In the first half of 2021, the number of attacks on IoT devices more than doubled to 1.5 billion attacks in just six months. These attacks target some typical weaknesses, such as the use of weak passwords, lack of regular patches and updates, insecure interfaces, and insufficient data protection. However, researchers from Bishop Fox recently identified a new critical vulnerability of IoT devices that might not be so obvious to many of us. Their study showed that hardware random number generators (RNGs) used in billions of IoT devices fail to provide sufficient entropy. Insufficient entropy causes predictable instead of random numbers, which severely compromises the foundation of many cryptographic algorithms. Secret keys will lose their strength, leading to broken encryption.
So a new approach for generating random numbers is needed. This webinar shows how large amounts of entropy can be extracted from unpredictable SRAM behavior. Using this method only requires a software installation, meaning the security systems of billions of devices can be patched without the need to make hardware changes, even in devices that have already been deployed.
What will you learn?
This webinar shows how you can utilize Zign™ RNG, the Intrinsic ID embedded software IP for random number generation, to add a NIST-certified random number generator to any device, simply using software. The webinar will explain to you:
- Why having a trusted RNG is important for any IoT device
- How entropy can be harvested from unpredictable SRAM behavior
- How this entropy is used to create a strong RNG
- Which steps have been taken to turn Zign RNG into a NIST-certified RNG
Who should attend?
This webinar is must-see for anyone responsible for product design and/or embedded security of IoT chips and devices. Whether you are a semiconductor professional or an IoT device maker, this webinar will show you how you add a trusted source of strong entropy to your product without making any changes to your hardware.
About Zign RNG
Zign RNG is an embedded software IP solution from Intrinsic ID that that leverages the unpredictable behavior of existing SRAM to generate entropy in IoT devices. This approach enables anyone to add a random number generator to their products without the need for hardware modifications. The Zign RNG product is compliant with the NIST SP 800-90 standard, and it is the only hardware entropy source that does not need to be loaded at silicon fabrication. It can be installed later in the supply chain, and even retrofitted on already-deployed devices. This enables a never-before-possible “brownfield” deployment of a cryptographically secure, NIST-certified RNG.
About the Speaker: Nicolas Moro
Nicolas Moro holds a PhD in Computer Science from Université Pierre et Marie Curie in Paris. After receiving his PhD, he worked in varying R&D roles at NXP and Imec. Two years ago Nicolas joined Intrinsic ID, where he works as a Senior Embedded Software Engineer. He has extensive experience in embedded systems security and is the author of several research papers about fault injection attacks and software countermeasures.
Intrinsic ID is the world’s leading provider of security IP for embedded systems based on PUF technology. The technology provides an additional level of hardware security utilizing the inherent uniqueness in each and every silicon chip. The IP can be delivered in hardware or software and can be applied easily to almost any chip – from tiny microcontrollers to high-performance FPGAs – and at any stage of a product’s lifecycle. It is used as a hardware root of trust to protect sensitive military and government data and systems, validate payment systems, secure connectivity, and authenticate sensors. Intrinsic ID security has been deployed and proven in hundreds of millions of devices certified by EMVCo, Visa, CC EAL6+, PSA, ioXt, and governments across the globe.
Also Read:Share this post via: