Skip navigation
Subscribe to EDN
« Half-right, Jack? | Main | Atmel to sell ASIC business, keep FPGAs for now »
Loring Wirbel
Loring Wirbel

An FPGA home for device authentication?

February 6, 2009

The security specialists at Verayo Inc. are trying a new model in the traditional IP core business. Verayo, which began life as PUFCO, using authentication technology licensed from Massachusetts Institute of Technology, started out integrating their circuit-level technology in ASICs developed forfederal agencies who wanted unclonable RFID modules and secure processors.

“PUF,” or Physically Unclonable Functions, refers to a compact multiplexing-arbitration technology used in key generation and authentication. By generating a virtually unlimited number of challenge-response pairs, the PUF block could be used directly in authentication of a device, or in key generation for secondary security applications. When used in hardware-based rights management, for example, PUF-based key generation can tie activation rights directly to a particular device, making it stronger than those based on one-time-programmable memories or MAC addresses.

Mandel Yu, lead design engineer at Verayo, said that the circuit block developed by Verayo could easily be implemented in the standard lookup tables or registers used in most FPGA architectures. The company could have designed a series of ASSPs for sale, or taken the long route of seeking deals with FPGA market leaders for implementing dedicated hard blocks in FPGA architectures. Instead, it is offering an IP license directly to FPGA customers.

Vivel Khandelwal, the company’s directory of marketing, said that such a channel makes sense in recessionary times. There are a variety of ASSPs that Verayo is developing, once the concept of challenge-response authentication gains traction. The concept might work well with the Trusted Computing Group’s Trusted Platform Module, for example.  If customers respond to the PUF architecture, FPGA vendors may be more willing to work with Verayo on hard macros. But in the meantime, Verayo can offer its security technology as a soft implementation method for existing FPGAs. This is interesting from a crypto and security perspective, but also from the perspective of developing new marketing channels for macros in the FPGA world.

 

Posted by Loring Wirbel on February 6, 2009 | Comments (1)

March 9, 2010
In response to: An FPGA home for device authentication?
CryptoBob commented:

The name "physically uncloneable function" is crypto snake oil. Any hardware can be cloned with enough effort. For example, simple attacks like differential power analysis (DPA), or more complex attacks like laser probing of an operating chip, can pull keys out. A so-called PUF doesn't do anything to prevent this. What the PUF is being used to do is to derive a quasi-random chip-specific a key on an FPGA that doesn't have on-board nonvolatile memory. If anyone believes this is uncloneable, I have a bridge to sell them...

POST A COMMENT
Display Name
captcha

Before submitting this form, please type the characters displayed above. Note the letters are case sensitive:

Advertisement
Advertisement
Advertisement
About EDN   |   Site Map   |   Contact Us   |   Subscription   |   RSS
© 2011 UBM Electronics. All rights reserved.
Use of this Web site is subject to its Terms of Use | Privacy Policy

Please visit these other UBM Canon sites

UBM Canon | Design News | Test & Measurement World | Packaging Digest | EDN | Qmed | Pharmalive | Appliance Magazine | Plastics Today | Powder Bulk Solids | Canon Trade Shows