[go: up one dir, main page]

WO2018199541A1 - Dispositif de distinction de disponibilité de clé d'identification - Google Patents

Dispositif de distinction de disponibilité de clé d'identification Download PDF

Info

Publication number
WO2018199541A1
WO2018199541A1 PCT/KR2018/004479 KR2018004479W WO2018199541A1 WO 2018199541 A1 WO2018199541 A1 WO 2018199541A1 KR 2018004479 W KR2018004479 W KR 2018004479W WO 2018199541 A1 WO2018199541 A1 WO 2018199541A1
Authority
WO
WIPO (PCT)
Prior art keywords
identification key
bit
digital value
unit
etching
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/KR2018/004479
Other languages
English (en)
Korean (ko)
Inventor
김태욱
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of WO2018199541A1 publication Critical patent/WO2018199541A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L21/00Processes or apparatus adapted for the manufacture or treatment of semiconductor or solid state devices or of parts thereof
    • H01L21/70Manufacture or treatment of devices consisting of a plurality of solid state components formed in or on a common substrate or of parts thereof; Manufacture of integrated circuit devices or of parts thereof
    • H01L21/71Manufacture of specific parts of devices defined in group H01L21/70
    • H01L21/768Applying interconnections to be used for carrying current between separate components within a device comprising conductors and dielectrics
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L21/00Processes or apparatus adapted for the manufacture or treatment of semiconductor or solid state devices or of parts thereof
    • H01L21/70Manufacture or treatment of devices consisting of a plurality of solid state components formed in or on a common substrate or of parts thereof; Manufacture of integrated circuit devices or of parts thereof
    • H01L21/71Manufacture of specific parts of devices defined in group H01L21/70
    • H01L21/768Applying interconnections to be used for carrying current between separate components within a device comprising conductors and dielectrics
    • H01L21/76801Applying interconnections to be used for carrying current between separate components within a device comprising conductors and dielectrics characterised by the formation and the after-treatment of the dielectrics, e.g. smoothing
    • H01L21/76802Applying interconnections to be used for carrying current between separate components within a device comprising conductors and dielectrics characterised by the formation and the after-treatment of the dielectrics, e.g. smoothing by forming openings in dielectrics
    • H01L21/76807Applying interconnections to be used for carrying current between separate components within a device comprising conductors and dielectrics characterised by the formation and the after-treatment of the dielectrics, e.g. smoothing by forming openings in dielectrics for dual damascene structures
    • H01L21/76813Applying interconnections to be used for carrying current between separate components within a device comprising conductors and dielectrics characterised by the formation and the after-treatment of the dielectrics, e.g. smoothing by forming openings in dielectrics for dual damascene structures involving a partial via etch

