Verayo Security Solutions

Recent years have seen an explosion in the number of computing devices used by the enterprise and individual users alike. Both enterprises and individual users depend on these devices for everything they do – from storing business or personal data, to running financial transaction, exchanging business and personal data, placing and taking orders. This explosion significantly raises the demand for security and trust in computational systems.

Verayo's security solutions exploit the power of PUF technology to significantly enhance the security and trust of computational systems. PUF based security solutions are

Trusted

It is effectively impossible to clone PUF based ICs. PUF technology provides a reliable and secure way to authenticate PUF based ICs and systems.

Highly secure and robust

Unlike conventional security solutions, PUFs do not store secret keys for cryptographic operations. PUFs dynamically generate virtually unlimited number of unique, volatile secrets for each IC.

Tamper proof

PUFs are inherently tamper proof. An invasive physical attack on a PUF will change the PUF characteristics, and hence prevent successful authentication and disable key generation applications.

Simple to provision and manage

PUFs eliminate the need to securely provision, store and manage cryptographic keys. PUFs can dynamically and securely generate new keys for every authentication event, or for provisioning new services.

Verayo CryptoPUF

Crypto platforms are widely used today for authentication of everything from smart cards, SIM cards to computer and network equipment. The current state-of-the-art in cryptography is based on keys that are typically stored on-chip. These keys are then used for authentication, encrypted communication, access control, and transactions. Verayo's CryptoPUF provides a higher level of security – it dynamically generates unlimited number of volatile, though robust/reliable, cryptographic keys, instead of storing and securing these keys in the IC device or the hardware platform. CryptoPUF generated keys are essentially “plug compatible,” i.e., they can power cryptographic operations the same ways (albeit more securely) as conventional secret key platform work. However, and importantly, the Verayo CryptoPUF can generate an unlimited number of new, volatile secret root master keys even after being deployed in the field. This allows the CryptoPUF to renew root master keys in the field and support multiple (virtually unlimited) vendors, features that are severely limited in conventional crypto platforms.

Verayo's CryptoPUF can be used for secure identification, data access, and secure transactions for a wide variety of applications including:

NFC payment cards & readers (including NFC cell phones)

e-Passports

SIM cards

Credit cards (contact or contactless)

Computers and networking equipment can also use the CryptoPUF for network access tokens, user and device authentication and authorization, secure internet communication.

Verayo Secure Processor

Trusted computing platforms are gaining momentum on client devices, such as PCs, laptops, mobile phones, and server and storage systems. Trusted computing platforms provide security of the hardware platform, and ensure integrity and privacy of applications and data used on the hardware platform. The efficacy of such platforms is dependent on the security of the cryptographic keys stored and shared. Conventional trusted computing platforms ensure the sanctity of stored keys using anti-tamper key enclosures and sensors. Verayo's PUF based Secure Processor eliminates the need to store and secure keys. The Secure Processor generates virtually unlimited number of volatile secrets keys unique to each and every processor IC. The processor uses the secret keys extracted from the PUF as seeds to generate public private key pairs. The private key of the processor does not leave the processor IC, and is inaccessible to unprivileged software. The public private key pairs are used for:

Software attestation: Attest operating system and application software

Secure execution environment: Certify computations done on-chip memory

Secure storage: Encrypt off chip information using processor's private key

Verayo's PUF based Secure Processor addresses the needs of market segments that require a higher level of trust and security, not delivered by the current state-of-the-art, such as:

Defense Infrastructure: Trusted computing modules for devices, servers and storage used in defense systems.

Enterprise Security Infrastructure: Trusted computing modules for client devices connecting enterprise networks. Trusted server and storage backends.

Mobile Commerce, Banking and Ticketing: Trusted mobile platform to enable next generation of mobile applications, such as mobile payments, m-wallets, mobile ticketing, banking.