Choosing a Physical Unclonable Function (PUF)

Transcript

Milan Lazich: Welcome to today’s episode of the Intrinsic ID podcast series “You can never be too careful.” I’m Milan Lazich of Intrinsic ID and on the podcast today is Pim Tuyls, Intrinsic ID founder and CEO. Hello Pim, and welcome back to the show.

Pim Tuyls: Good to speak with you again.

Milan Lazich: Very good to have you back. Today we’ll be talking about the different criteria to consider when choosing a PUF or Physical Unclonable Function. Before we start talking about what is desirable in a PUF, Pim, can you describe for us why using a PUF is preferred over the other approaches to security?

Pim Tuyls: Let me try to give a quick insight into that. So, as we have seen now with everybody working at home, electronic communications are becoming more and more important. It was already important, of course, for the internet of things, but, given that we all now work remotely it’s even becoming more important. And, that’s basically a Walhalla for the attackers, for the hackers. And we need to make sure that the devices as well as the communications are well protected. Now, given that now we are talking about billions of devices and in the future, trillions of devices, this has to be done in a scalable way, in a very secure way at the same time. The advantage of PUFs is that you can offer both. So one, you can offer very high security since secrets are not present in the longterm memories on the device. They’re invisible and they’re very hard to find. And secondly, PUFs are very scalable. They work in a wide variety of circumstances, in all process nodes. Even in the latest new ones, so also in the newest devices, you can make sure that high security is available. At the same time they can come at a low integration cost. And that means also it becomes economic to implement security in billions of devices and hence making sure that security is affordable for this highly connected world that we’re currently living in.

Milan Lazich: Walhalla for the attackers. I like that analogy. Now let’s get into the criteria for evaluating and choosing a PUF. What are the main elements we should think about?

Pim Tuyls: So, the way we look at it is the following. So we see four main criteria for choosing a PUF. One is of course reliability. It has to work always, in Phoenix, in Alaska, in Europe, in China, and in 25 years from now. Secondly, it has to be secure. In terms of entropy, and the way the physical mechanism of the PUF works. Thirdly, it has to be, independent of the semiconductor process because otherwise it can only be used in a very limited set of circumstances, which will not help too much in providing a global security in a low cost manner. And finally, deployments in the market, since volumes are becoming huge. So you need to choose for a PUF that has proven itself in the market, that works, in high volumes, because otherwise you will end up with a problem down the road.

Milan Lazich: Alright, let’s start with reliability. What goes into that? How can it be assessed?

Pim Tuyls: Reliability is about making sure that the PUF after processing always comes up with exactly the same secret, sometimes called the root secret or unclonable identity, but at the end of the processing, you always have the same. And therefore we use mainly two methods. One is error-correction codes. Error-correction codes like they have been used in CDs and DVDs, in blue ray disk, but more sophisticated versions to correct really a lot of errors. Because you want to make sure that in all those circumstances, you end up with exactly the same key. And then we apply anti-aging. We have an anti-aging measure implemented making sure that the noise goes down over time. And that means that with time you can guarantee that the noise becomes lower and hence that the error correction code can keep on correcting all the errors. Error-correction codes are very good tools here in this situation, because you want to make sure that absolutely no error will occur. If a cryptographic key is wrong in one bit and you have a fatal error and the system will not work anymore. So if you don’t have error-correction codes implemented, you can run yourself into trouble. Because if the physical mechanism fails at one point in time, it gives an error at that point in time, but also later because usually physical failures are permanent, and then you have no way anymore to correct the errors and make sure that the system can work. Having good error-correction codes in place, on the other hand, really makes sure that the probability that it would ever go wrong is already very, very low. We’ve never seen it in the field, but a fatal error, that probability will even be much, much lower.

Milan Lazich: Now, Pim, how about security itself? How do you define it? What does it mean? How should we look at it?

