Creation and management of entity identifiers
By generating entity identifiers within the system and associating them with specific memory blocks, the method improves communication protocol performance by eliminating the need for lookup tables, enabling efficient data retrieval and secure authentication.
Patent Information
- Authority / Receiving Office
- WO · WO
- Patent Type
- Applications
- Current Assignee / Owner
- FORTAEGIS TECHNOLOGIES HOLDING BV
- Filing Date
- 2025-12-29
- Publication Date
- 2026-07-09
Smart Images

Figure EP2025089113_09072026_PF_FP_ABST
Abstract
Description
[0001] CREATION AND MANAGEMENT OF ENTITY IDENTIFIERS
[0002] FIELD OF THE INVENTION
[0003] The invention relates to a system for creation and management of entity identifiers and their associated data, which may include but is not limited to authentication data.
[0004] The invention further relates to a method of creating and managing entity identifiers and their associated data, which may include but is not limited to authentication data.
[0005] The invention also relates to computer program products enabling a computer system to perform such a method.
[0006] BACKGROUND OF THE INVENTION
[0007] When a system wants to communicate securely with a peer system, it typically stores one or more authentication data sets for this peer system in a memory. An authentication data set may comprise a public key of the peer system, a challenge-response pair of a Physical Unclonable Function (PUF) of the peer system, or a password, for example.
[0008] When a system wants to communicate securely with a plurality of peer systems, it typically stores one or more authentication data sets per peer system in a memory. These one or more authentication data sets are associated with an identifier of the peer system.
[0009] The article "SRAM-PUF Authentication Schemes Empowered with Blockchain on Resource-Constrained Microcontrollers" by M. Barbareschi et al., published in the Conference Proceedings of the 2024 IEEE 27thInternational Symposium on Real-time Distributed Computing (ISORC), pages 1-10, discloses an authentication scheme which does not rely on the storage of keys in device memory or the presence of a centralized entity. The disclosed mutual authentication scheme utilizes a Static Random Access Memory (SRAM)-Physical Unclonable Function, which leverages on the inherent randomness of SRAM obtained during its manufacturing process to create keys, and is further fortified by blockchain technology that is used to provide a decentralized management authority.
[0010] US 2020 / 412556 Al discloses a method of operating an authentication server based on a Physical Unclonable Function, which includes transmitting a Challenge-Response Pair (CRP) update request message to a user device when a CRP update event occurs,receiving a CRP update response message from the user device in response to the CRP update request message, generating a secret key corresponding to the CRP update request message, decrypting the CRP update response message with the secret key, and updating a CRP corresponding to the secret key in a database using the decrypted CRP update response message.
[0011] US 11,165,594 B2 discloses a method for authenticating a first device which includes the steps of measuring a first response bit string of a physical unclonable function of the first device with respect to a challenge bit string, deriving a shared secret bit string from a uniformly distributed random vector, encoding a helper bit string by multiplying a uniformly distributed random matrix with the uniformly distributed random vector and adding the first response bit string to a result of the multiplication, and transmitting the helper bit string to a second device that is remote from the first device.
[0012] Often, a lookup table is used to map each peer identifier to a set of one or more storage blocks in the memory. However, the use of such a lookup table negatively impacts the performance of the authentication protocol.
[0013] SUMMARY OF THE INVENTION
[0014] It is advantageous to provide a system and method, which can improve the performance of a communication protocol, e.g., an authentication protocol.
[0015] In a first aspect, a system for creation and management of entity identifiers and associated data comprises one or more memories and logic circuitry configured to obtain one or more data sets per further system for each of a plurality of further systems and store the one more data sets per further system in a set of one or more storage blocks per further system, each set of one or more storage blocks being associated with a respective further system of the plurality of further systems and being identified by a respective index in the one or more memories.
[0016] The logic circuitry is further configured to create a respective entity identifier for each respective further system of the plurality of further systems, the respective entity identifier comprising the respective index which identifies the set of one or more storage blocks associated with the respective further system, transmit each respective entity identifier to the respective further system for which the respective entity identifier was created, receive a message from a further system of the plurality of further systems, the message comprising the entity identifier previously transmitted to the further system, retrieve a data set from a set of one or more storage blocks identified by the index comprised in the entity identifier, and use the data set in relation to the further system.Instead of using entity identifiers provided by the further systems, e.g., preconfigured in the further systems, the system creates entity identifiers for the further systems and transmits these entity identifiers to the further systems. The further systems can then provide these entity identifiers to the system when the system needs to use the associated data set, e.g., when authenticating the system and / or when being authenticated by the system. By creating entity identifiers from which the relevant set of one or more storage blocks can be identified without the use of a look-up table, efficient retrieval of data associated with the entity identifiers is provided and the performance of the communication protocol, e.g., (mutual) authentical protocol, may be improved. Furthermore, by letting the system create the entity identifiers, it becomes possible to further configure the system to create and use multiple entity identifiers for the same further system.
