Hardware Security Requirements for Embedded Encryption Key Storage
As the sophistication of global competitors and intellectual property (IP) thieves in countries with weak IP protections increases, there is a need for enhanced physical security for sensitive information such as encryption keys. Hardware security being one of the new primary requirements for many, if not most, consumer system-on-a-chip (SoC) architectures, new questions are being asked of various memory technologies. One of the most relevant to the topic of hardware security is, "How physically secure is the underlying memory technology?" Equally important is the question of securing sensitive encryption keys throughout the manufacturing process.
This paper discusses a new embedded permanent memory technology based on a standard logic complementary metal-oxide-semiconductor (CMOS) antifuse. It provides unprecedented physical layer security for applications such as High bandwidth Digital Content Protection (HDCP) and Advanced Access Content System (AACS), both of which require unique encryption keys for each hardware device. The CMOS logic antifuse, when combined with a robust key distribution, tracking, and management system tailored for the global semiconductor manufacturing supply chain, provides end-to-end security for sensitive encryption keys from the licensor through to the end product.