PUFsecurity's PUFiot Helps IoT Devices Meet FIDO Device Onboard Specification

Hsinchu, Taiwan -- July 28^th,2021 -- The FIDO (Fast Identity Online) Alliance is a global non-profit organization aiming to gather world experts to jointly develop technical standards for authentication of users and connected devices. For the trillions of connected devices worldwide, FIDO Alliance proposed a specification agreement in April of this year—FIDO Device Onboard (FDO), which defines how IoT devices are connected to the cloud simply and securely. This specification protocol uses asymmetric public and private key encryption technology and the ID of devices to achieve fast and secure access to the network.

According to Gartner's forecast, by 2029, more than 15 billion IoT devices are used worldwide, which has created opportunities for improving efficiency and industrial innovation in all walks of life. The world's major IC design companies are also actively investing in chip development in this field. However, the security issues of IoT products are still emerging and overlooked. The FIDO Alliance provides a standard that solves this problem, while PUFsecurity is the pioneer to propose a product -- PUFiot, which uses PUF (Physical Unclonable Function) as the device ID and enables OEM/ODM to develop IoT devices that meet FDO standards.

PUFiot can assist IoT devices in complying with the security requirements within FDO protocol from Device Initialization to Transfer Ownership, which has been demonstrated and verified on FPGA. For IC to be used in IoT devices that need to comply with the FDO standard specifications, PUFiot will bring three major benefits:

1. The NeoPUF (Quantum-Tunneling PUF) in the PUFiot is used as the foundation of trust for deriving the ID and public/private keys required for device authentication without external key injection. On top of effectively preventing potential manipulation vulnerabilities, it also shortens and simplifies manufacturing flow for cost reduction.
2. PUFiot provides secure OTP for storing device credentials instead of storing device credentials in external non-secure flash memory.
3. PUFiot is built with NIST certified symmetrical and asymmetrical hardware crypto accelerator. Clients could customize the algorithm set to support all the security functions such as authentication, data encryption, integrity check, and other functions required by the FIDO Device Onboarding process and further cloud application service. Moreover, PUFiot is built with physical/digital anti-tampering designs, which can resist non-invasive side-channel attacks and invasive physical attacks (such as focused ion beam FIB attacks).

“A device with built-in chip fingerprints to generate inborn root keys and identities can realize Zero Touch Device Deployment that required by the 5G and AIoT applications, enhance the security of IoT devices, and achieve zero-trust security for cloud applications.“ PUFsecurity EVP Evans Yang mentioned.

PUFsecurity has recently joined the FIDO Alliance is also taking part in the FIDO Taiwan Regional Engagement Forum.

About PUFsecurity

PUFsecurity is a subsidiary of eMemory and is dedicated to innovating PUF-based security solutions. By leveraging our technical acumen and achievements, including core IPs such as NeoPUF and OTP from eMemory, PUFsecurity brings PUF-based security to the market. The latest solutions include the integrated, five-in-one hardware root-of-trust module (PUFrt) and PUF-based crypto co-processor (PUFiot). PUFsecurity offers hardware security IP solutions with superior performance and cost-efficiency in a wide range of process nodes with our proven industry expertise.

For more information, please visit: http://www.pufsecurity.com