This article explores the relative performance of SRAM PUF and quantum-derived semiconductor PUF technologies for IoT security.
There are now tens of billions of physical IoT devices connected over local networks and onward to the internet. Data from sensors transverses these networks. Actuators are actuated in response to the data. Simultaneously, applications analyze the data to facilitate a human or machine response.
But what if you don’t know which sensor is sending the data, or a response is initiated but sent to the wrong actuator? This is not just about a consumer’s smartphone exhibiting an irritating glitch. In industrial applications, it could be a production line shutting down, a hospital’s diagnostic equipment reporting the wrong information, or all the traffic lights at a road junction turning green at the same time. The potential for chaos is clear. To avoid such disasters, a fundamental requirement is to be able to identify, with absolute certainty, every IoT device on the network.
Almost without exception, a microcontroller (MCU) or other semiconductor integrated circuit (IC) is at the heart of each IoT device. It follows that if you can create a unique identity for each silicon chip, you have a unique identity for each IoT device. Such identities are sometimes described as device ‘fingerprints’ but they’re essentially just a series of random numbers. From an IoT security perspective, that’s not the whole story because if hackers attack the network, which is an increasingly common problem, they must not be able to steal device identities or duplicate them. If they can do so, it’s just a small step to being able to impersonate the devices on the network and even take control of the system to which they’re connected. That might be a car, a factory, or your home.
If, as we’re told by analysts, the IoT will soon embrace 50 billion devices, the challenge is to find a practical way of creating 10s of billions of unique, protectable, identities.
Today, most companies ‘inject’ the identities and keys into IoT devices, which means loading them with random numbers. It’s a process that’s relatively expensive – we estimate anywhere between 50 cents and 2 USD per device – and it sometimes means involving a third party in the IoT supply chain, which potentially adds risk. Two other risk factors need to be taken into account. First, the keys may not be as random as they should be. They may simply be derived from a computer’s clock chip. Second, injected keys need to be stored in a chip’s memory, making them vulnerable to leakage or theft.
What is a PUF?
This is where physical (or physically) unclonable functions – PUFs – offer alternative approaches. A PUF is a physical structure embodying randomness that can be exploited to create a random output function.
Randomness is central to generating secure identities and cryptographic keys. The more random the numbers, the harder it is for those with malicious intent to discover them, and the more secure the communications across networks. The extent to which a system exhibits randomness is known as its ‘entropy’. The higher the entropy, the greater the randomness. The greater the randomness, the more secure a system can be made.
PUFs in semiconductors
PUFs can be created from inherent random physical properties within the structure of silicon wafers produced during semiconductor chip manufacturing. For example, the wafers have an oxide dielectric layer which, due to manufacturing inconsistencies, varies minutely in thickness, even between one microscopic transistor and the one adjacent to it. Other microscopic variations occur too, such as varying circuit trace widths and inconsistencies in the spaces between them. All of these variations are random, so can provide a basis for generating random numbers, either from existing parts of the chip, such as SRAM, or by adding dedicated IP blocks.
SRAM – first-generation PUFs
Academic papers have cited over 40 types of PUF but few are in commercial use. Of those that can be deployed in the standard manufacturing process for MCUs, CMOS, the first to gain traction were static random-access memory (SRAM) PUFs. SRAM cells, each comprising four transistors that exhibit the physical variations described above, have a preferred state, 0 or 1, when they are powered up, this state being dependent upon the physical characteristics of the individual transistors. As a result, an SRAM PUF produces a unique random pattern of 0s and 1s on power-up. SRAM is found in most MCUs, so the pattern can become the chip’s identity – its fingerprint – from which cryptographic keys may also be created.
Microsemi and Xilinx use SRAM PUF technology in their field programmable gate arrays (FPGAs) and NXP has implemented it in MCUs designed for IoT applications. In NXP chips, the SRAM PUF generates a single, unclonable 256-bit ‘seed’ or identity from which pairs of cryptographic keys may also be derived.
The advantages of SRAM PUFs:
- They create unique, unclonable chip identities.
- The entropy of the silicon manufacturing process is utilized to produce random numbers.
- Identities do not need to be injected into the chip.
- Identities are not stored, making them more difficult to hack.
- SRAM is already present in most MCUs.
Limitations of SRAM PUFs:
- Due to the large amount of raw data needed to generate each random number, SRAM PUFs usually spawn multiple cryptographic keys from the same original seed, which makes them mathematically correlated and less secure than if each key was generated from independently produced random numbers.
