32 research outputs found

    Improved Reliability of FPGA-based PUF Identification Generator Design

    Get PDF

    Compact Field Programmable Gate Array Based Physical Unclonable Functions Circuits

    Get PDF
    The Physical Unclonable Functions (PUFs) is a candidate to provide a secure solid root source for identification and authentication applications. It is precious for FPGA-based systems, as FPGA designs are vulnerable to IP thefts and cloning. Ideally, the PUFs should have strong random variations from one chip to another, and thus each PUF is unique and hard to replicate. Also, the PUFs should be stable over time so that the same challenge bits always yield the same result. Correspondingly, one of the major challenges for FPGA-based PUFs is the difficulty of avoiding systematic bias in the integrated circuits but also pulling out consistent characteristics as the PUF at the same time. This thesis discusses several compact PUF structures relying on programmable delay lines (PDLs) and our novel intertwined programmable delays (IPD). We explore the strategy to extract the genuinely random PUF from these structures by minimizing the systematic biases. Yet, our methods still maintain very high reliability. Furthermore, our proposed designs, especially the TERO-based PUFs, show promising resilience to machine learning (ML) attacks. We also suggest the bit-bias metric to estimate PUF’s complexity quickly

    A hardware-embedded, delay-based PUF engine designed for use in cryptographic and authentication applications

    Get PDF
    Cryptographic and authentication applications in application-specific integrated circuits (ASICs) and field-programmable gate arrays (FPGAs), as well as codes for the activation of on-chip features, require the use of embedded secret information. The generation of secret bitstrings using physical unclonable functions, or PUFs, provides several distinct advantages over conventional methods, including the elimination of costly non-volatile memory, and the potential to increase the random bits available to applications. In this dissertation, a Hardware-Embedded Delay PUF (HELP) is proposed that is designed to leverage path delay variations that occur in the core logic macros of a chip to create random bitstrings. A thorough discussion is provided of the operational details of an embedded path timing structure called REBEL that is used by HELP to provide the timing functionality upon which HELP relies for the entropy source for the cryptographic quality of the bitstrings. Further details of the FPGA-based implementation used to prove the viability of the HELP PUF concept are included, along with a discussion of the evolution of the techniques employed in realizing the final PUF engine design. The bitstrings produced by a set of 30 FPGA boards are evaluated with regard to several statistical quality metrics including uniqueness, randomness, and stability. The stability characteristics of the bitstrings are evaluated by subjecting the FPGAs to commercial-grade temperature and power supply voltage variations. In particular, this work evaluates the reproducibility of the bitstrings generated at 0C, 25C, and 70C, and 10% of the rated supply voltage. A pair of error avoidance schemes are proposed and presented that provide significant improvements to the HELP PUF\u27s resiliency against bit-flip errors in the bitstrings

    On the Architectural Analysis of Arbiter Delay PUF Variants

    Get PDF
    The Arbiter Physically Unclonable Function (APUF) is a widely used strong delay PUF design. There are two FPGA variants of this design, namely, Programmable Delay Line APUF (PAPUF) and Double APUF (DAPUF) to mitigate the FPGA platform specific implementation issues. In this paper, we introduce the idea of Architectural Bias to compare the impact of the architecture of these APUF designs on their design bias. The biased challenge-response behavior of a delay PUF implies the non-uniform distributions of 0’s and 1’s in its response, and if this bias is due to the architectural issue of the PUF design, then it is called “Architectural Bias”. Another important source of bias is the implementation issue specific to an implementation platform. According to our study, a good PUF architecture results in PUF instances with a small amount of architectural bias. In this paper, we provide a comparison of APUF, PAPUF, and DAPUF based on their architectural bias values. In addition, we also compare these APUF architectures with respect to fulfilling the Strict Avalanche Criterion (SAC) and robustness against the machine learning (ML) based modeling attack. We validate our theoretical findings with Matlab based simulations, and the results reveal that the classic APUF has the least architectural bias, followed by DAPUF and PAPUF, respectively. We also conclude from the experimental results that the SAC property of DAPUF is better than that of APUF and PAPUF, and PAPUF’s SAC property is significantly poor. However, our analyses indicate that these APUF variants are vulnerable to ML-based modeling attack

    A Novel Physical Unclonable Function (PUF) Featuring 0.113 FJ/B for IOT Devices

    Get PDF
    A physically unclonable function (PUF) is useful for authentication purposes and is a function created for its inherent uniqueness and inability of adversaries to duplicate it. In this thesis, a PUF is designed, which is a combination of both digital and analog circuits. This PUF could be designed partially based on a semi-automated approach using custom-built P-cells. The PUF is implemented using novel digital circuits, which have been designed using basic digital gates with a minimal number of transistors. The proposed PUF is developed by the introduction of a layer of multiplexers, which is triggered by a novel SR-latch based model for driving the selection lines. For a higher bit stability, the SR latch is combined with four-way asynchronous circuits, which are a class of coincident flip-flops. The resulted PUF consumes very little power and is suitable for sensors and low power applications. The proposed design was implemented in using the Cadence virtuoso IC 5.1.4 and based on the 180nm TSMC transistor models. The energy consumption and area of the proposed PUF is shown to be equal to 0.1132 fJ/bit and 8.03, which is considerably lower than the state of the arts. The uniqueness and reliability of the proposed PUF are estimated to be 48.66% and 99.33%

    Analysis of Microcontroller Embedded SRAMs for Applications in Physical Unclonable Functions

