Mitsubishi Electric, Ritsumeikan University and JST Develop Security Solution for IoT Devices
Mitsubishi Electric, Ritsumeikan University and Japan Science and Technology Agency (JST) have jointly developed a security technology that uses the individual differences of large scale integrations (LSIs) arising during their fabrication to ensure confidentiality and authentication for interconnected devices in the Internet of things (IoT). The new technology helps to reduce security risks for networked devices by protecting embedded programs and preventing spoofing.
Mitsubishi Electric will begin applying the technology in its products from April 2016.
LSIs make calculations based on internal circuits that dictate output, so LSIs with the same circuits yield the same results when processing the same input. Intermediate routes to the computation result, however, are different in each LSI, serving as something like a fingerprint, which the new technology uses to generate unique IDs for LSIs with the same circuits. The unique ID cannot be analyzed even by opening the LSI package and examining its insides because the ID appears only while the circuit is running. The embedded program is encrypted so that it can be decrypted and used only in the device that has the LSI with a specified ID. It is also possible to configure devices to connect only with devices that have specified IDs.
The unique ID is generated by counting the number of glitches (peaks) that arise on signal input. In addition, three functions - generation of unique ID, encryption and authentication - can be implemented in a small circuit area by letting them share some of their components.
Mitsubishi says prototype LSIs developed jointly with Ritsumeikan University using multiple manufacturing processes have been confirmed to generate unique IDs stably, so the technology can be modularized and thereby easily applied in a general LSI design flow.