[0017] The entity identifiers may be peer identifiers, for example. The further systems may be peer systems, for example. The data sets may be authentication data sets, for example. The logic circuitry may be configured to use the authentication data set in relation to the further system by authenticating the further system based on the authentication data set.
[0018] The entity identifiers may also be entity identifiers other than peer identifiers. For example, the system may be a server which creates client identifiers for its clients or creates group identifiers for groups of its clients. Efficient retrieval of data associated with client / group identifiers is as important for a server as efficient retrieval of data associated with peer identifiers is for peers. The data sets may also be data sets other than authentication data sets. The entity identifiers may be used to recognize entities with a network and are not limited to just verifying who they are. Example applications are collaborative document editing and distributed job scheduling & resource allocation. The entity identifier may be used for any type of protocol and is not limited to use for an authentication protocol.
[0019] For each respective further system of the plurality of further systems, the one or more data sets may comprise a challenge-response pair of the respective further system, the challenge-response pair being unique to a physical unclonable function of the respective further system.
[0020] The respective entity identifier may comprise a combination of the respective index and a nonce.
[0021] The nonce may be a universally unique identifier or may be chosen at random.
[0022] The logic circuitry may be configured to obtain a secret from the one or more memories or from a further memory, encrypt, with the secret, the respective index identifying the set of one or more storage blocks associated with the respective furthersystem, and include the respective index in encrypted form in the respective entity identifier created for the respective further system.
[0023] The further memory may be a one-time programmable memory.
[0024] The logic circuitry may be configured to create multiple entity identifiers for a further system of the plurality of further systems, the multiple entity identifiers each comprising an index identifying a set of one or more storage blocks associated with the further system, and transmit the multiple entity identifiers to the further system for which the multiple entity identifiers were created.
[0025] The one or more memories may comprise a plurality of memories and a respective entity identifier created for the respective further system may comprise a memory identifier identifying a memory of the plurality of memories, the one more data sets of the respective further system being stored in the memory.
[0026] The one or more memories may comprise a plurality of memories and the logic circuitry may be configured to store the one more data sets and one or more duplicates of the one more data sets for at least one of the further systems in one or more storage blocks of each of at least two of the plurality of memories.
[0027] The logic circuitry may be configured to determine an index of a free storage block in the one or more memories, create a new entity identifier for a new further system, the new entity identifier comprising the index of the free storage block in the one or more memories, transmit the new entity identifier to the new further system, receive a new data set from the new further system, and store the new data set in the free storage block.
[0028] The logic circuitry may be configured to maintain a linked data structure which links multiple free storage blocks in the one or more memories and determine the index of the free storage block by determining an index of a first free storage block in the linked data structure. The linked data structure may be, for example, a flat (sequential) data structure where the indices of the linked entities are set to be equivalent to the indices of the flat data structure (e.g., linked list, double linked list, tree).
[0029] The logic circuitry may be configured to maintain a pointer to the first free storage block.
[0030] The linked data structure may further link multiple used storage blocks in the one or more memories and link a last used storage block of the multiple used storage blocks to the first free storage block.
[0031] In a second aspect, a method of creating and managing entity identifiers and associated data comprises obtaining one or more data sets per further system for each of a plurality of further systems and storing the one more data sets per further system in a set of one or more storage blocks per further system, each set of one or more storage blocks beingassociated with a respective further system of the plurality of further systems and being identified by a respective index in one or more memories,
[0032] The method further comprises creating a respective entity identifier for each respective further system of the plurality of further systems, the respective entity identifier comprising the respective index which identifies the set of one or more storage blocks associated with the respective further system, transmitting each respective entity identifier to the respective further system for which the respective entity identifier was created, receiving a message from a further system of the plurality of further systems, the message comprising the entity identifier previously transmitted to the further system, retrieving a data set from a set of one or more storage blocks identified by the index comprised in the entity identifier, and using the data set in relation to the further system. The method may be performed by software running on a programmable device. This software may be provided as a computer program product.
[0033] The entity identifiers may be peer identifiers, for example. The further systems may be peer systems, for example. The data sets may be authentication data sets, for example. In this case, using the data set in relation to the further set may comprise authenticating the further system based on the authentication data set.
[0034] Moreover, a computer program for carrying out the methods described herein, as well as a non-transitory computer readable storage-medium storing the computer program are provided. A computer program may, for example, be downloaded by or uploaded to an existing device or be stored upon manufacturing of these systems.
[0035] In another aspect, a non-transitory computer-readable storage medium stores a software code portion, the software code portion, when executed or processed by a computer, being configured to perform the method described above.
[0036] As will be appreciated by one skilled in the art, aspects of the present invention may be embodied as a device, a method or a computer program product.
