Wir möchten auf unserer Internetseite Dienste von Drittanbietern nutzen, die uns helfen, unsere Werbeangebote zu verbessern (Marketing), die Nutzungsweise unserer Internetseite auszuwerten (Performance) und die Internetseite an Ihre Vorlieben anzupassen (Funktional). Für den Einsatz dieser Dienste benötigen wir Ihre Einwilligung, welche jederzeit widerrufen werden kann. Informationen zu den Diensten und eine Widerspruchsmöglichkeit finden Sie unter „Benutzerdefiniert“. Weitergehende Informationen finden Sie in unserer Datenschutzerklärung.
The accelerating expansion of the Internet of Things brings with it a comparably expanding threat model. The growing number of endpoints require strong identities as the foundation of trust to establish and scale robust security. BroadKey is a secure root key generation and management software solution for IoT security that allows device manufacturers to secure their products with an internally generated, unique identity without the need for adding a costly, security-dedicated silicon. Since BroadKey is a software implementation of SRAM PUF, it is the only hardware entropy source option for securing IoT products that does not need to be loaded at silicon fabrication. It can be installed later in the supply chain, and even remotely retrofitted on deployed devices. This enables a never-before-possible remote “brownfield” installment of a hardware root of trust and paves the way for scaling the IoT to billions of devices.
Unclonable Identities for the IoT
To solve security problems in IoT systems, such as authentication, product lifecycle management, reverse engineering and cloning, every device needs an unclonable identity. This consists of a secret key, a public key and a certificate. The biggest challenge is to get these credentials into the device. The figure below illustrates how this can be achieved by using BroadKey. BroadKey creates the secret key of the unclonable identity from within, derived using the intrinsic randomness in uninitialized SRAM. This secret key is not stored but is dynamically regenerated from the SRAM PUF.
Completing the unclonable identity requires that a public key be generated from the secret key. And this public key can be turned into a certificate by signing it at a certificate authority. At that point the device is ready to prove its identity and set up a secure channel with another device, a server or a cloud.
Security Based on SRAM PUF
At power-up, SRAM bits settle in the one or zero state in a non-deterministic way that not even the manufacturer can predict or duplicate. That’s what makes it a physical unclonable function, or PUF, which can be used as a unique “silicon fingerprint.”
An SRAM PUF response is a noisy fingerprint, and turning it into a high-quality and secure key vault requires further processing. This is done with the BroadKey software IP. BroadKey reliably reconstructs the same cryptographic key under all environmental circumstances. Upon first use, called the enrollment, it generates an activation code (AC) which, in combination with the SRAM startup behavior, is used to reconstruct on demand, in real time, an intrinsic PUF key. This PUF key is never stored in flash or OTP. When it is needed later it can be reconstructed.
The intrinsic PUF key can be used as a root key to wrap and manage user keys. Reconstruction can be done very quickly starting at 0.8M cycles for 128 bits keys. All of BroadKey’s features are accessed by the host software via the BroadKey API.
Dieses eingebettete Video wird durch YouTube bereitgestellt. Beim Abspielen des Videos werden Nutzungsdaten an YouTube übermittelt. Wenn Sie damit einverstanden sind, klicken Sie auf „Video starten“, um das Video abzuspielen.
Intrinsic ID is the world’s leading digital authentication company, providing the Internet of Things with hardware-based root-of-trust security via unclonable identities for any IoT-connected device. Based on Intrinsic ID’s patented SRAM PUF technology, the company’s security solutions can be implemented in hardware or software. Intrinsic ID security, which can be deployed at any stage of a product’s lifecycle, is used to validate payment systems, secure connectivity, authenticate sensors, and protect sensitive government and military systems. Intrinsic ID technology has been deployed in more than 150 million devices. Award recognition includes the Cyber Defense Magazine InfoSec Award, the IoT Breakthrough Award, IoT Security Excellence Award, the Frost & Sullivan Technology Leadership Award and the EU Innovation Radar Prize. Intrinsic ID security has been proven in millions of devices certified by Common Criteria, EMVCo, Visa and multiple governments. Intrinsic ID’s mission: “Authenticate Everything.”
What We Do
Intrinsic ID provides embedded authentication solutions based on SRAM Physical Unclonable Function (PUF) technology. Our solutions protect digital assets and intellectual property in the most secure, seamless, cost-effective manner.
Our mission is to authenticate everything and everyone and make the connected world safer. Our silicon SRAM PUF technology can be applied to almost any chip, from tiny microcontrollers to high performance FPGAs. Our fuzzy extractor can turn noisy data like a fingerprint or SRAM PUF into secure cryptographic keys and reliable identifiers.
We commit ourselves to develop security solutions that adhere to the highest quality standards and are easy to integrate. When working with our customers, we always aim to bring the best security solution for the specific use case. We strive to be innovative and pride ourselves on always delivering on promises made.