<html><head></head><body><h3><span class="fr-video fr-deletable fr-fvc fr-dvb fr-draggable" contenteditable="false" draggable="true"><iframe width="640" height="360" src="https://www.youtube.com/embed/22x8QUcp8is?&amp;wmode=opaque" frameborder="0" allowfullscreen="" class="fr-draggable"></iframe></span><br></h3><h3>Video Transcription</h3><p>Hello. My name is Geert-Jan Schrijen, CTO of Intrinsic ID. In this whiteboard video, we will go back to basics and look at how we can protect a device’s most important secret, its cryptographic root key, with SRAM PUF technology.</p><p>First of all, what is a PUF? In semiconductor chips, a physical unclonable function, or PUF, is an electronic design component that extracts unique silicon fingerprints from inherent process variations. These variations are hard to reproduce physically or clone. No one, not even the manufacturer, can reproduce them. So even though semiconductor chips are designed to be functionally equivalent across a production run, at the physics level they exhibit very unique behavior. This unique silicon fingerprint is used as the entropy source for generation of the chip’s cryptographic root key.</p><p>The most widely deployed PUF today is the SRAM PUF for three important reasons:</p><ul><li>It works with a standard circuit element, static random-access memory, or SRAM</li><li>It is available in any digital chip</li><li>And it’s not just a source of uniqueness but also provides randomness for cryptographic protocols.</li></ul><p>So how does it work? A dedicated part of an SRAM memory is used as entropy source by reading out its uninitialized cell use after power-up. Every SRAM memory cell consists of two cross-coupled inverters, whose strengths vary due to process variations. When power is ramping up, these invisible variations cause every cell to express their preferred power-up states, either a zero or one. The power-up pattern is unique for every memory but also highly repeatable for the same memory, except for some noise.</p><p>To generate a reliable root key from the SRAM PUF entropy source, an algorithm known as a fuzzy extractor is used. It has two main functions: power correction, to eliminate the noise, and compression, to make sure that the full entropy key is obtained.</p><p>A fuzzy extractor supports two main operations: enrollment and reconstruction. At enrollment, the PUF response is read out for the first time, and device-unique helper data and root key are generated. This helper data contains no secrets and can be stored anywhere in the clear, even in the cloud. At reconstruction, a new noisy PUF measurement is done and combined with the helper data to reconstruct the same root key on the fly.</p><p>The fuzzy extractor is the main component in Intrinsic ID’s&nbsp;<a href="http://www.intrinsic-id.com/products/quiddikey/" target="_blank">QuiddiKey</a> and&nbsp;<a href="http://www.intrinsic-id.com/products/bk-software//" target="_blank">BK Software</a> IP products. An important security advantage is the fact that no sensitive data is kept inside the chip when the power is switched off. Note that this is not the case for keys stored in nonvolatile memory such as fuses or antifuses. Those keys can be retrieved by a physical attacker, destructively reverse engineering the chip.</p><p>Unlike most other PUFs, a correctly designed SRAM PUF with its fuzzy extractor is agnostic to fab, nodes, and speed of the chip. This ease of use yields great benefits for ROI and time to market.</p><p>Thank you for your attention and look for more whiteboard videos from Intrinsic ID.</p></body></html>

Geert-Jan Schrijen, CTO of Intrinsic ID, takes us back to basics and looks at how to protect a device’s most important secret, its cryptographic root key, with SRAM PUF technology.

Protecting a Device's Root Secrets with SRAM PUF

cybersecurity

With the rise of the Internet of Things (IoT) and “Industry 4.0,” industrial sites and critical national infrastructure are becoming connected networks.

Protecting the Industrial Edge without Additional Hardware

A critical flaw in random number generators puts the security of billions of low-cost IoT devices at risk. This means a new approach for generating random numbers is needed, which can be found in extracting entropy from SRAM behaviour.

An Unexpected IoT Problem: Not Enough Randomness

There are very few words used more in tech publications than the word quantum, but few can refer to so many things. How do quantum mechanics relate to quantum effects or quantum computers? What is quantum computing, when will it be available, and is it the security threat many say it is?

What Are the Quantum Computing Threats to Security?

Intrinsic ID and the Rise of Hardware-Based Security

A PUF by Any Other Name Just Isn't the Same

To secure the billions of devices that are being connected to the Internet of Things, every device needs to have the capability to protect sensitive data and secure communications.

How to Get Started on Building Trust in Your Chips? Use QuiddiKey!

More by Intrinsic ID

Protecting the Industrial Edge without Additional Hardware

An Unexpected IoT Problem: Not Enough Randomness

What Are the Quantum Computing Threats to Security?