Hiding Security Keys Using ReRAM PUFs

How two different technologies are being combined to create a unique and inexpensive security solution.


Resistive RAM and physically unclonable functions (PUFs) have been gaining traction for completely different reasons, but when combined they create an extremely secure and inexpensive way of storing authentication keys.

As security concerns shift from purely software to a combination of hardware and software, chipmakers and systems companies have been scrambling to figure out how to prevent hackers from gaining control of connected systems. This is particularly important in applications such as automotive, medical, industrial, and aerospace, where malware can result in injury or death, and where hackers can demand huge sums of money to unlock systems. But it’s also important in the IoT world, where devices are connected to other devices.

All systems can be hacked with enough time and resources, and security needs to be layered throughout a system and between systems. But authentication keys still need to be stored somewhere, and that place needs to be especially secure. This is where ReRAM PUFs fit in.

Programming a filamentary ReRAM cell is inherently random. Applying voltage creates a percolation path (filament) between the top and bottom electrodes in the dielectric, allowing current to flow or not flow (on/off). But the exact route followed by that path depends on the locations of impurities and defects, as well as on thermal and other stochastic variations in the BEOL process.

For this reason, no two ReRAM cells behave exactly alike, and when it comes to security that’s important. If two adjacent cells receive the same voltage at the same time, one will switch first. When designing encryption keys, arrays of ReRAM pairs might define the bits of a random number. But when these are reset to zero, and then the same voltage is applied, the new pattern will be different. Thus, an array of filamentary ReRAM pairs defines a PUF, a device that gives an intrinsically random response to an applied signal. As sensors and other connected devices proliferate, PUFs have become key security elements.

ReRAM PUFs can protect networks of connected devices from “imposters,” preventing rogue devices from accessing network services and ensuring that only authorized devices can send data to a central server. For instance, a connected thermostat or camera might use a PUF to identify itself as originating from an authorized manufacturer. A sensor might use a PUF key to certify the authenticity of its data.

Fig. 1: The miniscule ReRAM PUF cells, when delaminated and inspected, cannot access or change the data, preventing unwarranted attacks. Source: CrossBar

Though many different PUF designs have been proposed, they all depend on some form of inherent randomness — a pattern of dielectric breakdown failures, differences in SRAM transistor threshold voltages, ReRAM programming voltage, and so on. Key generation and storage take place directly in situ using standard semiconductor deposition and etching processes. As a result, PUFs are in principle both more secure and less expensive than security protocols that depend on a centralized key store.

Beware of bit errors
PUF mechanisms may point to an appropriate application. For instance, if the memory works based on some form of catastrophic failure, such as dielectric breakdown, that cell will not be rewritable and the key can be extracted by physically analyzing the device. Ashish Pancholy, CrossBar’s vice president of marketing and sales, explained that SRAM devices have a bit error rate of a few percent. In cache memory, such errors are acceptable, but they could cause authentication failures for PUFs. For that reason, SRAM PUFs often include a “helper” circuit to correct for bit errors, but any data external to the PUF itself creates a potential security vulnerability.

Some PUFs depend on phenomena, such as defects, that may vary systematically. In others, the stored value can be read by destructive analysis, such as using photonic emission from the backside of the device.

CrossBar contends that its filamentary ReRAM PUFs are robust against such attacks. The ReRAM cell is located between layers of metal, with a very small cross-sectional area. Even after delaminating the silicon, it’s difficult to even locate the actual cell, much less to read it by magnetic, imaging, or other techniques. In fact, MicroNet Solutions reported that it could not determine the contents of a CrossBar ReRAM array using focused ion beam imaging, photonic emissions analysis, or any other method.

Many networked devices are used in unsecured or minimally secure locations. That makes it critical to protect the security key even when an attacker has full physical access to the device. The advantage of using ReRAM devices is that they can combine secure non-volatile memory and encryption keys in a single device, which simplifies system integration.

Related Stories

Making PUFs Even More Secure

New Memories Add New Faults


WEC says:

So charge detection is less secure than resistance detection?

Katherine Derbyshire says:

The movement of charge is easier to detect outside the device, for instance via backside photonic emission. In these devices, the currents used for resistance measurement/detection are extremely small and therefore difficult to observe externally.

Leave a Reply

(Note: This name will be displayed publicly)