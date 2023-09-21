Root-of-trust (RoT) technology is becoming a requirement for securing connected devices, their data, and, by extension, the entire infrastructure with which they communicate. But, RoT technology shouldn’t be limited to hardware design, confining IoT developers to functions programmed at manufacture. The Intrinsic ID Zign® 300 embedded software solution democratizes RoT technology by uncoupling it from silicon fabrication, ensuring it can be accessed, understood, and implemented by IoT application developers at scale.



Zign 300 is a secure key generation and management solution for any IoT device. As a software-based solution, Zign is the only hardware entropy source currently available that doesn’t have to be loaded at silicon fabrication. It streamlines IoT OEM and ODM security efforts by creating unique, internally generated device keys and identities derived from the inherent randomness of SRAM PUFs.



The Zign 300 API enables IoT developers to generate cryptographic keys securely and to perform other symmetric key and elliptic curve cryptographic functions. It can also be integrated as a trust anchor for Mbed TLS, OpenSSL, wolfSSL, and other libraries, extending the chain of trust beyond just a single device.

Features

Secure key generation and management

Uses standard SRAM as a PUF to create an unclonable identity for any device

Offers key provisioning, secure key storage, symmetric key and elliptic curve cryptography

Root keys are never stored, but re-created from the PUF each time they are needed

Keys are bound to the device and can only be recreated and accessed on the device on which they have been created

Benefits

A trust anchor that can be installed later in the supply chain, or even remotely retrofitted on deployed devices

No need for additional or modified silicon

Works on all MCUs, CPUs, offering the best combination of security, flexibility and cost

Offers stronger authentication and higher security than traditional key storage in NVM

Seamlessly integrates with other crypto such as Mbed TLS, wolfSSL, and OpenSSL

Intrinsic ID PUFs are post-quantum secure

Deliverables

Zign 300 is delivered as a library compiled for a specific target chip, along with API specifications and a user manual. The solution is available in off-the-shelf configurations with size ranging between 17 kB and 30 kB.

Block Diagram of the Intrinsic ID Zign® 300 - Software implementation of SRAM PUF with symmetric & asymmetric cryptography + PKI