Towards Implementation of Robust and Low-Cost Security Primitives for
  Resource-Constrained IoT Devices by Tehranipoor, Fatemeh
1Towards Implementation of Robust and Low-Cost
Security Primitives for Resource-Constrained IoT
Devices
Fatemeh Tehranipoor, Member IEEE
San Francisco State University, [tehranipoor@sfsu.edu]
Abstract—In recent years, due to the trend in globalization,
system integrators have had to deal with integrated circuit
(IC)/intellectual property (IP) counterfeiting more than ever.
These counterfeit hardware issues counterfeit hardware that
have driven the need for more secure chip authentication. High
entropy random numbers from physical sources are a critical
component in authentication and encryption processes within
secure systems [6]. Secure encryption is dependent on sources of
truly random numbers for generating keys, and there is a need
for an on chip random number generator to achieve adequate
security. Furthermore, the Internet of Things (IoT) adopts a
large number of these hardware-based security and prevention
solutions in order to securely exchange data in resource efficient
manner. In this work, we have developed several methodologies of
hardware-based random functions in order to address the issues
and enhance the security and trust of ICs: a novel DRAM-based
intrinsic Physical Unclonable Function (PUF) [13] for system level
security and authentication along with analysis of the impact
of various environmental conditions, particularly silicon aging;
a DRAM remanence based True Random Number Generation
(TRNG) to produce random sequences with a very low overhead;
a DRAM TRNG model using its startup value behavior for
creating random bit streams; an efficient power supply noise
based TRNG model for generating an infinite number of random
bits which has been evaluated as a cost effective technique;
architectures and hardware security solutions for the Internet of
Things (IoT) environment. Since IoT devices are heavily resource
constrained, our proposed designs can alleviate the concerns of
establishing trustworthy and security in an efficient and low-cost
manner.
Index Terms—Hardware Security Primitives, IoT, Resource-
Constrained
I. INTRODUCTION
As electronic devices become ubiquitous and more inter-
connected, people must depend on Integrated Circuits (ICs)
for the security of sensitive information. Providing this secu-
rity relies on well-established primitives for key generation,
data confidentiality and integrity, authentication, identification
bit commitment, etc. Therefore, it is paramount for ICs to
be able to perform operations and critical tasks in a low-
cost yet highly secure way. Unfortunately, the conventional
approaches (e.g. digital signatures, encryption) suffer from
various shortcomings; they are very slow, expensive, and
increasingly vulnerable to physical and side channel attacks.
Hardware-based security primitives such as physically unclon-
able functions (PUFs) and true random number generators
(TRNGs) can overcome these limitations and provide random
functions in order to establish security and trustworthiness
Fatemeh Tehranipoor is with the School of Engineering, San Francisco
State University, CA, USA (e-mail: tehranipoor@sfsu.edu).
in critical application and systems. PUFs can derive secrets
from the complex physical characteristics of ICs rather than
storing the secrets in digital memories. PUFs can significantly
increase physical security by generating volatile secrets (keys)
that only exist in a digital form when an IC is powered on
and operating [15]. Furthermore, a TRNG is an important
security primitive used in a variety of applications including
cryptographic algorithms, statistics, communication systems,
simulations, etc. It is critical that a TRNG be able to produce
outputs consisting of fully unpredictable and unbiased bits in
a cost-effective manner. In general, these hardware security
primitives should provide low-cost and efficient trustworthi-
ness of the physical hardware platforms. One should note that
while these primitives can provide advantages to ICs, there are
properties and details of the design that need to be considered
(e.g. power usage, overhead, heat).
Since IoT is a rapidly emerging paradigm, the most demand-
ing requirement for their widespread realization is security.
Applying low-cost security solutions to a large scale of IoT [2]
and even Cyber-Physical Systems (CPSs) [3] is possible using
hardware-based security primitives such as PUFs and TRNGs.
Providing a secure framework and platform for IoT systems
can protect them against malicious attacks. One of the most
challenging concerns for developing secure IoT devices is
the resource constrained nature of these embedded systems.
Security traditionally requires a great deal of resources in
order to perform the computations necessary for encryption,
certificate verification, third-party authentication [24], etc.
By implementing the previously discussed hardware security
primitives, developers can easily overcome the issues of re-
source constrained IoT device trustworthiness and verifiability
in a low-cost and efficient way.
In the following, we first present the preliminaries in Section
II. In Section III, we present the proposed DRAM-based
intrinsic PUFs. Section IV presents the results of our proposed
techniques for DRAM-based RNG design. In section V, we
will present the application of hardware security architecture
for the Internet of Things. Finally, we summarize the paper in
Section VI.
