It is known in the art to use digital circuits such as pseudo random number ("PRN") generators, and linear feed-back linear shift register ("LSFR") generators to provide what are hopefully pseudo random numbers. For example, if an LSFR circuit is 200 bits in length, theoretically the output data block pattern should not repeat itself more than once in 2.sup.200 bits, which is indeed random. Unfortunately, generating true random numbers is difficult in practice, and can require an excessive number of components and operating power.
To further enhance security, in many applications it would be desirable to digitally generate a random number (or data block), which is then stored in non-volatile memory. Preferably a single integrated circuit ("IC") chip would contain the random number generator, the non-volatile memory, and perhaps other system circuitry as well.
Depending upon the task at hand, the random number may or may not be allowed to be read-out of the memory. However the nature and complexity of prior art approaches required to implement such on-chip security is prohibitive. Further, production testing of such ICs for randomness is prohibitive.
On-chip generation and storage of a truly undeterministic (e.g., random) data block would also permit IC manufacturer to encode a unique identification for each IC, which number may be used for securing access to the IC chip and/or memory. So doing would make unauthorized cloning of the IC difficult in that the utility of the undeterministic data block would not be known to the person cloning, and the cost required to attempt to learn the utility and unique key identity would be prohibitive relative to the cost of the IC. Again, however, it is not economically feasible to implement such on-chip protection using prior art approaches.
Non-volatile memory components are commonly used in many digital circuit applications, including systems in which an integrated circuit ("IC") containing at least a part of the memory retains a unique identification number used for securing access to the system and/or memory.
In such communication systems, it is known to permanently store an identification number with the non-volatile memory such that persons seeking to access other information stored in the memory must first properly replicate the identification number. In a so-called public-key encryption system, for example, the data block, or sequence of digital bits that define the private deciphering key, must be maintained in secrecy to preserve integrity of the system. One method of preserving secrecy of such keys is to generate the key randomly, and then store the key in non-volatile memory. A preferably random so-called seed (or initialization vector) routine, that need not be kept secret due to its undeterministic nature, produces a random bit stream in cryptographic applications.
What is needed is a system for digitally generating an undeterministic data block that may be stored in a non-volatile memory on an IC preferably also containing the system. Such a system should also permit self-testing. The present invention provides such a system.