New technique hides encryption keys under user data using standard 3D NAND flash memory.

With the continuous growth of digital data volumes, driven by artificial intelligence, cloud services, and the proliferation of connected devices, the security of this information has become increasingly critical. In this context, traditional password-based protections have proven insufficient. Although there are hardware-based security solutions, such as Physically Unclonable Functions (PUFs), their real-world implementation has faced challenges, as most require custom hardware and cannot hide keys when not in use, leaving systems vulnerable.

A research team from the National University of Seoul has developed a hardware security method known as Concealable PUF. This innovative technique utilizes commercially available 3D NAND flash memory found in conventional storage devices to provide a secure way to store and conceal encryption keys. The uniqueness of this approach lies in its ability to hide a key beneath user data and reveal it only when needed. This methodology has recently been published in Nature Communications.

The main advancement involves a mild application of the Gate-Induced Drain Leakage (GIDL) erasure process, which increases the variation between memory cells, giving each chip unique and unpredictable characteristics. These variations generate PUF data, which serve as a secure and uncloneable key. This method does not require structural or circuit changes and operates directly with standard V-NAND flash memory, facilitating its scalability.

Concealable PUF has passed rigorous stress tests, including a wide range of temperatures and over 10 million read cycles. Additionally, it withstood machine learning-based attacks, which failed to predict the key beyond random guessing levels. Notably, the key could be concealed and revealed over 100 times without errors, underscoring the system's stability.

Professor Jong-Ho Lee, the project leader, noted that "Concealable PUF stands out for its creativity and practicality, as it uses vertically produced mass-market NAND flash memory technology without modifications." Meanwhile, lead author Sung-Ho Park mentioned that "this research is significant because it demonstrates how PUFs can be implemented using the existing erase operation of V-NAND memory without altering the circuit or design. By allowing selective exposure of the security key, our method opens up new possibilities for enhancing both memory security and efficiency."

The team plans to extend this technology to other hardware solutions focused on security, targeting industries such as IoT, mobile electronics, and automotive.