II. PRELIMINARIES
A. Physical Unclonable Functions
As a means to uniquely identify chips, researchers have
proposed using the random process variations that naturally
occur during the manufacturing process. These effects include
process variations such as the size of transistors, capacitors,
resistors and other components. These are unavoidable for the
ar
X
iv
:1
80
6.
05
33
2v
1 
 [c
s.C
R]
  1
4 J
un
 20
18
2most part, and must be accounted during the design and layout
process. However, these random process variations can be used
to our advantage if we use them to generate unique intrinsic
identifiers. This is the idea behind Physically Unclonable
Functions (PUFs), which was first proposed by Gassend et
al. in 2002 [1]. Gassend and Pappu in 2001 developed the
first silicon PUFs through the use of intrinsic process variation
in deep submicron integrated circuits. They used the intrinsic
process variability of silicon devices during manufacturing
to produce unique, random and unclonable digital responses
and called it a physically random function. They have since
been called physical unclonable function to emphasize the fact
that they are not repeatable. Generally speaking, PUFs should
present unpredictable, robust and unclonable characteristics.
PUFs are circuits that have come into prominence in the
past decade and hold much promise as a hardware security
primitive [12].
B. Random Number Generations
Cryptography and security applications make extensive use
of random numbers and random bits. Random numbers are
useful for a variety of purposes, such as generating data
encryption keys, simulating and modeling complex phenom-
ena, selecting random samples from larger data sets, and
even for gambling. Random number generators (RNGs) are
classically divided into two different types: Pseudo random
number generators (PRNGs) and True random number gen-
erators (TRNGs). PRNGs are deterministic in nature, but
are traditionally adequate for most applications. These type
of random number generators usually require a seed (i.e.
number to initialize the internal state of the generator) and
the seed should be periodically changed to keep the system
secure. The number sequence produced by PRNGs is random
within a specific time period; meaning the method of random
number generation does not provide truly random behavior.
TRNGs, on the other hand, derive their randomness from
a physical entropy source and provide inherently nondeter-
ministic behavior. They are unpredictable, and are random
in the entire time domain. Since TRNGs are capable of
producing uncorrelated and irreproducible procedures they act
as a critical component within cryptographic systems and
applications. For security-centric applications the high entropy
numbers from physical sources are a critical component in
authentication and data encryption processes, where they are
used to generate random cryptographic keys that are used to
transmit data securely. Designing TRNGs around new forms
of noise, one must account for certain features. Ideal TRNGs
should display three essential characteristics: efficiency, non-
determinism and non-periodicity. The dynamically natured
variations that are induced by power supply noise exhibit the
necessary characteristics.
III. DRAM-BASED INTRINSIC PUFS
In this section, we introduce an intrinsic PUF based on
dynamic random access memories (DRAM). DRAM PUFs
can be used in low cost identification applications and also
have several advantages over other PUFs such as large input
patterns [10] [21]. The DRAM PUF relies on the fact that
the capacitor in the DRAM initializes to random values at
startup. We demonstrate real DRAM PUFs and describe an
experimental setup to test different operating conditions on
three DRAMs to achieve the highest reliable results [25].
Furthermore, we select the most stable bits use as chip ID
using our enrollment algorithm. We also evaluate silicon aging
effects on DRAM PUFs in details. In other words, we explore
the possibility of intrinsic PUFs within Commercial Off-
The-Shelf (COTS) DRAM ICs [8]. We describe how to use
the signatures to prevent modifications and uniquely identify
and/or authenticate electronic devices.
A. DRAM PUF Description and Properties
PUFs intrinsic to DRAM ICs have not been explored
extensively. Our primary contribution is the identification of a
DRAM PUF based on startup values. We examine the effect
of various operating conditions such as temperature variation,
voltage variation, and aging which may influence the behavior
of the DRAM PUF. Finally, we propose a selection mechanism
to isolate highly stable bits within the large set of available
bits in a DRAM.
1) DRAM PUF Advantages: DRAMs have some unique
advantages that motivated us to explore it further: Large input
pattern: Because of the large number of available bits in a
typical DRAM, one can generate a large set of input challenges
and correspondingly large output responses. This characteristic
of DRAM PUF is very valuable which can make it to be
distinct among all kinds of intrinsic PUFs. Cost-effective:
Since many computer systems have some form of DRAM
on board, DRAMs can be used as an effective system-level
PUF as well. It is also much cheaper than SRAM. Thus,
DRAM PUFs could be a source of random but reliable data
for generating board identifications (chip ID). The advantage
of the DRAM PUF is based on the fact that the stand-
alone DRAM already present in a System on a Chip (SoC)
can be used for generating device specific signatures without
requiring any additional circuitry or hardware [13]. PUFs
intrinsic to DRAM ICs have not been explored extensively.
