News Article
Philips Quiddikey
Anti counterfeiting and anti tamper functionality for embedded devices.
Philips Intrinsic-ID, a venture of Royal Philips Electronics, will announce the commercial availability at CHES 2008 of its Quiddikey product to provide secure generation and storage of secret cryptographic keys based on the unique intrinsic features of a device's hardware. The keys can be used to protect valuable digital data, from embedded software in ICs, used in TVs and professional routers for example, to digital credentials, as used in public transport payment cards and the like. Quiddikey provides superior security as the secret cryptographic keys do not need to be permanently stored and are generated only when needed. Since no hardware modifications are required in the existing devices, the solution can be easily implemented in existing designs at low cost. Quiddikey addresses the need in the embedded electronics world for protection of data, which is increasingly under threat from counterfeiting, theft and misuse.
Today's embedded electronic systems carry much valuable digital data that is vulnerable to being copied, stolen or tampered with. For instance, embedded software (which constitutes intellectual property, or IP) is an obvious target for illegal copying as it is the source for products with a competitive edge in the market. Smartcards, with such diverse applications as financial transactions, pay television and access control, are another common target for security hacking, including physically tampering with the card to obtain, for example, its secret keys. Philips Intrinsic ID addresses these problems with a solution that builds on Philips' broad experience in protecting optical media, digital TV and smartcards as well as extensive work on Physical Unclonable Functions (PUFs). The solution is based on the concepts of ‘hardware fingerprints' and ‘key extraction'.
The hardware in an electronic device has intrinsic physical features, which, due to process variations, are non reproducible, not even by the original manufacturer. These features can be used to derive a unique ID that is intrinsic to the device, similar to a fingerprint that uniquely identifies an individual. From this hardware fingerprint, Quiddikey can further derive, or ‘extract', a robust secret cryptographic key. Unlike existing approaches, in which the key is permanently stored in the device, with Quiddikey the key is not stored but can be extracted only as and when needed. The outcome is a much more secure setting as the key is not present when the device is powered down.
Philips Intrinsic ID offers a product service combination to customers. Quiddikey is commercially available via a licensing scheme and the complementary service is provided to customers directly. For example, in the IP business there is a growing outsourcing of device manufacturing which allows illegal over production (known as ‘overbuilding') of physical devices that contain IP. To prevent overbuilding, Quiddikey can be used to identify and register each device on the production line, generating a unique Quiddicode without which the IP will not run. Philips Intrinsic ID provides the complementary service of securely activating only the legally produced devices, giving IP owners full control over production.
Today's embedded electronic systems carry much valuable digital data that is vulnerable to being copied, stolen or tampered with. For instance, embedded software (which constitutes intellectual property, or IP) is an obvious target for illegal copying as it is the source for products with a competitive edge in the market. Smartcards, with such diverse applications as financial transactions, pay television and access control, are another common target for security hacking, including physically tampering with the card to obtain, for example, its secret keys. Philips Intrinsic ID addresses these problems with a solution that builds on Philips' broad experience in protecting optical media, digital TV and smartcards as well as extensive work on Physical Unclonable Functions (PUFs). The solution is based on the concepts of ‘hardware fingerprints' and ‘key extraction'.
The hardware in an electronic device has intrinsic physical features, which, due to process variations, are non reproducible, not even by the original manufacturer. These features can be used to derive a unique ID that is intrinsic to the device, similar to a fingerprint that uniquely identifies an individual. From this hardware fingerprint, Quiddikey can further derive, or ‘extract', a robust secret cryptographic key. Unlike existing approaches, in which the key is permanently stored in the device, with Quiddikey the key is not stored but can be extracted only as and when needed. The outcome is a much more secure setting as the key is not present when the device is powered down.
Philips Intrinsic ID offers a product service combination to customers. Quiddikey is commercially available via a licensing scheme and the complementary service is provided to customers directly. For example, in the IP business there is a growing outsourcing of device manufacturing which allows illegal over production (known as ‘overbuilding') of physical devices that contain IP. To prevent overbuilding, Quiddikey can be used to identify and register each device on the production line, generating a unique Quiddicode without which the IP will not run. Philips Intrinsic ID provides the complementary service of securely activating only the legally produced devices, giving IP owners full control over production.