Analysis and Evaluation of PUF-based SoC Designs for Security Applications

This paper presents a critical analysis and statistical evaluation of two categories of Physically Unclonable Functions (PUFs): ring oscillator PUF and a new proposed adapted latch based PUF. The main contribution is that of measuring the properties of PUF which provide the basic information for using them in security applications. The original method involved the conceptual design of adapted latch based PUFs and ring oscillator PUFs in combination with peripheral devices in order to create an environment for experimental analysis of PUF properties. Implementation, testing and analysis of results followed. This approach has applications on high level security

Platform for Testing and Evaluation of PUF and TRNG Implementations in FPGAs

Implementation of cryptographic primitives like Physical Unclonable Functions (PUFs) and True Random Number Generators (TRNGs) depends significantly on the underlying hardware. Common evaluation boards offered by FPGA vendors are not suitable for a fair benchmarking, since they have different vendor dependent configuration and contain noisy switching power supplies. The proposed hardware platform is primary aimed at testing and evaluation of cryptographic primitives across different FPGA and ASIC families. The modular platform consists of a motherboard and exchangeable daughter board modules. These are designed to be as simple as possible to allow cheap and independent evaluation of cryptographic blocks and namely PUFs. The motherboard is based on the Microsemi SmartFusion 2 SoC FPGA. It features a low-noise power supply, which simplifies evaluation of vulnerability to the side channel attacks. It provides also means of communication between the PC and the daughter module. Available software tools can be easily customized, for example to collect data from the random number generator located in the daughter module and to read it via USB interface. The daughter module can be plugged into the motherboard or connected using an HDMI cable to be placed inside a Faraday cage or a temperature control chamber. The whole platform was designed and optimized to fullfil the European HECTOR project (H2020) requirements

FPGA-Based PUF Designs: A Comprehensive Review and Comparative Analysis

Field-programmable gate arrays (FPGAs) have firmly established themselves as dynamic platforms for the implementation of physical unclonable functions (PUFs). Their intrinsic reconfigurability and profound implications for enhancing hardware security make them an invaluable asset in this realm. This groundbreaking study not only dives deep into the universe of FPGA-based PUF designs but also offers a comprehensive overview coupled with a discerning comparative analysis. PUFs are the bedrock of device authentication and key generation and the fortification of secure cryptographic protocols. Unleashing the potential of FPGA technology expands the horizons of PUF integration across diverse hardware systems. We set out to understand the fundamental ideas behind PUF and how crucially important it is to current security paradigms. Different FPGA-based PUF solutions, including static, dynamic, and hybrid systems, are closely examined. Each design paradigm is painstakingly examined to reveal its special qualities, functional nuances, and weaknesses. We closely assess a variety of performance metrics, including those related to distinctiveness, reliability, and resilience against hostile threats. We compare various FPGA-based PUF systems against one another to expose their unique advantages and disadvantages. This study provides system designers and security professionals with the crucial information they need to choose the best PUF design for their particular applications. Our paper provides a comprehensive view of the functionality, security capabilities, and prospective applications of FPGA-based PUF systems. The depth of knowledge gained from this research advances the field of hardware security, enabling security practitioners, researchers, and designers to make wise decisions when deciding on and implementing FPGA-based PUF solutions.publishedVersio

MeLPUF: Memory in Logic PUF

Physical Unclonable Functions (PUFs) are used for securing electronic designs across the implementation spectrum ranging from lightweight FPGA to server-class ASIC designs. However, current PUF implementations are vulnerable to model-building attacks; they often incur significant design overheads and are challenging to configure based on application-specific requirements. These factors limit their application, primarily in the case of the system on chip (SoC) designs used in diverse applications. In this work, we propose MeL-PUF - Memory-in-Logic PUF, a low-overhead, distributed, and synthesizable PUF that takes advantage of existing logic gates in a design and transforms them to create cross-coupled inverters (i.e. memory cells) controlled by a PUF control signal. The power-up states of these memory cells are used as the source of entropy in the proposed PUF architecture. These on-demand memory cells can be distributed across the combinational logic of various intellectual property (IP) blocks in a system on chip (SoC) design. They can also be synthesized with a standard logic synthesis tool to meet the area,power, or performance constraints of a design. By aggregating the power-up states from multiple such memory cells, we can create a PUF signature or digital fingerprint of varying size. We evaluate the MeL-PUF signature quality with both circuit-level simulations as well as with measurements in FPGA devices. We show that MeL-PUF provides high-quality signatures in terms of uniqueness, randomness, and robustness, without incurring large overheads. We also suggest additional optimizations that can be leveraged to improve the performance of MeL-PUF.Comment: 5 pages, 16 figure

SECURE AND LIGHTWEIGHT HARDWARE AUTHENTICATION USING ISOLATED PHYSICAL UNCLONABLE FUNCTION

As embedded computers become ubiquitous, mobile and more integrated in connectivity, user dependence on integrated circuits (ICs) increases massively for handling security sensitive tasks as well as processing sensitive information. During this process, hardware authentication is important to prevent unauthorized users or devices from gaining access to secret information. An effective method for hardware authentication is by using physical unclonable function (PUF), which is a hardware design that leverages intrinsic unique physical characteristics of an IC, such as propagation delay, for security authentication in real time. However, PUF is vulnerable to modeling attacks, as one can design an algorithm to imitate PUF functionality at the software level given a sufficient set of challenge-response pairs (CRPs). To address the problem, we employ hardware isolation primitives (e.g., ARM TrustZone) to protect PUF. The key idea is to physically isolate the system resources that handle security-sensitive information from the regular ones. This technique can be implemented by isolating and strictly controlling any connection between the secure and normal resources. We design and implement a ring oscillator (RO)-based PUF with hardware isolation protection using ARM TrustZone. Our PUF design heavily limits the number of CRPs a potential attacker has access to. Therefore, the modeling attack cannot be performed accurately enough to guess the response of the PUF to a challenge. Furthermore, we develop and demonstrate a brand new application for the designed PUF, namely multimedia authentication, which is an integral part of multimedia signal processing in many real-time and security sensitive applications. We show that the PUF-based hardware security approach is capable of accomplishing the authentication for both the hardware device and the multimedia stream while introducing minimum overhead. Finally, we evaluate the hardware-isolated PUF design using a prototype implementation on a Xilinx system on chip (SoC). Particularly, we conduct functional evaluation (i.e., randomness, uniqueness, and correctness), security analysis against modeling attacks, as well as performance and overhead evaluation (i.e., response time and resource usages). Our experimental results on the real hardware demonstrate the high security and low overhead of the PUF in real time authentication. Advisor: Sheng We

Roadmap on optical security

Postprint (author's final draft