February 03,2021

【PUFsecurity News】PUFsecurity Crypto Co-processor PUFiot Passed NIST CAVP Certification

PUFsecurity’s chip security co-processor IP, PUFiot, has passed the CAVP certification. The certified security algorithms include AES, CMAC, DRBG, key wrap, SHA2, HMAC, KDF, and ECDSA.

This good news means that PUFiot officially qualifies under international security standards to further meet the security needs of various application scenarios; a guarantee for chips and systems that use PUFiot.

The Cryptographic Algorithm Validation Program (CAVP) is established by the National Institute of Standards and Technology (NIST) for technical verification. Results are published by the verification unit on the NIST official website.

NIST developed over 1300 standard reference specifications for industry, academia, government, and other institutions. Their purpose is to "Promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life."

The rapid increase of AI and IoT applications is driving the demand for self-driving technology and 5G networks. Because of this, what companies need to pay attention to when choosing security solutions is whether they comply with international safety standards and regulations for different application scenarios.

The CAVP-certified PUFiot provides the following features:

1. Secure boundary for security operation, secure storage, and anti-tampering protection of confidential information.

2. A basis for inborn unique ID or secret keys generated in hardware chips using the high-security PUF

3. Anti-tampering secure storage OTP function for keys and sensitive information using PUF

4. Analog/digital tamper-proof protection mechanism

5. Balanced performance and area ratio

6. Flexible cryptographic algorithm configuration

7. Correct and valid cryptographic algorithms that have passed CAVP

8. Support for APB/AXI4 and any other AMBA interfaces and built-in direct memory access (DMA) unit

In addition to the security algorithm passing the CAVP certification, current ongoing processes also include the PSA Lv2 and the certifications for the design of anti-physical attack which are established by the new-generation security standard PSA (Platform Security Architecture)

The PSA certification mainly provides a security framework and a multi-level evaluation scheme. The certification covers the security software of connected device and uses the root of trust as the basis of hardware trust.

We appointed Riscure to conduct product vulnerability analysis (Vulnerability Analysis) for our tamper proof design. This analysis ensures that the product design can resist physical attacks and help customers protect confidential information.

By combining the CAVP-certified security algorithm, PSA chip security architecture, and anti-tampering design, PUFsecurity’s solutions will help chips and devices with high-security operation protection in different application scenarios.