shutterstock_1041066730.jpg

PUFcc Introduction

The high-security PUF-based crypto coprocessor

PUFcc (former known as PUFiot) is a novel high-security Crypto Coprocessor IP, combining a Hardware Root of Trust with a full suite of cryptographic algorithms, forming an adaptable security module suitable for integration into a wide array of system architectures. Compared to traditional security SoC design (embedded HSM with secure core or discrete crypto components), PUFcc can provide an off-the-shelf chip security solution that simplifies the integration process and removes additional loading on the processor core or operating system.

The Crypto Coprocessor, PUFcc, provides a robust, secure boundary based on the physical separation of hardware from the more vulnerable elements of a software-only barrier. Additionally, PUFcc’s Crypto Engines support a wide variety of secure operations, such as Key Exchange, Secure Boot or TLS (public key validation and signing), authentication (MAC), or Key Wrapping (again based on the natural randomness inherent to the PUF) and storing Wrapped Keys to External Memory

Features

  • Crypto engine collective, consisting of private key cipher, message authentication code, hash, and key derivation functions that are NIST CAVP certified and OSCCA standards complied

  • Key wrapping function aiding the export of keys for external use

  • Public-key coprocessor, supporting all elliptic curve cryptography functions

  • 4 sets of hardware PUF fingerprint with the ability to act as a unique private key, UID, or root key

  • 8k-bit mass production OTP with built-in instant hardware encryption (customization available)

  • Comprehensive anti-tamper designs in physical and RTL

  • High-quality true random number generator

  • APB control interface with secure/non-secure access privilege

  • AXI4 interface for direct memory access

Application

PUFcc can support:

  • Enhancing TEE security

  • Key processing and generation

  • Instant key wrapping or indirect key wrapping

  • Key hierarchy build and advanced management

  • Secure boot

  • Anti-cloning and asset protection by using local key encryption

  • TLS protocol

Product Diagram

PUFcc a.png
PUFcc application.png

 

 

Tech Spec

PUFcc spec.png

Product Brief Download 

 

 

Evaluation Kit

The PUFcc evaluation kit comprises a digital part (PUFsecurity’s RTL design in encrypted Verilog format) and an analog part (eMemory’s OTP/PUF behavioral model in Verilog format), user manual and simulation environment. The RTL portion of the design is available in two versions, one for SoC integration evaluation (Verilog simulation), and the other for synthesis and hardware evaluation (FPGA emulation).

With this evaluation kit, an SoC designer can experience the full functionality of PUFcc, allowing for the evaluation of adding a crypto co-processor at the front-end design stage. The PUFcc design includes a standard APB slave and AXI4 master interface, making it easy to plug into existing systems that support the APB/AXI4 bus standards. In addition, an API is available upon request to aid in the evaluation of all security functions when using an FPGA for PUFcc emulation.  Please refer to the integration and application notes for further details regarding FPGA emulation and API functions.

 

Deliverables: 

Documentation  

  • Datasheet  

  • Integration Note

  • Application Note (API)

  • Release Note 

Front-end model 

  • Verilog HDL File in RTL (Synthesizable in FPGA) 

  • Pre-built API / FW (.h.a.)

  • Test bench 

If you are interested in PUFcc, you are welcome to apply for the evaluation kit through our free evaluation program: IP GO! It is free to download now!