Definitions

  • the present invention relates to an identification key usability determining apparatus for determining the usefulness of a generated identification key used for digital signatures and encryption and decryption methods necessary for the purpose.
  • computing devices such as radio frequency identification (RFID), smart cards, universal subscriber identity modules (USIM), and one time password (OTP) are widely used.
  • RFID radio frequency identification
  • USIM universal subscriber identity modules
  • OTP one time password
  • Cryptographic-keys or unique IDs used in encryption and decryption algorithms are used to construct security systems in such computing devices.
  • Cryptographic-keys or unique IDs are referred to as identification keys. do.
  • This identification key generates an external cryptographically secure PRN (Pseudo Random Number) and stores it in nonvolatile memory such as Flash Memory or EEPROM (EEPROM, Electrically Erasable Programmable Read-Only Memory). This method is mainly used.
  • PUF Physical Unclonable Function
  • PAF Physically Unclonable Function
  • the randomness of the generated identification key should be sufficiently secured.
  • the value should be kept unchanged with respect to the passage of time or the use environment.
  • the etching characteristics may change depending on the location on the wafer and the process date and time, and the probability of connection / disconnection of vias and metal / poly lines is very sensitive to this.
  • One object of the present invention is to ensure the usefulness and security of the PUF fabricated from the bit generation probability being significantly far from 50% or the like.
  • Another object of the present invention is to provide an internal device that can distinguish between good and defective products by determining distribution and average values of generated identification key values while preventing generated identification key values from leaking.
  • the identification key usefulness determining apparatus of the present invention generates a digital value by reading a unit cell short circuit in a circuit of a semiconductor manufacturing process, and selects a part of the generated digital values to generate an identification key.
  • a plurality of identification key generating apparatuses for generating A determination unit that determines at least one of randomness and reliability of the identification key generated by the identification key generation device; And an inactivation unit for selecting only one or a part of the identification key generation device as a result of the determination and permanently deactivating the remaining identification key generation device that is not selected.
  • the identification key usefulness determining apparatus of the present invention may further include a storage unit configured to store a value generated by the identification key generating apparatus as a result of the determination.
  • the randomness may include at least one of mean, distribution and variance.
  • the reliability may include at least one of operational stability and time invariance.
  • the identification key generation device includes a plurality of unit cells provided in a circuit in a semiconductor manufacturing process; A reading unit configured to read whether the unit cells are short-circuited; A digital value generation unit that can probably determine whether or not each unit cell is short-circuited, and generate a digital value for each of the unit cells based on whether the unit cell reads the short circuit; And a selection unit configured to select at least one of the plurality of unit cells, wherein the identification key may be generated from a combination of digital values generated in each of the unit cells selected by the selection unit.
  • Each of the plurality of unit cells includes a pair of conductive layers of a semiconductor; And a contact or via disposed between the pair of conductive layers, the contact or via configured to short or open the conductive layer.
  • the reader may read whether the contact or via shorts the conductive layers to read each unit cell.
  • the contact or via may have an etching characteristic set such that the short is probabilistically determined in the semiconductor manufacturing process.
  • the etching characteristic may include at least one of an etching type, an etching rate, and an etching time.
  • the etching rate is 3.0 to 3.5 ⁇ m / s, the time may be 5s to 7s.
  • the contact or via may have a size such that a difference between a probability that the contact or via formed between the conductive layer of the semiconductor shorts the conductive layer and a probability that the short cannot be shortened is within a predetermined error range.
  • the digital value generator may have an etching characteristic such that a difference between a probability of the contact or via shorting the conductive layer and a probability of not shorting the conductive layer is within a predetermined error range.
  • the digital value generator includes N unit structures (where N is a natural number) for generating a 1-bit digital value by using a pair of conductive layers and a contact or via (unit cell) connected therebetween.
  • N is a natural number
  • an N-bit identification key can be generated through the N unit structures.
  • the identification key usefulness determining apparatus of the present invention further includes a digital value processing unit configured to receive and process the N-bit digital value read by the reading unit, and the digital value processing unit includes a first of the received N-bit digital values. Comparing a bit and a second bit, if the first bit value is greater than the second bit value to determine the digital value representing the first bit and the second bit as 1, and the first bit value is When the value is smaller than the second bit value, a digital value representing the first bit and the second bit may be determined as 0.
  • the digital value processor determines a digital value representing either the first bit and the second bit to either 1 or 0, or the first bit. And a digital value representing the second bit may not be determined.
  • the identification key usability determining apparatus of the present invention is produced by remarkably separating the bit generation probability from a value of 50% or the like through a determination unit for determining at least one of an identification key generator, a randomness and a reliability, and an inactive unit for permanently deactivating. Usability and security of PUF can be secured.
  • the identification key usefulness determining apparatus of the present invention may distinguish between good and defective products by determining distribution and average values of the generated identification key values while preventing the identification key values generated using the determination unit from being leaked.
  • the identification key usability determination apparatus of the present invention in the PUF configured using different elements or different size vias or metal lines of different thickness in the chip, select the PUF having the most random distribution and average, and discard the rest It can be done.
