Most executives we talk to about internet of things (IoT) security emphasize similar points: the need for a strong root of trust, proper authentication mechanisms, and resilience. However, there are many different ways of enabling the various aspects of this security. One company focused on physical unclonable function (PUF) based security intellectual property is Intrinsic ID.
We caught up with CEO and a founder of Intrinsic ID, Pim Tuyls, to understand more about the world of PUF security, the challenges for IoT security as technology scales, and how to deal with the potential impact of other threats including quantum computing.
Pim Tuyls co-founded the company in 2008 as a spinout from Philips Research. While working as a principal scientist managing the cryptography cluster at Philips, he initiated the original work on physical PUFs that forms the basis of the Intrinsic ID core technology. As a result of over 20 years working on semiconductors and security, Pim is widely recognized for his work in the field of SRAM PUFs and security for embedded applications.
He speaks regularly at technical conferences and has written extensively on the subject of security. He co-wrote the book Security with Noisy Data, which examines new technologies in the field of security based on noisy data and describes applications in the fields of biometrics, secure key storage, and anti-counterfeiting. Pim holds a Ph.D. in mathematical physics from Leuven University and has more than 50 patents.
Tuyls said his team of around 30 people has a lot of experience in implementing PUF in many different situations. He emphasized in our interview that a major differentiator for Intrinsic ID’s solution is that “there are no key secrets at rest.”
What are chip companies missing?
EE Times: What do you think semiconductor companies are missing when it comes to implementing security, and what should they be thinking about to ensure connected devices are secure?
Pim Tuyls: Security has come to mean a lot of things to a lot of people. For example, security for semiconductor vendors is about protecting sensitive data, both on chips and in transit between devices. It is about protecting valuable IP that, when stolen, altered or copied, can result in compromised systems, great liabilities, and major losses. But it is also about protecting privacy and confidentiality for end-users.
There was a time not long ago that semiconductor companies saw security as a “nice to have.” Adding security felt like a burden in many cases, because they did not want to reserve area on the chip for it or add the required cycles to their boot sequences. We saw this more often in the early days of Intrinsic ID, when we were starting out in 2008.
But times have changed significantly. With the ever-increasing billions of autonomously connected IoT devices, semiconductor vendors have come to the correct conclusions that security is now a must have for them. Nowadays we see a lot of customers returning to us, who did not want to invest in strong hardware security in the past and who feel that they can now no longer go without it. However, it remains of the utmost importance that any security solution for semiconductors consumes as little overhead in resources and cost as possible, because the enormous volumes of semiconductors for IoT simply have to operate on very thin margins.
Authentication and trust are key
EE Times: Are there specific aspects of IoT that impact the need for security? What exactly is needed to securely connect IoT devices?
Pim Tuyls: One thing all IoT security issues have in common is that they are about authentication. Which device is allowed access to certain data? Which devices are allowed on your network? What hardware is allowed to run certain software or access protected data? To be able to answer those questions, all devices in a system need to be authenticated. So, without proper authentication, there is no way to even get started to talk about security.
Hence one of the biggest challenges in IoT security is overcoming the problem of deception. To be more precise, in most security related cases deception is caused by impersonation. Within the IoT, this is about malicious devices trying to get privileges they are not supposed to have. But if you can authenticate the identity of a device, you can know what is legitimate and what is not, greatly reducing the chances of deception.
Therefore, establishing a trusted identity for IoT devices is imperative. It is particularly important for the high-volume semiconductors that are in those devices to have a strong and low-cost implementation of a root of trust. Clearly, any security implementation needs to be sufficiently strong, otherwise there is no point to it. However, the enormous volumes in IoT also demand the solution to have low implementation-cost.
SRAM PUF ensures scalability
EE Times: Can you explain a little more about PUF based security, and especially how your solution is different to that from other vendors offering PUF security? Can you identify particular features customers find useful?
Pim Tuyls: We provide security solutions based on physical unclonable function, or PUF, technology, which is important for authenticating semiconductor devices. PUFs convert tiny variations in the silicon of a chip into a digital pattern of 0s and 1s that is unique to that specific chip and is repeatable over time. This pattern is a “silicon fingerprint.” The fingerprint is turned into a cryptographic key that is unique for that specific chip and is used as its root key to establish its identity.
The root key is reliably reconstructed from the PUF whenever it is needed by the system, without a need for storing the key in any form of memory. Since keys are never stored by real PUFs, they are immutable and unobtainable for adversaries, providing PUFs with a level of security that has allowed them to be used in high-end security markets, such as aerospace, defense, and banking. Given that PUFs achieve this high level of security without using any dedicated security hardware, the implementation cost of the total solution remains low, making it also ideal for high volume markets in the IoT.
PUFs convert tiny variations in the silicon of a chip into a digital pattern that is unique to that specific chip and is repeatable over time. This pattern is a “silicon fingerprint.” The fingerprint is turned into a cryptographic key that is unique for that specific chip and is used as its root key to establish its identity. (Source: Intrinsic ID)
Besides the high security offered by most PUF implementations, the SRAM PUF technology deployed by Intrinsic ID, where the silicon fingerprint is derived from the random start up behavior of SRAM memory, offers very high reliability over time, a high source of entropy, and a proven track-record with over 250 million chips deployed in the field.
In some cases, we have seen that the reliability of our SRAM PUFs exceeded that of non-volatile storage for keys in, for instance, flash memory. On top of that, SRAM is a standard semiconductor component that is available in any technology node and in every process. This ensures the scalability of SRAM PUFs over different nodes and processes and allows for easy testing and evaluation as this is a well-known semiconductor component. SRAM PUFs are also fully digital. Adding an SRAM PUF does not require any additional mask sets, analog components (like charge pumps), or special programming.
