Physical Unclonable Functions based on Temperature Compensated Ring Oscillators

Physical unclonable functions (PUFs) are promising hardware security primitives suitable for low-cost cryptographic applications.Ring oscillator (RO) PUF is a well-received silicon PUF solution due to its ease of implementation and entropy evaluation. However, the responses of RO-PUFs are susceptible to environmental changes, in particular, to temperature variations. Additionally, a conventional RO-PUF implementation is usually more power-hungry than other PUF alternatives. This paper explores circuit-level techniques to design low-power RO-PUFs with enhanced thermal stability. We introduce a power-efficient approach based on a phase/frequency detector (PFD) to perform pairwise comparisons of ROs. We also propose a temperature compensated bulk-controlled oscillator and investigate its feasibility and usage in PFD-based RO-PUFs. Evaluation results demonstrate that the proposed techniques can effectively reduce the thermally induced errors in PUF responses while imposing a very low power overhead

FPGA-Based PUF Designs: A Comprehensive Review and Comparative Analysis

Field-programmable gate arrays (FPGAs) have firmly established themselves as dynamic platforms for the implementation of physical unclonable functions (PUFs). Their intrinsic reconfigurability and profound implications for enhancing hardware security make them an invaluable asset in this realm. This groundbreaking study not only dives deep into the universe of FPGA-based PUF designs but also offers a comprehensive overview coupled with a discerning comparative analysis. PUFs are the bedrock of device authentication and key generation and the fortification of secure cryptographic protocols. Unleashing the potential of FPGA technology expands the horizons of PUF integration across diverse hardware systems. We set out to understand the fundamental ideas behind PUF and how crucially important it is to current security paradigms. Different FPGA-based PUF solutions, including static, dynamic, and hybrid systems, are closely examined. Each design paradigm is painstakingly examined to reveal its special qualities, functional nuances, and weaknesses. We closely assess a variety of performance metrics, including those related to distinctiveness, reliability, and resilience against hostile threats. We compare various FPGA-based PUF systems against one another to expose their unique advantages and disadvantages. This study provides system designers and security professionals with the crucial information they need to choose the best PUF design for their particular applications. Our paper provides a comprehensive view of the functionality, security capabilities, and prospective applications of FPGA-based PUF systems. The depth of knowledge gained from this research advances the field of hardware security, enabling security practitioners, researchers, and designers to make wise decisions when deciding on and implementing FPGA-based PUF solutions.publishedVersio

A Study on Controlling Power Supply Ramp-Up Time in SRAM PUFs

With growing connectivity in the modern era, the risk of encrypted data stored in hardware being exposed to third-party adversaries is higher than ever. The security of encrypted data depends on the secrecy of the stored key. Conventional methods of storing keys in Non-Volatile Memory have been shown to be susceptible to physical attacks. Physically Unclonable Functions provide a unique alternative to conventional key storage. SRAM PUFs utilize inherent process variation caused during manufacturing to derive secret keys from the power-up values of SRAM memory cells. This thesis analyzes the effect of supply ramp-up times on the reliability of SRAM PUFs. We use SPICE simulations as the platform to observe the effect of supply ramp times at the circuit level using carefully controlled supply voltages during power-up. We also measure the effect of supply ramp times on commercially available SRAM ICs by performing reliability and uniqueness measurements on two commercial SRAM models. Finally, a hardware implementation is proposed in a commercial 16nm FinFET technology to establish the design flow for taping out a custom SRAM IC with separated peripheral and core power supplies that would allow for experimental evaluation of sequenced power supplies on the SRAM PUF

Applications Of Physical Unclonable Functions on ASICS and FPGAs

With the ever-increasing demand for security in embedded systems and wireless sensor networks, we require integrating security primitives for authentication in these devices. One such primitive is known as a Physically Unclonable Function. This entity can be used to provide security at a low cost, as the key or digital signature can be generated by dedicating a small part of the silicon die to these primitives which produces a fingerprint unique to each device. This fingerprint produced by a PUF is called its response. The response of PUFs depends upon the process variation that occurs during the manufacturing process. In embedded systems and especially wireless sensor networks, there is a need to secure the data the collected from the sensors. To tackle this problem, we propose the use of SRAM-based PUFs to detect the temperature of the system. This is done by taking the PUF response to generate temperature based keys. The key would act as proofs of the temperature of the system. In SRAM PUFs, it is experimentally determined that at varying temperatures there is a shift in the response of the cells from zero to one and vice-versa. This variation can be exploited to generate random but repeatable keys at different temperatures. To evaluate our approach, we first analyze the key metrics of a PUF, namely, reliability and uniqueness. In order to test the idea of using the PUF as a temperature based key generator, we collect data from a total of ten SRAM chips at fixed temperatures steps. We first calculate the reliability, which is related to bit error rate, an important parameter with respect to error correction, at various temperatures to verify the stability of the responses. We then identify the temperature of the system by using a temperature sensor and then encode the key offset by PUF response at that temperature using BCH codes. This key-temperature pair can then be used to establish secure communication between the nodes. Thus, this scheme helps in establishing secure keys as the generation has an extra variable to produce confusion. We developed a novel PUF for Xilinx FPGAs and evaluated its quality metrics. It is very compact and has high uniqueness and reliability. We also implement 2 different PUF configurations to allow per-device selection of best PUFs to reduce the area and power required for key-generation. We also evaluate the temperature response of this PUF and show improvement in the response by using per-device selection