    Get PDF
    The growth of the Internet of Things (IoT) market has motivated widespread proliferation of microcontroller- (MCU) based embedded systems. Suitable due to their abundance, low cost, low power consumption and small footprint. The memory architecture typically consists of volatile memory such as block(s) of SRAM, and non-volatile memory (NVM) for code storage. Authentication and encryption safeguard these endpoints within an IoT framework, which requires storage of a secure key. Keys stored within integrated circuits (ICs) are susceptible to attack via reverse engineering of the NVM. Newer approaches use Physical Unclonable Functions (PUFs), which produce unique identi ers that takes advantage of device-level randomness induced by manufacturing process variation in silicon. The unclonable property of PUFs is demonstrated with an analytical model. The unpredictable yet repeatable start-up values (SUVs) of SRAM bit-cells form the basis of an SRAM PUF. Performance measures, such as reliability, randomness, symmetry, and stability, dictate the quality of a PUF. Two commercial o -the-shelf (COTS) ARM-Cortex based MCU products, the STM32F429ZIT6U and ATSAMR21G18A, underwent automated and manual power cycling experiments that examined their embedded SRAM SUVs. The characterization framework provided acquires data via debug software and a developed C program, power cycling using a USB controlled relay and post-processing using Python. Applications of PUFs include cryptographic key generation, device identi cation and true random number hardware generation. Statistical results and a comparative analysis are presented. Amongst the total bitcell count of the embedded SRAM in STM and ATSAM MCUs, 36:86% and 28:86% are classi ed as non- or partially-skewed, respectively across N = 10; 000 samples. The Atmel MCU outperforms the STM MCU in reliability by 1.42 %, randomness by 0.65 % and stability by 8.00 %, with a 4.74 % SUV bias towards a logic '1'. Max errors per 128-bit data item is 22 and 38 bits for MCU #1 and MCU #2, respectively. The STM MCU exhibits column-wise correlation illustrated in a heatmap, where the Atmel MCU shows a random signature. The embedded SRAM in the Atmel MCU outperforms the STM MCU's and is thereby considered the more suitable PUF

    Design of secure and trustworthy system-on-chip architectures using hardware-based root-of-trust techniques

    Get PDF
    Cyber-security is now a critical concern in a wide range of embedded computing modules, communications systems, and connected devices. These devices are used in medical electronics, automotive systems, power grid systems, robotics, and avionics. The general consensus today is that conventional approaches and software-only schemes are not sufficient to provide desired security protections and trustworthiness. Comprehensive hardware-software security solutions so far have remained elusive. One major challenge is that in current system-on-chip (SoCs) designs, processing elements (PEs) and executable codes with varying levels of trust, are all integrated on the same computing platform to share resources. This interdependency of modules creates a fertile attack ground and represents the Achilles’ heel of heterogeneous SoC architectures. The salient research question addressed in this dissertation is “can one design a secure computer system out of non-secure or untrusted computing IP components and cores?”. In response to this question, we establish a generalized, user/designer-centric set of design principles which intend to advance the construction of secure heterogeneous multi-core computing systems. We develop algorithms, models of computation, and hardware security primitives to integrate secure and non-secure processing elements into the same chip design while aiming for: (a) maintaining individual core’s security; (b) preventing data leakage and corruption; (c) promoting data and resource sharing among the cores; and (d) tolerating malicious behaviors from untrusted processing elements and software applications. The key contributions of this thesis are: 1. The introduction of a new architectural model for integrating processing elements with different security and trust levels, i.e., secure and non-secure cores with trusted and untrusted provenances; 2. A generalized process isolation design methodology for the new architecture model that covers both the software and hardware layers to (i) create hardware-assisted virtual logical zones, and (ii) perform both static and runtime security, privilege level and trust authentication checks; 3. A set of secure protocols and hardware root-of-trust (RoT) primitives to support the process isolation design and to provide the following functionalities: (i) hardware immutable identities – using physical unclonable functions, (ii) core hijacking and impersonation resistance – through a blind signature scheme, (iii) threshold-based data access control – with a robust and adaptive secure secret sharing algorithm, (iv) privacy-preserving authorization verification – by proposing a group anonymous authentication algorithm, and (v) denial of resource or denial of service attack avoidance – by developing an interconnect network routing algorithm and a memory access mechanism according to user-defined security policies. 4. An evaluation of the security of the proposed hardware primitives in the post-quantum era, and possible extensions and algorithmic modifications for their post-quantum resistance. In this dissertation, we advance the practicality of secure-by-construction methodologies in SoC architecture design. The methodology allows for the use of unsecured or untrusted processing elements in the construction of these secure architectures and tries to extend their effectiveness into the post-quantum computing era

    Physical Characterization of Arbiter PUFs

    Get PDF
    As intended by its name, Physically Unclonable Functions (PUFs) are considered as an ultimate solution to deal with insecure stor- age, hardware counterfeiting, and many other security problems. How- ever, many different successful attacks have already revealed vulnera- bilities of certain digital intrinsic PUFs. Although settling-state-based PUFs, such as SRAM PUFs, can be physically cloned by semi-invasive and fully-invasive attacks, successful attacks on timing-based PUFs were so far limited to modeling attacks. Such modeling requires a large sub- set of challenge-response-pairs (CRP) to successfully model the targeted PUF. In order to provide a final security answer, this paper proves that all arbiter-based (i.e. controlled and XOR-enhanced) PUFs can be com- pletely and linearly characterized by means of photonic emission analy- sis. Our experimental setup is capable of measuring every PUF-internal delay with a resolution of 6 picoseconds. Due to this resolution we in- deed require only the theoretical minimum number of linear independent equations (i.e. physical measurements) to directly solve the underlying inhomogeneous linear system. Moreover, we neither require to know the actual PUF challenges nor the corresponding PUF responses for our physical delay extraction. On top of that devastating result, we are also able to further simplify our setup for easier physical measurement han- dling. We present our practical results for a real arbiter PUF implemen- tation on a Complex Programmable Logic Device (CPLD) from Altera manufactured in a 180 nanometer process
    corecore