Ours is one of the first works in which a DRAM has been
used as a system level security Physical Unclonable Function.
2) Startup Value Based DRAM PUF: In our observation
of DRAM refresh and remanence properties, however, we no-
ticed that certain DRAMs actually exhibit behavior similar to
SRAMs, i.e. they have seemingly random startup values [23].
In other words, the cells do not initialize to ’0’ as would be
expected. Thus, as with SRAMs, these startup values provide a
potential for creating a PUF. The reason for this random startup
behavior can be explained by the interaction of precharge, row
decoder, and column select lines when the device is powered
up. Figure 1 shows the structure of a typical DRAM array. Bits
are stored either by charging the storage capacitor to VDD or
discharging it to ground. The timing diagram of the DRAM
read operation of an uncharged cells is shown in Figure 2.
In order to reduce the electric field stress on the capacitor,
one of the plates of the capacitor is usually biased to VDD2 .
Before the reading operation, the signal to precharge the bit
lines (PEQ) is disabled. In normal operation, before reading
the cell, the bitlines (BL and BLB) and sensing nodes (SA
and SAB) are precharged to VDD2 , and when the wordline is
activated, the bitlines voltage will change slightly depending
on the capacitance of the storage capacitor. This slight change
is detected by the sense amplifier as a ’1’ (Vdd) or ’0’ (Vss)
as shown in Figure 2. In other words, the level of BL and
3Storage
Capacitor
Access
Transistor
Wordline
Bitline
Memory
Array
Pull up Network
Sense Amplifiers
Column Decoder
R
o w
D
e c
o d
e r
DRAM
... Bit Lines ...
. . .
W
o r
d
L
i n
e s
. . .
Vdd/2
Bit selection Device
PEQ
SAB
SA
BL
BLB
BL
BLB
Vc
Figure 1. Memory structure of a One-Transistor DRAM array.
(a)
(b)
(Vdd/2)-ɛ Vc
Vdd/2
Word Line
Vdd/2BL/BLB Restores Cell Data
BLB
Vdd/2Output
Amplified to Vss
Vss
tB ( sense amplifier is pulling
down the bit line)
Vc
Word Line
Vdd/2BL/BLB
Vdd/2Output Amplified to Vdd
Restores Cell Data
tA ( charge sharing between the
cell and the bit line capacitances)
Vdd/2
BL
(Vdd/2)+ɛ
Vdd
Figure 2. Timing diagram of a DRAM read operation of an uncharged cells
biased to Vdd (a) or Vss (b) due to process variations.
BLB nodes eventually reaches the operating voltage (Vdd) or
ground (Vss), respectively [4]. At startup, however, the storage
capacitor has neither been charged to VDD nor discharged to
ground. Thus, at startup, the nominal voltage of each capacitor
(Vc) is equal to the bias voltage VDD2 which is equal to the
bitline precharge voltage. Thus, when read, the sense amplifier
is equally likely to read a ’1’ or ’0’. However, because of
manufacturing variations, the storage capacitance of each bit
will have slight differences, which leads to biasing of each
bit to either a ’1’ or a ’0’. This behavior is what allows the
startup values of the DRAM to function as a PUF [17].
B. DRAM PUFs Reliability Analysis due to Device Acceler-
ated Aging
Many PUFs are known to suffer from aging and lose their
reliability over time - i.e. they no longer consistently return
the same responses. As reliability goes down, the PUF loses
its usefulness as a practical authentication device. The aging
effects on a PUF are due to the degradation of transistors as
a consequence of aggressive scaling in CMOS [18]. As tech-
nology has entered the nanometer regime, several important
factors cause degradation in transistor including negative bias
temperature instability (NBTI), hot carrier injection (HCI), and
temperature dependent dielectric breakdown (TDDB). Since
DRAM PUF behavior is primarily determined by process
variations in the storage capacitor rather than variations in
the transistor, it is likely that aging due to NBTI may not be
an issue. In this section, we investigate the effects of aging
on DRAM PUFs functionality. Our proposed approaches are
evaluated on an experiment platform, the Xilinx Spartan 6
FPGA on a Digilent Atlys board. The off-chip DIP DRAMs
were mounted and wired to a prototype board that has a high
density serial connector during data collection. The serial con-
nector allows the prototype board to interface with the FPGA.
