Consortium forms to push hidden encryption
A group of companies have formed a consortium that intends to promote a novel way of storing encryption keys that is intended to be much harder to hack than conventional methods based on memory cells.
The Hardware Intrinsic Security (HIS) Initiative was set up by Intrinsic-ID, a startup that has developed the technology, with advisors from hardware makers and security specialists. The initial members are Cisco Systems, Belgian research institute IMEC, Intrinsic-ID, Irdeto, NXP Semiconductors, SiVenture, TSMC and Virage Logic.
The approach developed by Intrinsic-ID uses the variations in electronic circuitry to generate a valid encryption key only on demand: it can power down with no private key stored directly in memory, greatly increasing the difficulty for a hacker to obtain the key by reverse engineering.
Pim Tuyls, CTO of Intrinsic-ID, said in semiconductor processes, properties such as the threshold voltage are determined by the location of dopants in the transistor channel, which are different in each device. The slight shifts in voltage will subtly alter the properties of each transistor, organised in the first implementation into memory cells.
Because of the variation in properties, Tuyls said: “Every memory cell when started up will choose its own state. That is what we read out.”
As changes in temperature will alter the starting state, an activation code generated the first time the block is used – and which is usually stored in read-only memory – helps the circuitry ‘correct’ the output to generate a consistent key under everyday conditions. “In Alaska or in Phoenix, you should end up with the same identifier,” said Tuyls, adding that the activation code is similar conceptually to a public key.
However, more severe changes in temperature, a technique used by hackers to reverse engineer smartcards, could cause the code readout to alter, ruining the hacking attempt. Direct inspection of a decapped chip is also much harder, said Tuyls. “To find the analogue behaviour of a transistor is much more difficult than if a fuse has been blown in a memory cell.”
Intrinsic-ID has completed a validation of a Virage Logic 90nm SRAM for use in a HIS on-chip block. Brani Buric, executive vice president of marketing and sales at Virage Logic, said: “As an integral part of the SoC design ecosystem and member of the initiative, we recognize the value of HIS solutions and are committed to working to remove the barriers for adoption.”
Jan Willis, executive advisor to Intrinsic-ID, said there is interest from companies such as Cisco who are looking to build counterfeit protection into their hardware.