RSS订阅信息安全技术跟踪与研究:技术、平台、会议、论文、产业
你现在的位置:首页 / 企业追踪 / 正文

Intrinsic-ID安全解决方案概览:为数字生活提供安全解决方案

0 企业追踪 | 2014年12月15日
转载申明:本站原创,欢迎转载。但转载时请保留原文地址。
原文地址:http://www.vonwei.com/post/solutionsofIntrinsicid.html


Intrinsic-ID公司的核心技术为“硬件固有安全HIS”,而基于HIS的三个技术产品为“Saturnus-安全框架、Confidentio-安全处理、Quiddikey-安全密钥管理”。



Hardware Intrinsic Security (HIS)

         “Instead of storing keys in non-volatile memory (typically secure EEPROM or E-fuses), our products enable secure key extraction and programming from unique physical properties of the underlying hardware. This patented approach is called Hardware Intrinsic Security and is an optimized and secure approach to the use of Physical Unclonable Functions (PUFs). The principle can best be described as “biometrics for electronic devices” and uses the device unique start-up values of an uninitialized SRAM block. It combines tamper-resistant key storage, a unique device identifier and a true random number generator.”

         Intrinsic ID的产品并不是采用传统的将密钥存储在非易失存储器(NV空间,如EEPROM或者E-fuses)中的方式,而是从底层硬件独有的物理属性中提取安全密钥,并进行安全编程。该公司拥有这种方法的专利,并称为物理固有安全HIS,即Hardware Intrinsic Security,是一种使用物理不可克隆函数的优化的安全方法。其准则可以更好的描述为“电子设备的生物指纹”,即使用一个没有初始化SRAM块的(设备独有的)启动值。HIS防篡改的密钥存储、唯一的设备标识符和一个真随机数发生器等功能结合在一起。

 


Saturnus? Security Framework (SSF)

         “An easy to use, fully documented and supported SDK that leverages HIS technology. Building on a root of trust that provides strong cryptographic key management, advanced functions are provided such as PKI, authentication, and encryption. Mechanisms are foreseen to build trust relationships via various out-of-band mechanisms, allowing a mobile to be turned into a trusted security token that can be used to authenticate users or transactions. Supported on major mobile and desktop platforms. Leverages HIS on the devices where this is embedded in the firmware (e.g., including several flagship phones). Uses Cloud Intrinsic Security (CIS) on other devices.”

         SSF是一个使用HIS技术的软件开发工具包SDK,容易上手,而且提供的文档和支持都很充分。基于提供强密码管理的一个信任根,可以提供PKI、认证和加密等高级功能。通过各种带外的机制,可以预见各种构建可信关系的方法,如允许将一个移动设备转化为一个可信的安全令牌,用于认证一个用户或者一个交易。该技术已经在大多数移动和桌面平台上获得支持,对于固件中嵌入HIS的设备(包含一些旗舰手机),可以直接使用SSF;而对于其他设备,可以使用替代的CIS(云固有安全,Cloud Intrinsic Security)。

 


ConfidentioTM Security Processing

         “Fully featured crypto blocks acting as hardware accelerators for Saturnus or other security libraries. Confidentio can be integrated as software (firmware) or hardware. It is a natural ‘root of trust’ for a GlobalPlatform compliant Trusted Execution Environment (TEE). It includes HIS-based key management module (Quiddikey), an encryption engine and a random number generator (iRNG) that leverages SRAM noise as an independent entropy source. Integration with 3rd party IP cores for PKI or AES is possible. Optimized for power, footprint, performance and security. Provides unclonability and anti-tamper features.”

         Confidentio是功能完整的密码块,可以充当Saturnus或者其它安全库的硬件加速器。Confidentio可以整合为软件、固件或者硬件。其可以作为与GlobalPlatform兼容的可信执行环境TEE的一个天然信任根。其包含基于HIS的密钥管理模块Quiddikey,一个加密引擎和一个随机数生成器(使用SRAM噪声作为独立的熵源)。与第三方IP核集成也是可以的。优化的电源、足迹、性能和安全性,提供不可克隆和反篡改的特征。

 


QuiddikeySecure and Flexible Key Management

         “Quiddikey IP cores offer the highest level of anti-tamper and anti-cloning features for secret key storage with unique key management capabilities that allow to dynamically reconstruct secret keys from standard hardware components without ever storing those keys. Quiddikey allows easy and fast implementation in hardware, embedded software or FPGA. Quiddikey is cost efficient with optimized silicon area and/or SW footprint. It offers flexible and dynamic key programming of multiple, cryptographically separated keys.”

         Quiddikey IP核为私密密钥存储提供最高级别的反篡改和防克隆特征,使用独有的密钥管理能力,可以从标准硬件组件中动态地重构出密钥,而无需存储这些密钥。Quiddikey可以在硬件、嵌入式软件或者FPGA中进行简单快速的实现。Quiddikey是经济有效的,提供灵活动态的密钥编程(多个密码独立的密钥)。

 

参考

[1]Intrinsic-ID-Corporate-Brochure.

https://www.intrinsic-id.com/wp-content/uploads/2014/10/Intrinsic-ID-Corporate-Brochure.pdf

 


  • ------------------分隔线----------------

  • 如果感兴趣,欢迎关注本站微信号,跟踪最新博文信息,手机微信扫一扫下面的二维码,即可关注!
  • 微月信公众号
  • 推荐您阅读更多有关于“ 物理不可克隆函数PUF   ”的文章

    请填写你的在线分享代码
    上一篇:Verayo安全解决方案下一篇:Should I Remove It: Windows安全软件

    猜你喜欢

    评论列表:

    发表评论

    必填

    选填

    选填

    必填,不填不让过哦,嘻嘻。

    记住我,下次回复时不用重新输入个人信息

    本站介绍
    最近发表
    本年最热文章
    本月最热文章
    网站分类
    文章归档