  • FIG. 1 is a block diagram showing an identification key usability determining apparatus of the present invention.
  • FIG. 2 is a block diagram illustrating an apparatus for generating identification keys of the apparatus for determining usefulness of identification keys of FIG. 1;
  • 3A is a conceptual diagram illustrating the shorting and opening of a unit cell of the present invention and thus the resulting digital value.
  • 3B is a conceptual diagram illustrating a metal line of the present invention.
  • 3C is a conceptual diagram illustrating the connection or disconnection of a metal line of the present invention.
  • FIG. 4 is a graph showing an etching rate and a short circuit probability of a unit cell over time.
  • 5 is a conceptual diagram showing whether a short circuit occurs according to the spacing of metal lines.
  • 6 is a graph showing short circuit probability of a unit cell according to via size.
  • FIG. 7 is a conceptual diagram illustrating the shorting and opening of a unit cell according to the via size of the present invention, and thus the resulting digital value.
  • Fig. 8 is a conceptual diagram showing the arrangement of unit cells in the identification key generation device.
  • FIG. 9 is a detailed circuit configuration of a digital value generator according to an embodiment of the present invention.
  • FIG. 10 is a conceptual diagram illustrating a process of processing a digital value by a digital value processing unit according to an embodiment of the present invention.
  • FIG. 11 is a flowchart illustrating a method of generating an identification key according to an embodiment of the present invention.
  • the identification key usefulness determining apparatus 1000 includes a plurality of identification key generating apparatuses 100, a determination unit 200, and an inactive unit 300.
  • the identification key generation device 100 In the circuit of the semiconductor manufacturing process, the identification key generation device 100 generates a digital value by reading whether a unit cell is shorted, and selects a part of the generated digital values to generate an identification key.
  • the determination unit 200 is configured to evaluate, compare, and determine at least one of randomness and reliability of the identification key generated by the identification key generation device 100.
  • the randomness determined by the determination unit 200 may include at least one of an average, a distribution, and a variance.
  • the reliability determined by the determination unit 200 may include at least one of operation stability and time invariance.
  • the determination unit 200 may be a circuit connected to the identification key generation device 100.
  • the deactivator 300 selects only one or a part of the identification key generation device 100 to operate according to the determination result by the determination unit 200, and permanently deactivates the remaining identification key generation device 100 that is not selected. To be made.
  • the inactive part 300 may be a circuit connected to the identification key generation device 100.
  • the identification key usefulness determining apparatus 1000 of the present invention may further include a storage unit 400.
  • the storage unit 400 is configured to store a value generated by the identification key generation device 100 based on the evaluation, comparison and determination result.
  • the identification key usability determination apparatus 1000 is configured to select only one or a part of the PUFs according to a result of the comparison and determination made by the determination unit 200, and the result of the comparison, determination and selection is a storage unit. Stored once by 400, it may be made by the inactive unit 300 to permanently deactivate the remaining or the entire PUF.
  • the apparatus 100 for generating an identification key includes a plurality of unit cells 110, a reader 120, a digital value generator 130, and a selector 140.
  • the identification key generating apparatus 100 may be an identification key generating unit as a lower configuration of the identification key usefulness determining apparatus 1000.
  • the plurality of unit cells 110 are provided in a circuit in a semiconductor manufacturing process.
  • each of the plurality of unit cells 110 is a contact or via disposed between the conductive layers of the pair of semiconductors (FIGS. 3A, 201, 202) and the conductive layers 201, 202. , 203).
  • the contact or via 203 shorts or opens the conductive layers 201 and 202 to generate a digital value as described below, whereby an identification key is generated by the combination of digital values.
  • the contact or via 203 is designed to connect between the conductive layers 201, 202 so that the contact or via 203 size is typically determined to short between the conductive layers 201, 202.
  • a contact or via 203 is formed by etching with a sufficient etching rate and time to short-circuit between the conductive layers 201 and 202.
  • the etching rate may be an etching rate.
  • the etching rate is slowed and the time is shortened, so that some of the contacts or the vias 203 ) Shorts between the conductive layers 201, 202, and some other contacts or vias 203 do not short between the conductive layers 201, 202, which is probabilistically determined.
  • the type or concentration of the etching material may be different.
  • the etching rate may be 40 to 60% of the etching rate used in semiconductor fabrication, and the etching time may be 40 to 60% of the etching time used in semiconductor fabrication.
  • the etching rate may be 3.0 to 3.5 ⁇ m / s or 2.5 to 3.1 ⁇ m / s.
  • the etching time may be 6 s or 11 s.
  • Probably determined in the present invention may mean that it is determined randomly.
  • the meaning that is determined probabilistic may include a meaning that is determined with a probability of 50% or a probability of 45% to 55%.
  • a short circuit is intentionally used to generate an identification key having randomness. .
  • the via 203 for the purpose of connecting the two conductive layers 201 and 202 separated from the contact or the via 203 for the purpose of generating the identification key is distinguished.
  • Each may be provided as a separate design rule.
  • the identification key generation device 100 by adjusting the gap and the etching characteristics of the wiring in the semiconductor manufacturing process, so that whether or not short-circuited between the conductive lines is determined stochastic, Generates an identification key with randomness.
  • This embodiment also generates a random identification key in a conventional semiconductor manufacturing process, away from the process of ensuring openness between conductive lines.
  • a description of the conductive metal line according to the embodiment will be described later in more detail with reference to FIG. 5.
