SRAM PUF - Keys from Silicon Characteristics SRAM Physical Unclonable Functions or PUF use the behavior of standard SRAM memory, available in any digital chip, to differentiate chips from each other. They are virtually impossible to duplicate, clone or predict. This makes them very suitable for applications such as secure key generation and storage, device authentication, flexible key provisioning and chip asset management. Due to deep sub-micron process variations in the production process, every transistor in SRAM cells has slightly random electric properties. This randomness is expressed in the startup values of ‘uninitialized’ SRAM memory. These values form a unique chip fingerprint, called the SRAM PUF response. QUIDDIKEY ® The SRAM PUF response is a noisy fingerprint, and turning it into a high-quality and secure key vault requires further processing. This is done with the QUIDDIKEY logic. QUIDDIKEY reconstructs exactly the same cryptographic key every time and under all (environmental) circumstances. It generates an Activation Code which, in combination with the SRAM startup behavior, is used to reconstruct an intrinsic PUF key for use by the customer. When the key is not needed anymore, it can be removed from memory. When it is needed later it can be reconstructed again. The intrinsic PUF key can be used as a root key to wrap and manage user keys. QUIDDIKEY is available in 3 optimized variants: QUIDDIKEY - LIGHT Low chip footprint device-unique key creation QUIDDIKEY - FLEX Device-unique key creation, derivation, wrapping and management QUIDDIKEY - FLEX-E Device-unique key creation, derivation, wrapping and management, including elliptic curve private key generation SRAM PUF Benefits • Use standard SRAM memory • Device-unique high quality keys • No secrets when power is off • No key material programmed • Flexible and scalable Applications • Secure Key Storage • Authentication • Flexible Key Provisioning • Anti-Counterfeiting • HW-SW Binding • Supply Chain Protection Operating Specifications • 256 or 128-bit key entropy • Highly reliable across large range of operating environments and on every technology node • Lifetime > 25 years • Requires uninitialized SRAM Certifications • EMVCo, Visa • CC EAL6+ • US and EU Governments CREATE. WRAP. MANAGE. SRAM PUF-based secret keys QUIDDIKEY ® Hardware IP Family
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
SRAM PUF - Keys from Silicon Characteristics
SRAM Physical Unclonable Functions or PUF use the behavior of standard SRAM memory,
available in any digital chip, to differentiate chips from each other. They are virtually
impossible to duplicate, clone or predict. This makes them very suitable for applications such
as secure key generation and storage, device authentication, flexible key provisioning and
chip asset management.
Due to deep sub-micron process variations in the production process, every transistor in
SRAM cells has slightly random electric properties. This randomness is expressed in the
startup values of ‘uninitialized’ SRAM memory. These values form a unique chip fingerprint,
called the SRAM PUF response.
QUIDDIKEY®
The SRAM PUF response is a noisy fingerprint, and turning it into a high-quality and secure
key vault requires further processing. This is done with the QUIDDIKEY logic. QUIDDIKEY
reconstructs exactly the same cryptographic key every time and under all (environmental)
circumstances. It generates an Activation Code which, in combination with the SRAM startup
behavior, is used to reconstruct an intrinsic PUF key for use by the customer. When the key is
not needed anymore, it can be removed from memory. When it is needed later it can be
reconstructed again. The intrinsic PUF key can be used as a root key to wrap and manage user
keys. QUIDDIKEY is available in 3 optimized variants:
QUIDDIKEY - LIGHT Low chip footprint device-unique key creation
QUIDDIKEY - FLEX Device-unique key creation, derivation, wrapping and management
QUIDDIKEY - FLEX-E Device-unique key creation, derivation, wrapping and management, including elliptic curve private key generation
SRAM PUF Benefits
• Use standard SRAM memory
• Device-unique high quality keys
• No secrets when power is off
• No key material programmed
• Flexible and scalable
Applications
• Secure Key Storage
• Authentication
• Flexible Key Provisioning
• Anti-Counterfeiting
• HW-SW Binding
• Supply Chain Protection
Operating Specifications
• 256 or 128-bit key entropy
• Highly reliable across large range
of operating environments and
on every technology node
• Lifetime > 25 years
• Requires uninitialized SRAM
Certifications
• EMVCo, Visa
• CC EAL6+
• US and EU Governments
CREATE. WRAP. MANAGE. SRAM PUF-based secret keys
QUIDDIKEY® Hardware IP Family
Secure: QUIDDIKEY has great security advantages compared to traditional key storage methods. Each chip has its
unique unclonable key. SRAM bits settle in the one or zero state in a non-deterministic way that not even the
manufacturer can duplicate. Furthermore, because the key is not permanently stored, it is not present when the device is
inactive (no key at rest) and hence cannot be found by an attacker who is opening up the device.
Low Cost: Keys are extracted from the chip. No keys have to be programmed in NVM or OTP.
Flexible & Scalable: Keys can be provisioned at any suitable stage in the production process. The low footprint and
flexible design make QUIDDIKEY suitable for most semiconductor platforms, and scalable towards billions of devices.
Operating Conditions
QUIDDIKEY operates reliably over a wide range of applications and operating conditions:
• Qualified semiconductor technology nodes ranging from 180nm down to 14nm
• Semiconductor processes include low power, high speed, and high density
• Temperature range for PUF reading from -50°C to 150°C [-58°F to 300°F]
• Voltage supply variation +/- 20%
• Lifetime > 25 years
Deliverables
QUIDDIKEY hardware IP is easily integrated in any semiconductor design or firmware. Standard deliverables include:
• RTL Netlist including: test benches, product specification, integration manual, BIST
• Support for APB and AHB interfaces, health checks, security countermeasures
• Product specifications and integration manual
Hardware IP Key Entropy (bits)
Footprint (Gates)
PUF SRAM (KB)
Reconstruction Speed (Cycles)
QUIDDIKEY - LIGHT 128 12k 0.5 100k
256 13k 1.0 100k
QUIDDIKEY - FLEX 128 40k 0.5 90k
256 44k 1.0 90k
QUIDDIKEY - FLEX-E 128 45k 0.5 100k
256 50k 1.0 100k
[email protected] www.intrinsic-id.com
© 2017 Intrinsic ID. QUIDDIKEY®, and designated brands included herein are trademarks of Intrinsic ID. All other trademarks are the property of their respective owners.
Related Documents
