Intrinsic ID, a leading provider of authentication technology for Internet of Things security and other embedded applications, today announced the availability of SPARTAN™, a family of authentication solutions for IoT devices. SPARTAN enables device makers for the first time to ensure authentication based on digital identities derived from the silicon fingerprint of a chip that can be created at any point in the supply chain.
“SPARTAN is the logical next piece in our IoT security portfolio,” said Pim Tuyls, chief executive officer of Intrinsic ID. “SPARTAN builds on the key creation capabilities of our BROADKEY product and the key provisioning of CITADEL to deliver strong, hardware-based authentication instantiated in software, which therefore escapes the availability, scalability and cost limitations that plague traditional security methods such as secure elements. This approach takes into account principles for IoT security issued by the Department of Homeland Security last year.” In November 2016 the U.S. Department of Homeland Security announced issuance of Strategic Principles for Securing the Internet of Things (IoT), Version 1.0, which highlights approaches and suggested practices to fortify the security of the IoT and equip stakeholders to make responsible and risk-based security decisions as they design, manufacture, and use internet-connected devices and systems.
SPARTAN CLOUD: Connecting to Major Cloud Platforms
The first member of the SPARTAN product family is SPARTAN CLOUD, which is available immediately. SPARTAN CLOUD is embedded security software for IoT devices to establish a secure Transport Layer Security (TLS)-based connection to major cloud platforms, including Amazon Web Services, Microsoft Azure IoT Hub and Google Cloud Platform. It provides seamless integration with cloud-connected applications via a library based on the MQTT messaging protocol. Use cases include cloud-based data collection and processing from trusted IoT sensor nodes; smart home devices controlled from the cloud; smart city infrastructure; and smart health monitoring services.
SPARTAN CLOUD offers several advantages over traditional methods applied to similar use cases. The strong, SRAM PUF-derived chip identity means the chip cannot be cloned by copying non-volatile memory (NVM) information from one chip to another. No sensitive data is stored in NVM so the device’s private key is reconstructed on the fly from SRAM PUF. Since standard SRAM memory is used, the solution can be widely deployed in nearly any digital chip. The reconstructed private key is used directly by the Transport Layer Security (TLS) stack for client authentication towards the cloud server. The solution integrates seamlessly with the MQTT protocol library that is offered by the cloud provider to connect to its services.
Intrinsic ID partners have expressed enthusiasm at the SPARTAN announcement. “The integration of Intrinsic ID’s SRAM PUF technology in our eSecure module has resulted in very successful custom security development,” said Thierry Watteyne, chief executive officer of Barco Silex. “I expect the extension of Intrinsic ID expertise which resulted in the SPARTAN authentication product family to benefit both our partnership and service to mutual customers.”
“Authentico and Intrinsic ID have both focused on taking new approaches to longtime security issues, and the development of SPARTAN demonstrates their innovative mindset,” said Philip Lundin, chief executive officer of Authentico. “We at Authentico are focused on bringing traditional password security to a much higher level by implementing state-of-the-art protected password storage schemes based on SRAM PUF. We look forward to working with the Intrinsic ID team to apply SRAM PUF to protect human authentication based on passwords.”
“The need to guarantee the authenticity of IoT devices is bringing intense pressure to device and system manufacturers, and that pressure will only continue to increase,” Tuyls said. “Device authentication must be both certain and cost effective as IoT devices continue to become not only more ubiquitous, but more critical.”
SPARTAN utilizes Intrinsic ID’s SRAM Physical Unclonable Function — or SRAM PUF — technology that forms the basis for other Intrinsic ID products. SRAM PUF technology extracts a chip’s silicon fingerprint and derives from it a cryptographic root key, which is unique to a particular SRAM and hence a particular chip. Intrinsic ID products utilize the root key to derive additional cryptographic keys that serve as the foundation for ensuring a device’s security.
Forthcoming members of the SPARTAN family include SPARTAN LIGHT, a small-footprint embedded authentication solution for securing an identity between a chip and a host. SPARTAN LIGHT embodies a number of advantages over traditional authentication — it is more secure because it contains no sensitive data in the chip’s NVM, and is unclonable because copying the NVM content does not copy the key. Because it works with standard SRAM, available in nearly any digital chip, it can be deployed widely. Furthermore it imposes only a small footprint on the authenticating device and therefore bears a low cost. Use cases include sensor authentication; microcontroller authentication; engine control unit (ECU) authentication, particularly suitable to automotive applications; and consumable authentication, applicable for batteries.
Other future members of the SPARTAN product family include SPARTAN BROADCAST, tailored to protection of broadcast data based on asymmetric cryptography, and SPARTAN SECURE CHANNEL, which provides mutual authentication between chips as part of establishing a Secure Authenticated Channel, a method of transferring data which is resistant to overhearing and tampering.
SPARTAN CLOUD is available now and will be demonstrated at Intrinsic ID’s Spring Security Summit today in Mountain View.
About Intrinsic ID
Intrinsic ID is the world’s leading digital authentication company for the Internet of Things (IoT) and embedded applications. It is the inventor of SRAM Physical Unclonable Function, or SRAM PUF, leveraging manufacturing variations in semiconductors to create unique IDs and keys to authenticate chips, data, devices and systems. Through its flexibility, scalability and low implementation cost, Intrinsic ID products address the security needs of the fast-growing IoT market. Its solutions are used to validate payment systems, secure connectivity, authenticate sensors, and protect sensitive government and military data and systems. Intrinsic ID’s award recognition includes the EU 2016 Innovation Radar Prize, which honors high-potential innovations and innovators in EU-funded research. Intrinsic ID’s SRAM PUF technology has been proven in millions of devices and in products that have passed certification by Common Criteria Evaluation Assurance Level (EAL6+), EMVCo, Visa and multiple governments. Visit Intrinsic ID online at www.Intrinsic-ID.com.
Intrinsic ID, the Intrinsic ID logo, BROADKEY, CITADEL and SPARTAN are trademarks or registered trademarks of Intrinsic ID, Inc., and are protected by trademark laws of the United States and other jurisdictions. All other product and company names are trademarks or registered trademarks of their respective companies.