A secure arbiter physical unclonable functions (PUFs) for device authentication and identification

Recent fourth industrial revolution, industry4.0 results in lot of automation of industrial processes and brings intelligence in many home appliances in the form of IoT, enhances M2M / D2D communication where electronic devices play a prominent role. It is very much necessary to ensure security of those devices. To provide reliable authentication and identification of each device and to abort the counterfeiting from the unauthorized foundries Physical Unclonable Functions (PUFs) emerged as a one of the promising cryptographic hardware security solution. PUF is function, mathematically modeled by using uncontrollable/ unavoidable random variances of the fabrication process of the ICs. These variances can generate unpredictable, random responses can be used to overcome the difficulties such as storing the keys in non-volatile memories (NVMs) in the classical cryptography. A wide variety of PUF architectures such as Arbiter PUFs, Ring oscillator PUFs, SRAM PUFs proposed by authors. But due to its design complexity and low cost, Delay based Arbiter PUFs (D-PUFs) are considering to be a one of the security primitives in authentication applications such as low-cost IoT devices for secure key generation. This paper presents a review on the different types of Delay based PUF architectures proposed by the various authors, sources to exhibit the physical disorders in ICs, methods to estimate the Performance metrics and applications of PUF in different domains

Emerging physical unclonable functions with nanotechnology

Physical unclonable functions (PUFs) are increasingly used for authentication and identification applications as well as the cryptographic key generation. An important feature of a PUF is the reliance on minute random variations in the fabricated hardware to derive a trusted random key. Currently, most PUF designs focus on exploiting process variations intrinsic to the CMOS technology. In recent years, progress in emerging nanoelectronic devices has demonstrated an increase in variation as a consequence of scaling down to the nanoregion. To date, emerging PUFs with nanotechnology have not been fully established, but they are expected to emerge. Initial research in this area aims to provide security primitives for emerging integrated circuits with nanotechnology. In this paper, we review emerging nanotechnology-based PUFs

Reliable Delay Based Algorithm to Boost PUF Security Against Modeling Attacks

Silicon Physical Unclonable Functions (sPUFs) are one of the security primitives and state-of-the-art topics in hardware-oriented security and trust research. This paper presents an efficient and dynamic ring oscillator PUFs (d-ROPUFs) technique to improve sPUFs security against modeling attacks. In addition to enhancing the Entropy of weak ROPUF design, experimental results show that the proposed d-ROPUF technique allows the generation of larger and updated challenge-response pairs (CRP space) compared with simple ROPUF. Additionally, an innovative hardware-oriented security algorithm, namely, the Optimal Time Delay Algorithm (OTDA), is proposed. It is demonstrated that the OTDA algorithm significantly improves PUF reliability under varying operating conditions. Further, it is shown that the OTDA further efficiently enhances the d-ROPUF capability to generate a considerably large set of reliable secret keys to protect the PUF structure from new cyber-attacks, including machine learning and modeling attacks

Attacking Delay-based PUFs with Minimal Adversary Model

Physically Unclonable Functions (PUFs) provide a streamlined solution for lightweight device authentication. Delay-based Arbiter PUFs, with their ease of implementation and vast challenge space, have received significant attention; however, they are not immune to modelling attacks that exploit correlations between their inputs and outputs. Research is therefore polarized between developing modelling-resistant PUFs and devising machine learning attacks against them. This dichotomy often results in exaggerated concerns and overconfidence in PUF security, primarily because there lacks a universal tool to gauge a PUF's security. In many scenarios, attacks require additional information, such as PUF type or configuration parameters. Alarmingly, new PUFs are often branded `secure' if they lack a specific attack model upon introduction. To impartially assess the security of delay-based PUFs, we present a generic framework featuring a Mixture-of-PUF-Experts (MoPE) structure for mounting attacks on various PUFs with minimal adversarial knowledge, which provides a way to compare their performance fairly and impartially. We demonstrate the capability of our model to attack different PUF types, including the first successful attack on Heterogeneous Feed-Forward PUFs using only a reasonable amount of challenges and responses. We propose an extension version of our model, a Multi-gate Mixture-of-PUF-Experts (MMoPE) structure, facilitating multi-task learning across diverse PUFs to recognise commonalities across PUF designs. This allows a streamlining of training periods for attacking multiple PUFs simultaneously. We conclude by showcasing the potent performance of MoPE and MMoPE across a spectrum of PUF types, employing simulated, real-world unbiased, and biased data sets for analysis.Comment: 13 pages, 6 figures, journa

AUTHENTICATED KEY ESTABLISHMENT PROTOCOL FOR CONSTRAINED SMART HEALTHCARE SYSTEMS BASED ON PHYSICAL UNCLONABLE FUNCTION

Smart healthcare systems are one of the critical applications of the internet of things. They benefit many categories of the population and provide significant improvement to healthcare services. Smart healthcare systems are also susceptible to many threats and exploits because they run without supervision for long periods of time and communicate via open channels. Moreover, in many implementations, healthcare sensor nodes are implanted or miniaturized and are resource-constrained. The potential risks on patients/individuals’ life from the threats necessitate that securing the connections in these systems is of utmost importance. This thesis provides a solution to secure end-to-end communications in such systems by proposing an authenticated key establishment protocol. The main objective of the protocol is to examine how physical unclonable functions could be utilized as a lightweight root of trust. The protocol’s design is based on rigid security requirements and inspired by the vulnerability of physical unclonable function to machine learning modeling attacks as well as the use of a ratchet technique. The proposed protocol verification and analysis revealed that it is a suitable candidate for resource-constrained smart healthcare systems. The proposed protocol’s design also has an impact on other important aspects such as anonymity of sensor nodes and gateway-lose scenario

