Cadence® system design and verification solutions, integrated under our Verification Suite, provide the simulation, acceleration, emulation, and management capabilities.
Verification Suite Related Products A-Z
Cadence® digital design and signoff solutions provide a fast path to design closure and better predictability, helping you meet your power, performance, and area (PPA) targets.
Full-Flow Digital Solution Related Products A-Z
Cadence® custom, analog, and RF design solutions can help you save time by automating many routine tasks, from block-level and mixed-signal simulation to routing and library characterization.
Overview Related Products A-Z
Driving efficiency and accuracy in advanced packaging, system planning, and multi-fabric interoperability, Cadence® package implementation products deliver the automation and accuracy.
Cadence® PCB design solutions enable shorter, more predictable design cycles with greater integration of component design and system-level simulation for a constraint-driven flow.
An open IP platform for you to customize your app-driven SoC design.
Comprehensive solutions and methodologies.
Helping you meet your broader business goals.
A global customer support infrastructure with around-the-clock help.
More Support Log In
24/7 Support - Cadence Online Support
Locate the latest software updates, service request, technical documentation, solutions and more in your personalized environment.
Cadence offers various software services for download. This page describes our offerings, including the Allegro FREE Physical Viewer.
The Cadence Academic Network helps build strong relationships between academia and industry, and promotes the proliferation of leading-edge technologies and methodologies at universities renowned for their engineering and design excellence.
Participate in CDNLive
A huge knowledge exchange platform for academia to network with industry. We are looking for academic speakers to talk about their research to the industry attendees at the Academic Track at CDNLive EMEA and Silicon Valley.
Come & Meet Us @ Events
A huge knowledge exchange platform for academia. We are looking for academic speakers to talk about their research to industry attendees.
Americas University Software Program
Join the 250+ qualified Americas member universities who have already incorporated Cadence EDA software into their classrooms and academic research projects.
EMEA University Software Program
In EMEA, Cadence works with EUROPRACTICE to ensure cost-effective availability of our extensive electronic design automation (EDA) tools for non-commercial activities.
Apply Now For Jobs
If you are a recent college graduate or a student looking for internship. Visit our exclusive job search page for interns and recent college graduate jobs.
Cadence is a Great Place to do great work
Learn more about our internship program and visit our careers page to do meaningful work and make a great impact.
Get the most out of your investment in Cadence technologies through a wide range of training offerings.
Overview All Courses Asia Pacific EMEANorth America
Instructor-led training [ILT] are live classes that are offered in our state-of-the-art classrooms at our worldwide training centers, at your site, or as a Virtual classroom.
Online Training is delivered over the web to let you proceed at your own pace, anytime and anywhere.
Exchange ideas, news, technical information, and best practices.
The community is open to everyone, and to provide the most value, we require participants to follow our Community Guidelines that facilitate a quality exchange of ideas and information.
It's not all about the technology. Here we exchange ideas on the Cadence Academic Network and other subjects of general interest.
Cadence is a leading provider of system design tools, software, IP, and services.
Get email delivery of the Cadence blog featured here
Yesterday, I wrote about automotive security from a big-picture level. Today let's drop down and look at some implementation approaches from the chip level. This comes from Thomas Kallstenious, who is imec's program director for security. At the imec Technology Forum, which is always the afternoon before SEMICON West, he presented some of what they are up to with some teasing hints that there would be more next year.
One problem with chip-level security is that all chips are the same. Foundries invest billions of dollars to make it so. That makes it hard to stop a successful penetration of one chip making other chips vulnerable to whatever it was you found out: you read the secret master key, for example.
One approach to attacking security is what is called a man-in-the-middle attack (it could be a woman, but that's what they are always called). The example Thomas used was a Bluetooth door lock where by recording or altering what was transmitted between the smartphone and the doorlock, there is potential to open other locks.
The standard way to deal with this is that you don't simply send a complicated number from the phone, and the door unlocks. Instead, the door lock sends a challenge, which is a number that is only used once (and shortened to nonce). The phone then sends a reply to the doorlock that depends on transforming the nonce in some way. The man-in-the-middle attack doesn't really work since the nonce will never be used again, the reply will never be used again, and replaying the entire transaction will get the phone to respond, but since the lock never sent the nonce it won't open.
The problem with this approach is that random numbers generated by computers are not actually random, they are pseudo-random. Knuth's famous multi-volume work on The Art of Computer Science has an entire volume dedicated to this (volume 2). For some purposes, this is just fine. But for security, it is not. If you ever see a number a second time you know what is coming next, a more complicated version of what would happen if we generated each nonce by adding 1 to the last one. Because every chip is identical.
A physically unclonable function, or PUF, is a block on a chip that is different on every chip. The imec approach is to use the technique that some non-volatile memories use: oxide breakdown. A higher voltage than normal is applied to a transistor. For an NVM, breakdown is usually used for one binary value, and no breakdown (so no applying the voltage) for the other. Whether the oxide broke down or not can be detected. Or for more reliability, two transistors can be used, one for 1 and one for 0.
The imec PUF used two transistors at a time, with the same gate. At the atomic level, all chips are not the same, and which of the two bits breaks down turns out to be entirely random. The moment the gate oxide on one transistor is ruptured, the voltage is sunk to the substrate and the other transistor will not break down. But which one goes first cannot be predicted
This has a small area on the chip, so it is cheap. It is also low power. It doesn't require a trusted third party, the service provider can do key generation after manufacture.
Of course, there are some assumptions here, namely that it is truly random which bit breaks down. You want an equal number of 0s and 1s in any given chip, and you want there to be no correlation as to which bits break down in different instances of the same chip. So imec measures randomness and the bias turned out to be 0.498 (0.5 would be exactly half 0 and half 1) so that is statistically equivalent.
Between chips, they looked at the Hamming distance (which is 0 if the values are the same, and 1 if all the bits are inverted, so again 0.5 means no correlation). The data patterns are not related in any way and the PUF data is completely unpredictable between chips.
A lot of cryptography involves random number generators and I already explained that typically these are pseudorandom number generators (PRNG) not true random number generator (TRNG). Thomas wasn't ready to tell us how the new imec TRNG works yet, but he did tell us some characteristics:
There nothing not to like, but without the details it is hard to tell.
One thing that I hadn't known was that the AES encryption standard was originated by researchers at imec (actually an imec group at KU Leuven nearby). Since its original name was Rijndael, which is obviously Dutch or Flemish, that might have been a hint. It is the global de facto encryption standard succeeding DES. It was developed by Vincent Rijmen and Joan Daemen (Joan is a guy's name in Flemish).
There are thousands of certified products and billions of deployments. It uses 7.6 cycles/byte on Intel (or less than 1 on Intel with the AES instruction, but that's kinda cheating). It is tiny, only 49 bytes of RAM on an 8051. It can run at 53Gb/s in 125mW, or 56Kb/s in 3.7uW (just 65pJ/bit).
imec has developed even more lightweight crypto called Trivium which gets down to about 2pJ/bit and a tiny area.
Sign up for the weekly Breakfast Bytes email: