherein said random delay cell receives as input: a random masking bit (402) to said series of delay cells (425); wherein said random masking bit (402) …introduce randomness into the data path (307) (Lesea: [0041]: FIG. 2 shows a block diagram of a circuit for encryption/decryption configured according to one or more embodiments of the invention. The circuit includes a number of adjustable delay elements 206 coupled to receive signals from inputs 210, and output the data values to the cryptographic processing circuit 208 after a particular delay has passed. The amount of time by which a signal is delayed by an adjustable delay circuit 206 is controlled by delay controller 204. The delay controller 204 acts with spreading sequence generator 202, to randomize delay times. The delay controller 204 uses a spreading sequence output from the spreading sequence generator 202 to determine a respective delay value for each adjustable delay 206. The amount of time by which a signal is delayed by an adjustable delay circuit 206 is controlled by delay controller 204. The delay controller 204 acts with spreading sequence generator 202, to randomize delay times. The delay controller 204 uses a spreading sequence output from the spreading sequence generator 202 to determine a respective delay value for each adjustable delay 206. In some embodiments, the spreading sequence generator may be implemented using a random or pseudo-random number generator to output pseudo-random numbers that will be used as the spreading sequence. [0042]: In one example implementation, a delay value may be taken directly from one or more bits of the output of the spreading sequence generator. Claim 1: a spreading sequence generator configured to output a sequence of pseudo-random numbers; a delay control circuit having an input coupled to an output of the spreading sequence number generator and one or more outputs (random masking bit) coupled to respective delay adjustment inputs of the adjustable delay circuits; and wherein the delay control circuit is configured to adjust the adjustable delay circuits based on the pseudo-random numbers, i.e., the adjustable delay cells receive a random masking bit as input).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Lesea in the invention of Lu to include the above limitations. The motivation to do so would be to produce power fluctuations that are resistant to power analysis (Lesea: [0013]).
Allowable Subject Matter
Claim 12 will be allowable over prior art of record if the rejection under 35 U.S.C 112 is overcome.
Claims 5-8 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims and if the rejection of claim 5 under 35 U.S.C 112 is overcome.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
US 8427194 to Deas et al: An improvement in the security of a logic system by minimizing observable features such as the power supply or electromagnetic radiation, so called, "side-channel attacks". Specifically, the present invention comprises a technique and methods for reducing the ability of an intruder to monitor the relationship between currents in the system and the data in the system through the use of a randomized clock wherein the clock eye diagram is closed and without significant reduction in maximum operating speed compared to the reduction in maximum operating frequency that occurs when using conventional means of additive jitter. A system where the clock eye diagram is completely closed is provably more secure than systems where the clock eye diagram is partially open.
UCloD: Small Clock Delays to Mitigate Remote Power Analysis Attacks by Jayasinghe et al: This paper presents UCloD, a novel random clock delay-based robust and scalable counter measure against recently discovered remote power analysis (RPA) attacks. UCloD deploys very small clock delays (in the picosecond range) generated using the tapped delays lines (TDLs) to mitigate RPA attacks. UCloD provides the most robust countermeasures demonstrated thus far against RPA attacks. RPA attacks use delay sensors, such as Time to Digital Converters (TDC) or Ring Oscillators (ROs) to measure voltage f fluctuations occurring in power delivery networks (PDNs) of Field Programmable Gate Arrays (FPGAs). These voltage fluctuations reveal secret information, such as secret keys of cryptographic circuits. The only countermeasure proposed thus far activates ROs to consume significant power and has managed to secure Advanced Encryption Standard (AES) circuits for up to 300,000 encryptions. Using TDLs available in FPGAs, UCloD randomly varies the clock to the cryptographic circuits under attack to induce noise in the adversary’s delay sensor(s). We demonstrate correlation power analysis (referred to as CPA) attack resistance of UCloD AES implementations for up to one million encryptions. Compared to an unprotected AES circuit, UCloD implementations have minimal overheads (0.2% Slice LUT overhead and 4.8% Slice register overhead for Xilinx implementations and 0.5% LogicCells overhead for Lattice Semiconductor implementations).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MADHURI R HERZOG whose telephone number is (571)270-3359. The examiner can normally be reached 8:30AM-4:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached at (571)272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
MADHURI R. HERZOG
Primary Examiner
Art Unit 2438
/MADHURI R HERZOG/Primary Examiner, Art Unit 2438