How
carbon nanotubes’ purity and positioning imperfections hold the key to new
advances in cryptography
This week, Nature Nanotechnology published a paper
by a team of research scientists from IBM Research and the College of Nanoscale
Science & Engineering at State University of New York in Albany on
experimental research results that tested the use of self-assembling carbon
nanotubes to make computing and communication more secure.
Silicon’s inherent physical weaknesses make even the best cryptography vulnerable. That literal leakage (from the chip baking process) gave engineers at IBM Research
and State University of New York in Albany an idea; cover up those
imperfections with something that doesn’t leak: self-assembling carbon
nanotubes.
IBM’s manager of nanoscale science and
technology Shu-Jen Han explains how this material science experiment could
impact coded security.
How are silicon cryptographic keys vulnerable to security attacks?
Shu-Jen Han: Cryptography is the basis for most silicon-based
computer security systems. It’s designed to protect information from
unintended recipients or use. We use it every day when we swipe our ATM card,
or log into a web site to make an online payment transaction.
But the truth is, it’s easy to break in and steal information or
someone’s identity. That’s because cryptographic keys, or physical unclonable
function (PUF) using silicon technology, is vulnerable to counterfeiting or
information leakage. Silicon PUFs rely on small process variations during chip
fabrication and are very sensitive to temperature, so for example, using heat
and actually baking a chip, hackers can try to discover its cryptographic key
by forcing the charge that makes the device output a 1 or a 0 to leak some of
this information, and then use the power consumption difference before and
after the baking to estimate how many 1s and 0s were initially in the key.
Relying on small mismatches also makes silicon PUFs vulnerable to voltage or
temperature variations, therefore making the unreliable.
Another vulnerability is chip tampering. It is not difficult to
access a silicon cryptographic key (usually stored in memory cells) by
reverse-engineering the chip – basically by physically removing materials
including metals and dielectrics above memory cells, and inspecting them with
microscopy or electrical testing.
What are the inherent challenges of carbon
nanotubes?
SJH: Carbon
nanotubes are an important material that could
one day replace silicon technology – which, due to the fundamental laws of
physics, will no longer be able to shrink in size past a certain point. Carbon
nanotubes, allotropes
of carbon with a cylindrical nanostructure, have been found to conduct
electricity much faster than silicon, and use less power than silicon. But for
logic technology, they also have two well-known materials issues: their purity
and positioning.
When you synthesize carbon nanotube materials they
generate two distinct properties: a set of semiconducting tubes, and a set of
metallic tubes. In fact, our initial solutions possess a high percentage of
metallic tubes, close to a third of the overall solution. But, metal is not
useful in transistors whose current flow has to be turned on and off with the
help of the semiconducting channel material. Metal essentially short-circuits
the transistor, so we continue to work on improving the purity of this material
(our own research has resulted in a 99.99 percent pure semiconducting tube
solution). The other challenge is controlling the placement, and how to orient
and place these sub-one micron-long structures from the solution onto the
wafer.
So while we continue to push the purity and positioning issues to enable logic
technology to work, using these inherent “imperfections” of carbon nanotubes as
the code actually presents a major opportunity to construct a new “perfect”
cryptographic key.
What makes carbon
nanotube-based technology more secure?
SJH: Many nanomaterials exhibit some random properties; however, the randomness (or entropy) of most of them cannot be controlled. To serve as an ideal cryptographic key, the entropy has to be maximized. We are able to use the properties of carbon nanotubes to create an unclonable electronic random structure with controllable randomness.
We
begin by preparing a trench structure from two different oxides, the bottom of the trench is based on hafnia (HfO2), and the sidewalls are based on silicon dioxide (SiO2), using a standard CMOS process. Then the carbon nanotubes – which are wrapped in a surfactant – are selectively attracted to the HfO2 surface (which is coated with a special monolayer). Using a form of ion exchange chemistry across the structure, the carbon nanotubes bind themselves to the monolayer on the HfO2 surface, but not on the SiO2 surface. The percentage of nanotubes successfully getting into the trenches can be precisely controlled by tuning the
concentrations of the surfactant, ionic strength and the dimension of the HfO2
trenches, and the width of the trench is optimized to maximize the randomness
of the nanotube placement, resulting in a higher quality of generated random bits.
In
other words, we create disorder, or randomness, out of order by using carbon
nanotubes’ inherent self-assembling characteristics and attracting them into
position within each trench, and then determine the connection yield and
switching type of the nanotube devices to create random bit arrays.
Furthermore, carbon nanotubes are so small, 1 nm in diameter, that
they’re impossible to reverse engineer without risk of destruction, which is
another technique hackers use to steal information. And any attempt to bake a
carbon nanotube will prove ineffective, as the material is extremely stable and
insensitive to temperature-based attacks.
|
Schematics of random bits
based on a 2D carbon nanotube array
|
By addressing the purity and positioning issues of carbon nanotubes,
will this subsequently reduce their ability to keep a device secure?
SJH: Over time we will
continue to address some of the imperfections of carbon nanotubes as a full
replacement for silicon, and these will enable even better control of randomness. When
you create a random key, you are controlling the size of the trench the carbon
nanotubes are assembled in, as well as using other randomness caused by the mix
of metallic and semiconducting tubes that reach the trench. Eliminating
metallic tubes is important for purification and to enable logic. But to create
a security key you don’t need to perform that process.
|
Random bit generation – the
left image shows 64x40 random binary bits generated and the right image shows
64x40 ternary bits generated
|
What are the potential applications for these new kinds of
cryptographic keys?
SJH: I think some of the promising
areas are in IoT and connected devices, where privacy becomes important because
of the constant information sharing on the Internet. With this technique you
can create a more secure channel by verifying a device. This is happening today
mainly at a software level but we can integrate it into the hardware. Another
important application is supply chain security. Our technology can serve as a
unique, permanent product identification that is nearly impossible to copy or
alter. We hope that within five years this is going to be commercially ready.
How have colleagues in the security field reacted to this result?
SJH: The feedback is very
positive and we are trying to expand its applications further. This is a first
of its kind and it is bringing together two distinct disciplines – nanoscience
and hardware security. We really hope to start a new field by blending hardware
engineering with fundamental scientific research. This is not easy to do but
we’re excited about the progress we have made so far.
Labels: carbon_nanotubes, cryptography, nanotechnology