feature article
Subscribe Now

Verayo Leaves Tiny Fingerprints on Chips

How do penguins tell each other apart? For that matter, how to barnacles, or pigeons, or orangutans recognize each other (we know how dogs do it)? To our eyes, they all look pretty much the same.

The same could be said of FPGAs. Mass production is one of the hallmarks of the semiconductor industry, as identical chips stream off the production lines. Intel’s enormously successful manufacturing prowess revolves around the mantra, “copy exact.” Every Intel fab is just like every other Intel fab, and every chip is identical to every other chip. That’s a good thing.

But what if you needed to tell your chips apart? How would you identify one out of a batch of otherwise identical FPGAs or microprocessors? Small startup company Verayo thinks it has the answer.

Verayo (pronounced “ver-AYE-oh”) has come up with a way to embed a unique software-readable “fingerprint” in individual chips. What’s interesting about Verayo’s technique is that it doesn’t require atomic-level manufacturing skills, it’s available to anyone, and it works on totally standard FPGAs, including the ones you probably already have. How is that possible?

Verayo is understandably coy about some of the details, but the process works something like this. Every chip, no matter how carefully it’s manufactured, has some subtle differences in its internal structure or characteristics. Even though a million Xilinx Virtex-5 FPGAs may all perform identically, they’re nevertheless slightly different inside. A little extra capacitance here; a little less resistance there; you get the idea. Verayo, through means it doesn’t discuss, can detect and capitalize on these slight variations. More surprising, they can make the differences visible to software. Thus, with no modification of the chip whatsoever, Verayo is able to tell one Virtex-5 apart from all of its twins. It even works on existing components; you can apply Verayo’s fingerprinting technique to your existing FPGAs already in the field.

Why would you want to? Well, if you’re working in the security, encryption, IP-licensing, or high-availability field that’s a dumb question. For the rest of us, consider the scenario where you supply “soft” IP to a customer who then burns it into his production FPGAs. He’s licensed to produce a certain number of these chips, for which you’ve been paid. But you have no way to verify that he hasn’t produced any extra, unlicensed copies – until now.

Or perhaps you’ve configured and verified a complete system and delivered it to a customer. As part of your warranty coverage you require that none of the hardware be changed, updated, or swapped out without your permission. But how can you tell whether the customer has substituted one board with a replacement? Verayo thinks they have the answer.

Verayo’s mysterious fingerprinting technology is sold as “soft” IP that you combine with the rest of your FPGA design, just as you would with any IP (e.g., USB interface, processor core, etc.). There are no special EDA tools required and, as mentioned earlier, no special FPGA silicon. Verayo protects its IP the way most IP suppliers do: by providing an encrypted netlist rather than RTL source or schematics. Again, nothing remarkable about the process.

To identify a chip, you “challenge” it with a binary number. The chip provides a response in the same format as the challenge. For instance, a 64-bit challenge produces a 64-bit response. Both the challenge and the response can be transmitted serially (in which case, it’s a square wave) or in parallel, or via any other method that’s convenient for you. It works as fast or as slowly as you like. The only necessity is that you be able to get a binary value into and out of the chip, a pretty trivial requirement.

Every chip produces a unique response to the same key. So, for example, you can challenge all the Verayo-equipped chips in your system with a single key and you’ll get a different response from each one. Even identical chips programmed with the same bitstream will produce different responses, according to Verayo. No two chips anywhere in the world, no matter how similar or how different, will produce the same response to the same challenge.

For the truly paranoid (or the government-funded), you can “double up” by challenging the chip more than once. Just as different chips will produce different responses to the same challenge, a single chip will produce different responses to different challenges – and these will be different from every other chip’s responses.

The Weather in Moscow Is Unseasonably Warm This Year

A moment’s reflection reveals a chicken-and-egg problem: if you don’t know what response a chip will provide, how do you know that it’s correct? How do you, as the developer, tell the difference between an authentic response and a bogus one? The answer is, you ask the chip.