[0037] Accordingly, aspects of the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.) or an embodiment combining software and hardware aspects that may all generally be referred to herein as a "circuit", "module" or "system." Functions described in this disclosure may be implemented as an algorithm executed by a processor / microprocessor of a computer. Furthermore, aspects of the present invention may take the form of a computer program product embodied in one or more computer readable medium(s) having computer readable program code embodied, e.g., stored, thereon.
[0038] Any combination of one or more computer readable medium(s) may be utilized. The computer readable medium may be a computer readable signal medium or acomputer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a computer readable storage medium may include, but are not limited to, the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of the present invention, a computer readable storage medium may be any tangible medium that can contain, or store, a program for use by or in connection with an instruction execution system, apparatus, or device.
[0039] A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
[0040] Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber, cable, RF, etc., or any suitable combination of the foregoing. Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java(TM), Smalltalk, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer, or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
[0041] Aspects of the present invention are described below with reference to flowchart illustrations and / or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the present invention. It will be understoodthat each block of the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor, in particular a microprocessor or a central processing unit (CPU), of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer, other programmable data processing apparatus, or other devices create means for implementing the functions / acts specified in the flowchart and / or block diagram block or blocks.
[0042] These computer program instructions may also be stored in a computer readable medium that can direct a computer, other programmable data processing apparatus, or other devices to function in a particular manner, such that the instructions stored in the computer readable medium produce an article of manufacture including instructions which implement the function / act specified in the flowchart and / or block diagram block or blocks.
[0043] The computer program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing the functions / acts specified in the flowchart and / or block diagram block or blocks.
[0044] The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of devices, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s).
[0045] It should also be noted that, in some alternative implementations, the functions noted in the blocks may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and / or flowchart illustrations, and combinations of blocks in the block diagrams and / or flowchart illustrations, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
[0046] BRIEF DESCRIPTION OF THE DRAWINGSThese and other aspects of the invention are apparent from and will be further elucidated, by way of example, with reference to the drawings, in which:
[0047] Fig. 1 is a block diagram of a first implementation of the system; and Fig. 2 is a flow chart of a first implementation of the method;
[0048] Fig. 3 is a flow chart of a second implementation of the method;
[0049] Fig. 4 shows an example of a peer identifier created in the method of Fig. 3; Fig. 5 shows an example of a peer identifier index determined in the method ofFig. 3;
[0050] Fig. 6 is a flow chart of a third implementation of the method;
[0051] Fig. 7 shows an example of a peer identifier index determined in the method ofFig. 6;
[0052] Fig. 8 shows an example of a memory structure used in a fourth implementation of the method;
[0053] Fig. 9 is a block diagram of a second implementation of the system; and Fig. 10 is a block diagram of an exemplary data processing system for performing the methods of the invention.
[0054] Corresponding elements in the drawings are denoted by the same reference numeral.
[0055] DETAILED DESCRIPTION OF THE DRAWINGS
[0056] Fig. 1 is a block diagram of a first implementation of the system for authenticating a peer system of a plurality of peer systems. The system 1 comprises an input interface 3, an output interface 4, logic circuitry 5, and memory 7. The memory 7 is preferably non-volatile memory. Fig. 1 further shows two peer systems 11 and 21.
[0057] The logic circuitry 5 of system 1 is configured to obtain one or more authentication data sets per peer system for each of the plurality of peer systems 11 and 21 and store the one more authentication data sets per peer system in a set of one or more storage blocks per peer system. Each set of one or more storage blocks is associated with a respective peer system of the plurality of peer systems and is identified by a respective index in one or more memories, e.g., memory 7 and optionally a memory outside system 1. In other words, the index is a memory address.
[0058] The logic circuitry 5 is further configured to create a respective peer identifier for each respective peer system of the plurality of peer systems and transmit each respective peer identifier to the respective peer system for which the respective peer identifier was created. The respective peer identifier comprises the respective index which identifies the set of one or more storage blocks associated with the respective peer system.The logic circuitry 5 is further configured to receive, from a peer system of the plurality of peer systems, a message which comprises comprising the peer identifier previously transmitted to the peer system, retrieve an authentication data set from a set of one or more storage blocks identified by the index comprised in the peer identifier, and authenticate the peer system based on the authentication data set.
[0059] In the example of Fig. 1, peer systems 11 and 21 also comprise an input interface 3, an output interface 4, logic circuitry 5, and memory 7. The logic circuitry 5 of peer systems 11 and 21 have been configured in the same manner as described above in relation to logic circuitry 5 of system 1.
[0060] A first implementation of the method of authenticating a peer system of a plurality of peer systems is shown in Fig. 2. The method may be performed by system 1 of Fig. 1, for example.