Modélisation et caractérisation des fonctions non clonables physiquement

Physically Unclonable Functions, or PUFs, are innovative technologies devoted to solve some security and identification issues. Similarly to a human fingerprint, PUFs allows to identify uniquely electronic devices as they produce an instance-specific signature. Applications as authentication or key generation can take advantage of this embedded function. The main property that we try to obtain from a PUF is the generation of a unique response that varies randomly from one physical device to another without allowing its prediction. Another important property of these PUF is to always reproduce the same response for the same input challenge even in a changing environment. Moreover, the PUF system should be secure against attacks that could reveal its response. In this thesis, we are interested in silicon PUF which take advantage of inherent process variations during the manufacturing of CMOS integrated circuits. We present several PUF constructions, discuss their properties and the implementation techniques to use them in security applications. We first present two novel PUF structures. The first one, called “Loop PUF” is a delay based PUF which relies on the comparison of delay measurements of identical serial delay chains. The major contribution brought by the use of this structure is its implementation simplicity on both ASIC and FPGA platforms, and its flexibility as it can be used for reliable authentication or key generation. The second proposed structure is a ring-oscillator based PUF cells “TERO PUF”. It exploits the oscillatory metastability of cross-coupled elements, and can also be used as True Random Number Generator (TRNG). More precisely, the PUF response takes advantage from the introduced oscillatory metastability of an SR flip-flop when the S and R inputs are connected to the same input signal. Experimental results show the high performance of these two proposed PUF structures. Second, in order to fairly compare the quality of different delay based PUFs, we propose a specific characterization method. It is based on statistical measurements on basic delay elements. The main benefit of this method is that it allows the designer to be sure that the PUF will meet the expected performances before its implementation and fabrication. Finally, Based on the unclonability and unpredictability properties of the PUFs, we present new techniques to perform “loop PUF” authentication and cryptographic key generation. Theoretical and experimental results show the efficiency of the introduced techniques in terms of complexity and reliabilityLes fonctions non clonables physiquement, appelées PUF (Physically Unclonable Functions), représentent une technologie innovante qui permet de résoudre certains problèmes de sécurité et d’identification. Comme pour les empreintes humaines, les PUF permettent de différencier des circuits électroniques car chaque exemplaire produit une signature unique. Ces fonctions peuvent être utilisées pour des applications telles que l’authentification et la génération de clés cryptographiques. La propriété principale que l’on cherche à obtenir avec les PUF est la génération d’une réponse unique qui varie de façon aléatoire d’un circuit à un autre, sans la possibilité de la prédire. Une autre propriété de ces PUF est de toujours reproduire, quel que soit la variation de l’environnement de test, la même réponse à un même défi d’entrée. En plus, une fonction PUF doit être sécurisée contre les attaques qui permettraient de révéler sa réponse. Dans cette thèse, nous nous intéressons aux PUF en silicium profitant des variations inhérentes aux technologies de fabrication des circuits intégrés CMOS. Nous présentons les principales architectures de PUF, leurs propriétés, et les techniques mises en œuvre pour les utiliser dans des applications de sécurité. Nous présentons d’abord deux nouvelles structures de PUF. La première structure appelée “Loop PUF” est basée sur des chaînes d’éléments à retard contrôlés. Elle consiste à comparer les délais de chaînes à retard identiques qui sont mises en série. Les points forts de cette structure sont la facilité de sa mise en œuvre sur les deux plates-formes ASIC et FPGA, la grande flexibilité pour l’authentification des circuits intégrés ainsi que la génération de clés de chiffrement. La deuxième structure proposée “TERO PUF” est basée sur le principe de cellules temporairement oscillantes. Elle exploite la métastabilité oscillatoire d’éléments couplés en croix, et peut aussi être utilisée pour un générateur vrai d’aléas (TRNG). Plus précisément, la réponse du PUF profite de la métastabilité oscillatoire introduite par une bascule SR lorsque les deux entrées S et R sont connectées au même signal d’entrée. Les résultats expérimentaux montrent le niveau de performances élevé des deux structures de PUF proposées. Ensuite, afin de comparer équitablement la qualité des différentes PUF à retard, nous proposons une méthode de caractérisation spécifique. Elle est basée sur des mesures statistiques des éléments à retard. Le principal avantage de cette méthode vient de sa capacité à permettre au concepteur d’être sûr que la fonction PUF aura les performances attendues avant sa mise en œuvre et sa fabrication. Enfin, en se basant sur les propriétés de non clonabilité et de l’imprévisibilité des PUF, nous présentons de nouvelles techniques d’authentification et de génération de clés de chiffrement en utilisant la “loop PUF” proposée. Les résultats théoriques et expérimentaux montrent l’efficacité des techniques introduites en termes de complexité et de fiabilit