Since neither you, nor Verayo, nor anyone else in this world can predict how a given chip will respond to a given challenge, you have to find out empirically. It’s necessary to challenge each chip in a private, secure environment before it’s shipped into the field. Only by recording these responses can you later compare them to the chip’s “live” responses in the field and determine whether they’re genuine or not. Thus, it’s important to store the correct challenge/response pairs in a secure and encrypted area of nonvolatile system memory. Lose the codes and you’ve permanently lost the ability to tell whether Chip A is really Chip A.

It’s a good idea to challenge each infant chip several times, store all the responses, and then change-up your challenges in the field. Otherwise, a crafty system hacker could simply monitor your lone challenge/response pair and “spoof” the response the next time. But with multiple challenge/response pairs, knowing the correct response to one challenge is no predictor of the responses to the other challenges. In the best case, you’d use each challenge only once and never repeat it.

Verayo’s technology is certainly fascinating, and it’s remarkable that the company has found a way to implement it purely in soft IP with no changes to the silicon. The company is as coy about its licensing model as it is about its technology, but it’s reasonable to assume that there’s an up-front fee for access to the technology, perhaps combined with a royalty for production units. As long as Verayo keeps its fees reasonable, it will probably find a ready audience among security-conscious FPGA users.

Leave a Reply

featured blogs
May 16, 2021
https://youtu.be/_wup2MSTVks Made on Communication Hill, San Jose (camera Carey Guo) Monday: Intel eASIC: Linley and DARPA Tuesday: Please Excuse the Mesh: CFD and Pointwise Wednesday: Linley:... [[ Click on the title to access the full blog on the Cadence Community site. ]]...
May 13, 2021
Samtec will attend the PCI-SIG Virtual Developers Conference on Tuesday, May 25th through Wednesday, May 26th, 2021. This is a free event for the 800+ member companies that develop and bring to market new products utilizing PCI Express technology. Attendee Registration is sti...
May 13, 2021
Our new IC design tool, PrimeSim Continuum, enables the next generation of hyper-convergent IC designs. Learn more from eeNews, Electronic Design & EE Times. The post Synopsys Makes Headlines with PrimeSim Continuum, an Innovative Circuit Simulation Solution appeared fi...
May 13, 2021
By Calibre Design Staff Prior to the availability of extreme ultraviolet (EUV) lithography, multi-patterning provided… The post A SAMPle of what you need to know about SAMP technology appeared first on Design with Calibre....

featured video

Insights on StarRC Standalone Netlist Reducer

Sponsored by Synopsys

With the ever-growing size of extracted netlists, parasitic optimization is key to achieve practical simulation run times. Key trade-off for any netlist reducer is accuracy vs netlist size. StarRC Standalone Netlist reducer provides the flexibility to optimize your netlist on a per net basis. The user has total control of trading accuracy of some nets versus netlist optimization - yet another feature from StarRC to provide flexibility to the designer.

Click here for more information

featured paper

Optimizing an OpenCL AI Kernel for the data center using Silexica’s SLX FPGA

Sponsored by Silexica

AI applications are increasingly contributing to FPGAs being used as co-processors in data centers. Silexica's newest application note shows how SLX FPGA accelerates an AI-related face detection design example, leveraging the bottom-up flow of Xilinx’s Vitis 2020.2 and Alveo U280 accelerator card.

Click to read

Featured Chalk Talk

Rail Data Connectivity

Sponsored by Mouser Electronics and TE Connectivity

The rail industry is undergoing a technological revolution right now, and Ethernet connectivity is at the heart of it. But, finding the right interconnect solutions for high-reliability applications such as rail isn’t easy. In this episode of Chalk Talk, Amelia Dalton chats with Egbert Stellinga from TE Connectivity about TE’s portfolio of interconnect solutions for rail and other reliability-critical applications.

Click here for more information about TE Connectivity EN50155 Managed Ethernet Switches