Then, programmed FPGA controls the test sequences applied
to the DRAM and transmit the results/outputs from the DRAM
chip to a computer (workstation) using a USB-UART module.
All experiments are performed using our ThermoStream Burn-
in System (Temptronic TP04100A ThermoStream Thermal
Inducting System) to accelerate aging. Each measurement is
performed at a VDD of 5V and at room temperature and
consists of 144 startup state readings at different dates from
Sep. 2014 to Feb. 2016. Table I, at aged-DRAMs condition, the
percentages of stable bits do not change that much especially
for dram1. Furthermore, these small changes are very normal
and still a large amount of data are stable during the 18-month
period of time of our experiments on DRAMs. Based on our
observations, our DRAMs (dram1, dram2, and dram3) which
are under experiments for aging effects on PUFs functionality,
are much more stable than what we even expected before
starting this project, since it is a common expectation that
aging has irreversible effects on devices.
Table I
STABILITY OF DRAMS DUE TO AGING COMPARE TO NOMINAL
CONDITIONS
dram1 dram2 dram3
stable bits (%) stable bits (%) stable bits (%)
Pre-aging (un-aged) Condition
Sep. 2014 88.9% 91.6% 89.7%
Aged DRAMs
Sep. 2014 87.1% 90.1% 80.2%
Feb. 2015 86.4% 85.1% 83.1%
Mar. 2015 90.2% 83.2% 78.0%
Apr. 2015 85.8% 82.4% 76.6%
Jul. 2015 87.3% 81.7% 81.3%
Aug. 2015 86.7% 81.2% 80.1%
Jan. 2016 86.2% 82.7% 82.4%
Feb. 2016 87.5% 84.6% 81.9%
IV. DRAM-BASED RNG DESIGN
A. Hardware TRNG using DRAM Remanence Effects
Here, we describe our methodology of using the DRAM
remanence effect to propose a new TRNG model. Data rema-
nence is the residual information that remains on a storage
medium even after erasure (data clearing) or powering off
the device. We start with a brief review of a typical DRAM
architecture. A DRAM memory cell uses a single transistor
4Write
11111111111111111111111111111111
11111111111111111111111111111111
11111111111111111111111111111111
Delay(1) D1
Read(1)
11111110111110111011111111101011
11111010111110111111011110111111
11110111111111101111110111011111
Delay(2) D2 
.
.
.
11001010100101010010101001001101
10100101010100110011010010100011
01101000110110000101010001001010
Read(n)
11100101100101101000101000100011
01110100000100110101101100010000
01011000110001101010000110110101
Read(m)
“Settling down to Startup value”
a)
b)
c)
d)
Figure 3. Real data snippets that illustrate the DDR2 SDRAM operations:
a) Write. b) Delay(1). c) Read(1). d) Read(m).
and a capacitor to store a bit of data. Cell information
(voltage) is degraded mostly due to a junction leakage current
at the storage node. Therefore, the cell data must be read
and rewritten periodically even when memory arrays are not
accessed. Essentially, the DRAM controller must refresh each
cell voltage before it decays to the point where the bit infor-
mation gets lost. Normally, the refresh rate is so high that each
cell gets refreshed several times per second. The processes of
extracting random bits from DRAMs, while considering the
remanence effect and startup behavior of DRAMs is briefly
laid out as follows. As shown in Figure 3, the process is first
we write the value 1 to all cells of the available memory; this
can be seen as step a) in Figure 3. After the write operation,
a delay function (step b) has been applied to turn OFF the
DRAM for certain amount of time, which is in milliseconds,
and then turn the DRAM back on after a specific delay time.
In the next step, the entire 1 Mbit of data are read (step c)
and stored.
1) NIST Statistical Test Suite Results: The NIST statistical
test suite is used to evaluate the “randomness” of the bit strings
produced by DRAM cells. Based on this test, we can determine
whether a data set has a recognizable pattern or the process
that has been generated is significantly random. The NIST
Test Suite (NTS) is a statistical package consisting of different
types of tests to evaluate the randomness of binary sequences.
Each statistical test is employed to calculate a P-value that
shows the randomness of the given sequences based on that
test. If a P-value for a test is determined to be equal to 1, then
the sequence appears to have perfect randomness. A p-value
>= 0.01 (normally 1%) would means that sequence would
be considered to be random with a confidence of 99% [5].
