Fingerprinting Computer Chips

A company that relies on atomic-level flaws in computer chips to tell one chip from another says that its circuits could help fight counterfeiting in anything from passports to handbags. Verayo, an MIT spinoff based in San Jose, CA, says the ID tags should be more secure and relatively cheap to make.

One of a kind: Verayo's new RFID chip employs security based on unique defects introduced in each chip during manufacturing.

A growing number of organizations, from the U.S. State Department to Walmart, rely on radio frequency identification (RFID) tags to keep track of various items. RFID chips in crates of DVDs tell Walmart where their shipment is and when it's been delivered. And the tags in newer passports contain the same information printed on the page, in an encrypted format, so immigrations officials can tell the passport isn't a forgery.

But because these tags deliver their information to a reader via radio waves, there's always the fear that someone will eavesdrop on the conversation and copy the data to their own chip, just moving forgery to a different level. Cryptography helps prevent the copying, but adding the cryptographic circuits to the chips drives up their costs, so many RFID tags don't include them. For RFID to be widely used--on individual products, say, instead of just on shipping crates--they can't cost more than pennies.

The security of Verayo's chips relies on the fact that no two chips are exactly alike. The components of a computer circuit are measured in billionths of a meter. So a stray atom here or there during manufacturing can cause a wire to turn out slightly thicker or thinner than the specs call for. That leads to miniscule variations in how fast the circuit works, and there's nothing that can be done to prevent it.

So instead of trying to prevent it, Srini Devadas, an electrical engineering professor at MIT and the founder and chief technology officer at Verayo, decided to exploit it. A signal traveling through a simple circuit will go faster or slower depending on these physical variations. By sending a series of signals through, and measuring how fast they travel, he can generate a string of numbers unique to each circuit. This has been dubbed a "physical unclonable function"--PUF for short.

That string becomes the basis for a series of mathematical equations. Enter an input, run it through the secret equation, and you'll get a particular output based on that equation--but the same input will lead to different outputs on different chips. Do this dozens of times and you'll generate a series of challenge and response pairs unique to each chip. A forger can't duplicate this, because he can't make a chip that has the same PUF as another one.

"We could publish the chip design in the New York Times and people could go and create their own chip. In the end, the signature that matches the chip that you have and the one somebody else created will be very different," says Vivek Khandelwal, vice president of marketing at Verayo.

That doesn't mean that the PUF circuits are infallible. Someone could defeat the system by getting their hands on the list of challenge-response pairs, for instance, if those aren't kept secured. The circuits are meant to be just one aspect of a cryptographic system, a so-called "primitive" that acts as the basis for further encryption. Massimo Rimondini, a postdoc at Roma Tre University in Rome, and his colleagues studied a security system based on one of Verayo's chips.

"The technology in itself is very promising for authentication purposes," Rimondini says. "On the other hand, effectively exploiting it depends on the security and efficiency with which authentication-related information is handled in the back end--and this is what we have been heading our research for."

Wayne Burleson, a professor of engineering at the University of Massachusetts, Amherst, says PUFs make sense as part of a lightweight, low-cost cryptography on RFID chips. "But they do not provide a complete security solution," he says. "They are just a building block. Higher-level cryptosystems can still be broken despite the security and integrity of the PUF."

"The security of the password scheme is comparable to the security of conventional password schemes," says Devadas. The advantage is that this should be a cheaper way to provide that security. "For most applications, they want a modicum of security and low costs."

And Khandelwal points out that more complex, and more secure, systems can be built for applications where people are willing to spend the money. Verayo has contracts with the U.S. Department of Defense, where more expensive, more secure systems are expected. A public transportation agency trying to cut down on forgery doesn't need that level of defense. "You don't really need a full crypto system for a ticket that is going to be thrown away after 10 uses," he says.

Verayo, which has $6 million in backing from Khosla Ventures, has just launched a line of PUF circuits for sale to manufacturers of RFID systems. Other companies, such as Philips spinoff Intrinsic ID, in the Netherlands, and Cornell spinoff Veratag are also developing PUF-based security systems.

By Neil Savage

From Technology Review


Post a Comment