QUIDDIKEY

IP Cores to Create, Wrap, and Manage Keys

Cryptographic security solutions always revolve around secret key(s) that need to be stored somewhere in a system. QUIDDIKEY® is a secure key management solution based on SRAM-PUF technology. This patented technology is able to extract identifiers from the uniqueness that is inherent to every piece of silicon. QUIDDIKEY dynamically reconstructs on-chip secret keys without ever storing those keys. SRAM PUF-based keys are bound to a device in such a way that they cannot be cloned, copied or in any way extracted from the device.

QUIDDIKEY flexible key management is designed to enable secure storage of multiple cryptographic user keys of various lengths. QUIDDIKEY hardware IP is easily integrated in any semiconductor design or firmware and scalable toward billions of devices.

Hardware-Based Security

In line with the strategic principles for IoT of U.S. Department of Homeland Security.

Available

Can be implemented on almost all MCUs, sensors, flash devices …

Low Cost

Low-footprint HW that fits into the smallest, resource-constrained devices.

Flexible

User keys can be provisioned at any point in the supply chain.

SRAM PUF – Keys from Silicon Characteristics

SRAM Physical Unclonable Functions or PUF use the behavior of standard SRAM memory, available in any digital chip, to differentiate chips from each other. Due to deep sub-micron process variations in the production process, every transistor in an IC and hence in an SRAM cell has slightly random electric properties. This randomness is expressed in the startup values of ‘uninitialized’ SRAM memory.

An SRAM memory consists of a number of SRAM cells. Each SRAM cell consists of two cross-coupled inverters that each are built up by a p- and n-MOS transistor. When power is applied to an SRAM cell, its logical state is determined by the relation between the threshold voltages of the p-MOS transistors in the invertors. The transistor that starts conducting first determines the outcome, a logical ‘0’ or ‘1’.

It turns out that an SRAM cell has its own preferred state every time the SRAM is powered resulting from the random differences in the threshold voltages. This preference is independent from the preference of the neighboring cells and independent of the location of the cell on the chip or on the wafer.

Hence the startup values of unitialized SRAM memory form a unique and random pattern of 0’s and 1’s. This pattern is like a silicon fingerprint since it is unique per SRAM and hence per chip. It can be used as a Physical Unclonable Function and is called the SRAM PUF response.

SRAM PUF Key Generation

QUIDDIKEY Hardware IP Family

The SRAM PUF response is a noisy fingerprint, and turning it into a high-quality and secure key vault requires further processing. This is done with the QUIDDIKEY logic. QUIDDIKEY bundles the following techniques to reconstruct exactly the same cryptographic key every time and under all (environmental) circumstances in a very secure manner:

error correction
randomness extraction
security countermeasures
anti-aging techniques

More information on these techniques can be found here. QUIDDIKEY generates an Activation Code which, in combination with the SRAM startup behavior, is used to reconstruct an intrinsic PUF key for use by the customer. When the key is not needed anymore, it can be removed from memory. When it is needed later it can be reconstructed again. The intrinsic PUF key can be used as a root key to wrap and manage user keys.

QUIDDIKEY is available in 3 optimized variants:

QUIDDIKEY - LIGHT

Device-unique key creation, optimized for low footprint

QUIDDIKEY - FLEX

Device-unique key creation, derivation, wrapping and management

QUIDDIKEY - FLEX-E

Device-unique key creation, derivation, wrapping and management, including elliptic curve private key generation

Operating Conditions

QUIDDIKEY operates reliably over a wide range of applications and operating conditions:

Qualified semiconductor technology nodes ranging from 180nm down to 14nm
Semiconductor processes include low power, high speed, and high density
Temperature range for PUF reading from -50°C to 150°C [-58°F to 300°F]
Voltage supply variation +/- 20%
Lifetime > 25 years

Deliverables

QUIDDIKEY hardware IP is easily integrated in any semiconductor design or firmware. Standard deliverables include:

RTL Netlist including: test benches, product specification, integration manual, BIST
Support for APB and AHB interfaces, health checks, security countermeasures
Product specifications and integration manual

Related Info

White Paper

SRAM PUF: The Secure Silicon Fingerprint

Webinar

Physical Security of IoT Design

SRAM PUF Benefits

Device-unique, unclonable fingerprint
Leverages entropy of manufacturing process
No key material programmed

Applications

Secure Key Storage
Authentication
Flexible Key Provisioning
Anti-Counterfeiting
Hardware-Software Binding
Supply Chain Protection

Specifications

256- or 128-bit key entropy
Highly reliable across large range of operating environments and on every technology node
Lifetime > 25 years
Requires uninitialized SRAM