Pim Tuyls | CEO and Founder | Intrinsic ID
With rise of the internet of things (IoT), IoT-related security issues have also risen. Several high-profile breaches of IoT devices has made it clear that security needs to be embedded in chip hardware, protecting each endpoint. To make security part of the chip design from the beginning, the onus for security must shift from the OEMs making the IoT devices to the semiconductor manufacturers who make the chips.
In this interview with Intrinsic IDCEO Pim Tuyls, he explains some of the complexities behind this shift and what solutions are available to chip manufacturers who need to secure their chips.
What we were seeing, and still are to certain extent, is that many players in the market still hope that they won’t have to implement security. And they bet on that idle hope that their systems will not be attacked. Of course, when one does not implement security, one can make devices at a lower cost. But a high price will have to be paid when the devices are breached and sensitive information is leaked. The sweet taste of the cost savings goes sour when the costs of damages, legal costs, and broken customer relationships kick in.
Cybersecurity is a hot term, we don’t hear so much about embedded and hardware security. Why is that?
Cybersecurity is a very broad terminology and addresses many security problems that end users feel directly. Think about measures to protect against viruses and trojans as well as protection of databases with user credentials. Embedded and hardware security, however, sit a few layers deeper. They are also much more complex and harder to understand. A user does not directly experience these security measures. However, they are rather fundamental, as they usually form the root, the basis of the security system. Security that relies entirely on software techniques is inherently very vulnerable. Software can be reverse-engineered and can be cloned. Don’t get me wrong – software security plays an important role – but the security system needs to be rooted in hardware. This side of security has not gotten a lot of attention, but it is crucial, because without it the gates will always be wide open.
What COVID-19 impacts have you seen on the IoT and its security?
What we have seen is now that so many people are working from home – and kids are learning from home – is that electronic communications are becoming increasingly important. People who had never had a video conference before now spend most of their day on Zoom! We even have our doctor’s appointments via Zoom. And many of those doctors are giving patients devices that monitor health parameters, such as blood-sugar levels or heart rates, remotely and send the information to the doctor via the internet. This means that more valuable and sensitive information is being communicated via the internet than ever, and so the internet has basically become the “Walhalla” for hackers and attackers. We need to make sure that the devices themselves, as well as the communications, are protected now. And given that we are talking about billions of devices in the future, this has to be done in a scalable way. There is a strong need for scalable security.
The internet of things (IoT) has really exploded in the past few years, but so have security concerns. What do you see as the solution?
The proliferation of high-profile breaches of IoT security have made it clear that security needs to be embedded in chip hardware, protecting each and every endpoint. Security has to be an important design consideration, right from the beginning. Just as we aim for a device to be high-quality, we must aim for the device to be secure as a basic measure. What this means is that the responsibility for security has to be shared between the OEMs making the IoT devices and the semiconductor manufacturers who make the chips. The solution is to be able to authenticate and protect each chip in such a way that makes counterfeiting of devices and extraction of secrets very difficult and expensive. If amateur attackers run into a well-hardened defense, they will give up at some point and move on to another target. If systems are attacked by professionals with the right tools and expertise, it is hard to hold them off forever. However, you can hold them off long enough to detect a breach attempt before it wreaks havoc with an entire system, or until the economics of the attack –what is costs to execute an attack vs. the value of what is stolen – no longer work for the attackers.
Semiconductor manufacturing is all about integration and we have now reached the time when security must be integrated in the silicon. Using the unique physical characteristics of the silicon itself as a type of fingerprint, through a physical unclonable function (PUF) is a very good/natural way to do this. Semiconductor companies can use the PUF to create a key encryption key (KEK). This is a sort of root key that is derived from the PUF but never stored. Users employ the KEK to encrypt their user keys or other sensitive data and so they can store these securely in any NVM on or off chip. The advantage is that there is an unlimited amount of key material that can be stored in cheap user memory. No special expensive memory needed, and no additional security chip.
But with the most advanced nodes – the ones targeted most by IoT devices – NVM such as flash is either too expensive, not reliable, or simply not available. How can chip companies secure their devices without NVM?
It’s true that for any node below 28nm, availability of NVM is a problem.There has been a lot of discussion about this issue, and several solutions proposed. For instance, if you can’t use on-chip NVM, why not store the KEK in NVM off-chip? You can, of course, but that means that when the KEK is read from the off-chip storage, it’s vulnerable. For that matter, any unprotected key stored in NVM is vulnerable to discovery. It’s like hiding a key under your doormat: the key isn’t immediately visible, but it won’t slow thieves down for too long.