ENERGY-EFFICIENT AND SECURE HARDWARE FOR INTERNET OF THINGS (IoT) DEVICES

Internet of Things (IoT) is a network of devices that are connected through the Internet to exchange the data for intelligent applications. Though IoT devices provide several advantages to improve the quality of life, they also present challenges related to security. The security issues related to IoT devices include leakage of information through Differential Power Analysis (DPA) based side channel attacks, authentication, piracy, etc. DPA is a type of side-channel attack where the attacker monitors the power consumption of the device to guess the secret key stored in it. There are several countermeasures to overcome DPA attacks. However, most of the existing countermeasures consume high power which makes them not suitable to implement in power constraint devices. IoT devices are battery operated, hence it is important to investigate the methods to design energy-efficient and secure IoT devices not susceptible to DPA attacks. In this research, we have explored the usefulness of a novel computing platform called adiabatic logic, low-leakage FinFET devices and Magnetic Tunnel Junction (MTJ) Logic-in-Memory (LiM) architecture to design energy-efficient and DPA secure hardware. Further, we have also explored the usefulness of adiabatic logic in the design of energy-efficient and reliable Physically Unclonable Function (PUF) circuits to overcome the authentication and piracy issues in IoT devices. Adiabatic logic is a low-power circuit design technique to design energy-efficient hardware. Adiabatic logic has reduced dynamic switching energy loss due to the recycling of charge to the power clock. As the first contribution of this dissertation, we have proposed a novel DPA-resistant adiabatic logic family called Energy-Efficient Secure Positive Feedback Adiabatic Logic (EE-SPFAL). EE-SPFAL based circuits are energy-efficient compared to the conventional CMOS based design because of recycling the charge after every clock cycle. Further, EE-SPFAL based circuits consume uniform power irrespective of input data transition which makes them resilience against DPA attacks. Scaling of CMOS transistors have served the industry for more than 50 years in providing integrated circuits that are denser, and cheaper along with its high performance, and low power. However, scaling of the transistors leads to increase in leakage current. Increase in leakage current reduces the energy-efficiency of the computing circuits,and increases their vulnerability to DPA attack. Hence, it is important to investigate the crypto circuits in low leakage devices such as FinFET to make them energy-efficient and DPA resistant. In this dissertation, we have proposed a novel FinFET based Secure Adiabatic Logic (FinSAL) family. FinSAL based designs utilize the low-leakage FinFET device along with adiabatic logic principles to improve energy-efficiency along with its resistance against DPA attack. Recently, Magnetic Tunnel Junction (MTJ)/CMOS based Logic-in-Memory (LiM) circuits have been explored to design low-power non-volatile hardware. Some of the advantages of MTJ device include non-volatility, near-zero leakage power, high integration density and easy compatibility with CMOS devices. However, the differences in power consumption between the switching of MTJ devices increase the vulnerability of Differential Power Analysis (DPA) based side-channel attack. Further, the MTJ/CMOS hybrid logic circuits which require frequent switching of MTJs are not very energy-efficient due to the significant energy required to switch the MTJ devices. In the third contribution of this dissertation, we have investigated a novel approach of building cryptographic hardware in MTJ/CMOS circuits using Look-Up Table (LUT) based method where the data stored in MTJs are constant during the entire encryption/decryption operation. Currently, high supply voltage is required in both writing and sensing operations of hybrid MTJ/CMOS based LiM circuits which consumes a considerable amount of energy. In order to meet the power budget in low-power devices, it is important to investigate the novel design techniques to design ultra-low-power MTJ/CMOS circuits. In the fourth contribution of this dissertation, we have proposed a novel energy-efficient Secure MTJ/CMOS Logic (SMCL) family. The proposed SMCL logic family consumes uniform power irrespective of data transition in MTJ and more energy-efficient compared to the state-of-art MTJ/ CMOS designs by using charge sharing technique. The other important contribution of this dissertation is the design of reliable Physical Unclonable Function (PUF). Physically Unclonable Function (PUF) are circuits which are used to generate secret keys to avoid the piracy and device authentication problems. However, existing PUFs consume high power and they suffer from the problem of generating unreliable bits. This dissertation have addressed this issue in PUFs by designing a novel adiabatic logic based PUF. The time ramp voltages in adiabatic PUF is utilized to improve the reliability of the PUF along with its energy-efficiency. Reliability of the adiabatic logic based PUF proposed in this dissertation is tested through simulation based temperature variations and supply voltage variations