  • the conductive layer 201 for the purpose of insulating the two conductive layers 201, 202 separated from the gap between the conductive layer 201, 202 for the purpose of generating the identification key , 202 may be provided in separate design rules.
  • the digital value generator 130 electrically generates an identification key generated according to the above embodiments. Whether a contact or via 203 is shorting between the conductive layers 201, 202, or a short between the conductive lines can be identified using a read transistor, and this configuration is shown in FIG. It will be described later in more detail with reference.
  • the contact or shorting between the conductive layers 201 and 202 may be adjusted by adjusting the process characteristics for fabricating the contact or the via 203. Even if the ratio of vias 203 and non-vias 203 is adjusted to have the same probability as half as possible, short circuits (such as digital value 0) and not (such as digital value 1) It may not be guaranteed that the ratios of are stochasticly identical.
  • the probability of not opening increases, and if either of the cases of shorting and non-shorting increases, the randomness of the generated identification key decreases.
  • the readout unit 120 reads whether or not each unit cell 110 is shorted.
  • Read in the present invention may be to detect or detect whether a short of each unit cell.
  • the reader may be a detector or a detector.
  • the detector or the detector may be one of several types of sensors.
  • the reader 120 may be connected to the unit cell 110. For example, the reader 120 may read whether the conductive layers 201 and 202 are shorted or opened by the via 203. In addition, the reader 120 may store an identification key generated by a digital value or a combination of digital values generated by the digital value generator 130 described later.
  • the reader 120 may be a logic gate, an amplifier, a resistor, or a flip flop.
  • the reader 120 is not limited to a resistor or a flip flop, and may be understood as a broad concept that can read whether the conductive layers 201 and 202 are shorted or opened, and store digital values and identification keys. .
  • the digital value generator 130 may probably determine whether each of the unit cells are short-circuited, and generate digital values of each of the unit cells 110 based on whether the shorts are read by the reader 120. Is made.
  • the selector 140 is configured to select at least one of the plurality of unit cells 110.
  • the identification key is generated by the combination of the digital values generated in the unit cells 110 selected by the selector 140, respectively.
  • the identification key generating apparatus 100 receives and processes information about whether or not the reading unit 120 reads a short circuit, thereby processing a digital value to ensure randomness ( 130).
  • the term 'processing' or 'digital value processing unit' of digital values is used, but this is not limited to processing the generated digital value through a separate technique or algorithm, and should not be interpreted. It should be understood to mean a set of configurations that perform balancing between 0 and 1 to ensure randomness (randomity) of generating identification keys from digital values.
  • the digital value processor 130 will be described later in more detail with reference to FIG. 10.
  • FIG. 3A is a conceptual diagram illustrating the shorting and opening of the unit cell 110 of the present invention, and thus the generated digital value.
  • the vias 203 are formed between the conductive layer 1 202 and the conductive layer 2 201 in the semiconductor manufacturing process.
  • the vias 203 are shorting the conductive layer 1 202 and the conductive layer 2 201. If it is expressed as a digital value, it is all zero.
  • the vias 203 are formed of the conductive layer 1 202 and the conductive layer. 2 201 is shorted and some other vias 203 are not shorting conductive layer 1 202 and conductive layer 2 201.
  • some of the vias 203 may short-circuit the conductive layer 1 202 and the conductive layer 2 201.
  • Some other vias 203 are configured by setting etching characteristics during the fabrication of vias 203 to prevent shorting of conductive layer 1 202 and conductive layer 2 201.
  • 3B and 2C in a metal or poly line etching method, etching of a rate and time at which a connection probability of A and B becomes 50% is required.
  • 3C shows an example in which metal or poly line etching is formed in which A and B are connected or disconnected at random probability.
  • the probability of a short circuit between two conductive layers 201 and 202 in making a contact or via 203 is proportional to the rate and time of etching.
  • a probability distribution as a short circuit has a short probability of 50%
  • the identification key generating apparatus 100 sets an etching process characteristic such that the probability distribution is as close to 50% as possible. Is produced.
  • the characteristics of such an etching process can be determined experimentally and can be adjusted during the process.
  • FIG. 4 is a graph showing an etching rate and a short circuit probability of the unit cell 110 over time.
  • the embedded system EM is a characteristic of an etching process in which the short circuit probability of the two conductive layers 201 and 202 is 50%. As described above, the value varies depending on the process and is as similar as possible by experiment. You can find it, but finding the exact embedded system is difficult.
  • 5 is a conceptual diagram showing whether or not a short circuit occurs according to the spacing of metal lines.
  • the distance between the metal lines and the etching characteristics may be adjusted to determine whether the short circuit between the metal lines is probabilistic.
  • the metal lines were shorted in all cases.
  • the metal lines were not shorted in all cases.
  • a short circuit is probable so that some of the metal lines are shorted and some are not shorted. do.
  • the metal lines are shorted in all cases.
  • the conductive lines were not shorted in all cases in the third group 430 in which the metal lines were thinned, the etching rate was lowered, and the time was long.
  • the metal line may be etched in a probable manner so that some of the metal lines are shorted and some are not shorted. Set the rate and time.
  • the contact or via has a difference between a probability that the contact or via formed between the conductive layers of the semiconductor shorts the conductive layer and a probability that the contact or via does not short. It can be made to have a size to be within the error range of.
  • vias are formed between the metal 1 layer 302 and the metal 2 layer 301 in a semiconductor manufacturing process.
  • all vias are shorting the metal 1 layer 302 and the metal 2 layer 301, and all of the vias are zero when expressed as digital values.
  • the digital value is represented by 0 in the shorted state and the digital value is represented by 1 in the open state.
  • the present invention is not limited thereto, and the digital value is represented by 1 in the shorted state and is opened.
