EEJournal

feature article
Subscribe Now
December 16, 2008

Verayo Leaves Tiny Fingerprints on Chips

by Jim Turley

How do penguins tell each other apart? For that matter, how to barnacles, or pigeons, or orangutans recognize each other (we know how dogs do it)? To our eyes, they all look pretty much the same.

The same could be said of FPGAs. Mass production is one of the hallmarks of the semiconductor industry, as identical chips stream off the production lines. Intel’s enormously successful manufacturing prowess revolves around the mantra, “copy exact.” Every Intel fab is just like every other Intel fab, and every chip is identical to every other chip. That’s a good thing.

But what if you needed to tell your chips apart? How would you identify one out of a batch of otherwise identical FPGAs or microprocessors? Small startup company Verayo thinks it has the answer.

Verayo (pronounced “ver-AYE-oh”) has come up with a way to embed a unique software-readable “fingerprint” in individual chips. What’s interesting about Verayo’s technique is that it doesn’t require atomic-level manufacturing skills, it’s available to anyone, and it works on totally standard FPGAs, including the ones you probably already have. How is that possible?

Verayo is understandably coy about some of the details, but the process works something like this. Every chip, no matter how carefully it’s manufactured, has some subtle differences in its internal structure or characteristics. Even though a million Xilinx Virtex-5 FPGAs may all perform identically, they’re nevertheless slightly different inside. A little extra capacitance here; a little less resistance there; you get the idea. Verayo, through means it doesn’t discuss, can detect and capitalize on these slight variations. More surprising, they can make the differences visible to software. Thus, with no modification of the chip whatsoever, Verayo is able to tell one Virtex-5 apart from all of its twins. It even works on existing components; you can apply Verayo’s fingerprinting technique to your existing FPGAs already in the field.

Why would you want to? Well, if you’re working in the security, encryption, IP-licensing, or high-availability field that’s a dumb question. For the rest of us, consider the scenario where you supply “soft” IP to a customer who then burns it into his production FPGAs. He’s licensed to produce a certain number of these chips, for which you’ve been paid. But you have no way to verify that he hasn’t produced any extra, unlicensed copies – until now.

Or perhaps you’ve configured and verified a complete system and delivered it to a customer. As part of your warranty coverage you require that none of the hardware be changed, updated, or swapped out without your permission. But how can you tell whether the customer has substituted one board with a replacement? Verayo thinks they have the answer.

Verayo’s mysterious fingerprinting technology is sold as “soft” IP that you combine with the rest of your FPGA design, just as you would with any IP (e.g., USB interface, processor core, etc.). There are no special EDA tools required and, as mentioned earlier, no special FPGA silicon. Verayo protects its IP the way most IP suppliers do: by providing an encrypted netlist rather than RTL source or schematics. Again, nothing remarkable about the process.

To identify a chip, you “challenge” it with a binary number. The chip provides a response in the same format as the challenge. For instance, a 64-bit challenge produces a 64-bit response. Both the challenge and the response can be transmitted serially (in which case, it’s a square wave) or in parallel, or via any other method that’s convenient for you. It works as fast or as slowly as you like. The only necessity is that you be able to get a binary value into and out of the chip, a pretty trivial requirement.

Every chip produces a unique response to the same key. So, for example, you can challenge all the Verayo-equipped chips in your system with a single key and you’ll get a different response from each one. Even identical chips programmed with the same bitstream will produce different responses, according to Verayo. No two chips anywhere in the world, no matter how similar or how different, will produce the same response to the same challenge.

For the truly paranoid (or the government-funded), you can “double up” by challenging the chip more than once. Just as different chips will produce different responses to the same challenge, a single chip will produce different responses to different challenges – and these will be different from every other chip’s responses.

The Weather in Moscow Is Unseasonably Warm This Year

A moment’s reflection reveals a chicken-and-egg problem: if you don’t know what response a chip will provide, how do you know that it’s correct? How do you, as the developer, tell the difference between an authentic response and a bogus one? The answer is, you ask the chip.

