Rice Researchers Reveal Silicon Based Security Keys


Mar 3, 2018
Integrated circuit designers from Rice University claim they've developed a digital fingerprint technology that is "10 times more reliable than current methods" used in IoT devices. Their "physically unclonable function," or PUF, supposedly uses physical imperfections in the security device's silicon itself to generate unique keys that are nearly impossible to spoof. The researchers say their test chip "measures just a few millimeters in size" and generates keys using an array of hundreds of transistors, and does so with a minimal amount of power. The PUF concept itself isn't new, but as you probably know, transistors are sensitive to environmental changes, and previous implementations weren't reliable or small enough to be of practical use. But this particular design was tested at abnormal voltages and at "temperatures ranging from 125 degrees Celsius to minus 55 degrees Celsius." The researcher are scheduled to present their findings at the 2019 International Solid-State Circuits Conference today, but just how far away the tech is from commercialization isn't clear yet.

"Basically each PUF unit can work in two modes," said Yang, assistant professor of electrical and computer engineering. "In the first mode, it creates one fingerprint, and in the other mode it gives a second fingerprint. Each one is a unique identifier, and dual keys are much better for reliability. On the off chance the device fails in the first mode, it can use the second key. The probability that it will fail in both modes is extremely small." As a means of authentication, PUF fingerprints have several of the same advantages as human fingerprints, he said. "First, they are unique," Yang said. "You don't have to worry about two people having the same fingerprint. Second, they are bonded to the individual. You cannot change your fingerprint or copy it to someone else's finger. And finally, a fingerprint is unclonable. There's no way to create a new person who has the same fingerprint as someone else."
it doesnt matter no hackers(well okay fine the massive and overwhelming majority of incidents) actually break encryption outside of academia they just find ways around it through social engineering or terrible various dev and data practices.