  • the digital value at can be expressed as 0.
  • the identification key generation unit 110 according to an embodiment of the present invention, such as a group 320 having a B-sized via, some vias short the metal 1 layer 302 and the metal 2 layer 301 Some other vias are configured by setting via sizes to prevent shorting of the metal 1 layer 302 and the metal 2 layer 301.
  • the design rule for the via size is different according to the semiconductor manufacturing process. For example, the design rule of the via is set to 0.25 micron in a CMOS (Complementary Metal Oxide Semiconductor) process of 0.18 micron (um), the embodiment of the present invention By using the identification key generation unit 110 to set the via size to 0.19 microns, whether or not short-circuit between the metal layers are distributed.
  • CMOS Complementary Metal Oxide Semiconductor
  • such a probability distribution as a short circuit has a short probability of 50%
  • the identification key generation unit 110 is configured by setting the via size so that the probability distribution is as close to 50% as possible. do.
  • the via size may be determined by experiments according to the process.
  • SM is theoretically a via size in which the metal layer has a short circuit probability of 0.5. As described above, although the value is different according to the process and similar values can be found by experiments, it is difficult to find an accurate SM.
  • the identification key generation unit 110 determines whether or not a short circuit between the metal layers is within a range of Sx1 and Sx2 having a predetermined tolerance from 0.5 according to a specific experiment (the Sx1 and Sx2 are separately Although not shown, it may be set in a region having a constant margin near the illustrated Sx.
  • FIG. 8 is a conceptual diagram illustrating an arrangement of the unit cells 110 in the identification key generation device 100.
  • M and N units (where M and N are natural numbers) and a total of M * N unit cells 110 are arranged on a semiconductor substrate.
  • the digital value generator 130 determines whether each of the M * N vias 203 shorts between the conductive layers 201 and 202 (digital value 0) or fails to short-circuit (digital value 1). , Generates a digital value of M * N bits.
  • the unit cell 110 is selected by the selector 140, and the digital values of the M * N bits generated in this way are selected by the selector 140.
  • An identification key is generated from the combination.
  • FIG 9 illustrates a detailed circuit configuration of the digital value generator 130 according to an embodiment of the present invention.
  • the digital value generator 130 checks whether there is a short circuit using a read transistor between the power supply voltage VDD and ground.
  • the description of the pull-down circuit may be extended to an example configured as a pull-up circuit, and a separate description is omitted). If individual vias 203 in 130 short the conductive layers 201, 202, the output value is zero, otherwise the output value is one. Conversely, if the individual vias 203 in the digital value generator 130 short the conductive layers 201 and 202, the output value may be 1, otherwise the output value may be zero. Through this process, the digital value generator 130 generates a digital value, and an identification key is generated by the selection of the selection unit 140.
  • the configuration of the digital value generator 130 of FIG. 9 according to an embodiment of the present invention is just one embodiment, and the present invention is not limited to the embodiments.
  • the configuration is capable of generating digital values by inspecting whether there is a short circuit between the conductive layers 201 and 202 or the metal lines in the digital value generating unit 130, other modifications can be made without departing from the spirit of the present invention. And, such a configuration is not excluded from the scope of the present invention.
  • the identification key generated by the digital value generator 130 is transmitted to and stored in an identification key storage unit (not shown), and the identification key storage unit receives or stores a generated identification key as an input. (Not shown).
  • the identification key storage unit not only a register or flip-flop that reads and stores the generated identification key, but also other components that play an equal role may be understood as the identification key storage unit.
  • FIG. 10 is a conceptual diagram illustrating a process of processing a digital value by a digital value processing unit according to an embodiment of the present invention.
  • the digital value processor 130 selects and compares two of the digital values of the M * N bits generated by the digital value generator 130.
  • two bits of several bits generated by the digital value generator 130 are selected.
  • the digital value processor compares the magnitudes of the digital values generated by the first bit 710 and the second bit 720, respectively. If the digital value of the first bit 710 is larger than the digital value of the second bit 720, the digital value representing the first bit 710 and the second bit 720 is determined to be 1.
  • the digital value representing the first bit 710 and the second bit 720 is determined to be zero.
  • the representative digital value may be determined as one.
  • the representative digital value may be determined as 1 or 0, or the representative value may not be determined.
  • the third bit 730 and the fourth bit 740 are compared to generate a representative digital value, and the digital value is selected and used by the selector 140 to finally determine the identification key by the combination. Can be.
  • This process can be understood as the process of processing the identification key to increase the randomness of the identification key.
  • the ratio of shorting (digital value 0) and the ratio of non-shorting (digital value 1) are different from each other, so that balancing of 0 and 1 may not be achieved.
  • the probability that 1 and 0 will be generated for each bit is the probability that either bit will have a digital value greater than the other, because the two bits are equivalent to each other (although the probability is not 50%). Is 50%. Therefore, it can be understood that through the above process, stochastic balancing of 0 and 1 is matched.
  • the identification key finally determined by the identification key processing unit 130 in FIG. 10 is (M * N / 2) bits. This is because the new 1 bit digital value is determined using the 2 bit digital value.
  • the grouping or identification key processing process of the identification key processing unit 130 described above is only an embodiment of the present invention, and the identification key processing process for maintaining the balancing of the digital values 0 and 1 may not be considered. Any changes may be made without departing.
  • the new identification key generated by the digital value generator 130 and determined by the identification key processor 130 has randomness and, once generated, becomes a reliable value that does not theoretically change permanently.
