As explained on page IoT end node authentication the most robust system solution for authentication based on Trusted Identities is based on a combination of simple but immutable hardware, which is physically attached to the asset to be authenticated, and a central data management system that keeps track of the Trusted Identity status of all assets.
The first pillar of the SandGrain Authentication Platform is the manufacturing of really hard-coded, immutable unique ICs. All existing RFID, Secure Elements and Authentication ICs from competition are based on microcontrollers with programmable memories (EEPROM or flash). This makes these ICs fundamentally vulnerable to hacking, because an intrinsically flexible system (a Microcontroller) is supposed to become totally inflexible once the key has been written into its memory. Despite many tricks and technologies this is ultimately impossible, as shown by the regular hacks of systems based on such technologies.
SandGrain, in contrast, has chosen a fundamentally different and therefore much more robust solution: we hard-code the identification of the IC in such a way that it can never again be altered in any way. Because the writing of these ID codes is done deterministically on wafer level, after processing every IC is unique. Because we use a 128-bit ID (the same length as internet IPv6 addresses) we can theoretically fabricate 10^34 unique ICs! The uniqueness of the IDs is guaranteed by our CyberRock ID generation process that will be discussed below.
Conceptual illustration of the SandGrain unique ICs wafer process.
The SandGrain ICs and technology will become available in several forms, optimized for the many different applications. We will start with simple miniature 8-pin packaged ICs for board-level applications, followed by RFID compatible solutions. For more advanced integrated solutions the IC can be integrated in a multi-chip package or ultimately as IP block in a larger IC.
CyberRock Data Management System
The second pillar of our Authentication platform is the CyberRock DMS, a cloud-based system for generating and administrating the issued identities. CyberRock is built from three main elements: a secure Vault that contains all keys for generating and evaluating IDs, the Database that contains all contextual information for these IDs, and a Decision Engine that analyses all available information to make the final decision on the authenticity of a received ID request. The CyberRock DMS is built in a privacy-aware manner: IDs that are embedded on the SandGrain ICs will never be stored directly by the system. In contrast, only a serial number is used as internal reference. Only the Vault (internally) can link an ID back to this serial number.
As said, the first function of CyberRock is to generate IDs. Upon request, the Vault will take the next available serial numbers, create unique IDs from them and notify the Database that they are now in use. The generated IDs are then sent to the wafer processing facility where they are written into the ICs as described above. Therefore, the ICs produced by this process have a deterministically hard- coded, unique ID.
Once the customer has placed a SandGrain IC on its Printed Circuit Board (PCB) which is part of the asset to be authenticated it will report so to CyberRock, which will put the associated serial number in the mode “active”. From now on the asset can be authenticated by reading its ID and sending an authentication request to CyberRock. CyberRock will now first verify that the status of this ID is “active” and then uses any available contextual information to make a final decision on whether the ID is authentic or not. This decision will be sent back to the customer system. This functionality will be offered on two levels: a basic identification that checks the provided ID, and a full authentication that adds a cryptographically secure challenge-response mechanism.
The Key advantages of the SandGrain-CyberRock authentication platform
- The combination of the simple but immutable hardware (the unique SandGrain IC) and cloud-based data management system (CyberRock) provides an unprecedented level of authentication reliability, which is not possible with either end-node only or purely centralised solutions.
- The SandGrain solution does not suffer from the “Break one- Break all” vulnerability which is characteristic for all current solutions. It is statistically impossible for an attacker to guess a valid ID, and duplicating a valid ID will be detected by the CyberRock platform, and will block this ID. Lastly, stealing a valid ID is economically infeasible since an active asset will have to be destroyed to create a clone.
- The CyberRock platform has been designed with maximum privacy in mind: IDs will never be stored, only serial numbers. The Vault is the only entity that can link the ID to a serial. Thus, if someone steals the Database contents, they will be unable to link any serial number to a particular IC, which contains only its ID (and no serial number).
- Each customer will get its own, independent part within the Database. This will be completely independent from data of other customers.
- Because the SandGrain IC is functionally kept to the absolute minimum, it has structural cost advantages to more expensive MCU-memory architectures, and thus provides very high levels of volume scalability.