Software-only PUF can ‘secure the IoT’
The PUFs are generated from minute, but consistent, variations in the analog behaviour of SRAM cells. Every SRAM array built will have, due to semiconductor process variations, a unique parameter that can be extracted, repeatably, from its behavior.
This parameter is used to generate and secure keys; the critical parameter is derived only when needed, never goes off-chip and is never stored, all contributing to security.
Until now, Intrinsic ID (a sometime spinout from Philips) has focused on providing hardware IP (and supporting software/firmware) to enable designers to implement PUFs. Now, the company says it can do the same on any chip (presumably, any one that contains suitable SRAM) with software alone.
The company’s BROADKEY can therefore “secure the IoT” – it can provision unique keys and identities for nearly all microcontrollers without need for security-dedicated silicon.
BROADKEY allows device manufacturers and OEMS to secure their products with a unique secret key and/or identity without having to add security-dedicated silicon. BROADKEY does not have to be loaded at silicon production but can be installed later in the supply chain or even retrofitted on deployed devices.
Additionally, BROADKEY can wrap and manage other system keys that form the basis of security solutions ranging from simple to sophisticated.
“BROADKEY represents a revolution in key creation, wrapping and management,” said Pim Tuyls, chief executive officer of Intrinsic ID. “We are accelerating the ubiquitous adoption of security on every IoT device. With BROADKEY it is even possible to deliver authentication and encryption solutions to devices in the field through firmware updates.”
BROADKEY enables OEM, the company says, to select the best chips for their products with the confidence they can incorporate a consistent and cost-effective security model across their entire portfolio.
The BROADKEY family offers three options:
BROADKEY Light, for the most constrained environments
BROADKEY Flex, for those needing to wrap and manage keys
BROADKEY Flex-E, for those needing additionally asymmetric encryption technology
“The introduction of BROADKEY provides an alternative to creating an SoC (System on a Chip) identity post manufacturing, including during PCB assembly,” said Tom Katsioulas, director of Secure SoC Ecosystem Development at Mentor Graphics. “This has the potential to reduce hardware feature provisioning costs, while enabling SoCs to be authenticated at any point in the supply chain and the field.”
The Intrinsic ID SRAM PUF technology used in BROADKEY has been proven over years of production across millions of customer shipments. It is part of products that have passed certification by EMVCo, Visa, Common Criteria (EAL6+) and various governments.
Intrinsic ID: www.intrinsic-id.com
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