  • a reliable identification key having a random number of characteristics whose value does not change with time can be manufactured simply without incurring a large manufacturing cost.
  • the process of writing the identification key externally in a separate nonvolatile memory as in the conventional method is unnecessary. Therefore, even if the identification key does not go in and out and the design drawing of the semiconductor chip is leaked, the identification key is generated due to the difference in the physical characteristics in the manufacturing process, and thus the replication is excellent, thus providing excellent security. In addition, the manufacturing cost can be reduced because the non-volatile memory manufacturing process is unnecessary.
  • FIG. 11 is a flowchart illustrating a method of generating an identification key according to an embodiment of the present invention.
  • the identification key generation method may further include: reading whether each of the plurality of unit cells 110 included in the semiconductor manufacturing process circuit is shorted (S10); Adjusting the vertical spacing of the conductive layers 201 and 202 and the etching characteristics of the patterning in the semiconductor manufacturing process (S20); Generating digital values from each of the unit cells (110) by making it possible to probabilistically determine whether the unit cells (nodes) constituting the circuit are short-circuited (S30); Selecting at least one of the plurality of unit cells (S40); And generating an identification key using a combination of digital values of the selected unit cell 110 (S50).
  • the reader 120 reads whether each of the plurality of unit cells 110 is shorted (S10).
  • the readout unit 120 reads whether the pair of conductive layers 201 and 202 of the semiconductor are short-circuited, and as described above, the contact or via 203 is connected to the conductive layers 201 and 202. Reads out whether there is a short circuit between them.
  • the probability of shorting or opening of the conductive layers 201 and 202 by the contact or via 203 is controlled.
  • the roughness of the surfaces of the conductive layers 201 and 202 is adjusted to adjust the bonding rate between the conductive layers 201 and 202 and the contacts or vias 203.
  • the step S30 of generating a digital value from each of the unit cells 110 by allowing the unit cell 110 constituting the circuit to be short-circuited can be determined stochastically according to whether the conductive layers 201 and 202 are short-circuited. Or generate a digital value of 1.
  • Generating the digital value (S30) may include a digital value processing step (S33), the digital value processing step (S33) receives the N-bit digital value read by the reader 120 to process.
  • the digital value processing step S33 may compare the first bit and the second bit among the received N bits of digital values, and when the first bit value is larger than the second bit value, the first bit and the second bit.
  • the digital value representing the bit is determined as 1, and the digital value representing the first bit and the second bit is determined as 0 when the first bit value is smaller than the second bit value.
  • the digital value representing the first bit and the second bit is either 1 or 0 depending on the setting. Do not determine or determine a digital value representative of the first and second bits.
  • At least one of the plurality of unit cells 110 is selected by the selecting unit 140 (S40), and an identification key is generated by the combination of the selected digital values (S50).
  • short or short between nodes generated in the semiconductor manufacturing process is configured to have randomness, since the short-circuit characteristic between nodes does not change physically, the generated identification key does not change.
  • the digital value generator 130 may depend on whether a contact or via is formed between the conductive layers 201 and 202 generated during the semiconductor manufacturing process.
  • a digital key is generated and an identification key is generated by combining the digital values by the selector 140.
  • the etching characteristics of the contact or via 203 fabrication process according to the embodiment are described with reference to FIGS. 3A through 5. As described above.
  • the via 203 for the purpose of connecting the two conductive layers 201 and 202 separated from the contact or the via 203 for the purpose of generating the identification key is distinguished.
  • Each may be provided as a separate design rule.
  • the digital value generator 130 adjusts the spacing and etching characteristics of the conductive layers 201 and 202 in the conductive lines pattern forming process in the semiconductor manufacturing process, thereby forming the conductive lines. Some of them are shorted and some are not shorted, creating an identification key with randomness. Such an embodiment is as described above with reference to FIGS. 5 to 9.
  • the conductive layer 201 for the purpose of insulating the two conductive layers 201, 202 separated from the gap between the conductive layer 201, 202 for the purpose of generating the identification key , 202 may be provided in separate design rules.
  • the identification key storage unit stores and stores a digital key or identification key generated according to the above embodiments through a register or a flip flop. Whether a contact or via 203 is shorting between the conductive layers 201 and 202 or a short between the conductive lines in the process of generating and reading the identification key can be identified using a read transistor. have.
  • identification key processor 130 processes the digital value generated by the digital value generator 130 to ensure randomness.
  • the finally generated identification key is provided to the user through the output unit.
  • the etching pressure is 26 mTorr
  • the gas used for etching is SF 6
  • the flow rate is 130 SCCM
  • the power source is 600 W
  • the bias may be 20 W.
  • the etching time may be 5 s to 7 s and the etch rate may be 3.0 to 3.5 ⁇ m / s.
  • the etching pressure may be 20 mTorr
  • the gas used for etching may be SF6
  • the flow rate is 130 SCCM
  • the source is 600 W
  • the bias is 15 W.
  • the etching time may be 10 s to 12 s and the etch rate may be 2.5 to 3.1 ⁇ m / s.
  • each unit cell has a short chance of 45% to 55%.
  • the identification key usefulness determining apparatus 1000 described above is not limited to the configuration and method of the embodiments described above, but the embodiments may be configured by selectively combining all or some of the embodiments so that various modifications may be made. It may be.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Physics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Condensed Matter Physics & Semiconductors (AREA)
  • Manufacturing & Machinery (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Power Engineering (AREA)
  • Semiconductor Integrated Circuits (AREA)

