Guardtime and Intrinsic-ID today announced an alliance to deliver customer solutions combining Intrinsic-ID’s SRAM Physical Unclonable Functions (PUFs) and Guardtime’s Keyless Signature Infrastructure (KSI) Blockchain technology, providing a new level of security and governance for the Internet of Things.
The number of networked, automated devices is growing at an alarming pace. However security techniques such as Firewalls, PKI, IDS/IPS systems and anti-virus software were designed for a previous era of enterprise networks and struggle to remain relevant in a world of 50 billion connected devices. Rather than retrofitting security after the fact, new techniques must be developed. A combination of SRAM PUF technologies and Blockchains provides highly scalable data integrity and authentication down to the chip level.
Guardtime and Intrinsic-ID will conduct a series of pilots in order to showcase customer security solutions, leveraging Intrinsic-ID’s SRAM PUF-based key management system, and Guardtime’s KSI Blockchain. The initial focus is on mission assurance for defense customers as well as telecom operators rolling out smart city solutions in energy, health care and transportation.
Matthew Johnson, Guardtime CTO said:
“Having worked with PUF technologies over the last 15 years, I’m convinced that Intrinsic-ID is the first company to successfully industrialize the technology and bring it to the mainstream. We are extremely excited to be working with the team at Intrinsic-ID and look forward to building solutions that solve hard customer problems.”
Pim Tuyls, Intrinsic-ID CEO added:
“We are thrilled to be working with Guardtime to integrate PUF technology with Guardtime’s KSI Blockchain. The combination of PUF technology and Blockchains represents a new level of security and governance for customers who wish to deploy IOT devices at scale.”
Intrinsic-ID’s core SRAM PUF security technology is the foundation for establishing the latest advancement in key management and key protection in integrated circuits. Due to deep-submicron manufacturing process variations, every transistor in an Integrated Circuit (IC) has slightly different physical properties. Since these process variations are uncontrollable during manufacturing, the physical properties of a device, its fingerprint, can neither be copied nor cloned. The electronic fingerprint is used to securely and reliably derive a device-unique cryptographic key and removes the need to store any sensitive key material in non-volatile memory (NVM). As SRAM is already present on nearly every microcontroller and CPU and requires no NVM, this solution is very scalable and flexible.
Guardtime’s KSI Blockchain is an industrial grade Blockchain stack that has been underpinning governments since 2007. The Blockchain encompasses both a distributed ledger for managing ownership of digital assets as a well as a generator for cryptographic metadata that proves the properties of the underlying data without reliance on trusted third parties.
Combining PUFs and Blockchain for IOT Governance
By using PUF Technology to uniquely authenticate a device and registering that device with ownership information on a ledger, the provenance and integrity of every piece of data generated by that device can be cryptographically proven and linked back to an authenticated device with end to end chain of custody. This way the data integrity and authentication perimeter is extended all the way to the silicon chips where the data originates.
Intrinsic-ID is the world leading embedded authentication company based on the unique and patented technology called SRAM Physical Unclonable Function or SRAM PUF. Its solutions and products create a unique ID and cryptographically secure keys from the physical behavior of the SRAM PUF. This key is invisible to attackers, unique per device and can be leveraged to authenticate the chip, the data on the chip, the device and even the whole system. On top of this, Intrinsic-ID offers solutions to protect the supply chain. These range from tracking and monitoring chips and devices (even in the case of remote contract manufacturers) to low cost, simplified key provisioning and protection against counterfeiting and overbuilding. Due to its simplicity, these products can be applied to all modern chips, microcontrollers and CPUs without making a change to the hardware. Currently this technology is being used by its customers in the field to protect the most sensitive payment, content, connectivity, sensor and government data and systems.
Guardtime is the first and only platform for ensuring the integrity of data and systems at industrial scale. Guardtime created Keyless Signature Infrastructure (KSI) to take on the challenges of today’s perimeter-based security systems and secure the integrity of data in today’s increasingly digital world. Built on an industrial Blockchain, KSI signs any and all data across a system, allowing independent verification of time, integrity and identity for any moment in history. Guardtime’s mission is to build the essential backbone for truth, assurance and integrity for our digital world.