- SRAM PUF readings are not completely reliable, with high error rates – perhaps up to 30%, depending on the memory manufacturer. This demands complex algorithms to correct the errors, but such algorithms present a significant processing overhead for MCUs with limited resources, such as those commonly used in IoT devices.
- Entropy, the measure of randomness, may not be good. What if all the cells within a memory have a 90% chance of being a 1 on power-up? That’s poor entropy, poor randomness, making it easier for hackers to determine the identities of chips. Since this will depend on the memory technology, the PUF provider has little control of the final entropy.
- There are questions over susceptibility to side-channel attacks by malicious actors. Side-channel attacks exploit key-dependent variables to guess the bit values. For example, a cell may consume marginally more power when settling at a 1 state than at a 0. Measuring these differences can reveal the secrets within the chip. Of course, secure memories could be specified but these may be prohibitively expensive.
In summary, SRAM PUFs utilize silicon that’s designed for another purpose (volatile memory). But SRAM cells were not designed to be random number generators or for cryptography, so it’s important to recognize the limitations of the technology when adopting it for cryptosecurity, not least the low number of seeds that can be generated for a given memory area.
It’s also important to note that in practice, even when using an SRAM PUF to create identities, companies usually use key injection to produce cryptographic keys, even with all of the security compromises and increased cost that this process involves.
Second-generation, quantum driven PUFs
Second-generation semiconductor PUFs are now available as dedicated IP blocks, rather than utilizing SRAM. They are used in standard CMOS processes. Typically, 64 x 64 cell arrays, each cell comprising two transistors, take up minimal silicon area and exploit quantum tunneling to generate random numbers.
The oxide layer on the chip varies randomly in thickness, as discussed earlier. In quantum tunneling, electrons propagate through the oxide layer to varying degrees, depending on the thickness of the layer and the atomic structure at a particular point. The currents involved are tiny, in the order of femtoamps (10-15 amps), just a few tens of electrons. But the technology has now been developed to provide accurate measurements at these electron flows and to generate 1s or 0s based on readings of adjacent cells.
Errors do occur and, as in SRAM PUFs, fuzzy extractor algorithms are used to correct them. However, error rates are at a much lower level than in first-generation PUFs, typically under 5%, so error correction demands much less processor overhead.
These PUFs only consume power for fractions of a second when keys are being generated. They consume no power at other times, making them energy efficient. This is important, particularly for battery powered IoT applications.
Quantum-driven second-generation PUFs bring several further advantages.
- The large number of raw materials can be used to generate multiple random numbers, or seeds, on-demand, to accommodate different services.
- These seeds can be used to produce multiple cryptographic keys on-demand. Because the keys come from different seeds, they are not mathematically correlated, so are more secure.
- As a result of points 1 and 2, the need for key injection, with all its associated costs and risks, is completely eliminated.
- The identities and keys do not need to be stored, as they do when key injection is employed, making the chips more secure.
- The PUFs have a small silicon footprint to keep costs to a minimum and are easily tested.
- Only quantum driven, second-generation PUFs mitigate possible future attacks that may come from quantum computers, when these become commercially available.
PUFs, microcontrollers, and IoT security
The world’s largest MCU companies, and some smaller semiconductor firms, are evaluating second-generation PUFs now. Already proven in test chips at 55nm, the technology is now being migrated to smaller geometries. Several MCU companies expect to have chips employing these PUFs later this year and in 2022. Making MCUs secure is the most fundamental step towards making IoT devices secure. As billions of IoT endpoints are deployed and legislation is being drawn up across the globe to enforce the security of IoT networks, second-generation PUFs could not have come along at a more opportune moment.
Leonardo (Leo) Machado is head of product at Crypto Quantique. Immediately prior to joining the company, he was a product director at Trustronic, a joint venture between Arm and Thales. Before that he gained experience in project and product management in the mining industry in Brazil and as senior product manager for an enterprise software business in Cambridge, UK. Leo holds a BSc in computer science and an MBA from SDA Bocconi School of Management in Milan, Italy.
- Basics of SRAM PUF and how to deploy it for IoT security
- How PUF technology can mitigate future SunBurst-type hacks
- Novel approach brings improved PUF stability
- MCUs use PUF tech to fill private key security gap
- A guide to securely connecting IoT devices to the cloud