Rice University Researchers Showcase New IOT Security Feature at Premier Chip-Design Conference in Silicon Valley

Integrated circuit (IC) designers from Rice University have unveiled a novel technology at the premier chip-design conference in Silicon Valley.

Compared to existing techniques, the new technology is 10 times more consistent at creating unclonable digital fingerprints for IoT (Internet of Things) devices.

At the 2019 International Solid-State Circuits Conference (ISSCC), Kaiyuan Yang and Dai Li from Rice University will present the physically unclonable function (PUF) technology. The event is a leading scientific conference, known casually as the “Chip Olympics.” The PUF technology utilizes the physical imperfections of a microchip to create special security keys that can be utilized for validating devices connected to the IoT.

It is believed by certain experts that in the next five years, the planet will pass the threshold of 1 trillion internet-connected sensors. As a result, there is an increasing pressure to enhance the security of IoT devices.

The PUF technology developed by Yang and Li offers significant reliability by producing a couple of special fingerprints for each PUF. This method, called “zero-overhead”, utilizes the same components of PUF to develop both keys and eliminates the need for additional latency and area, due to a novel design feature that also enables Yang and Li's PUF to be approximately 15 times more energy efficient compared to the earlier published versions.

Basically each PUF unit can work in two modes. In the first mode, it creates one fingerprint, and in the other mode it gives a second fingerprint. Each one is a unique identifier, and dual keys are much better for reliability. On the off chance the device fails in the first mode, it can use the second key. The probability that it will fail in both modes is extremely small.

Kaiyuan Yang, Assistant Professor, Department of Electrical and Computer Engineering, Rice University

Yang added that as a way of authentication, PUF fingerprints possess some of the same benefits as human fingerprints.

“First, they are unique,” Yang stated. “You don’t have to worry about two people having the same fingerprint. Second, they are bonded to the individual. You cannot change your fingerprint or copy it to someone else’s finger. And finally, a fingerprint is unclonable. There's no way to create a new person who has the same fingerprint as someone else.”

Encryption keys derived from PUF are also special, unclonable, and bonded. In order to understand this, it must be known that every transistor on a computer chip is very small. In fact, over a billion transistors can be integrated onto a chip that is half the size of a credit card. However, microchips are not perfect, despite their precision. The variation between transistors can amount to a few less atoms in one or a few more atoms in another. However, those tiny differences are more than sufficient to create the electronic fingerprints utilized for making PUF keys.

In the case of a 128-bit key, request signals are sent to a range of PUF cells containing several hundred transistors by a PUF device, which then assigns a zero or one to each bit according to the responses from the PUF cells. PUF keys are different from a numeric key that is stored in a standard digital format, and they are actively produced each time they are requested, and a different set of transistors can be activated to use different keys.

The implementation of the PUF technology will enable chipmakers to securely and economically create secret keys for encryption as a standard feature on state-of-the-art computer chips for IoT devices, such as lightbulbs, security cameras, and “smart home” thermostats.

If encrypted lightbulbs sound like an exaggeration, then consider the fact that unsecured IoT devices are those innumerable ones assembled by three young computer geniuses to host the distributed denial-of-service attack of October 2016 that debilitated the Internet on the East Coast for almost a day.

The general concept for IoT is to connect physical objects to the internet in order to integrate the physical and cyber worlds. In most consumer IoT today, the concept isn’t fully realized because many of the devices are powered and almost all use existing IC feature sets that were developed for the mobile market.

Kaiyuan Yang, Assistant Professor, Department of Electrical and Computer Engineering, Rice University

On the other hand, the devices emerging from research laboratories like Yang’s are specifically developed for IoT from the ground up. The latest IoT prototypes, which measure only a few millimeters in size, are capable of packing a wireless transmitter, processor, antenna, flash memory, batteries, one or more sensors, and more within an area the size of a grain of rice.

While PUF is not a novel concept for IoT security, the new version of PUF developed by Yang and Li is special in terms of energy efficiency, reliability, and the volume of area it would take to implement on a chip. To begin with, the performance gains were determined in tests at military-grade temperatures spanning between 125 °C and –55 °C and when supply voltage decreased by around 50%.

“If even one transistor behaves abnormally under varying environmental conditions, the device will produce the wrong key, and it will look like an inauthentic device,” stated Yang. “For that reason, reliability, or stability, is the most important measure for PUF.”

Energy efficiency is equally significant for IoT, in which devices can be anticipated to work for 10 years on one battery charge. In Yang and Li’s version of PUF, keys are developed through a static voltage and not by actively powering up the transistor. It is rather counterintuitive that the static method would be more energy efficient since it is the equivalent of leaving the lights on round the clock instead of switching on to quickly glance at the room.

Normally, people have sleep mode activated, and when they want to create a key, they activate the transistor, switch it once and then put it to sleep again. In our design, the PUF module is always on, but it takes very little power, even less than a conventional system in sleep mode.

Kaiyuan Yang, Assistant Professor, Department of Electrical and Computer Engineering, Rice University

The on-chip area is the third metric where it surpasses the formerly reported work. It is the amount of cost and space manufacturers would need to set aside to place the PUF device on a production chip. Its design took up 2.37 µm² to produce a single bit on prototypes developed using 65 nm-complementary metal-oxide-semiconductor (CMOS) technology.

Rice University has funded the study.