From our perspective, the solution is straightforward: use volatile memory instead. PUFs can be created by extracting start-up values for SRAM, which are random, and form a pattern unique to each chip. SRAM is a standard component of every node, and is available from the initial introduction of the node. So, SRAM-based PUFs are available to generate and protect the KEK and provide flexible user key provisioning. Best of all, because SRAMs are volatile memory, no sensitive key material is stored when it is off. Thieves can look under the doormat, but there’s no key there. There’s nothing to steal.
Is one-time programmable memory (OTP) – such as fuses or anti-fuses – a viable solution to the unavailability of flash for security at advanced nodes?
Fuses and anti-fuses have been used for secret key storage. The problem is that they are relatively large components – they take up a lot of chip real estate. At the most advanced nodes, this becomes prohibitive, so it’s not a solution that scales. There have also been some issues with fuses as well, and they are not available in all nodes, processes, and foundries.
So how do SRAM PUFs compare in terms of reliability at more advanced nodes?
When moving to the advanced nodes, reliability is becoming a big concern. Intrinsic ID has taken reliability into account from the beginning and performed diligent temperature and aging testing in climate chambers. That is an advantage when one develops a technology in an industrial setting from the beginning. We use standard methods such as redundancy and sophisticated error-correction, and we also use a proprietary anti-aging mechanism which has been proven very effective, down to the most advanced nodes available today.
What about all of the chips that are already out there in the IoT? Is there a way to secure chips that are already deployed?
That’s a very important question. To secure every endpoint, we have to be able to secure devices that are already deployed. To answer this question, in 2018, Intrinsic ID joined with Technikon and the Eindhoven University of Technology (TU/e) to execute a joint project called RESCURE, that has been funded by the EU and the EUREKA program Eurostars. The goal of the project has been to provide a flexible framework that allows IoT device security to be updated throughout the entire lifecycle of the device. RESCURE achieves this by retrofitting security on existing IoT devices using a low-cost solution, based on SRAM PUF technology. The ability to retrofit existing devices with hardware-based security is an important advantage of SRAM PUFs.
What are the biggest concerns for semiconductor companies moving to secure their hardware?
We’ve seen that they basically have two questions: How much is this going to cost? And secondly, how is this reducing our risk, mitigating our liability? Because SRAM PUFs use standard components, have a small silicon footprint, and can utilize less-expensive user memory for protected user-key storage, this approach is very cost-effective. The same security solutions can be used on all the available technology nodes and processes. This is not only about cost, but also about fast time-to-market. In terms of risk/liability reduction, the value of SRAM PUF is demonstrated by its adoption by the top microcontroller companies, with hundreds of millions of deployed devices.
What’s on the horizon for Intrinsic ID?
We have a very full roadmap! We recently added PUF Diagnostics which seems to be a delighter for our customers: they can see for themselves how the PUF is performing under all circumstances and at all times. Intrinsic ID products have been certified within several customers’ devices. In the near future direct certifications of our products are underway and are one of the priorities for the coming year. Also, we’ve put quite some effort in making software security solutions that will fit into the most-constrained devices for the IoT. We are talking about data protection and secure device authentication and communications in the most resource-constrained devices. We can use the SRAM PUF as the basis for a lightweight end-to-end encryption and authentication solution with a footprint < 10KB. Within a few months our customers will learn more.
A Short Bio of Pim Tuyls
Pim Tuyls, CEO of Intrinsic ID, founded the company in 2008 as a spinout from Philips Research. It was at Philips, where he was Principal Scientist and managed the cryptography cluster, that he initiated the original work on Physical Unclonable Functions (PUFs) that forms the basis of Intrinsic ID’s core technology. With more than 20 years experience in semiconductors and security, Pim is widely recognized for his work in the field of SRAM PUF and security for embedded applications. He speaks regularly at technical conferences and has written significantly in the field of security. He co-wrote the book Security with Noisy Data, which examines new technologies in the field of security based on noisy data and describes applications in the fields of biometrics, secure key storage and anti-counterfeiting.
Pim holds a Ph.D. in mathematical physics from Leuven University and has more than 50 patents.