Tamper resistance of chips

For the IoT open registry to be successful, the requirement for Tamper resistance which meet FIPS 140-2 may become necessary especailly for high end products (things).

Any thoughts on such requirements on the chip vendors?


Chip manufacturers provides components that comply with the FIPS 140-2 certification. For instance, we deployed chips from the NXP SmartMx family, which comply with FIPS 140-2 and are also certified EAL 5+. See http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp2247.pdf and http://www.nxp.com/documents/leaflet/75016823.pdf. These chips are used for secure applications, including smart cards, credit cards and passports.

Depending on the use case, additional physical tamper-proof mechanisms might be applied to the solution. For instance, it is possible to couple the SmartMx chip with a circuit that detects that a product container was opened. Now it is possible to know if a wine bottle was opened, refilled and sealed. As another example, we have implemented 3D printed unibody tags with a tamperproof locking mechanism that shatter and destroy the chip inside if you try to extract the chip physically.

In general, we see a continuum of solutions to assign an identity to a consumer product. Each solution might provide a greater or lower level of security. Chip and form factor solutions range from 10 cents up to $5 to $10 depending on the level of identity protection required. Depending on the use case, the optimal solution might not have the highest security level but it might provide an identity and enable interoperability and exclusive content delivery. In some use cases, it might even make sense to use a simple serial numbers or unique identifiers to obtain a basic identity and content delivery.

If you need help to select the most effective solution for your implementation, or to design a method of registering a specific kind of unique identifier to the blockchain to increase the difficulty level involved in attempts at counterfeiting, we would be happy to assist and to apply our knowledge of cryptographic principles to the particular problem at hand.