To evaluate our collected data from DRAM, we apply NIST
tests to the generated bitstreams. Our results sows that all the
NIST tests p-value are greater than 0.01, this indicates that the
measurements pass the requirements for randomness.
B. DRAM Startup Value based RNG
In this section, we demonstrated that DRAMs surprisingly
have startup values - i.e. non-zero values when the DRAM
Figure 4. Small section of the bitmap from DRAM for trial 3.
is powered on. While older DRAMs may show potential as a
PUF, our work with modern DDR DRAMs show that they not
satisfy criteria to serve as a PUF. Specifically, these startup
value patterns were neither random or reliable. However, we
will show that DDR DRAMs can still be used to generate
random numbers. Using a variety of correction mechanisms,
we are able to improve the randomness of the numbers such
that they pass the NIST tests.
The use of on-board DRAMs for PUFs has tremendous
promise because of the large memory space, but it also
contains large potential drawbacks. In our experiments, we
found the startup values show a clear bias that reflects the
architecture of the DRAM. In addition, not all trials produce
adequate results. At times, the startup values are completely
non-random yielding no valid data to be used for a PUF. More
research is needed to see what is exactly causing the DRAM to
start-up to these modes and if it can be avoided. Thus multiple
trials will be needed to ensure that the bits are behaving
correctly upon startup. We show a graphical representation of
a sample bitmap from various trials in Figures 4, and 5. Each
row in the Figure represents 8192 bits where white is 0 and
black is 1. Across the whole device, clear patterns could be
seen when mapping the data to a bit map. The architecture of
the DRAM is what is likely strongly influences this style of
DRAM. These patterns can be observed across multiple trials.
This particular DRAM alternate between ones and zeros every
16 bits consistent with the DRAM 16-bit width. Every four
megabits, the DRAM has a section of 32 bits before returning
to its pattern. Figure 4 shows a small subsection of the bitmap
of one of the trials on the DRAM. The pattern described above
is heavily noticeable in the figure. However, not every trial
gives these results. Some of the trials had far less stable bits
and the patterns were less obvious. In Figure 5, you can see
the a much larger percentage of bits that don’t follow the
pattern compared to Figure 4. In Figure 5 despite the higher
variance it bits, the original pattern is still easily discernible
to the human eye despite the significantly larger number of
bits that do not follow the pattern. Of the six trials, Figure 4
appeared to follow the pattern the best while the trial from
Figure 5 followed the pattern the least. The other trials were
anywhere in-between. Another interesting result comes when
one looks at how the pattern starts. In Figures 4 and 5, one can
observe that the pattern starts with 16 bits of zeros first before
alternating to 16 bits of ones. However, this is not always the
case. In conclusion, in our tests using a newer DDR2 DRAM,
we demonstrate that the startup values are not suitable for
device authentication but they do have use for creating random
keys [16].
5Figure 5. Small section of the bitmap from DRAM for trial 6.
C. Power Supply Noise based TRNG
This section introduces the construction of True Random
Numbers Generators (TRNGs) using variations in power sup-
plies. We demonstrate that power supply line outputs do not
have a constant voltage and the variations in voltage follow
a normal distribution. These variations can be used to create
truly random bits that demonstrates a high entropy rate based
on the results obtained from the NIST Statistical Test Suite. In
order to quantify the impact of variations on the input signal
of a circuit, we analyze the impact of such variations using
Monte- Carlo simulations as well as an actual implementa-
tion. Results were obtained for evaluating the accuracy and
randomness of the data gathered from our proposed circuit. A
detailed analysis of the effect of variations of different power
supplies is also presented with observations on their usefulness
as a TRNG. The key advantage of our power supply variation
based TRNG is its simplicity of implementation. For this
work, we have considered 5 different power supplies; Bench
power supply, USB, Computer power source and DC power
supply [22].
1) Dynamic Voltage Feedback Tuning (DVFT) Design: To
produce robust design of our TRNG circuit, we added a few
new elements to our primary design (inverter chains - even
and odd numbers) to allow for self-calibrating design and
improved functionality. Our RNG circuit design removes the
need for manually finding the ideal voltage and moreover,
keeping it steady during operation, allowing for the system
to arrive at this voltage automatically using dynamic voltage
tuning. Our design solution is a feedback circuit that calibrates
the voltage until we have reached the optimal setting, as
shown in Figure 6. This TRNG circuit is the Dynamic Voltage
Feedback Tuning (DVFT) [9] which includes a buffer (B1), a
precharged capacitor (C), and a transistor (T1). The buffer,
implemented through the use of an inverter, is used to isolate
the TRNG output from the feedback circuit. The capacitor
serves as an integral controller essentially summing up the
past history of 1’s and 0’s. Finally, the transistor serves as
the mechanism to tune the voltage by varying the effective
resistance in the voltage divider. The advantage of this self-
adjusting system is that it can maintain itself within operation
range. In other words, the system is flexible enough to recover
from fluctuation in voltage coming from the power supply
by attempting to prevent potential mistakes and malfunctions
from occurring. As shown in Figure 6 it is a very simple
design that barely adds overhead to the entire TRNG system.