Pim Tuyls: For a PUF, there are basically two main security parameters; they are entropy and invisibility. So let’s first talk about entropy. So entropy is a measure of the randomness of data and for cryptographic keys or root keys or identities you need perfect randomness. So what we make sure is that, first of all, we start from a PUF that has already a good quality of entropy. Then we use cryptographic techniques such as privacy amplification to make sure that the resulting key that we extract has indeed full entropy. And that combined with the error correction is the invention that we did on how to do this in a secure manner. So given that you do error correction, making sure that you use an extractor, that it gives you full entropy keys. Second property is what we already spoke about this invisibility. Meaning that when the device basically is turned off, or, when the PUF is not active, the secrets not present on the device in any physical form. When secrets are stored, for instance, like in legacy systems, in a non-volatile memory, the secrets permanently present all the time on device – as a physical change because that’s how memory works. Now, if you use a good PUF, the secret’s will only be reconstructed when needed, used, and then the PUF can be switched off such that the secrets disappear. In that way you make sure that the secrets are only a minimal amount of time present on the device. And that is basically the best that you can have.

Milan Lazich: Now, if I’m looking at using a PUF, do I need to worry about what semiconductor process I’m using?

Pim Tuyls: Well, not for the PUFs that Intrinsic ID is implementing. We have chosen the SRAM PUF in particular because of its good reliability and security properties that we spoke already about. But a third property that it has is that it is process independent. There is SRAM in every process node that there currently is. From 350 nanometers down to six nanometers and five nanometers. There is always SRAM and the SRAM has the same physical structure. So the physical phenomenon, that is behind the SRAM PUF is the same and keeps on working in all nodes. Now all the rest of the IP is also purely digital. Which means that you can keep on using it, no matter the process you’re in. And this makes it also for all the semiconductor companies really easy to use this technology. Because it is always the same mechanism that works, meaning also you have the same or at least similar APIs in all the process nodes and that makes also maintenance of the security system much, much easier and much lower cost.

Milan Lazich: Now what other items should we think about when we’re evaluating which PUF is suitable for our particular product?

Pim Tuyls: I would say, before we go into some other ones, the deployments in the market is an important one to look at. Certainly in the IoT, in the internet of things, but also now in all communication devices that we are using the volumes are becoming really large. Meaning that you should choose a PUF that has proven that it works into the market, that it can work in high volumes, that it is reliable in high volumes, that gives good entropy, good security in high volumes, such that you don’t end up with problems of course, down the road. Now, in order to support that, there is a property that we have implemented as Intrinsic ID that can help a lot. And that is what we call diagnostics. So in our PUF products we allow the manufacturer to check how the PUF is performing. So in terms of entropy, you can see, indeed this PUF is behaving according to spec, it has good randomness. And also in terms of reliability, indeed, the noise is small enough, the error-correction codes can deal with this type of situation. This is important for our customers as they have to be able to demonstrate to their own customers that the PUF is working properly and has been properly verified during production. So there are a few other properties of the SRAM PUF in particular that are very interesting. One is about software availability. What we mean about that is that even on existing devices, you can instantiate the PUF by running software on the CPU. Again, this software runs on all types of CPUs, whether it be ARM or RISC-V or MIPS or Intel processors, it will always work and it can, provide you security or resurrect security, even on in the field devices. Certification and peer-reviewed-ness, I would say, are also very interesting properties. Certification means that it has been deployed in systems where security was very important, you know, like payments. And an independent authority has been looking into this, like, does this indeed give strong security? And the fact that the techniques that we use have been published in top crypto conferences and have been peer reviewed by other experts in the field, that means that the techniques that are being used are indeed solid security techniques, and are being designed by people that have the necessary experience to design good security systems. And finally, I think we spoke already a little bit about that, is about deployments in the market. The more, of course, such a product has been deployed, the more do credebility you have as a customer that you’re working with something that is solid, that is proven and that’s worked well for a long time in the market.

Milan Lazich: Well, that’s a lot to think about when deciding on what PUF to use. Thanks very much for that background, Pim.

Pim Tuyls: Thanks for having me, Milan, always fun to do those things.

Milan Lazich: Great. And thank you for listening to this episode of the Intrinsic ID podcast series “You can never be too careful.” This is Milan Lazich. We’ve been speaking with Pim Tuyls, Intrinsic ID founder and CEO. Thanks for listening. And we’ll have you back on the next podcast. Thank you.