Abstract

La présente invention concerne un dispositif de distinction de disponibilité de clé d'identification comprenant : une pluralité de dispositifs de génération de clé d'identification pour, dans un circuit dans une procédure de fabrication de semiconducteur, détecter un court-circuit des cellules unitaires et générer ainsi des valeurs numériques, et sélectionner certaines des valeurs numériques générées et générer ainsi une clé d'identification ; une unité de détermination destinée à déterminer le caractère aléatoire et/ou la fiabilité de la clé d'identification générée au moyen des dispositifs de génération de clé d'identification ; et une unité de désactivation destinée, sur la base du résultat de détermination, à sélectionner uniquement un ou plusieurs dispositifs de génération de clé d'identification à mettre en service et à désactiver de façon permanente les dispositifs de génération de clé d'identification restants qui ne sont pas sélectionnés.
PCT/KR2018/004479 2017-04-27 2018-04-18 Dispositif de distinction de disponibilité de clé d'identification Ceased WO2018199541A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020170054445A KR102050021B1 (ko) 2017-04-27 2017-04-27 식별키 유용성 판별장치
KR10-2017-0054445 2017-04-27

Publications (1)

Publication Number Publication Date
WO2018199541A1 true WO2018199541A1 (fr) 2018-11-01

Family

ID=63920305

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2018/004479 Ceased WO2018199541A1 (fr) 2017-04-27 2018-04-18 Dispositif de distinction de disponibilité de clé d'identification

Country Status (2)

Country Link
KR (1) KR102050021B1 (fr)
WO (1) WO2018199541A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3111722A1 (fr) * 2020-06-22 2021-12-24 Stmicroelectronics (Crolles 2) Sas Dispositif de génération d'un nombre aléatoire
US12327798B2 (en) * 2020-04-09 2025-06-10 International Business Machines Corporation Physical unclonable function

