skip to Main Content

Intrinsic ID Introduces CITADEL, the SRAM PUF-based Key Provisioning System that Breaks the Barriers of IoT Security

CITADEL is specifically designed to scale in the age of the Internet of Things

RSA CONFERENCE, SAN FRANCISCO – Feb. 13, 2017Intrinsic ID, a leading provider of authentication technology, announced today the availability of CITADELTM, an SRAM Physical Unclonable Function (PUF)-based Key Provisioning System. CITADEL provides unparalleled strength, flexibility and affordability in a package that includes hardware or software IP, manufacturing tools and an OEM management suite. These features come bundled in a new business model that incentivizes companies to implement security across their entire product portfolios without having to make a choice between security and the margin pressures in the IoT market.

CITADEL utilizes Intrinsic ID’s unique SRAM PUF technology to generate root keys internally from silicon, minimizing the liabilities in the supply chain. Any sensitive material on the chip is fully protected by keys derived from the invisible SRAM PUF root key.

“The magnitude of supply chain trust required in current key injection models is staggering. Secret keys give and protect access to our most valuable assets and so need to be handled with the utmost care,” said Pim Tuyls, chief executive officer of Intrinsic ID. “With CITADEL we are introducing a new level of protection for on-chip secrets and key management throughout the entire supply chain. By eliminating the exposures in the infrastructure, the attack surface is drastically reduced.”

Since the root keys are internally generated, secure provisioning can take place at any point in the supply chain. This gives an OEM the opportunity to tighten its “Trust Silo” and puts it in complete control of provisioning without requiring an expensive infrastructure. CITADEL can leverage Intrinsic ID’s BROADKEY™, which is powered by SRAM PUF in software, so essentially any chip can have a unique secret key or ID. This capability enables CITADEL users to quickly take advantage of the growing ecosystem being built around chip-to-cloud authentication.

“We are excited with the introduction of the CITADEL Key Provisioning System by our partner Intrinsic ID. It perfectly complements GlobalSign’s high-volume digital certificate services by making unique IDs ubiquitously available,” said Lancen LaChance, vice president of product management, IoT, for GlobalSign. “Together, we are enabling OEM device makers to easily scale up to millions, if not billions, of IoT devices with cloud-based certificate management.”

The biggest barrier to building secure systems is not technology but having an economic solution with a security level that fits the use case. With CITADEL, Intrinsic ID created the world’s first provisioning system that easily scales both in cost and technology, setting a new standard for how security is deployed in the age of IoT.

“The CITADEL Key Provisioning System utilizing SRAM PUF makes security easy and affordable for an entire spectrum of IoT applications that do not use ICs with secure memory,” said Sami Nassar, vice president, cyber security solutions of NXP. “Security should not be an option but a necessity.”

The technology used in CITADEL was designed by an award-winning team of experts who won the EU prize for technology innovation in 2016, and it is used in products that have passed Common Criteria (EAL6+), EMVCo and government certifications.

“Limited resources and domain knowledge are substantial roadblocks for entering the IoT market. On the other hand, they represent a big business opportunity when you remove them for your customers,” said David Thai, president and CEO of Medium One. “Through our partnership with Intrinsic ID, we are eliminating the need for our customers to spend years getting up to speed on big data analytics, edge intelligence and device-unique authentication, giving them access to markets that accelerate their time to revenue.”

See Intrinsic ID at the RSA Conference 2017 in San Francisco, February 13-16, where Intrinsic ID will demonstrate CITADEL in the NXP, GlobalSign and FIT booths.

About Intrinsic ID

Intrinsic ID is the world’s leading digital authentication company and the inventor of SRAM Physical Unclonable Function, or SRAM PUF. Intrinsic ID leverages inherent manufacturing variations in chips to create unique IDs and keys to authenticate chips, data, devices and systems. Since a unique ID can be extracted easily from SRAM with Intrinsic ID’s technology, adding authentication and key provisioning is much less expensive than with current methods; no additional hardware is needed. Due to the low cost of implementing SRAM PUF and the critical need for security, Intrinsic ID’s authentication technology is ideally positioned to address the needs of the fast-growing IoT market. Intrinsic ID’s solutions are used worldwide to validate payment systems, secure connectivity, authenticate sensors and protect sensitive government and military data and systems. Intrinsic ID was awarded the EU 2016 Innovation Radar Prize, which recognizes high- potential innovations and innovators in EU-funded research and innovation ICT projects. Visit Intrinsic ID online at

About GMO GlobalSign

GlobalSign, founded in 1996, is a provider of identity services for the Internet of Everything (IoE), mediating trust to enable safe commerce, communications, content delivery and community interactions for billions of online transactions occurring around the world at every moment.  Its identity and access management portfolio, acquired from Ubisecure in September 2014, includes access control, single sign-on (SSO), federation and delegation services to help organizations and service providers create new business models for customer and partner interactions.  The former Ubisecure operation is now the GlobalSign Center of Excellence for IAM, located in Helsinki, Finland. GlobalSign’s solutions are designed to address the massive scalability demanded by the emerging $14.4 trillion IoE market, where the ability to make secure networked connections among people, processes, data and things, will require that every “thing” have a trusted identity that can be managed.  The company has offices in the U.S., Europe and throughout Asia.  For the latest news on GlobalSign, visit or follow GlobalSign on Twitter (@globalsign )

About Medium One

Medium One is an IoT data intelligence platform company that provides an easy-to-use, real-time workflow platform that enables companies to quickly build and deploy their IoT solutions.  Medium One is privately held and located at: 4633 Old Ironsides Drive, Suite 318, Santa Clara, CA  95054.

Intrinsic ID, the Intrinsic ID logo, BROADKEY and CITADEL are trademarks or registered trademarks of Intrinsic ID, Inc., and are protected by trademark laws of the United States and other jurisdictions. All other product and company names are trademarks or registered trademarks of their respective companies.

This Post Has 0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top