Working in tandem, they have developed a PUF IP that can generate one or several unique IDs or keys without the need for any cryptographic enrolment phase. This PUF IP complies with ISO/IEC 20897 and is integrated into a Trasna All-in-One ultra-efficient narrowband NB-IoT SoC (System-on-Chip) and will be integrated in the full wireless SoC family dedicated to IoT.
The market for narrowband IoT is expected to continue to grow in the coming years as more devices and applications become connected. Security is critical importance for this technology because it is being used to connect a vast array of devices and services, and any security breach could have severe consequences.
In modern System on Chips, PUFs have been introduced to generate specific key numbers for a chip. While this technology ensures a high level of security, it is challenging to guarantee a low probability of identical IDs across separate chips. As a result, about 90% of PUF technologies cannot function independently due to their subpar performance. Consequently, they require an extensive enrolment phase and a rebuilding phase, to improve the quality of the ID or key.
This can prove a challenge for chip manufacturers as PUF IPs cannot serve as a reliable security source for starting the chip without enrolment phase for the cryptographic key construction.
The enrolment phase is a costly process since each chip must be personalised on its own. The process of enrolment consists of a number of phases such as lengthy measurements, characterization, helper data derivation, and eventually helper data programming. This interactive protocol is incompatible with the efficient personalisation steps required at test stage when producing chips at scale.
The need for enrolment leaves the door open to hackers trying to subvert the enrolment, e.g., by forcing all the bits of the key to be the same. Therefore, chip manufacturers face a considerable problems in implementing PUF technology due to the need for extensive an enrolment phase and a rebuilding phase, high costs, and concerns regarding the system’s vulnerability to attacks.
Secure-IC and Trasna have developed a PUF IP that does not require any enrolment phase nor a rebuilding phase and in the process have created a PUF IP capable of generating one or a few unique IDs or keys working straight out of the box.
As a result, PUF IP can now serve as the foundation for secure booting of the chip, lifecycle management, seed of Root of Trust, and unique ID. This, according to the teams involved, represents a significant game-changer in the use of PUF IPs, as it allows the ID/Key to be readily available upon chip start-up.
Developed by Trasna, the All-in-One ultra-efficient NB-IoT SoC, includes this new secure PUF solution from Secure-IC that will offer first a fully integrated NB-IoT platform for low-power wide-area networks (LPWANs) embedding RISC-V cores for application, security and radio and enabling iSIM and GNSS.
It has been built around large numbers of IoT devices that are expected to operate for many years from a single battery. Target applications include smart cities, smart utility metering, security, logistics, and Industry 4.0.
“Trasna’s main objective is to develop and industrialise All-in-One secure System on Chip (SoC) solutions that require only a few external components to enable the extensive deployment of 5G/massive IoT, while ensuring the utmost security” said Yves Fusella, CTO of Trasna.
“It is an exciting opportunity to partner with Trasna and to ease adoption of PUF in chips to be deployed in large scale” said Sylvain Guilley, CTO of Secure-IC. “This agreement acknowledges the portability, the genericity and the compliance of our security products”.