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005523481A (ja) * 2002-04-16 2005-08-04 マサチューセッツ インスティテュート オブ テクノロジー 集積回路の認証
KR101139630B1 (ko) * 2010-12-09 2012-05-30 한양대학교 산학협력단 식별키 생성 장치 및 방법
KR20150013091A (ko) * 2013-07-26 2015-02-04 (주) 아이씨티케이 랜덤성 테스트 장치 및 방법
KR20150078801A (ko) * 2013-12-31 2015-07-08 (주) 아이씨티케이 랜덤한 디지털 값을 생성하는 장치 및 방법
KR101593166B1 (ko) * 2014-06-02 2016-02-15 한국전자통신연구원 물리적 복제 방지 함수의 오류를 방지하는 장치 및 그 방법

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101118826B1 (ko) * 2011-02-15 2012-04-20 한양대학교 산학협력단 물리적 공격을 방어하는 암호화 장치 및 암호화 방법
KR101442401B1 (ko) * 2013-03-20 2014-09-23 (주) 아이씨티케이 Puf를 생성하는 장치 및 방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005523481A (ja) * 2002-04-16 2005-08-04 マサチューセッツ インスティテュート オブ テクノロジー 集積回路の認証
KR101139630B1 (ko) * 2010-12-09 2012-05-30 한양대학교 산학협력단 식별키 생성 장치 및 방법
KR20150013091A (ko) * 2013-07-26 2015-02-04 (주) 아이씨티케이 랜덤성 테스트 장치 및 방법
KR20150078801A (ko) * 2013-12-31 2015-07-08 (주) 아이씨티케이 랜덤한 디지털 값을 생성하는 장치 및 방법
KR101593166B1 (ko) * 2014-06-02 2016-02-15 한국전자통신연구원 물리적 복제 방지 함수의 오류를 방지하는 장치 및 그 방법

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12327798B2 (en) * 2020-04-09 2025-06-10 International Business Machines Corporation Physical unclonable function
FR3111722A1 (fr) * 2020-06-22 2021-12-24 Stmicroelectronics (Crolles 2) Sas Dispositif de génération d'un nombre aléatoire

Also Published As

Publication number Publication date
KR102050021B1 (ko) 2019-11-28
KR20180120465A (ko) 2018-11-06

Similar Documents

Publication Publication Date Title
WO2010123185A1 (fr) Puce semi-conductrice et procédé de génération de valeur numérique utilisant une variation de processus
WO2012111872A1 (fr) Dispositif de chiffrement et procédé de défense contre une attaque physique
WO2018199539A1 (fr) Dispositif de génération de clé d'identification et procédé de génération de clé d'identification
WO2015012667A1 (fr) Dispositif et procédé de test du caractère aléatoire
WO2012077856A1 (fr) Dispositif et procédé de génération d'une clé d'identification
Lofstrom et al. IC identification circuit using device mismatch
US9121896B2 (en) Device for detecting the thinning down of the substrate of an integrated circuit chip
WO2012134239A2 (fr) Appareil et procédé servant à générer une valeur numérique
WO2015034148A1 (fr) Dispositif et procédé permettant de générer une clé d'identification
WO2018151390A1 (fr) Dispositif de l'internet des objets
WO2013025060A2 (fr) Dispositif et procédé pour l'authentification de sécurité entre dispositifs basée sur une puf lors de la communication entre machines
KR20110069883A (ko) 적층형 ic들을 위한 정전기적 방전(esd)실딩
WO2019139420A1 (fr) Dispositif électronique, serveur et procédé de commande associé
WO2018199541A1 (fr) Dispositif de distinction de disponibilité de clé d'identification
WO2015053441A1 (fr) Appareil et procédé de génération de clé d'identification
WO2017126900A1 (fr) Appareil de génération de clé d'identification et son procédé de gestion
WO2015034146A1 (fr) Dispositif et procédé permettant de générer une clé d'identification
WO2015046682A1 (fr) Dispositif et procédé de génération de clé d'identification au moyen d'un processus à semi-conducteur
WO2015053440A1 (fr) Appareil et procédé pour générer une clé d'identification
WO2022035161A1 (fr) Système et procédé de prévention de piratage de réseau informatique
WO2015034147A1 (fr) Dispositif et procédé de production de clé d'identification
WO2012133965A1 (fr) Appareil et procédé de génération de clé d'identification au moyen d'une variation de processus
Biba et al. Measurement setup for physical unclonable functions
WO2015020392A1 (fr) Dispositif à semi-conducteur et procédé de fabrication de celui-ci
WO2015034145A1 (fr) Dispositif et procédé de génération de clé d'identification

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18792242

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 14/02/2020)

122 Ep: pct application non-entry in european phase

Ref document number: 18792242

Country of ref document: EP

Kind code of ref document: A1