IoT device makers need a way to protect keys and other secret material by encrypting or wrapping them with other keys. But how to protect the root key? How to keep secret keys secret?
Solution: SRAM PUF-based Key Vault
No unencrypted secrets stored on chip
Secret data and secret (user) keys are protected/wrapped with a root key that is not stored
SRAM PUF does not leak information about the root key
Root key is generated from SRAM PUF when needed
By using Synopsys IP, the SRAM PUF on the device is turned into a device-unique PUF root key
From this PUF root key, other keys, such as AES encryption keys, can be created
When secrets need to be unwrapped, the unwrapping key is regenerated from the SRAM PUF and Synopsys IP