Mitsubishi Electric develops ‘fingerprint-like’ security solution for IoT devices

Posted on 5 Feb 2015 by Tim Brown

Mitsubishi Electric has patents pending on a new high-tech method to help reduce the security risks faced by IoT devices.

As the use of networked embedded devices increases to create the Internet of Things (IoT), countermeasures to prevent program identity falsification, data theft and device spoofing are becoming more important.

As a result, Mitsubishi Electric, Ritsumeikan University and Japan Science and Technology Agency (JST) have developed a security technology that uses the individual differences of large scale integrations (LSIs) which arise during their fabrication to ensure confidentiality and authentication for interconnected IoT devices.

The new technology helps to reduce security risks for networked IoT devices by protecting embedded programs and preventing spoofing, where one device or program could masquerade as another by falsifying data.

LSIs make calculations based on internal circuits that dictate output, so LSIs with the same circuits yield the same results when processing the same input.

Intermediate routes to the computation result, however, are different in each LSI, serving as something like a fingerprint, which the new technology uses to generate unique IDs for LSIs with the same circuits.

The unique ID cannot be analyzed even by opening the LSI package and examining its insides because the ID appears only while the circuit is running. The embedded program is encrypted so that it can be decrypted and used only in the device that has the LSI with a specified ID. It is also possible to configure devices to connect only with devices that have specified IDs.

Slight differences in computation processes of circuit gates in different LSIs - image courtesy of Mitsubishi Electric
Slight differences in computation processes of circuit gates in different LSIs – image courtesy of Mitsubishi Electric.

The unique ID is generated as follows:
Step 1: Count the number of glitches (peaks) that arise on signal input. If the number is even, assign 0 as an output bit, and if odd, 1.
Step 2: Repeatedly change the signal input and compute the corresponding output bit, thus generating a unique ID.

Mitsubishi Electric has five patents pending for the IoT devices security technology in Japan and 32 abroad and plans to begin applying the technology in its products from April 2016.