IN Brief:
- Hardware-rooted security is being pushed into smaller, lower-power edge devices.
- MIT’s approach creates a matched PUF across two chips during wafer processing.
- Twin-PUF pairing could reduce server dependencies for authentication in constrained systems.
MIT engineers have developed a fabrication technique that enables two chips to share a unique “fingerprint” for mutual authentication, without storing secret key information on a third-party server.
Physical unclonable functions (PUFs) exploit tiny, unavoidable manufacturing variations to derive a device-unique identifier. In many deployments, that identifier still needs to be registered and stored externally for later authentication, creating both infrastructure overhead and an additional attack surface. MIT’s approach focuses on making two chips share the same underlying “randomness,” so each device can authenticate the other directly.
The method is built around creating shared randomness at the edge of two chips before dicing. The team uses a process called gate oxide breakdown to change the properties of transistors fabricated along the edge of two chips. The breakdown event is induced using a low-cost LED while high voltage is applied, creating a device-specific breakdown state based on microscopic variation in breakdown timing.
To form a matched pair, the researchers fabricate two pairs of transistors along the edges of two adjacent chips, and connect the structures with metal layers to create correlated breakdown states. After the LED-based PUF generation step, the chips are diced between the transistor pairs, leaving one correlated pair on each device, and creating what the team describes as a twin PUF shared only by those two chips.
Eunseok Lee, an electrical engineering and computer science graduate student at MIT and lead author of the work, said: “The biggest advantage of this security method is that we don’t need to store any information. All the secrets will always remain safe inside the silicon. This can give a higher level of security. As long as you have this digital key, you can always unlock the door.”
After refining the process, the researchers demonstrated a prototype pair of twin-PUF chips where the randomisation matched with more than 98% reliability, intended to ensure the generated key matches consistently for authentication. The team argues the use of circuit techniques and low-cost LEDs makes the method more practical to implement at scale than approaches that require non-standard materials or incompatible processing steps.
The technique is aimed at paired devices where the relationship is fixed and power budgets are tight. MIT points to examples such as ingestible sensor pills paired with wearable patches, where a device-to-device authentication scheme is required without a mediator, and without the energy overhead of heavier protocols.
Ruonan Han, professor of electrical engineering and computer science at MIT, framed the goal as shifting key creation earlier in the chain, noting: “Creation of shared encryption keys in trusted semiconductor foundries could help break the tradeoffs between being more secure and more convenient to use for protection of data transmission.”
The research was presented at the IEEE International Solid-States Circuits Conference, and the team says future work could aim to preserve shared randomness more directly in the transistor structures, rather than immediately converting it into digital data during the current implementation.
