The challenges of user security will increase as more devices get hooked up to the Internet of Things (IoT). At this week’s International Solid State Circuits Conference in San Francisco, Rice University researchers unveiled chip technology that purportedly is far more reliable than current methods of producing unclonable digital fingerprints for IoT devices.
The technology developed by the researchers, Kaiyuan Yang and Dai Li, is called “physically unclonable function” (PUF). While previous attempts at PUF have been attempted, Yang and Li’s method is considered more secure, because it generates two unique fingerprints for each PUF. The “zero-overhead” method uses the same PUF components to make both keys. It does not require extra area and latency, because of an innovative design feature that also allows their PUF to be about 15 times more energy efficient than previously published versions.
“Basically each PUF unit can work in two modes,” says Yang, assistant professor of electrical and computer engineering at Rice University. “In the first mode, it creates one fingerprint, and in the other mode it gives a second fingerprint. Each one is a unique identifier, and dual keys are much better for reliability. On the off chance the device fails in the first mode, it can use the second key. The probability that it will fail in both modes is extremely small.”
The PUF technology retains several advantages of human fingerprints as a means of authentication, according to Yang.
“First, they are unique,” says Yang. “You don’t have to worry about two people having the same fingerprint. Second, they are bonded to the individual. You cannot change your fingerprint or copy it to someone else’s finger. And finally, a fingerprint is unclonable. There’s no way to create a new person who has the same fingerprint as someone else.”
For a 128-bit key, a PUF device would send request signals to an array of PUF cells comprising several hundred transistors, allocating a one or zero to each bit based on the responses from the PUF cells. Unlike a numeric key that’s stored in a traditional digital format, PUF keys are actively created each time they’re requested, and different keys can be used by activating a different set of transistors.
The scientists envision PUF enabling chipmakers to inexpensively and securely generate secret keys for encryption as a standard feature on next-generation computer chips for IoT devices, such as like “smart home” thermostats, security cameras and light bulbs.
“The general concept for IoT is to connect physical objects to the internet in order to integrate the physical and cyber worlds,” says Yang. “In most consumer IoT today, the concept isn’t fully realized because many of the devices are powered and almost all use existing IC feature sets that were developed for the mobile market.”
In contrast, the devices coming out of research labs like Yang’s are designed for IoT from the ground up. Measuring just a few millimeters in size, the latest IoT prototypes can pack a processor, flash memory, wireless transmitter, antenna, one or more sensors, batteries, and more into an area the size of a grain of rice.
The ground-up design yields advances in energy efficiency and chip design. Yang says the performance gains were measured in tests at military-grade temperatures ranging from -55° to +125°C and when supply voltage dropped by up to 50 percent.
“If even one transistor behaves abnormally under varying environmental conditions, the device will produce the wrong key, and it will look like an inauthentic device,” says Yang. “For that reason, reliability, or stability, is the most important measure for PUF.”
Yang and Li’s PUF also improves energy efficiency. Keys are created using a static voltage, rather than by actively powering up the transistor. It’s counterintuitive that the static approach would be more energy efficient because it’s the equivalent of leaving the lights on 24/7 rather than flicking the switch to get a quick glance of the room.
On-chip area―the amount of space and expense manufacturers would have to allocate to put the PUF device on a production chip―is the third metric where the new PUF outperforms previously reported work. Their design occupied 2.37 square micrometers to generate one bit on prototypes produced using 65-nm CMOS technology.