Labeling NEWS
Text size:
T
T
T
PUF Technology Catches Clones
Startup company Verayo is marketing a passive 13.56 MHz RFID chip that prevents cloning by enabling users to verify its authenticity before selling a product to which it's attached.
By Claire Swedberg
Sept. 4, 2008—Verayo, a Silicon Valley startup company formed by MIT researchers, has begun offering a commercialized version of its anti-cloning invention as a security solution for radio frequency identification. The system exploits the unique physical characteristics of the silicon and variations in the IC manufacturing process to identify each silicon chip and determine its authenticity, without requiring encryption keys or encryption storage.
Verayo's core technology—Physical Unclonable Functions (PUF)—is based on work conducted at MIT by a team of researchers headed by Professor Srini Devadas. In 2005, Devadas joined with Anant Agrawal, former VP resident of Sun Microsystems, to form a company called PUFCO, which obtained an exclusive license to MIT's rights in the core technology. The company began testing the technology for use with RFID in 2007, then changed its name to Verayo in May of this year.
Verayo's first product is the Vera X512H, a passive 13.56 MHz RFID chip that offers 512 bits of memory and is based on the ISO 14443-A standard. The system capitalizes on a quirk of the chip-making process, says Vivek Khandelwal, the firm's marketing director. Like a person's fingerprints, each RFID chip possesses subtle but unique physical characteristics that distinguish it from all other RFID chips. Despite manufacturers' efforts to make chips that are exactly the same, he says, no two chips are exactly alike.
To create its PUF-enabled Vera X512H chip, Verayo developed an RFID chip containing a tiny electric circuit designed to transmit a "challenge," or string of numbers and letters, to the chip. When it receives this challenge, the chip then responds with its unique digital signal that can be translated into its own string of letters and numbers. That response is what makes it possible for Verayo to develop and market a system that utilizes this circuit to recognize and authenticate a chip, and to reject any IC that fails to respond to a challenge in the expected manner. "Because of the variation in the chip," Khandelwal says, "the responses you get are unique to each chip."
Here's how it works: An RFID tag is attached to a product or embedded in an ID card, such as a driver's license. Any high-frequency (HF) RFID interrogator that can read passive ISO 14443-A tags can be used to send a "write" command to the tag, thereby instructing the PUF circuit to issue a challenge to the chip, which then transmits its digital signature, along with a unique tag ID (TID) number programmed to the chip during manufacture. The interrogator receives the chip's digital signature, and the system compares it with the expected response for the chip with that specific TID. With a firmware update, the reader can also send custom commands, such as optimizing the challenge and response exchange.
Either way, the interrogator's transmission to the chip activates the PUF circuit that issues a challenge, and the chip responds by transmitting a signal containing its unique digital signature. In most cases, the reader instructs the chip—via the PUF circuit—to perform this action several times, with multiple challenges, to verify its digital signature. The chip's resulting response is then transmitted to the user's back-end system.
more Labeling articles
Sept. 4, 2008—Verayo, a Silicon Valley startup company formed by MIT researchers, has begun offering a commercialized version of its anti-cloning invention as a security solution for radio frequency identification. The system exploits the unique physical characteristics of the silicon and variations in the IC manufacturing process to identify each silicon chip and determine its authenticity, without requiring encryption keys or encryption storage.
Verayo's core technology—Physical Unclonable Functions (PUF)—is based on work conducted at MIT by a team of researchers headed by Professor Srini Devadas. In 2005, Devadas joined with Anant Agrawal, former VP resident of Sun Microsystems, to form a company called PUFCO, which obtained an exclusive license to MIT's rights in the core technology. The company began testing the technology for use with RFID in 2007, then changed its name to Verayo in May of this year.
|
| Vivek Khandelwal |
To create its PUF-enabled Vera X512H chip, Verayo developed an RFID chip containing a tiny electric circuit designed to transmit a "challenge," or string of numbers and letters, to the chip. When it receives this challenge, the chip then responds with its unique digital signal that can be translated into its own string of letters and numbers. That response is what makes it possible for Verayo to develop and market a system that utilizes this circuit to recognize and authenticate a chip, and to reject any IC that fails to respond to a challenge in the expected manner. "Because of the variation in the chip," Khandelwal says, "the responses you get are unique to each chip."
Here's how it works: An RFID tag is attached to a product or embedded in an ID card, such as a driver's license. Any high-frequency (HF) RFID interrogator that can read passive ISO 14443-A tags can be used to send a "write" command to the tag, thereby instructing the PUF circuit to issue a challenge to the chip, which then transmits its digital signature, along with a unique tag ID (TID) number programmed to the chip during manufacture. The interrogator receives the chip's digital signature, and the system compares it with the expected response for the chip with that specific TID. With a firmware update, the reader can also send custom commands, such as optimizing the challenge and response exchange.
Either way, the interrogator's transmission to the chip activates the PUF circuit that issues a challenge, and the chip responds by transmitting a signal containing its unique digital signature. In most cases, the reader instructs the chip—via the PUF circuit—to perform this action several times, with multiple challenges, to verify its digital signature. The chip's resulting response is then transmitted to the user's back-end system.