[0061] A step 100 comprises determining an index of a free storage block in one or more memories. A step 101 comprises obtaining an authentication data set for a peer system. Part of the authentication data set or the entire authentication data set may be received from the peer system. The authentication data set may comprise a public key of the peer system, a password, or a challenge-response pair of the peer system, for example. The challengeresponse pair is unique to a physical unclonable function of the peer system.
[0062] A step 103 comprises storing the authentication data set obtained in step 101 in the free storage block based on the index determined in step 100. This associates the free storage block with the peer system.
[0063] A step 105 comprises creating a peer identifier for the peer system. The peer identifier comprises the index determined in step 100. A step 107 comprises transmitting the peer identifier created in step 105 to the peer system. Steps 101 and 103 may be performed before, after, or in parallel with steps 105 and 107.
[0064] A step 109 comprises receiving a message from a peer system to which a peer identifier was previously transmitted in step 107. The message comprises the peer identifier previously transmitted to the peer system. A step 111 comprises retrieving an authentication data set from a set of one or more storage blocks identified by the index comprised in this peer identifier. A step 113 comprises authenticating the peer system based on the authentication data set retrieved in step 111.
[0065] Steps 101-107 are performed for a plurality of peer systems. Steps 109-113 may be performed for a first peer system before steps 101-107 are performed for a second peer system. For each individual peer system, steps 101-107 are performed before steps 109-113 can be performed. Steps 109-113 are normally performed multiple times for each peer system.A second implementation of the method of authenticating a peer system of a plurality of peer systems is shown in Fig. 3. The method may be performed by system 1 of Fig. 1, for example. The implementation of Fig. 3 is an extension of the implementation of Fig. 2. In the implementation of Fig. 3, step 105 of Fig. 2 is implemented by steps 131, 133, and 135.
[0066] Step 131 comprises obtaining a secret from the one or more memories or from a further memory. The further memory may be a one-time programmable memory, for example. Step 133 comprises encrypting, with the secret obtained in step 131, the index determined in step 100. Peer identifiers may be encrypted to remove from the attacker any direct knowledge about the layout of the authentication data storage. Step 135 comprises creating a peer identifier for the peer system such that it includes the encrypted index obtained in step 133.
[0067] Fig. 4 shows an example of a peer identifier 61 (idp) created in the method of Fig. 3. In this example, the peer identifier 61 comprises a combination of an encrypted peer index identifier 65 (t), i.e., the encrypted index obtained in step 133, and a nonce 63 (to make the peer identifier unique). In an alternative implementation, the index may be combined in unencrypted form with a nonce. The nonce may be a universally unique identifier (UUID) or may be chosen at random, e.g., a salt. The salt may be generated through a linear-feedback shift register (LFSR) to avoid repetitions of the same value. The peer identifier may be 256 bits, for example. A pre-configured number of bits may be used for the salt.
[0068] Fig. 5 shows an example of a peer identifier index 71 (t) determined in the method of Fig. 3. In this example, the peer identifier index 71 (t) only comprises the index 73 determined in step 100. This peer identifier index 71 (t) is encrypted in step 133, resulting in encrypted peer identifier index 65 (t).
[0069] A third implementation of the method of authenticating a peer system of a plurality of peer systems is shown in Fig. 6. The method may be performed by system 1 of Fig. 1, for example. The implementation of Fig. 6 is an extension of the implementation of Fig. 2. In the implementation of Fig. 6, step 105 of Fig. 2 is implemented by a step 151 and step 107 of Fig. 2 is implemented by a step 153.
[0070] Step 151 comprises creating multiple peer identifiers for the peer system. The multiple peer identifiers each comprising an index identifying a set of one or more storage blocks associated with the peer system. Step 153 comprises transmitting the multiple peer identifiers to the peer system.
[0071] Multiple peer identifiers may be created when the one or more memories comprise a plurality of memories, for example. In this case, the peer identifier preferably comprises a memory identifier identifying a memory of the plurality of memories. Thismemory identifier is also referred to as storage identifier (storage_id). This optional storage identifier thus indicates what storage media has been used for storing authentication data about the peer. Data for different peers may be stored across different kinds of online, and offline media, for performance, availability and reliability (backup) purposes.
[0072] As a first example, an authentication data set may be stored in a storage block of a first memory and a duplicate of the authentication data set may be stored in a storage block of a second memory. As a second example, an authentication data set for a first peer system may be stored in a storage block of a first memory and an authentication data set for a second peer system may be stored in a storage block of a second memory.
[0073] Fig. 7 shows an example of a peer identifier index 71 (t) determined in the method of Fig. 6. In this example, the peer identifier index 71 (t) comprises a storage identifier 75 and the index 73 determined in step 100. The peer identifier index may comprise a pre-configured number of bits for the storage identifier 75 (storage id) and a preconfigured number of bits for the index 73 (idx), for example. When the implementations of Figs. 3 and 6 are combined, this peer identifier index 71 (t) is encrypted in step 133 of Fig. 3, resulting in encrypted peer identifier index 65 (t) of Fig. 4.