How do we differ from other vendors? We believe we are the only security company in the world that offers implementations of PUF technology as hardware IP, software, and even firmware for FPGAs. This means that besides semiconductor manufacturers adding our PUF IP to the hardware of their chips, their customers can also decide to add our technology to chips that do not have it in hardware. The software implementation of our PUF technology, called BK, runs on virtually any type of microcontroller (MCU) or system on chip (SoC). And FPGA users can deploy a so-called Butterfly PUF in the programmable fabric of their FPGA through our product Apollo.
Our technology has been proven to be reliable for many years in the field at a large set of customers and is easy to integrate in many different technology nodes. Furthermore, our PUF technology offers very high entropy derived from the silicon of a chip.
How do shrinking nodes impact security?
EE Times: Do shrinking transistor sizes below 5nm impact security, and how?
Pim Tuyls: The impact and importance of security solutions to be scalable to small technology nodes can be often overlooked. Especially for hardware-based security, it is not trivial that an implementation scales along with decreasing technology nodes. For example, below 28nm there have been serious challenges to scale non-volatile memory (NVM) in the same way and at the same speed as the standard components. Developing flash memory has become difficult and expensive at advanced nodes, due to flash memory requiring a lot of extra mask steps adding to the cost of the memory and hence the chip. This causes problems for many security solutions, as they typically use some form of NVM to store their secret keys.
However, scaling is required to enable chip manufacturers to use the same technology over different nodes, which guarantees continuity and eases the burden on development and maintenance of software. So, the fact that SRAM PUF solutions have been deployed in advanced nodes (even in 5nm) shows that this technology allows chip manufacturers to scale their designs, including their security architecture, to advanced nodes in the future.
How does SRAM PUF deal with quantum?
EE Times: Clearly advances like quantum computing will affect the way we implement security in the future. How does SRAM PUF deal with this advance, is it still effective?
Pim Tuyls: We see that there is a lot of confusion in our industry about anything related to quantum. The truth is that the actual availability of quantum computers is still several years out. However, this does not mean that we should wait with preparing for it. Looking at the PUF technology landscape, we see that some of the cryptographic algorithms used by ourselves and others will be broken when quantum computing arrives. These are the same algorithms that will be broken in any modern cryptography solution: the asymmetric crypto ciphers.
Also, the length of our keys for symmetric cyphers will need to be increased. These issues are not specific for PUF technology vendors, this is true for any security vendor. That is why U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) is already working on standardizing post-quantum crypto, the algorithms that we will all need to implement in the future to replace the current asymmetric crypto.
Looking specifically at PUF technology itself, however, there is nothing to worry about. At present there is no indication that Fuzzy Extractors and other algorithms used to derive keys from PUFs would be broken by a quantum computer. Besides simply extending the length of the keys derived, all algorithms related to PUFs will remain unbroken when quantum computing is available. You could say that PUFs are “quantum proof”, but in reality, there simply is no link between what quantum computers do and the algorithms that are required to derive cryptographic keys from PUF implementations. Not for our PUFs, not for any PUF.
Do IoT security standards help?
EE Times: Standards, certifications and regulations are being introduced around the world to address IoT and cybersecurity. What role do these standards/certifications play in the industry — are they helpful or a hindrance?
Pim Tuyls: Security standards are incredibly important, but not used nearly enough. With the enormous fragmentation of hardware and software, especially in IoT, there are severe risks that standards will have to help mitigate. How can we protect a network, if all devices play by different rules? As long as networks contain devices that do not even have the most rudimentary security mechanisms in place, the whole network will remain at risk. Security systems are only as strong as their weakest link.
We see some industry initiatives determined on putting standards in place for IoT security, like Arm’s PSA initiative and the ioXt alliance that we are a member of ourselves. Initiatives like these show that big industry players agree that something needs to happen about IoT security, but industrial awareness alone is not enough. Security standardization needs to start at a governmental level to really have effect. The only real way of making all device manufacturers care about security is to obligate them to adhere to certain standards, at the risk of liability or fines.
The Executive Order that was recently signed into action by President Biden is a first step in the right direction. However, it is not enough. Many more countries need to follow this example, but also the U.S. itself should go further than what is described in this EO, which focuses mostly on software security. Any strong security solution starts with trusted hardware, as we say: “Nothing is more secure than cybersecurity rooted in hardware.” That is why we believe the EO should be extended to include security for hardware and its supply chain.
Nurturing a PUF community
EE Times: Security is something that is dynamic, and never stands still. What are you most excited about for the near future, and how can device manufacturers stay ahead of the game to ensure they maintain good security? Is there anything Intrinsic ID is doing to help do in this aspect, and what is coming up from you in the near future?
Pim Tuyls : Our highest priority right now is expanding our product portfolio and continuous improvement of the quality of the existing products we offer. We expect to have some new software products coming up later this year.
We also have an initiative in which we try to bring the different players in the PUF ecosystem together. We do this through an online community called PUF Cafe, which is accessible free of charge for anyone interested in PUF technology. This site shares global news and documentation on PUF technology, and hosts monthly “PUF Cafe Episodes”, where speakers from different organizations address different aspects of PUF technology and security. A recent episode was about the relationship between quantum and crypto. This community is attracting people in industry and academia, all working on security issues or PUF technology themselves.
>> This article was originally published on our sister site, EE Times.
- The search for a universal IoT security standard
- How quantum computing will impact IoT security
- IoT device security: A path to standardization
- Basics of SRAM PUF and how to deploy it for IoT security
- IoT Security – Anatomy of IoT cyber attacks
- Identifying AI security threats
For more Embedded, subscribe to Embedded’s weekly email newsletter.