We’ve taken an occasional look at physically-unclonable functions (PUFs), and, in particular, IntrinsicID’s implementation of them, as they seem to have gone further in productizing their technologies than others have. As we’ve noted before, PUFs rely on intrinsic physical variation from chip to chip. While this variation may drive IC designers and EDA guys nuts, it’s leveraged in PUFs so that a unique key can be created for each individual machine or USB dongle. The key is never stored, so it’s much much harder for some ne’er-do-well to crack.
As we’ve also noted before, IntrinsicID launched a security facility called Saturnus for protecting cloud contents. They have now integrated their PUF technology with InsideSecure’s secure microcontrollers to create USB keys. Combined with Saturnus, they now work with DropBox: Selected files, when uploaded, will be encrypted first. They cannot be decrypted without the key that’s on the USB stick. Wait, no, it’s not literally on the stick – it’s generated on the stick. That’s what makes this work; the key is generated each time it’s used.
As far as I can tell, this is the furthest PUF technology has gone, at least in the white-project commercial world. (Who knows how it’s being used in black projects…) By integrating itself into an accepted consumer application like DropBox, it becomes relevant to a broad range of user.