Corporate Research & Development Center

Toshiba Develops Mutual Authentication Technology for IoT Devices by PUF Fingerprinting Using Variations in Semiconductor Chips

14 Jun. 2018
Toshiba Corporation


Toshiba has developed technology that makes it easy to implement physically unclonable functions (PUFs) by using the variations in output from field programmable gate arrays (FPGAs) as the chip fingerprint (ID). The technology realizes mutual authentication between robots and IoT devices.

Development Background

Digital transformation uses IoT and AI to improve people's lives and create value. As it achieves further advances, the number of devices built into networks will continue to grow, and to interface and exchange data, as with manufacturing equipment and control equipment in factories. However, while the increase in such connected systems brings many advantages, it also raises the risk of vulnerability to cyber-attacks, increasing the need for secure mutual authentication between devices.

PUF is a security technique that implements encryption and authentication using physical variations in the electronic circuits of individual devices, the result of the manufacturing process, as the basis of a "chip fingerprint" ID specific to each device. PUFs are highly secure because they are difficult to duplicate, and they can be implemented at low cost, and are expected to find wide application in the authentication of IoT devices. However, PUFs are also difficult to implement, because of constraints such as symmetry requirements in circuit wiring and the design complexity.

Features of the Technology

Toshiba has developed a new PUF that employs the initial waveform output from an oscillator circuit of an FPGA as the ID. The technology overcomes previous constraints, such as circuit symmetry, and can be easily implemented, even on circuits that are frequently overwritten, such as FPGAs. Furthermore, since continuous current flow through the circuit is not necessary to generate the ID, power consumption is lowered. The technology allows easy individual authentication of IoT devices and prevents their duplication and forgery, securing entirely safe data collection and device control.

Toshiba has demonstrated the practicality of its mutual authentication PUF with a self-propelled robots: a "child" robot equipped with an FPGA that implements the PUF issues its ID on receipt of a signal issue instruction from a "parent" robot. Authentication is performed, and an LED on the "parent" robot lights up if the "child" ID has been registered with the "parent" robot in advance.

Figure 1: Comparison of developed ring oscillator PUF with conventional type (T. Tanamoto, S. Yasuda, S. Takaya and S. Fujita: IEEE Transactions on Circuits and Systems II: Express Briefs 64 (7), 827-831 (2017).

Figure 2: Configuration of demonstration using PUF robots. Authentication technology for preventing identity fraud between robots. The PUF robots are controlled by Arduino and communicate by Xbee.

Figure 3: Demonstration using PUF robots. LED lights up when signal is authenticated.

Future Development

Toshiba will continue to develop and refine security technology, and will contribute to establishing safer IoT systems that support digital transformation by expanding utilization of its new PUF technology in IoT devices and infrastructure solutions.