[0074] The peer identifier of Fig. 7 may be encrypted in the following manner: t= senc(
[0075] P =< storage id, idx >
[0076] IV = salt
[0077] K = T(salt)
[0078] )
[0079] idp=< salt, t>
[0080] This encrypted peer identifier may be decrypted in the following manner: < salt, t >= idp
[0081] t = sdec(
[0082] P = t
[0083] IV = salt
[0084] K = T(salt)
[0085] )
[0086] < storage id, idx >= t
[0087] Optionally, the configurable size of the salt is set to the same size as the IV (Initialization Vector) expected by the symmetric algorithm of choice (i.e., 96b for AES-GCM, 192b for cha-cha-poly), and the total size of i is the same as the block size of the encryption algorithm of choice.In a fourth implementation of the method, a linked list is maintained which links multiple free storage blocks in the one or more memories and a pointer to the first free storage block is maintained. In an alternative implementation, another linked data structure than a linked list may be used. Fig. 8 shows an example of a memory structure used in this fourth implementation. Fig. 8 shows a memory of a system “o”. The memory comprises peers metadata 81 and storage metadata 82.
[0088] Fig. 8 shows that when a system “o” assigns to a peer “p” their identifier 93 (idp=< saltp, idxp>), the corresponding storage block 86, starting at index idxpis reserved for peer p. Similarly, when the system “o” assigns to a peer “q” their identifier 94 (idq=< said, idxq)>, the corresponding storage block 87, starting at index idxqis reserved for peer q. The indices of the storage blocks are shown in column 84 of the peers metadata 81. The first storage block has index 0 and the last storage block has index M.
[0089] In the example of Fig. 8, only one authentication data block is stored per peer system: authentication data block 97 (ADBP) for peer “p” and authentication data block 98 (ADBq) for peer “q” Alternatively, multiple authentication data blocks, i.e., authentication data sets, may be stored per peer system, e.g., ADBQ and ADB for peer “p”. The peer identifiers idpand idqare created by system “o” for peers “p” and “q”. The storage blocks 86 and 87 also store the peer identifiers created by peers “p” and “q” for system “o”: id095 and id096, respectively. Although both peer identifiers are referred to as id0, they are created by different peer systems and have different values.
[0090] Furthermore, the first free block is pointed by the index stored in the free idx head of the storage metadata 82, and a linked listed with the rest of the free blocks is maintained. The peer identifier variable of the free blocks may be used to form such a linked list, for example. In the example of Fig. 8, all storage blocks from index F to index M are free, but the free storage blocks may not be contiguous and therefore a linked list is beneficial.
[0091] Optionally, a rsvd idx head variable may be maintained (not shown in Fig.
[0092] 8). If the free index is F, then when generating a new peer identifier, the free _idx head variable may be assigned to the rsvd idx head variable, a next free block index stored in idFmay be stored in free idx head, and the previous content of rsvd idx head may be stored in idF. The reserved variable may be used to make sure that reserved but not finalized peer data can be freed in the event of a device failure.
[0093] In order to remove the data associated with a peer, after safely overwriting the authentication data block(s) with empty values, the current free idx head may be stored in the id field of the removed block, and the index of the block that has just been freed maybe stored in the free _idx head variable, adding the new free block to the head of the free blocks linked list, that will be ready for reuse.
[0094] In an extension, the linked list further links multiple used storage blocks in the one or more memories and links a last used storage block of the multiple used storage blocks to the first free storage block. This is not shown in Fig. 8.
[0095] To ensure added reliability, multiple authentication data blocks may be generated for the same peer system with different peer identifiers (some of which are referred to as backup identifiers) and linked through an optional doubly linked list ([id , id ]) through the identifiers. In case of failure, the backup authentication data may be used in place of the existing one, and optionally to open a secure bootstrap channel for recovery of the data. This optional doubly linked list is not shown in Fig. 8 but may be stored in the storage block of the respective peer system, for example.
[0096] With respect the previously mentioned PUF, a PUF refers to a function that is implemented as a physical system in such a way that the output for an input is obtained by applying the input stimulus to the physical system and observing the resulting behavior. The interaction between the stimulus and the physical system is unpredictable, depending on essentially random elements within the physical system. This makes it impossible to obtain the output without having had direct access to the physical system and also renders it impractical to reproduce the physical system itself. PUFs are typically low in manufacturing costs and easy to evaluate for practical applications.
[0097] Conventionally, an input or stimulus that a PUF accepts is called a challenge. The output of a PUF, that is, the behavior the PUF exhibits after interaction with the stimulus, is called a response. A pair comprising a challenge and the corresponding response of a PUF is called a challenge-response pair. Some types of PUFs allow a wide range of different inputs, some types allow a more limited range of inputs or may even allow only a single input. The property that the PUF produces the same response to a challenge c that is presented multiple times, is preferable, but not necessary and, in practice, most PUFs do not possess it. As long as the multiple responses are sufficiently close to each other, the PUF can be usefully applied.
[0098] Since the interaction between a stimulus and the physical system cannot be predicted without access to the system, the PUF is hard to characterize and therefore to model. The output of a particular PUF for an input can therefore only be obtained using the particular physical system underlying the particular PUF. Possession of a challenge-response pair is proof that at some point the challenge was offered to the unique physical system that underlies the PUF. Because of this property, i.e., the property that challenge-response pairsare coupled to a unique physical device, a PUF is called unclonable. By equipping a device with a PUF, the device also becomes unclonable.
[0099] A Controlled PUF (CPUF) comprises a PUF and a control layer that restricts a user’s access to the PUF input and output. The CPUF is especially beneficial if a system has multiple users or sessions accessing the same computational device. Different types of CPUFs exists. As a first example, WO 03 / 090259 A2 describes the control layer creating a hash of a program to be executed on the system which wants to access the PUF and providing a response to a challenge or pre-challenge that depends on this hash.
[0100] As a second example, the paper “Flowchart description of security primitives for controlled physical unclonable functions” by Boris Skoric, and Marc X. Makkes, published in International Journal of Information Security 9, 2010, describes a CPUF which only allows access to PUF functionality only when a secure channel has been established. All communications and iterations need to pass through the secure channel handler. Everything that happens within the CPUF is considered secure against invasive attacks.
[0101] Fig. 9 is a block diagram of a second implementation of the system for authenticating a peer system of a plurality of peer systems. The system 41 comprises a CPUF chip 42. The CPUF chip 42 comprises one or more processors 45, e.g. one or more computer cores, an input interface 43, an output interface 44, a physically unclonable function (PUF) 46, memory 47, and one or more cryptographic accelerators 48. The input interface 43 and output interface 44 may be realized by a network interface. Fig. 9 further shows one peer system 51.
[0102] The processor 45 of system 41 is configured to obtain one or more authentication data sets per peer system for each of a plurality of peer systems, including peer system 51 , and store the one more authentication data sets per peer system in a set of one or more storage blocks per peer system. Each set of one or more storage blocks is associated with a respective peer system of the plurality of peer systems and is identified by a respective index in one or more memories, e.g., memory 47 and optionally a memory outside system 41. For each respective peer system of the plurality of peer systems, the one or more authentication data sets comprise a challenge-response pair of the respective peer system. The challenge-response pair is unique to a physical unclonable function of the respective peer system.
[0103] The processor 45 is further configured to create a respective peer identifier for each respective peer system of the plurality of peer systems and transmit each respective peer identifier to the respective peer system for which the respective peer identifier was created. The respective peer identifier comprises the respective index which identifies the set of one or more storage blocks associated with the respective peer system.The processor 45 is further configured to receive, from a peer system of the plurality of peer systems, a message which comprises comprising the peer identifier previously transmitted to the peer system, retrieve an authentication data set from a set of one or more storage blocks identified by the index comprised in the peer identifier, and authenticate the peer system based on the authentication data set.
[0104] In the example of Fig. 9, peer system 51 comprises the same components as system 41 and the processor 45 of peer system 51 has been configured in the same manner as described above in relation to processor 45 of system 41.
[0105] While in the examples and implementations of Figs. 1-9, the entity identifiers are peer identifiers and the data sets are authentication data sets, the entity identifiers may be entity identifiers other than peer identifiers, and the data sets may be data sets other than authentication data sets. For example, the system may be a server which creates client identifiers for its clients or creates group identifiers for groups of its clients.
[0106] The entity identifiers may be used to recognize entities with a network and are not limited to just verifying who they are. A node in a network may store information about other nodes to speed up data access, leveraging a linked data structure. Even in secure environments where full authentication is not necessary, nodes may use identifiers to track each other and work together on distributed tasks.
[0107] Essentially, the entity identifiers allow nodes to share information about themselves and their state, enabling them to function as a collaborative multi-agent system. By sharing identifiers, nodes can efficiently find information about groups and work together. This is particularly useful in applications requiring shared state, where nodes collaborate to achieve a common goal, e.g., collaborative document editing, in which nodes need to track document versions and changes.
[0108] In a distributed job scheduling & resource allocation application, a server may store various types of metadata relating to its nodes. This metadata helps manage the distribution of data across nodes and facilitates efficient data retrieval and load balancing. Some examples of metadata that a server might store include:
[0109] • Node status: Information about the current status of each node, such as whether it is active, inactive, or undergoing maintenance.
[0110] • Node capabilities: Information about the capabilities of each node, such as storage capacity, processing power, and network bandwidth.
[0111] • Data distribution information: Information about which data is stored on which nodes.
