By David Manners Posted on 23rd December 2024 | Modified on 21st December 2024

TRNG added to Crypto Quantique PUF

Crypto Quantique, a provider of quantum-driven security for the IoT, has boosted the functionality of its semiconductor hardware security IP block, QDID, adding a true random number generator (TRNG) to the physical unclonable function (PUF). The PUF is inherently resilient against side-channel attacks because the source of entropy is quantum-derived, and seeds are read on demand.

The QDID PUF is hardware silicon IP that harnesses quantum tunnelling current variations on a standard CMOS process as a source of entropy. The PUF provides multiple, internally generated unclonable identities. These are consistent, device-specific outputs for a given input (challenge), making them suitable for applications that need repeatable, unique identifiers or keys tied to a specific hardware instance.

The TRNG produces unlimited new, unpredictable random numbers each time it is used, which is essential for many cryptographic operations that require fresh randomness. Examples of these are session keys for protocols like TLS/SSL and cryptographic protocols that require nonces (numbers used once) or initialisation vectors.


TRNG added to Crypto Quantique PUF“Side-channel attacks continue to pose a growing threat to connected devices and IoT networks,” says CEO Shahram Mossayebi (pictured), “the source of entropy is particularly vulnerable to such attacks yet is often neglected. The QDID PUF and TRNG provide the ultimate protection against such risks because of the unique characteristics of gate tunnelling as a source of entropy


In practice, many secure systems use PUFs and TRNGs together. For example, a PUF might be used to generate a root key for a device, while a TRNG is used to generate session keys or other ephemeral random values needed during the device’s operation.

QDID eliminates costly secret key injection processes. Identities and keys are not stored in memory, where they are vulnerable to side-channel attacks, and cannot be counterfeited, copied or hacked, even in a post-quantum era. As a result, QDID offers a secure foundation for a root-of-trust in any IoT device.

The QDID IP has passed CC EAL4+ tests following an independent 3rd party assessment provided by eShard. The assessment of electromagnetic emissions of the IP proved that there is no correlation with either the tunnelling current variation as the source of entropy or the cryptographic secret keys generated in the semiconductor.

QDID has been verified for use with standard CMOS manufacturing processes at nodes from 55 nm down to 12 nm. It generates seeds of between 64 and 256 bits. At 22 nm, it requires a silicon area of less than 0.15 square mm and is approved for use with TSMC, UMC and Global Foundries CMOS processes. Other certifications include NIST SP 800-22 verification for randomness and PSA Level 2 Ready.

 

David Manners

David Manners

David Manners has more than forty-years experience writing about the electronics industry, its major trends and leading players. As well as writing business, components and research news, he is the author of the site's most popular blog, Mannerisms. This features series of posts such as Fables, Markets, Shenanigans, and Memory Lanes, across a wide range of topics.

Tagged with:

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Copyright ©2025 Electronics Weekly |News|Products|Blogs|Jobs - Owned by Emap, Southern House, CR0 1XG (020 39532600) Terms and Conditions Privacy policy