Disseny d'un filtre cancel·lador d'oscil·lacions (IOCF) per a un PUF amb anell biestable (BR-PUF)

En aquest projecte s'introdueix el concepte del PUF (physical unclonable function), un element de seguretat amb la funció de protegir als circuits integrats contra possibles atacs maliciosos. Un PUF és una funció física incorporada en una estructura física, que és fàcil d’avaluar però difícil de predir. La següent analogia permet entendre, de forma planera, la funcionalitat d'aquest sistema: un PUF en un circuit integrat té la intenció de realitzar la mateixa funció que les empremtes dactilar en les persones. L'empremta digital permet la identificació d'una persona i un PUF té la funció d'identificador de circuit integrats. Un dels camps d'aplicació d'aquest dispositiu és el de les targetes de crèdit, que necessiten nous sistemes de seguretat per a evitar la seva falsificació. Des de l'any 2004 fins a la actualitat s'ha dedicat un gran esforç en investigació i recerca sobre aquest sistema, i s'han presentat moltes arquitectures diferents de PUF. Un dels darrers PUFs que han sorgit és el BR-PUF (bistable ring PUF) [1], tot i que té algunes propietats molt bones, presenta dos grans inconvenients a solucionar. Per una banda, aquest sistema és oscil·lant, amb un temps d'estabilització llarg [2]. A més, en alguns casos, el sistema genera una resposta poc uniforme i fàcil de predir [3]. Per a analitzar aquestes problemàtiques, aquest projecte presenta un model matemàtic que permet estudiar el comportament dels BR-PUFs. El model matemàtic obté les dades estadístiques per a caracteritzar el sistema de forma més àgil que les simulacions basades en l’ànàlisi dels components elèctrics (SPICE). Mitjançant dues modificacions presentades al projecte, s'aconsegueixen solucionar els problemes d'aquests circuits electrònics. El filtre IOCF (interleaved oscillation canceller filter) [4] permet suprimir les oscil·lacions transitòries del sistema. En el projecte també s’introdueix la arquitectura TBR-PUF (twisted BR-PUF) [3] que és capaç d’uniformitzar la resposta davant a variacions locals del procés de fabricació. S'ha dissenyat un prototip de BR-PUF amb filtre IOCF per a ser implementat en un ASIC (application-specific integrated circuit) per a comprovar el funcionament experimental del circuit electrònic. El disseny del prototip s’ha realitzat utilitzant la tecnologia CMOS de 65 nm de ST

Embedded Systems Security: On EM Fault Injection on RISC-V and BR/TBR PUF Design on FPGA

With the increased usage of embedded computers in modern life and the rapid growth of the Internet of Things (IoT), embedded systems security has become a real concern. Especially with safety-critical systems or devices that communicate sensitive data, security becomes a critical issue. Embedded computers more than others are vulnerable to hardware attacks that target the chips themselves to extract the cryptographic keys, compromise their security, or counterfeit them. In this thesis, embedded security is studied through two different areas. The first is the study of hardware attacks by investigating Electro Magnetic Fault Injection (EMFI) on a RISC-V processor. And the second is the study of the countermeasures against counterfeiting and key extraction by investigating the implementation of the Bistable Ring Physical Unclonable Function (BR-PUF) and its variant the TBR-PUF on FPGA. The experiments on a 320 MHz five-stage pipeline RISC-V core showed that with the increase of frequency and the decrease of supplied voltage, the processor becomes more susceptible to EMFI. Analysis of the effect of EMFI on different types of instructions including arithmetic and logic operations, memory operations, and flow control operations showed different types of faults including instruction skips, instructions corruption, faulted branches, and exception faults with variant probabilities. More interestingly and for the first time, multiple consecutive instructions (up to six instructions) were empirically shown to be faulted at once, which can be very devastating, compromising the effect of software countermeasures such as instruction duplication or triplication. This research also studies the hardware implementation of the BR and TBR PUFs on a Spartan-6 FPGA. A comparative study on both the automatic and manual placement implementation approaches on FPGA is presented. With the use of the settling time as a randomization source for the automatic placement, this approach showed a potential to generate PUFs with good characteristics through multiple trials. The automatic placement approach was successful in generating 4-input XOR BR and TBR PUFs with almost ideal characteristics. Moreover, optimizations on the architectural and layout levels were performed on the BR and TBR PUFs to reduce their footprint on FPGA. This research aims to advance the understanding of the EMFI effect on processors, so that countermeasures may be designed for future secure processors. Additionally, this research helps to advance the understanding of how best to design improved BR and TBR PUFs for key protection in future secure devices