[0112] Fig. 10 depicts a block diagram illustrating an exemplary data processing system that may perform the method as described with reference to the flow charts.As shown in Fig. 10, the data processing system 900 may include at least one processor 902 coupled to memory elements 904 through a system bus 906. As such, the data processing system may store program code within memory elements 904. Further, the processor 902 may execute the program code accessed from the memory elements 904 via a system bus 906. In one aspect, the data processing system may be implemented as a computer that is suitable for storing and / or executing program code. It should be appreciated, however, that the system 900 may be implemented in the form of any system including a processor and a memory that is capable of performing the functions described within this specification. The data processing system may be an Intemet / cloud server, for example.
[0113] The memory elements 904 may include one or more physical memory devices such as, for example, local memory 908 and one or more bulk storage devices 910. The local memory may refer to random access memory or other non-persistent memory device(s) generally used during actual execution of the program code. A bulk storage device may be implemented as a hard drive or other persistent data storage device. The processing system 900 may also include one or more cache memories (not shown) that provide temporary storage of at least some program code in order to reduce the quantity of times program code must be retrieved from the bulk storage device 910 during execution. The processing system 900 may also be able to use memory elements of another processing system, e.g. if the processing system 900 is part of a cloud-computing platform.
[0114] Input / output (I / O) devices depicted as an input device 912 and an output device 914 optionally can be coupled to the data processing system. Examples of input devices may include, but are not limited to, a keyboard, a pointing device such as a mouse, a microphone (e.g. for voice and / or speech recognition), or the like. Examples of output devices may include, but are not limited to, a monitor or a display, speakers, or the like. Input and / or output devices may be coupled to the data processing system either directly or through intervening I / O controllers.
[0115] The input and the output devices may be implemented as a combined input / output device (illustrated in Fig. 10 with a dashed line surrounding the input device 912 and the output device 914). An example of such a combined device is a touch sensitive display, also sometimes referred to as a “touch screen display” or simply “touch screen”. In such an implementation, input to the device may be provided by a movement of a physical object, such as e.g. a stylus or a finger of a user, on or near the touch screen display.
[0116] A network adapter 916 may also be coupled to the data processing system to enable it to become coupled to other systems, computer systems, remote network devices, and / or remote storage devices through intervening private or public networks. The network adapter may comprise a data receiver for receiving data that is transmitted by the systems,devices and / or networks to the data processing system 900, and a data transmitter for transmitting data from the data processing system 900 to the systems, devices and / or networks. Modems, cable modems, and Ethernet cards are examples of different types of network adapter that may be used with the data processing system 900.
[0117] As pictured in Fig. 10, the memory elements 904 may store an application 918. The application 918 may be stored in the local memory 908, the one or more bulk storage devices 910, or separate from the local memory and the bulk storage devices. It should be appreciated that the data processing system 900 may further execute an operating system (not shown in Fig. 10) that can facilitate execution of the application 918. The application 918, being implemented in the form of executable program code, can be executed by the data processing system 900, e.g., by the processor 902. Responsive to executing the application, the data processing system 900 may be configured to perform one or more operations or method steps described herein.
[0118] The invention may be implemented as a program product for use with a computer system, where the program(s) of the program product define functions. The program(s) may be contained on a variety of non-transitory computer-readable storage media, where, as used herein, the expression “non-transitory computer readable storage media” comprises all computer-readable media, with the sole exception being a transitory, propagating signal. The program(s) may also be contained on a variety of transitory computer-readable storage media. Illustrative computer-readable storage media include, but are not limited to: (i) non-writable storage media (e.g., readonly memory devices within a computer such as CD-ROM disks readable by a CD-ROM drive, ROM chips or any type of solid-state non-volatile semiconductor memory) on which information is permanently stored; and (ii) writable storage media (e.g., flash memory, floppy disks within a diskette drive or hard-disk drive or any type of solid-state random-access semiconductor memory) on which alterable information is stored. The computer program may be run on the processor 902 described herein.
[0119] The terminology used herein is for the purpose of describing particular implementations only and is not intended to be limiting of the invention. As used herein, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and / or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and / or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and / or groups thereof.
[0120] The corresponding structures, materials, acts, and equivalents of all means or step plus function elements in the claims below are intended to include any structure, material, or act for performing the function in combination with other claimed elements as specificallyclaimed. The detailed description has been presented for purposes of illustration, but is not intended to be exhaustive or limited to the implementations in the form disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope of the present invention.
