How to Generate Repeatable Keys Using Physical Unclonable Functions: Correcting PUF Errors with Iteratively Broadening and Prioritized Search

I present an algorithm for repeatably generating keys using entropy from a physical unclonable function (PUF). PUFs are logically identical devices with challenge- response pairs unique to each device. PUF errors inhibit key repeatability. My algorithm corrects PUF errors, enabling repeatable cryptographic key generation. Repeatedly sampling the PUF and correcting errors with prioritized iteratively broadening and exhaustive search recreate seeds. Repeated sampling determines the most likely bit values and error probabilities. The search ends if a test indicates the seed is correct. The iteratively broadening search tests seeds with up to two errors. The exhaustive search tests seeds until the correct seed is found or failure is declared. PUF bit error rates prioritizes the searches. Previous algorithms often omit noisy PUF bits or use error correcting code and helper data. The presented algorithm uses all PUF bits regardless of noise. Non-volatile data for key regeneration is either a plaintext-ciphertext sample or, for public-key cryptography, the public key. I implemented a latch-based PUF on FPGAs and measured PUF characteristics to analyze the effectiveness of the algorithm. Tests show repeated sampling nearly eliminating the probability of errors. However, the FPGA-based PUFs did not exhibit ideal behavior. Extrapolation to error rates reported by other publications shows relatively few samples drives the error probability to near zero. The probability is not zero. The iterative broadening and exhaustive searches further reduce failure rates

How to Generate Repeatable Keys Using Physical Unclonable Functions: Correcting PUF Errors with Iteratively Broadening and Prioritized Search

I present an algorithm for repeatably generating keys using entropy from a physical unclonable function (PUF). PUFs are logically identical devices with challenge- response pairs unique to each device. PUF errors inhibit key repeatability. My algorithm corrects PUF errors, enabling repeatable cryptographic key generation. Repeatedly sampling the PUF and correcting errors with prioritized iteratively broadening and exhaustive search recreate seeds. Repeated sampling determines the most likely bit values and error probabilities. The search ends if a test indicates the seed is correct. The iteratively broadening search tests seeds with up to two errors. The exhaustive search tests seeds until the correct seed is found or failure is declared. PUF bit error rates prioritizes the searches. Previous algorithms often omit noisy PUF bits or use error correcting code and helper data. The presented algorithm uses all PUF bits regardless of noise. Non-volatile data for key regeneration is either a plaintext-ciphertext sample or, for public-key cryptography, the public key. I implemented a latch-based PUF on FPGAs and measured PUF characteristics to analyze the effectiveness of the algorithm. Tests show repeated sampling nearly eliminating the probability of errors. However, the FPGA-based PUFs did not exhibit ideal behavior. Extrapolation to error rates reported by other publications shows relatively few samples drives the error probability to near zero. The probability is not zero. The iterative broadening and exhaustive searches further reduce failure rates