PUFrt Introduction

Tamper-Proof PUF-based Root of Trust with tRNG, UID, Secure OTP

With NeoPUF as the core, PUFrt provides a foundation of trust and security for the chip system. It also provides a 1024-bit identification code with the physical unclonable function (PUF). Furthermore, PUFrt serves as a true random number generator(tRNG) that complies with the NIST SP800-90B/SP-800-22 standard specifications. These help meet the encryption/decryption requirements of sensitive information and data, and achieve a certain level of data security protection. An additional 4096-bit secure storage space with PUF is provided for the key or sensitive information injected by the customer, which makes the original security and NeoFuse OTP more resistant to physical attacks. 

Features

 

In short, PUFrt is a 5-in-1 HRoT solution that is composed of PUFsecurity’s PUF-based products, including PRTC (APB I/F), PUFuid, PUFtrng, PUFkeyst, comprehensive anti-tamper designs with the features as below:

  • Built-in standard APB controller with privilege control to create secure/non-secure separation. Additionally, interface customization is available for different design requirements.

  • Four 256-bit hardware PUF chip fingerprints include a self-health check that can be used as a unique identification(UID) or a root key(seed).

  • High-quality true random number generator (TRNG)

  • 8k-bit mass production OTP with built-in instant hardware encryption (customization available)

  • Comprehensive anti-tamper designs in both Digital RTL and Hard Macros

Application

PUFrt is a hardware root of trust (HRoT) from PUFsecurity, offering just the essential features necessary for the establishment of a trusted foundation, from which all security operations (such as secure boot) may be based.  Providing the flexibility for users to add only the cryptographic engines that their designs need, PUFrt can be integrated into a wide variety of systems, from a lightweight hardware security key, to a full-functioned security co-processor.

PUF-based Unique ID (Static Entropy)

  • UID for manufacturing management

  • Device pairing for anti-counterfeiting (with cryptos)

  • Provide inborn-protected random number pool for key generation and management (with cryptos)

  • Provide on-chip keys for memory protection (with crypto)

PUF-based TRNG (Dynamic Entropy)

  • Protect cryptographic engines

  • Ephemeral key generations for security operation (with cryptos)

  • Protect dynamic memory and BUS by using instant ready tRNG (with cryptos)

 

PUF-based Key Storage (Trusted Storage)

  • Provisioning root or shared key directly wrapped

  • Security OTP for debugging, versioning, and revocation 

  • Secure debug for JTAG channel lock

  • Support secure boot for storing boot information (with cryptos)

Product Diagram

PUFrt a.png
PUFrt application.png

 
 
Product Brief Download

 

 

Evaluation Kit

The PUFrt evaluation kit is composed of a digital part (PUFsecurity’s RTL design in encrypted Verilog format) and an analog part (eMemory’s OTP/PUF behavioral model in Verilog format), user manual and simulation environment.

 

With this evaluation kit, an SoC designer can experience the full functionality of PUFrt, allowing for the evaluation of adding a hardware root of trust at the front-end design stage. The PUFrt design includes a standard APB slave interface, making it easy to plug into existing systems that support the APB bus standard.

 

 

Deliverables: 

Documentation  

  • Datasheet  

  • Integration Note

  • Application Note

  • Release Note 

Front-end model 

  • Verilog HDL File in RTL (encrypted) 

  • Test bench 

If you are interested in PUFrt, you are welcome to apply for the evaluation kit through our free evaluation program: IP GO! It is free to download now!