Since neither you, nor Verayo, nor anyone else in this world can predict how a given chip will respond to a given challenge, you have to find out empirically. It’s necessary to challenge each chip in a private, secure environment before it’s shipped into the field. Only by recording these responses can you later compare them to the chip’s “live” responses in the field and determine whether they’re genuine or not. Thus, it’s important to store the correct challenge/response pairs in a secure and encrypted area of nonvolatile system memory. Lose the codes and you’ve permanently lost the ability to tell whether Chip A is really Chip A.

It’s a good idea to challenge each infant chip several times, store all the responses, and then change-up your challenges in the field. Otherwise, a crafty system hacker could simply monitor your lone challenge/response pair and “spoof” the response the next time. But with multiple challenge/response pairs, knowing the correct response to one challenge is no predictor of the responses to the other challenges. In the best case, you’d use each challenge only once and never repeat it.

Verayo’s technology is certainly fascinating, and it’s remarkable that the company has found a way to implement it purely in soft IP with no changes to the silicon. The company is as coy about its licensing model as it is about its technology, but it’s reasonable to assume that there’s an up-front fee for access to the technology, perhaps combined with a royalty for production units. As long as Verayo keeps its fees reasonable, it will probably find a ready audience among security-conscious FPGA users.

Leave a Reply

featured blogs
Wireless Communication Transforms Industrial Frontline
Sep 21, 2023
Wireless communication in workplace wearables protects and boosts the occupational safety and productivity of industrial workers and front-line teams....
More from Silicon Labs...
Learn How Labforge Is Bringing AI into Vision Systems
Sep 21, 2023
Labforge is a Waterloo, Ontario-based company that designs, builds, and manufactures smart cameras used in industrial automation and defense applications. By bringing artificial intelligence (AI) into their vision systems with Cadence , they can automate tasks that are diffic...
More from Cadence...
Embodied AI: How do AI-powered robots perceive the world? [+video]
Sep 21, 2023
At Qualcomm AI Research, we are working on applications of generative modelling to embodied AI and robotics, in order to enable more capabilities in robotics....
More from Qualcomm OnQ Blog...
Known Unknowns
Sep 21, 2023
Not knowing all the stuff I don't know didn't come easy. I've had to read a lot of books to get where I am....
More from Max's Cool Beans...
Samsung Foundry and Synopsys Accelerate Multi-Die System Design
Sep 21, 2023
See how we're accelerating the multi-die system chip design flow with partner Samsung Foundry, making it easier to meet PPA and time-to-market goals.The post Samsung Foundry and Synopsys Accelerate Multi-Die System Design appeared first on Chip Design....
More from Synopsys...

featured video

TDK PowerHap Piezo Actuators for Ideal Haptic Feedback

Sponsored by TDK

The PowerHap product line features high acceleration and large forces in a very compact design, coupled with a short response time. TDK’s piezo actuators also offers good sensing functionality by using the inverse piezo effect. Typical applications for the include automotive displays, smartphones and tablet.

Click here for more information about PowerHap Piezo Actuators

featured paper

Intel's Chiplet Leadership Delivers Industry-Leading Capabilities at an Accelerated Pace

Sponsored by Intel

We're proud of our long history of rapid innovation in #FPGA development. With the help of Intel's Embedded Multi-Die Interconnect Bridge (EMIB), we’ve been able to advance our FPGAs at breakneck speed. In this blog, Intel’s Deepali Trehan charts the incredible history of our chiplet technology advancement from 2011 to today, and the many advantages of Intel's programmable logic devices, including the flexibility to combine a variety of IP from different process nodes and foundries, quicker time-to-market for new technologies and the ability to build higher-capacity semiconductors

To learn more about chiplet architecture in Intel FPGA devices visit: https://intel.ly/47JKL5h

featured chalk talk

Johnson RF Connectivity Solutions
Sponsored by Mouser Electronics and Cinch Connectivity
The growing need for remote patient monitoring and wireless connectivity has made RF in medicine applications more important than ever before. In this episode of Chalk Talk, Amelia Dalton chats with Ketan Thakkar from Cinch Connectivity Solutions about the growing trends in medicine today that are encouraging the use of RF, why higher frequency, smaller form factor, cable assembly expansion and adapter expansion are vital components in today’s medical applications and why Johnson medical solutions could be a great fit for your next medical design.
Click here for more information about Johnson / Cinch Connectivity Solutions SMA Connectors
Nov 28, 2022
35,238 views