NXP's silicon fingerprinting promises to annoy the heck out of ID hackers

It’s 2013 and white hat hackers like Adam Laurie are still breaking into ID chips that are supposed to be secure. How come? Partly it’s the way of the world, because no man-made security in an NFC or RFID chip can ever be truly impervious. But in practical terms, a chip’s vulnerability often stems from the fact that it can be taken apart and probed at a hacker’s leisure. The secure element doesn’t necessarily need to have power running through it or to be in the midst of near-field communication in order to yield up its cryptographic key to a clever intruder who has sufficient time and sufficient desire to breach the security of a smartphone, bank card or national border.

Which brings us to the latest chip in NXP‘s SmartMX2 range — a piece of technology that is claimed to work very differently. Instead of a traditional key stored in the secure element’s memory, every single copy of this chip carries a unique fingerprint within the chemical structure of its transistors. This fingerprint (aka Physically Unclonable Function, or PUF) is a byproduct of tiny errors in the fabrication process — something chip makers usually try to minimize. But NXP has found a way to amplify these flaws and use them for identification, and it’d take a mightily well-equipped criminal (or fare dodger, or Scrabble cheater) to reverse engineer that.

Filed under: , ,


Origin: Engadget