Claims
CLAIMS:
1. A system (1,41) for creation and management of entity identifiers and associated data, the system (1,41) comprising one or more memories (7,47) and logic circuitry (5,45) configured to:- obtain one or more data sets per further system (11,21,51) for each of a plurality of further systems (11,21,51),- store the one more data sets per further system (11,21,51) in a set of one or more storage blocks per further system, each set of one or more storage blocks being associated with a respective further system (11,21,51) of the plurality of further systems (11,21,51) and being identified by a respective index in the one or more memories (7,47),- create a respective entity identifier for each respective further system (11,21,51) of the plurality of further systems (11,21,51), the respective entity identifier comprising the respective index which identifies the set of one or more storage blocks associated with the respective further system (11,21,51),- transmit each respective entity identifier to the respective further system (11,21,51) for which the respective entity identifier was created,- receive a message from a further system (11,21,51) of the plurality of further systems (11,21,51), the message comprising the entity identifier previously transmitted to the further system (11,21,51),- retrieve a data set from a set of one or more storage blocks identified by the index comprised in the entity identifier, and- use the data set in relation to the further system (11,21,51).
2. A system (1,41) as claimed in claim 1, wherein for each respective further system (11,21,51) of the plurality of further systems (11,21,51), the one or more data sets comprise a challenge-response pair of the respective further system (11,21,51), the challenge-response pair being unique to a physical unclonable function of the respective further system (11,21,51).
3. A system (1,41) as claimed in claim 1 or 2, wherein the respective entity identifier comprises a combination of the respective index and a nonce.
4. A system (1,41) as claimed in claim 3, wherein the nonce is a universally unique identifier or chosen at random.
5. A system (1,41) as claimed in any one of the preceding claims, wherein the logic circuitry (5,45) is configured to:- obtain a secret from the one or more memories (7,47) or from a further memory,- encrypt, with the secret, the respective index identifying the set of one or more storage blocks associated with the respective further system (11,21,51), and- include the respective index in encrypted form in the respective entity identifier created for the respective further system (11,21,51).
6. A system (1,41) as claimed in claim 5, wherein the further memory is a onetime programmable memory.
7. A system (1,41) as claimed in any one of the preceding claims, wherein the logic circuitry (5,45) is configured to:- create multiple entity identifiers for a further system (11,21,51) of the plurality of further systems (11,21,51), the multiple entity identifiers each comprising an index identifying a set of one or more storage blocks associated with the further system (11,21,51), and- transmit the multiple entity identifiers to the further system (11,21,51) for which the multiple entity identifiers were created.
8. A system (1,41) as claimed in any one of the preceding claims, wherein the one or more memories (7,47) comprise a plurality of memories and a respective entity identifier created for the respective further system (11,21,51) comprises a memory identifier identifying a memory of the plurality of memories, the one more data sets of the respective further system (11,21,51) being stored in the memory.
9. A system (1,41) as claimed in any one of the preceding claims, wherein the one or more memories (7,47) comprise a plurality of memories and the logic circuitry (5,45) is configured to store the one more data sets and one or more duplicates of the one more data sets for at least one of the further systems (11,21,51) in one or more storage blocks of each of at least two of the plurality of memories.
10. A system (1,41) as claimed in any one of the preceding claims, wherein the logic circuitry (5,45) is configured to:- determine an index of a free storage block in the one or more memories (7,47),- create a new entity identifier for a new further system (11,21,51), the new entity identifier comprising the index of the free storage block in the one or more memories (7,47),- transmit the new entity identifier to the new further system (11,21,51), - receive a new data set from the new further system (11,21,51), and - store the new data set in the free storage block.
11. A system (1,41) as claimed in claim 10, wherein the logic circuitry (5,45) is configured to maintain a linked data structure which links multiple free storage blocks in the one or more memories (7,47) and determine the index of the free storage block by determining an index of a first free storage block in the linked data structure.
12. A system (1,41) as claimed in claim 11, where the logic circuitry (5,45) is configured to maintain a pointer to the first free storage block.
13. A system (1,41) as claimed in claim 11 or 12, wherein the linked data structure further links multiple used storage blocks in the one or more memories (7,47) and links a last used storage block of the multiple used storage blocks to the first free storage block.
14. A method of creating and managing entity identifiers and associated data, the method comprising:- obtaining (101) one or more data sets per further system for each of a plurality of further systems,- storing (103) the one more data sets per further system in a set of one or more storage blocks per further system, each set of one or more storage blocks being associated with a respective further system of the plurality of further systems and being identified by a respective index in one or more memories,- creating (105) a respective entity identifier for each respective further system of the plurality of further systems, the respective entity identifier comprising the respective index which identifies the set of one or more storage blocks associated with the respective further system,22- transmitting (109) each respective entity identifier to the respective further system for which the respective entity identifier was created,- receiving (111) a message from a further system of the plurality of further systems, the message comprising the entity identifier previously transmitted to the further system,- retrieving (113) a data set from a set of one or more storage blocks identified by the index comprised in the entity identifier, and- using the data set in relation to the further system.
15. A computer program or suite of computer programs comprising at least one software code portion or a computer program product storing at least one software code portion, the software code portion, when run on a computer system, being configured for performing the method of claim 14.