2) Experimental Setup and Results: In order to fully op-
timize our system, selecting the best hardware and software
options by balancing performance and user friendly was ab-
Figure 6. DVFT circuit model for the proposed TRNG.
solutely necessary. The first step of implementing the TRNG
was to determine appropriate hardware to run Linux on. Initial
research suggested that a BeagleBone, a Xilinx Nexys 4 DRR
FPGA, and a Raspberry Pi would be suitable to implement the
TRNG on. Hardware choices were compared by the maximum
bit-rate an input pin could be read by software, the amount of
time required to get a Linux based operating system running
on the hardware, the cost to acquire the hardware, and the
time required to obtain the hardware.
V. HARDWARE SECURITY ARCHITECTURE FOR THE
INTERNET OF THINGS
The Internet has drastically changed the way we live,
moving interactions between people at a virtual level in several
contexts spanning from professional life to social relationships.
The origin of the Internet of Things (IoT) can be traced back
to the development of the Internet (interconnected network
of computer networks) [7]. IoT is a novel paradigm that is
rapidly gaining ground in the scenario of modern wireless
telecommunications. Another basic property of these things is
push button connectivity to the Internet or peer devices. IoT
is comprised of a number of technological protocols that aim
to make up connections from one object to other things and
databases. The reason that one would to connect IoT devices
is to exchange information and monitor data which needs to be
secured. The first place where trust needs to be established in
at the hardware level which is the platform that any software
runs on top of. IoT still has many challenging issues that
need to be addressed and both technological as well as social
knots that have to be untied before the IoT idea becomes more
widely accepted. In this paper, we proposed a solution to the
results of our investigation of the infrastructure of IoT devices
in their application to authentication within the healthcare
domain [14] [20]. Through our solution one would know that
the information produced from an IoT is trustworthy, that the
individuals accessing information can be properly identified,
and that the exchange of sensitive biological signals across a
network is secure. Furthermore, we showed that the hardware-
based solutions are low-cost and feasibly implementable on
existing resource constrained IoT systems (sensors, wearables,
smart devices) [19].
VI. SUMMARY
In this paper, we summarized our works for the implemen-
tation of robust and low-cost security primitives for resource-
constrained IoT devices. First, we proposed a novel dynamic
6memory based PUF (DRAM PUF) for the authentication of
electronic hardware systems. The DRAM PUF relies on the
fact that the capacitor in the DRAM initializes to random
values at startup time. Most PUF designs require custom
circuits to convert unique analog characteristics into digital
bits but with using our method, no extra circuitry is required
to achieve a reliable 128 bits PUF. Our results showed that
the proposed DRAM PUF provides a large number of in-
put patterns (challenges) when compared to other memory-
based PUFs circuits such as Static RAM PUFs. Our DRAM
PUFs provided highly unique PUFs with a 0.4937 average
inter-die hamming distance. We also proposed an enrollment
algorithm to achieve highly reliable results to generate PUF
Identifications for system level security. This algorithm has
been validated on real DRAMs with an experimental setup to
test different operating conditions.
Second, we presented a robust hardware TRNG based on
the Dynamic RAM (DRAM) remanence effect, which is a
condition whereby information remains in a DRAM even after
powering it down. The advantage of our hardware TRNG is
that it forms from existing components with no extra circuitry.
We assessed and tested the randomness of our proposed
hardware TRNG by applying the NIST Statistical Test which
indicates the unpredictability and non-repeatability of our data.
Given its strong NIST results, we believe that there is a
potential for immediate cryptographic applications.
Third, we considered the design and implementation of
a low-cost and lightweight TRNG. In the interest of being
thorough, we examined six different power supplies in order to
verify the non-cyclostationary behavior of the voltage sources.
