Hardware Root of Trust IP Cores to Create, Wrap and Manage Keys
Cryptographic security solutions always revolve around secret key(s) that need to be stored somewhere in a system. QUIDDIKEY® is a secure key management solution based on SRAM-PUF technology. This patented technology is able to extract identifiers from the uniqueness that is inherent to every piece of silicon. QUIDDIKEY dynamically reconstructs on-chip secret keys without ever storing those keys. SRAM PUF-based keys are bound to a device in such a way that they cannot be cloned, copied or in any way extracted from the device.
QUIDDIKEY flexible key management is designed to enable secure storage of multiple cryptographic user keys of various lengths. QUIDDIKEY hardware IP is easily integrated in any semiconductor design or firmware and scalable toward billions of devices.
SRAM PUF – Keys from Silicon Characteristics
SRAM Physical Unclonable Functions or PUF use the behavior of standard SRAM, available in any digital chip, to differentiate chips from each other. Due to deep sub-micron process variations in the production process, every transistor in an IC and hence in an SRAM cell has slightly random electric properties. This randomness is expressed in the startup values of ‘uninitialized’ SRAM memory.
An SRAM memory consists of a number of SRAM cells. Each SRAM cell consists of two cross-coupled inverters that each are built up by a p- and n-MOS transistor. When power is applied to an SRAM cell, its logical state is determined by the relation between the threshold voltages of the p-MOS transistors in the invertors. The transistor that starts conducting first determines the outcome, a logical ‘0’ or ‘1’.
It turns out that an SRAM cell has its own preferred state every time the SRAM is powered resulting from the random differences in the threshold voltages. This preference is independent from the preference of the neighboring cells and independent of the location of the cell on the chip or on the wafer.
Hence the startup values of unitialized SRAM form a unique and random pattern of 0’s and 1’s. This pattern is like a silicon fingerprint since it is unique per SRAM and hence per chip. It can be used as a Physical Unclonable Function and is called the SRAM PUF response.
QUIDDIKEY Hardware IP Family
The SRAM PUF response is a noisy fingerprint, and turning it into a high-quality and secure key vault requires further processing. This is done with the QUIDDIKEY IP. QUIDDIKEY bundles the following techniques to reconstruct exactly the same cryptographic key every time and under all (environmental) circumstances in a very secure manner:
- error correction
- randomness extraction
- security countermeasures
- anti-aging techniques
More information on these techniques can be found here. QUIDDIKEY generates an Activation Code which, in combination with the SRAM startup behavior, is used to reconstruct on demand, in real time, an intrinsic PUF key which is never stored. When it is needed later it can be reconstructed. The intrinsic PUF key can be used as a root key for key derivation and wrapping. A key protected by QUIDDIKEY is integrity protected and can be retrieved only on the same device while it will be meaningless on other devices.
There are two QUIDDIKEY configurations available:
|Security Strength (bits)|
|Variable Key Length|
|PUF (KB) related to Security Strength|
|Size (K gates)|
|Generate Device Keys and Random Values|
|Wrap and Unwrap Keys||
QUIDDIKEY operates reliably over a wide range of applications and operating conditions:
- Qualified semiconductor technology nodes ranging from 180nm down to 14nm
- Semiconductor processes include low power, high speed, and high density
- Temperature range for PUF reading from -55°C to 150°C [-67°F to 300°F]
- Voltage supply variation +/- 20%
- Lifetime > 25 years
QUIDDIKEY hardware IP is easily integrated in any semiconductor design or firmware. Standard deliverables include:
- Synthesizable RTL netlist (VHDL and Verilog)
- APB interface
- Test bench, synthesis constraints
- Datasheet and integration manual
SRAM PUF Benefits
- Device-unique, unclonable fingerprint
- Leverages entropy of manufacturing process
- No key material programmed
- Secure Key Storage
- Flexible Key Provisioning
- Hardware-Software Binding
- Supply Chain Protection
- 256- or 128-bit key entropy
- Highly reliable across large range of operating environments and on every technology node
- Lifetime > 25 years
- Requires uninitialized SRAM