Intrinsic Functions for Securing CMOS Computation: Variability, Modeling and Noise Sensitivity

A basic premise behind modern secure computation is the demand for lightweight cryptographic primitives, like identifier or key generator. From a circuit perspective, the development of cryptographic modules has also been driven by the aggressive scalability of complementary metal-oxide-semiconductor (CMOS) technology. While advancing into nano-meter regime, one significant characteristic of today\u27s CMOS design is the random nature of process variability, which limits the nominal circuit design. With the continuous scaling of CMOS technology, instead of mitigating the physical variability, leveraging such properties becomes a promising way. One of the famous products adhering to this double-edged sword philosophy is the Physically Unclonable Functions (PUFs), which extract secret keys from uncontrollable manufacturing variability on integrated circuits (ICs). However, since PUFs take advantage of microscopic process variations, thus many specialized issues including variability, modeling attacks and noise sensitivity need to be considered and addressed. In this dissertation, we present our recent work on PUF based secure computation from three aspects: variability, modeling and noise sensitivity, which are deemed the foundations of our study. Moreover, we found that the three factors coordinate with each other in our study, for example, the modeling technique can be utilized to improve the unsatisfied reliability caused by noise sensitivity, quantifying the variability can effectively eliminate the impact from noise, and modeling can help with characterizing the physical variability precisely

Comprehensive study of physical unclonable functions on FPGAs: correlation driven Implementation, deep learning modeling attacks, and countermeasures

For more than a decade and a half, Physical Unclonable Functions (PUFs) have been presented as a promising hardware security primitive. The idea of exploiting variabilities in hardware fabrication to generate a unique fingerprint for every silicon chip introduced a more secure and cheaper alternative. Other solutions using non-volatile memory to store cryptographic keys, require additional processing steps to generate keys externally, and secure environments to exchange generated keys, which introduce many points of attack that can be used to extract the secret keys. PUFs were addressed in the literature from different perspectives. Many publications focused on proposing new PUF architectures and evaluation metrics to improve security properties like response uniqueness per chip, response reproducibility of the same PUF input, and response unpredictability using previous input/response pairs. Other research proposed attack schemes to clone the response of PUFs, using conventional machine learning (ML) algorithms, side-channel attacks using power and electromagnetic traces, and fault injection using laser beams and electromagnetic pulses. However, most attack schemes to be successful, imposed some restrictions on the targeted PUF architectures, which make it simpler and easier to attack. Furthermore, they did not propose solid and provable enhancements on these architectures to countermeasure the attacks. This leaves many open questions concerning how to implement perfect secure PUFs especially on FPGAs, how to extend previous modeling attack schemes to be successful against more complex PUF architectures (and understand why modeling attacks work) and how to detect and countermeasure these attacks to guarantee that secret data are safe from the attackers. This Ph.D. dissertation contributes to the state of the art research on physical unclonable functions in several ways. First, the thesis provides a comprehensive analysis of the implementation of secure PUFs on FPGAs using manual placement and manual routing techniques guided by new performance metrics to overcome FPGAs restrictions with minimum hardware and area overhead. Then the impact of deep learning (DL) algorithms is studied as a promising modeling attack scheme against complex PUF architectures, which were reported immune to conventional (ML) techniques. Furthermore, it is shown that DL modeling attacks successfully overcome the restrictions imposed by previous research even with the lack of accurate mathematical models of these PUF architectures. Finally, this comprehensive analysis is completed by understanding why deep learning attacks are successful and how to build new PUF architectures and extra circuitry to thwart these types of attacks. This research is important for deploying cheap and efficient hardware security primitives in different fields, including IoT applications, embedded systems, automotive and military equipment. Additionally, it puts more focus on the development of strong intrinsic PUFs which are widely proposed and deployed in many security protocols used for authentication, key establishment, and Oblivious transfer protocols