TAIPEI — eMemory Technology, the world’s seventh-largest IP vendor, expects its physically unclonable function (PUF) technology to continue the company’s strong growth as security issues in the semiconductor industry become a higher priority.
PUFs are semiconductor fingerprints, unique physical properties inherent in silicon structures that can be used to identify individual chips. eMemory says its NeoPUF technology protects hardware at the chip level by generating unique IDs and crypto keys from those fingerprints.
The integration of NeoPUF into a chip design helps to prevent unauthorized code execution and data reads, according to the company. At a time when concerns have grown surrounding the vulnerability of CPUs and other chips in systems for IoT and point of sales (POS), eMemory expects its new technology to help continue its 40 percent compound annual growth rate in royalties and licensing over the past 12 years.
“Once you have the chip fingerprint, there are a lot of applications,” said eMemory Chairman Charles Hsu in an interview with EE Times. “For example, authentication. You can use the chip fingerprint and a number to set a secret key. You can use this secret key to encrypt your data before you send it out. The most important thing is every system has its own number. If a system is hacked into, only one system is compromised, not all of the systems.”
eMemory Chairman Charles Hsu sees numerous security applications for new PUF technology (Photo: Alan Patterson)
A common solution for chip security uses eFuse technology with a secret key for identification, authentication and encryption. The secret key comes from a third-party provider, which eMemory sees as a potential security risk.
“Our invention is that we can generate the random number on the chip itself,” according to Hsu. “And each chip has its own random number, so it’s not managed by anybody.”
eMemory’s PUF technology uses the hardware fingerprint on a chip to create a random number that eliminates the need to store a secret key. The number for each chip is regenerated regularly by the hardware to prevent hacker attacks.
“The beauty of this solution is the key is not stored outside the system,” says eMemory Director Li-Jeng Chen.
Security Issues
One example of a chip-security issue that eMemory believes it can solve is the rampant counterfeiting of processors. The problem has become serious enough that the U.S. Defense Advanced Research Projects Agency (DARPA) has created the Supply Chain Hardware Integrity for Electronics Defense (SHIELD) program.
SHIELD aims to combine NSA-level encryption, sensors, near-field power and communications into a microscopic-scale chip capable of being inserted into the packaging of a chip. The 100 micrometer x 100 micrometer "dielet" will act as a hardware root of trust, detecting any attempt to access or reverse engineer the dielet, according to DARPA.
Worldwide, there are 7.5 billion counterfeit chips, according to Hsu.
One backdoor vulnerability in CPUs is predictive execution, where some outcome is predicted and execution proceeds along the predicted path until the actual result is known.
The problem occurs when the prediction is wrong, and the predicted command is executed, storing key data in the register. When the next command is executed, the data that has been stored is susceptible to a hack.
“If everything is encrypted by the chip, even with predictive execution, the stored data is encrypted and more difficult to hack,” Hsu says.
eMemory’s existing non-volatile memory IP is currently used in all of the world’s leading foundries such as Taiwan Semiconductor Manufacturing Co. (TSMC) and Global Foundries. eMemory’s NeoPUF IP extends the company’s patented technology to provide security that’s incorporated on a chip without adding any mask layers to an existing design, according to Hsu.
eMemory’s non-volatile memory is very different from conventional non-volatile memory (NVM) like NAND flash or NOR flash, which are made with a special process, according to Hsu. The company has focused on creating an NVM without changing commonly used logic processes. eMemory has created IP for one-time programmable, multiple-time programmable and EEPROM devices. The EEPROM device can be rewritten for one million cycles.
“They all use a logic process that’s our invention,” Hsu says.
(source: eMemory)
Security Drawbacks
If everything needs to be encrypted and decrypted, that takes time.
“There’s always a tradeoff between security and performance,” says Hsu. To ameliorate the problem, encryption and decryption should be made very simple, he says.
Next page: Emerging applications