Philips spin out Intrinsic-ID, which claims to have an uncloneable technique for storing encryption keys, has pulled together a partnership called the HIS Initiative to test and promote the technology, including Cisco, NXP, IMEC, TSMC and Virage Logic.
Rather than attempt to store a key in flash or ROM on a chip, and then defend it using physical barriers, HIS - hardware intrinsic security - uses the random physical properties of chips that are unavoidable with deep sub-micron lithography.
"Security assessment labs are widespread and all of the existing key storage techniques have been broken," Intrinsic CEO Daniel Schobben told EW.
The exception is expensive and used mainly by the military, said Schobben, explaining that the key is stored in battery-backed RAM whose power is removed by tampering - called 'key zeroisation'.
Intrinsic's concept is not to store the key at all, but a version of the key that has been encrypted with data that is generated from the physics of each individual die - its intrinsic properties.
The intrinsic data in this case comes from a patch of RAM.
"It is based on embedded RAM," said Schobben. "If you switch on RAM, there is a random sequence of 1s and 0s which is 95% the same at each power-up."
This chip fingerprint will always have both 1s and 0s. "They will be balanced because the RAM process is balanced for maximum speed," he added.
An on-chip block, the 'activation code constructor', takes the key and combines it with the intrinsic data to form a data string that can be safely stored anywhere, including in off-chip flash.
When the key is needed on-chip, the string is retrieved, and decrypted by the 'key extractor' block using the intrinsic data.
The constructor and extractor employ techniques similar to error correction and redundancy to compensate for the 5% intrinsic data noise.
"We get the same cryptography key every time over temperature, aging, humidity and EMC," said Schobben.
But is it actually secure? Can the intrinsic data be read invasively and the key reconstructed from the stored data string?
"An independent lab, SiVenture, has looked into it," said Schobben, "and no one at Intrinsic-ID can think of a way to crack it."
Intrinsic data from embedded RAM is labled PUF
HIS Initiative members.
Intrinsic-ID
Cisco - looking for secure ways to pass updated firmware to its servers.
IMEC - validating test chips, including trying the technique in its ultra-low-power medical body area networks.
Irdeto is a provider of security software for smartcards and set-top boxes.
NXP the chip maker has already signed up to use Intrinsic's HIS in 2011, said Schobben.
SiVenture has joined.
TSMC the chip foundry.
Virage Logic develops SRAM intellectual property, HIS has been demonstrated on its 90nm SRAM.