The PUFs are generated from minute, but consistent, variations in the analogue behaviour of SRAM cells. Every SRAM array built will have, due to semiconductor process variations, a unique parameter that can be extracted, repeatably, from its behaviour. This parameter is used to generate and secure keys; the critical parameter is derived only when needed, never goes off-chip and is never stored, all contributing to security.
Until now, Intrinsic ID (a sometime spinout from Philips) has focussed on providing hardware IP (and supporting software/firmware) to enable designers to implement PUFs. Now, the company says it can do the same on any chip (presumably, any one that contains suitable SRAM) with software alone.
The company's BROADKEY can therefore “secure the IoT” - it can provision unique keys and identities for nearly all microcontrollers without need for security-dedicated silicon.
BROADKEY allows device manufacturers and OEMS to secure their products with a unique secret key and/or identity without having to add security-dedicated silicon. BROADKEY does not have to be loaded at silicon production but can be installed later in the supply chain or even retrofitted on deployed devices.
Additionally, BROADKEY can wrap and manage other system keys that form the basis of security solutions ranging from simple to sophisticated.
“BROADKEY represents a revolution in key creation, wrapping and management,” said Pim Tuyls, chief executive officer of Intrinsic ID. “We are accelerating the ubiquitous adoption of security on every IoT device. With BROADKEY it is even possible to deliver authentication and encryption solutions to devices in the field through firmware updates.”
BROADKEY enables OEM, the company says, to select the best chips for their products with the confidence they can incorporate a consistent and cost-effective security model across their entire portfolio.
The BROADKEY family offers three options:
BROADKEY Light, for the most constrained environments
BROADKEY Flex, for those needing to wrap and manage keys
BROADKEY Flex-E, for