Analysis and Evaluation of PUF-based SoC Designs for Security Applications

This paper presents a critical analysis and statistical evaluation of two categories of Physically Unclonable Functions (PUFs): ring oscillator PUF and a new proposed adapted latch based PUF. The main contribution is that of measuring the properties of PUF which provide the basic information for using them in security applications. The original method involved the conceptual design of adapted latch based PUFs and ring oscillator PUFs in combination with peripheral devices in order to create an environment for experimental analysis of PUF properties. Implementation, testing and analysis of results followed. This approach has applications on high level security

A Physical Unclonable Function Based on Inter-Metal Layer Resistance Variations and an Evaluation of its Temperature and Voltage Stability

Keying material for encryption is stored as digital bistrings in non-volatile memory (NVM) on FPGAs and ASICs in current technologies. However, secrets stored this way are not secure against a determined adversary, who can use probing attacks to steal the secret. Physical Unclonable functions (PUFs) have emerged as an alternative. PUFs leverage random manufacturing variations as the source of entropy for generating random bitstrings, and incorporate an on-chip infrastructure for measuring and digitizing the corresponding variations in key electrical parameters, such as delay or voltage. PUFs are designed to reproduce a bitstring on demand and therefore eliminate the need for on-chip storage. In this dissertation, I propose a kind of PUF that measures resistance variations in inter-metal layers that define the power grid of the chip and evaluate its temperature and voltage stability. First, I introduce two implementations of a power grid-based PUF (PG-PUF). Then, I analyze the quality of bit strings generated without considering environmental variations from the PG-PUFs that leverage resistance variations in: 1) the power grid metal wires in 60 copies of a 90 nm chip and 2) in the power grid metal wires of 58 copies of a 65 nm chip. Next, I carry out a series of experiments in a set of 63 chips in IBM\u27s 90 nm technology at 9 TV corners, i.e., over all combination of 3 temperatures: -40oC, 25oC and 85oC and 3 voltages: nominal and +/-10% of the nominal supply voltage. The randomness, uniqueness and stability characteristics of bitstrings generated from PG-PUFs are evaluated. The stability of the PG-PUF and an on-chip voltage-to-digital (VDC) are also evaluated at 9 temperature-voltage corners. I introduce several techniques that have not been previously described, including a mechanism to eliminate voltage trends or \u27bias\u27 in the power grid voltage measurements, as well as a voltage threshold, Triple-Module-Redundancy (TMR) and majority voting scheme to identify and exclude unstable bits

Uniquely Identifiable Tamper-Evident Device Using Coupling between Subwavelength Gratings

Reliability and sensitive information protection are critical aspects of integrated circuits. A novel technique using near-field evanescent wave coupling from two subwavelength gratings (SWGs), with the input laser source delivered through an optical fiber is presented for tamper evidence of electronic components. The first grating of the pair of coupled subwavelength gratings (CSWGs) was milled directly on the output facet of the silica fiber using focused ion beam (FIB) etching. The second grating was patterned using e-beam lithography and etched into a glass substrate using reactive ion etching (RIE). The slightest intrusion attempt would separate the CSWGs and eliminate near-field coupling between the gratings. Tampering, therefore, would become evident. Computer simulations guided the design for optimal operation of the security solution. The physical dimensions of the SWGs, i.e. period and thickness, were optimized, for a 650 nm illuminating wavelength. The optimal dimensions resulted in a 560 nm grating period for the first grating etched in the silica optical fiber and 420 nm for the second grating etched in borosilicate glass. The incident light beam had a half-width at half-maximum (HWHM) of at least 7 µm to allow discernible higher transmission orders, and a HWHM of 28 µm for minimum noise. The minimum number of individual grating lines present on the optical fiber facet was identified as 15 lines. Grating rotation due to the cylindrical geometry of the fiber resulted in a rotation of the far-field pattern, corresponding to the rotation angle of moiré fringes. With the goal of later adding authentication to tamper evidence, the concept of CSWGs signature was also modeled by introducing random and planned variations in the glass grating. The fiber was placed on a stage supported by a nanomanipulator, which permitted three-dimensional displacement while maintaining the fiber tip normal to the surface of the glass substrate. A 650 nm diode laser was fixed to a translation mount that transmitted the light source through the optical fiber, and the output intensity was measured using a silicon photodiode. The evanescent wave coupling output results for the CSWGs were measured and compared to the simulation results

