Security IP developer Intrinsic ID has launched a software random number generator to boost security in devices in the Internet of Things (IoT)
Zign RNG enables IoT chip providers and device makers to establish a high-security random number generator in software enabling it to be deployed on devices even after silicon fabrication to ensure a true source of randomness for IoT devices.
A key capability is that Zign RNG can be installed later in the supply chain, and even retrofitted on already-deployed devices. This provides “brownfield” deployment of a cryptographically secure NIST-certified RNG, building on technology the company announced in 2017.
Random number generators (RNGs) are essential for cryptographic applications and form the foundation of security systems. For IoT devices, an RNG is generally implemented by incorporating hardware peripheral controllers, which are proving to be imperfect as a source for real randomness because they start with a deterministic input. Critical vulnerabilities have been disclosed in hardware random number generators used in billions of Internet of Things (IoT) devices whereby it fails to properly generate random numbers, undermining the security.
The Intrinsic ID Zign RNG extracts a true random seed harvested from noise in the SRAM via a physically unclonable function (PUF). This enables IoT device makers to ensure confidentiality, authentication, and communication integrity and makes Zign RNG the first and only embedded software implementation with a hardware entropy source option that does not have to be loaded at silicon fabrication.
- PUF-security now possible through software only
- Barco Silex and Intrinsic ID partners on securing IoT applications
- How PUF technology boosts a secure IC's security
- Maxim develops its own PUF security technology
- CEO interview: Quantum security for the real world
“RNGs extract randomness from hardware sources but some sources are better than others. With Zign RNG, randomness is extracted from a very strong source – the random patterns that appear in SRAM as a chip starts up. As a result, Zign RNG provides the benefits of a hardware entropy source without the need to make any hardware modifications and requires only minimal computing resources and memory which are limited on IoT devices,” said Pim Tuyls, CEO of Intrinsic ID, a spinout of Philips.
The Zign RNG product is compliant with the NIST SP 800-90 standard and implements a deterministic random bit generator (DRBG) as specified in the standard. This means that a strong RNG solution in software is created on top of an existing SRAM memory.
“The approach of Zign RNG offers us a cost-effective way to generate true randomness on devices with limited resources by utilizing something that is already present, the SRAM. It has proven to provide our devices with the entropy that is needed to build our security solutions on,” Sean McGrath, Senior VP and General Manager, Connectivity and Audio Business Group at Dialog Semiconductor, a Renesas Company and early adopter of Zign RNG. “We are already using a subset of the Zign RNG functionality in our SmartBond Bluetooth low energy SoC devices and are considering the full version of Zign RNG for upcoming products.”
Zign RNG has passed all standard national institute of standards and technology (NIST) randomness tests and is a NIST/FIPS-compliant software solution that addresses the issue of Hardware RNG peripherals used in IoT devices running out of entropy and leaving the device vulnerable.
Zign RNG is available immediately and is aimed at anyone making devices or chips for IoT. Zign RNG can be implemented at any stage of a device’s lifecycle, even after a device is already created and/or deployed in the field.
Other articles on eeNews Europe