Our novel TRNG model is based on power supply variations
(noise behavior) and self-adjusting operation. The benefits of
this novel design are that: it is simple and easy to implement,
there is little to no additional cost required to incorporate the
TRNG into existing circuitry, and the addition of Dynamic
Voltage Feedback Tuning (which we call DVFT) allows for
feasibility and robustness of our model. The cumulative affect
of these benefits is the practicality of the entire power-supply
noise based TRNG system. We then validate the results of our
theoretical model and experimental setup to show that there
is a high entropy rate based on the findings from the NIST
Statistical Test Suite. Based on our observations and results,
our DVFT power-supply noise based TRNG model has the
potential to be used in critical applications while also having
the advantage of simplicity and practicality.
In summary, we developed a series of designs and archi-
tectures based on hardware random function to tackle the
issues and vulnerabilities to hardware objects, in order to
protect them from malicious attacks, counterfeiting, reverse
engineering, etc. Our hardware-based random functions se-
curity primitives provide low-cost, lightweight, efficient, and
secure hardware platforms for the embedded systems.
REFERENCES
[1] Gassend, B., Clarke, D., Dijk, M. V., and Devadas, S., Silicon physical
random functions, Proceedings of the 9th ACM conference on Computer
and communications security, ACM, 2002, pp. 148-160.
[2] Min-Woo Ryu, Jaeho Kim, Sang-Shin Lee, and Min-Hwan Song, Survey
on Internet of things, SmartCR 2 (2012), no. 3, 195-202.
[3] Raymond, Choo K., Mozaffari-Kermani, M., Azarderakhsh, R., and
Govindarasu, M., Emerging embedded and cyber physical system secu-
rity challenges and innovations, IEEE Transactions on Dependable and
Secure Computing, DOI: 10.1109/TDSC.2017.2664183, no. 3, 235-236,
May 2017.
[4] Kang, S. and Leblebici, Y., CMOS digital integrated circuits, Tata
McGraw-Hill Education, 2003.
[5] Rukhin, A., Soto, J., Nechvatal, J., Smid, M., and Barker, E., A
statistical test suite for random and pseudorandom number generators
for cryptographic applications, Tech. report, Booz-Allen and Hamilton
Inc Mclean VA, 2001.
[6] Dhanuskodi, S., Vijayakumar, A., and Kundu, S., A chaotic ring oscil-
lator based random number generator, Hardware-Oriented Security and
Trust (HOST), 2014 IEEE International Symposium on, IEEE, DOI:
10.1109/HST.2014.6855588, pp. 160-165, July 2014.
[7] Tehranipoor, F., Karimian, N., Wortman, P., Haque, A., Fahrny, J., and
Chandy, J., ”Exploring Methods of Authentication for the Internet of
Things,” Taylor & Francis, 2018.
[8] Anagnostopoulos, N.A., Katzenbeisser, S., Chandy, J. and Tehranipoor,
F., An Overview of DRAM-Based Security Primitives. Journal of
Cryptography, DoI: 10.3390/cryptography2020007 , Vol. 2, ISSN =
2410-387X, 2018.
[9] Tehranipoor, F., Wortman, P., Karimian, N., Yan, W., and Chandy,
J., ”DVFT: A Lightweight Solution for Power Supply Noise
based TRNG using a Dynamic Voltage Feedback Tuning System,”
IEEE Transactions on Very Large-Scale Integration (VLSI) Systems,
DOI:10.1109/TVLSI.2018.2804258 , pp.1-14, Mar. 2018.
[10] Tehranipoor, F., Karimian, N., Yan, W. and Chandy, J.A., DRAM-Based
Intrinsic Physically Unclonable Functions for System-Level Security
and Authentication, IEEE Transactions on Very Large-Scale Integration
(VLSI) Systems, DOI: 10.1109/TVLSI.2016.2606658, vol. 25, no. 3,
pp.1085-1097, Mar. 2017.
[11] Xiong, W, Schaller, A., Anagnostopoulos, N., Saleem M., Gabmeyer
S., Katzenbeisser S., and Szefer J., ”Run-time accessible DRAM PUFs
in commodity devices.” In International Conference on Cryptographic
Hardware and Embedded Systems, pp. 432-453. Springer, Berlin, Hei-
delberg, 2016.
[12] Yan, W., Tehranipoor, F., and Chandy, J.A., PUF-Based Fuzzy Au-
thentication Without Error Correcting Codes, IEEE Transactions on
Computer-Aided Design of Integrated Circuits and Systems, DOI:
10.1109/TCAD.2016.2638445 , vol. 36, no. 9, pp. 1445-1457, Dec.
2017.
