Chip manufacturers that are developing leading-edge products for applications such as high-performance computing and AI, are moving their production to the most advanced technology nodes in order to get the best power-performance properties. Security becomes increasingly important on such chips for protecting integrity of the chip, protecting software running on it and to authenticate towards other devices or services in the network. Many of the required security measures rely on the implementation of cryptographic algorithms that make use of unique cryptographic keys. These cryptographic keys need to be very well safeguarded on the chip.
Securely storing keys in advanced technology node chips is a big challenge. Traditional storage mechanisms do not scale to these technology nodes: Fuses and efuses have reliability and flexibility issues and embedded flash memory is not available on nodes below 22nm. A game changer in this field is SRAM PUF (Physical Unclonable Function) technology. It enables chips to securely extract a cryptographic root key from the unique silicon properties of the chip itself. This root key never leaves the security perimeter and is reconstructed on the fly when needed. It is used to securely encrypt additional key material for storage in external (insecure) flash memory. SRAM PUF technology hence enables a strong secure key vault for modern processor chips, making their security on par with today’s requirements.
In this presentation we will provide technical insights in the SRAM PUF technology, its value proposition and its use as the root of trust for a secure on-chip key vault.
Geert-Jan Schrijen received his Master’s degree in Electrical Engineering from the University of Twente in December 2000 on the topic of `active noise cancellation with multiple loudspeakers‘. In April 2001 he joined the security group of Philips Research in Eindhoven where he worked on digital rights management, low-power authentication protocols, private biometrics and Physical Unclonable Functions (PUFs). Work on the latter topic resulted in the spin-off of Intrinsic ID in October 2008.
As a senior algorithm designer within Intrinsic ID, Geert-Jan focused on the development of signal processing algorithms and security architectures for embedded systems using PUF technology.
In 2011 Geert-Jan became responsible for all development and engineering work at Intrinsic ID in his role of VP Engineering. In August 2016 he was appointed as CTO of the company.