how does Apple encode a unique device ID (security key) on each processor?

[supernova87a]

This question is sparked by the controversy in the news lately about Apple being compelled to help the FBI defeat its own iPhone hardware security.

My question is a side one. Apple has described that for every secure enclave in its iPhones (region of the core processing chips), they inscribe a unique ID -- completely unknown and irretrievable by Apple or its suppliers -- that serves as a private key during encryption operations. This way you cannot unlock an iPhone's contents without the correct passphrase/passkey and the phone's unique ID in your possession.

How does a chip manufacturer inscribe a unique code into every chip? As I understand it, chips are produced by successive masks (film) with the circuit pattern layered on each mask.

Is one of the masks getting printed with the unique set of codes? Are the masks printed and changed with every wafer, after the unique codes are changed and discarded? Seems like a very intense way of having to put a unique code on each chip.

Or, if you remember film cameras from like the 80s/90s, where they could burn a date into the corner of the negative, do IC making masks have the ability to dynamically burn a changing code during exposure of the wafer??

Thanks for any knowledge you can offer on this point!

 

[MrTeal]

I profess no knowledge in this specific case, but it would be relatively easy to do during test using fuses.

 

[Kaido]

I know with the fingerprint sensors, they take a sample of multiple hardware device ID's on the device itself & create some sort of private key that ties into your, ah, local account, when you setup the phone. People were having issues replacing the screens with the fingerprint button assemblies on the newer phones because of this...you can't just swap out the hardware & still have it work.

 

[Essence_of_War]

I don't know if anyone knows the answer to this, or if they can, if they can reveal it.

Apple's own documentation on iOS encryption ends at saying basically that there is a UID for every SE, and no one knows it, not them, not the fab, and there is no way to query it, only to query output from the crypto engine that uses the UID.

 

[master_shake_]

back when the original xbox came out the hard drive unlock key was the serial number plus some other numbers.

maybe this is how?

 

[Mark R]

Usually, there is some one-time programmable memory on the CPU. These are basically a series of transistors which are connected with fuses.

Directly after manufacture, all the bits will read "1". However, by applying a high voltage to the fuses, they can be blown. After a fuse has blown, that bit of memory will read "0".

The manufacturer will typically design a ID programming/testing circuit into the chip, which handles blowing the ID fuses and reading the ID back for verification. During factory testing, a command is sent to the programming circuit, which burns the ID into the fuses, and checks that they have been programmed correctly. Once programming is complete, the programming circuit blows its own internal fuses, disabling itself, and leaving no external way to access the security ID.