PUFs Generate Native Keys to Secure SoCs
Physically unclonable functions (PUFs) create externally inaccessible keys from unique chip characteristics. They can increase security and reduce the cost of provisioning hardware roots of trust.
A product manager at a fabless company brings a new processor to production, loading a unique ID in each chip to prevent counterfeiting. When powered up, the device checks in over the Internet to prove its bona fides using the ID. To avoid the added expense, the company forgoes a secure manufacturing environment for loading the ID and other keys. But once production is under way and the chips begin phoning home, the company finds multiple chips with the same IDs. Counterfeits are afoot, and there’s no way to tell which device is legitimate.
Counterfeiting is but one of the threats that on-chip security must deal with. Processors and systems-on-a-chip (SoCs) increasingly employ hardware roots of trust (HRoTs) to secure the platforms. Physically unclonable functions (PUFs) are a means of generating IDs and other secrets in HRoTs such that secure manufacturing is unnecessary. A PUF mechanism repeatably generates a number unique to a chip. That number never leaves the HRoT, so it and any secrets that derive from it are impossible to access. Because loading an external number into the HRoT thus becomes unnecessary, counterfeiters are unable to create a chip with the same ID.
Most PUF circuits exploit manufacturing variations. Given a sufficiently complex structure, each chip will differ slightly from all others. Examples of phenomena that drive PUFs are the power-up state of uninitialized SRAM, the thickness of tunneling oxides, antifuse-RAM or resistive-RAM (ReRAM) filament initiation, and the behavior of chaotic circuits. Academic studies have proposed other approaches, but the industry must vet each one, requiring time and effort; few such approaches have reached production.
Although PUFs have taken long to gain traction, one vendor—Intrinsic ID—has numerous customers. Other vendors have developed more-recent implementations, including Crossbar, Crypto Quantique, Ememory, and Verilock; they’re further behind.
Subscribers can view the full article in the TechInsights Platform.
Revealing the innovations others cannot inside advanced technology products
1891 Robertson Rd #500, Nepean, ON K2H 5B7