SUNNYVALE, Calif., Sept 28, 2021 – Intrinsic ID, the world’s leading provider of Physical Unclonable Function (PUF) security IP for embedded systems, today announced Zign RNG, a new offering enabling IoT chip providers and device makers to establish a high-security random number generator in software enabling it to be deployed on devices even after silicon fabrication to ensure a true source of randomness for IoT devices.
Random number generators (RNGs) are essential for cryptographic applications and form the foundation of security systems. For IoT devices, an RNG is generally implemented by incorporating hardware peripheral controllers, which are proving to be imperfect as a source for real randomness because they start with a deterministic input. A report from Bishop Fox shows critical vulnerabilities have been disclosed in hardware random number generators used in billions of Internet of Things (IoT) devices whereby it fails to properly generate random numbers, thus undermining their security and putting them at risk of attacks.
The Intrinsic ID Zign RNG extracts a true random seed harvested from noise in the SRAM PUF enabling IoT device makers to ensure confidentiality, authentication, and communication integrity. This makes Zign RNG the first and only embedded software implementation with a hardware entropy source option that does not have to be loaded at silicon fabrication. Zign RNG can be installed later in the supply chain, and even retrofitted on already-deployed devices. This provides a never-before-possible “brownfield” deployment of a cryptographically secure NIST-certified RNG.
“RNGs extract randomness from hardware sources but some sources are better than others. With Zign RNG, randomness is extracted from a very strong source – the random patterns that appear in SRAM as a chip starts up. As a result, Zign RNG provides the benefits of a hardware entropy source without the need to make any hardware modifications and requires only minimal computing resources and memory which are limited on IoT devices,” said Pim Tuyls, CEO of Intrinsic ID.
The Zign RNG product is compliant with the NIST SP 800-90 standard. It implements a deterministic random bit generator (DRBG) as specified in NIST SP 800-90A. This means that a strong RNG solution in software is created on top of an existing SRAM memory.
“The approach of Zign RNG offers us a cost-effective way to generate true randomness on devices with limited resources by utilizing something that is already present, the SRAM. It has proven to provide our devices with the entropy that is needed to build our security solutions on,” Sean McGrath, Senior VP and General Manager, Connectivity and Audio Business Group at Dialog Semiconductor, a Renesas Company and early adopter of Zign RNG. “We are already using a subset of the Zign RNG functionality in our SmartBond Bluetooth low energy SoC devices and are considering the full version of Zign RNG for upcoming products.”
Zign RNG has passed all standard national institute of standards and technology (NIST) randomness tests and is a NIST/FIPS-compliant software solution that addresses the issue of Hardware RNG peripherals used in IoT devices running out of entropy and leaving the device vulnerable.
Zign RNG is available immediately and is ideally suited for anyone making devices or chips for IoT. Zign RNG can be implemented at any stage of a device’s lifecycle, even after a device is already created and/or deployed in the field.
About Intrinsic ID
Intrinsic ID is the world’s leading provider of security IP for embedded systems based on PUF technology. The technology provides an additional level of hardware security utilizing the inherent uniqueness in each and every silicon chip. The IP can be delivered in hardware or software and can be applied easily to almost any chip – from tiny microcontrollers to high-performance FPGAs – and at any stage of a product’s lifecycle. It is used as a hardware root of trust to validate payment systems, secure connectivity, authenticate sensors, and protect sensitive government and military data and systems. Intrinsic ID security has been deployed and proven in millions of devices certified by EMVCo, Visa, CC EAL6+, PSA, ioXt, and governments across the globe.