[13] Hashemian, M., Singh, B., Wol, F., Weyer, D., Clay, S., and Pa-
pachristou, C., A robust authentication methodology using physically
unclonable functions in DRAM arrays, Proceedings of the 2015 Design,
Automation & Test in Europe Conference & Exhibition, EDA Consor-
tium (DATE), DOI: 10.7873/DATE.2015.0308, pp. 647-652, April 2015.
[14] Tehranipoor, F., Karimian, N., Wortman, P., and Chandy, J.,” Low-
cost Authentication Paradigm for Consumer Electronics within the
Internet of Wearable Fitness Tracking Applications,” IEEE Conference
on Consumer Electronics, DOI: 10.1109/ICCE.2018.8326233, ISSN =
2158-4001, Jan. 2018.
[15] Yan, W., Jin, C., Tehranipoor, F., and Chandy, J., ”Phase Calibra-
tion PUF Design and Implementation on FPGA,” 27th International
Conference on Field-Programmable Logic and Applications, DOI:
10.23919/FPL.2017.8056859, ISSN = 1946-1488, Sep. 2017.
[16] Eckert, C., Tehranipoor, F., and Chandy, J., ”DRNG: DRAM-based
Random Number Generation using its Startup Value Behavior,” 60th
IEEE International Midwest Symposium on Circuits and Systems, DOI:
10.1109/MWSCAS.2017.8053159, ISSN = 1558-3899, Aug. 2017.
[17] Athanasios, N., Schaller, A., Fan, Y., Xiong, W., Tehranipoor, F.,
Arul, T., Gabmeyer, S., Szefer, J., Chandy, J., and Katzenbeisser, S.,
”Insights into the Potential Usage of the Initial Values of DRAM Arrays
of Commercial Of-the-Shelf Devices for Security Applications,” 26th
Crypto-Day, Jun 2017.
[18] Tehranipoor, F., Karimian, N., Yan, W., and Chandy, J., ”DRAM
PUFs Reliability Analysis due to Device Accelerated Aging,” IEEE
International Symposium on Circuits and Systems, May 2017.
[19] Wortman, P., Tehranipoor, F., Karimian, N., and Chandy, J., ”
Proposing a modeling framework for minimizing security vulnera-
bilities in IoT systems in the healthcare domain,” IEEE-EMBS In-
ternational Conference on Biomedical and Health Informatics, DOI:
10.1109/BHI.2017.7897236, Feb. 2017.
[20] Karimian, N., Wortman, P., and Tehranipoor, F., ”Evolving Authentica-
tion Design Considerations of the Internet of Biometric Things (IoBT),”
Proceedings of the Eleventh IEEE/ACM International Conference on
Hardware/Software Codesign and System Synthesis, Oct. 2016.
[21] Schaller, A., Xiong, W., Anagnostopoulos, N.A., Saleem, M.U., Gab-
meyer, S., Skoric, B., Katzenbeisser, S. and Szefer, J., “Decay-Based
DRAM PUFs in Commodity Devices,” IEEE Transactions on Depend-
able and Secure Computing, DOI: 10.1109/TDSC.2018.2822298, ISSN
= 1545-5971, April 2018.
[22] Tehranipoor, F., Karimian, N., Yan, W. and Chandy, J.A., 2017, January.
A Study of Power Supply Variation as a Source of Random Noise. In
VLSI Design and 2017 16th International Conference on Embedded
7Systems (VLSID), 2017 30th International Conference on (pp. 155-160),
DOI: 10.1109/VLSID.2017.24. , May 2017.
[23] Tehranipoor, F., Yan, W. and Chandy, J.A., 2016, May. Robust hardware
true random number generators using dram remanence effects. 2016
IEEE International Symposium on In Hardware Oriented Security and
Trust (HOST), DOI: 10.1109/HST.2016.7495561, (pp. 79-84). IEEE,
May 2016.
[24] Yan, W., Tehranipoor, F. and Chandy, J.A., 2015, November. A novel
way to authenticate untrusted integrated circuits. In Proceedings of the
IEEE/ACM International Conference on Computer-Aided Design, ISBN
= 978-1-4673-8389-9, (pp. 132-138). IEEE Press, Nov. 2015.
[25] Tehranipoor, F., Karimian, N., Xiao, K. and Chandy, J., 2015, May.
DRAM based intrinsic physical unclonable functions for system level
security. In Proceedings of the 25th edition on Great Lakes Symposium
on VLSI, doi¿10.1145/2742060.2742069, ISBN = 978-1-4503-3474-7,
(pp. 15-20). ACM, May 2015.