Design of Discrete-time Chaos-Based Systems for Hardware Security Applications

Security of systems has become a major concern with the advent of technology. Researchers are proposing new security solutions every day in order to meet the area, power and performance specifications of the systems. The additional circuit required for security purposes can consume significant area and power. This work proposes a solution which utilizes discrete-time chaos-based logic gates to build a system which addresses multiple hardware security issues. The nonlinear dynamics of chaotic maps is leveraged to build a system that mitigates IC counterfeiting, IP piracy, overbuilding, disables hardware Trojan insertion and enables authentication of connecting devices (such as IoT and mobile). Chaos-based systems are also used to generate pseudo-random numbers for cryptographic applications.The chaotic map is the building block for the design of discrete-time chaos-based oscillator. The analog output of the oscillator is converted to digital value using a comparator in order to build logic gates. The logic gate is reconfigurable since different parameters in the circuit topology can be altered to implement multiple Boolean functions using the same system. The tuning parameters are control input, bifurcation parameter, iteration number and threshold voltage of the comparator. The proposed system is a hybrid between standard CMOS logic gates and reconfigurable chaos-based logic gates where original gates are replaced by chaos-based gates. The system works in two modes: logic locking and authentication. In logic locking mode, the goal is to ensure that the system achieves logic obfuscation in order to mitigate IC counterfeiting. The secret key for logic locking is made up of the tuning parameters of the chaotic oscillator. Each gate has 10-bit key which ensures that the key space is large which exponentially increases the computational complexity of any attack. In authentication mode, the aim of the system is to provide authentication of devices so that adversaries cannot connect to devices to learn confidential information. Chaos-based computing system is susceptible to process variation which can be leveraged to build a chaos-based PUF. The proposed system demonstrates near ideal PUF characteristics which means systems with large number of primary outputs can be used for authenticating devices

Physically Uncloneable Functions in the Stand-Alone and Universally Composable Framework

In this thesis, we investigate the possibility of basing cryptographic primitives on Physically Uncloneable Functions (PUF). A PUF is a piece of hardware that can be seen as a source of randomness. When a PUF is evaluated on a physical stimulus, it answers with a noisy output. PUFs are unpredictable such that even if a chosen stimulus is given, it should be infeasible to predict the corresponding output without physically evaluating the PUF. Furthermore, PUFs are uncloneable, which means that even if all components of the system are known, it is computational infeasible to model their behavior. In the course of this dissertation, we discuss PUFs in the context of their implementation, their mathematical description, as well as their usage as a cryptographic primitive and in cryptographic protocols. We first give an overview of the most prominent PUF constructions in order to derive subsequently an appropriate mathematical PUF model. It turns out that this is a non- trivial task, because it is not certain which common security properties are generally necessary and achievable due to the numerous PUF implementations. Next, we consider PUFs in security applications. Due to the properties of PUFs, these hardware tokens are good to build authentication protocols that rely on challenge/response pairs. If the number of potential PUF-based challenge/response pairs is large enough, an adversary cannot measure all PUF responses. Therefore, the at- tacker will most likely not be able to answer the challenge of the issuing party even if he had physical access to the PUF for a short time. However, we show that some of the previously suggested protocols are not fully secure in the attacker model where the adversary has physical control of the PUF and the corresponding reader during a short time. Finally, we analyze PUFs in the universally composable (UC) framework for the first time. Although hardware tokens have been considered before in the UC framework, designing PUF-based protocols is fundamentally different from other hardware token approaches. One reason is that the manufacturer of the PUF creates a physical object that outputs pseudorandom values, but where no specific code is running. In fact, the functional behavior of the PUF is unpredictable even for the PUF creator. Thus, only the party in possession of the PUF has full access to the secrets. After formalizing PUFs in the UC framework, we derive efficient UC-secure protocols for basic tasks like oblivious transfer, commitments, and key exchange

Reflective-Physically Unclonable Function based System for Anti-Counterfeiting

Physically unclonable functions (PUF) are physical security mechanisms, which utilize inherent randomness in processes used to instantiate physical objects. In this dissertation, an extensive overview of the state of the art in implementations, accompanying definitions and their analysis is provided. The concept of the reflective-PUF is presented as a product security solution. The viability of the concept, its evaluation and the requirements of such a system is explored