FPGA-Based PUF Designs: A Comprehensive Review and Comparative Analysis

Field-programmable gate arrays (FPGAs) have firmly established themselves as dynamic platforms for the implementation of physical unclonable functions (PUFs). Their intrinsic reconfigurability and profound implications for enhancing hardware security make them an invaluable asset in this realm. This groundbreaking study not only dives deep into the universe of FPGA-based PUF designs but also offers a comprehensive overview coupled with a discerning comparative analysis. PUFs are the bedrock of device authentication and key generation and the fortification of secure cryptographic protocols. Unleashing the potential of FPGA technology expands the horizons of PUF integration across diverse hardware systems. We set out to understand the fundamental ideas behind PUF and how crucially important it is to current security paradigms. Different FPGA-based PUF solutions, including static, dynamic, and hybrid systems, are closely examined. Each design paradigm is painstakingly examined to reveal its special qualities, functional nuances, and weaknesses. We closely assess a variety of performance metrics, including those related to distinctiveness, reliability, and resilience against hostile threats. We compare various FPGA-based PUF systems against one another to expose their unique advantages and disadvantages. This study provides system designers and security professionals with the crucial information they need to choose the best PUF design for their particular applications. Our paper provides a comprehensive view of the functionality, security capabilities, and prospective applications of FPGA-based PUF systems. The depth of knowledge gained from this research advances the field of hardware security, enabling security practitioners, researchers, and designers to make wise decisions when deciding on and implementing FPGA-based PUF solutions.publishedVersio

Design and Evaluation of FPGA-based Hybrid Physically Unclonable Functions

A Physically Unclonable Function (PUF) is a new and promising approach to provide security for physical systems and to address the problems associated with traditional approaches. One of the most important performance metrics of a PUF is the randomness of its generated response, which is presented via uniqueness, uniformity, and bit-aliasing. In this study, we implement three known PUF schemes on an FPGA platform, namely SR Latch PUF, Basic RO PUF, and Anderson PUF. We then perform a thorough statistical analysis on their performance. In addition, we propose the idea of the Hybrid PUF structure in which two (or more) sources of randomness are combined in a way to improve randomness. We investigate two methods in combining the sources of randomness and we show that the second one improves the randomness of the response, significantly. For example, in the case of combining the Basic RO PUF and the Anderson PUF, the Hybrid PUF uniqueness is increased nearly 8%, without any pre-processing or post-processing tasks required. Two main categories of applications for PUFs have been introduced and analyzed: authentication and secret key generation. In this study, we introduce another important application for PUFs. In fact, we develop a secret sharing scheme using a PUF to increase the information rate and provide cheater detection capability for the system. We show that, using the proposed method, the information rate of the secret sharing scheme will improve significantly

Delay-based Physical Unclonable Function Implementation

As we venture further into the 21st century, it becomes much clearer that hardware security is at the forefront of many challenges that we face today in ensuring that data is protected. “Keys” (a sequence of bits) can be used to unlock pieces of data and is a concept that is pervasive throughout cryptography, but storage in memory makes this sole method nonviable. To make the approach more practical, one can dynamically generate a key through a Physical Unclonable Function (PUF). PUFs are circuit primitives that use intrinsic variations of microchips created during the manufacturing process to generate a unique “fingerprint” for each chip. We simulated several different PUF designs on a Field Programmable Gate Array (FPGA) board to determine how changes to a starting design can affect the reliability, randomness, and uniqueness of these IDs. We propose two schemes, a parallel and a serial scheme for a ring oscillator (RO) based PUF. The parallel scheme is a useful benchmark for other designs, and the serial scheme uses much less hardware than other RO PUF designs. The serial scheme is not as random, reliable, or unique as the parallel scheme, but it creates input-output pairs with much less area

True random number generator on FPGA

Tato práce se zabývá implementací hardwarového generátoru náhodných čísel na FPGA vývojové desce, který staví na páru kruhových oscilátorů a zahrnuje testování vlivu změn teploty a napájecího napětí na generovaný výstup. Vyhodnocení staví na NIST testech. Výsledky ukazují, že změny prostředí neovlivňují výstup generátoru žádným významným způsobem.This thesis deals with the implementation of a true random number generator on FPGA development board building on pair of ring oscillators and explores the influence of temperature and power supply changes on generated output, evaluated by NIST-inspired tests. The results show that environmental changes does not impact the ouput in any significant way

Trusted IP solution in multi-tenant cloud FPGA platform

Because FPGAs outperform traditional processing cores like CPUs and GPUs in terms of performance per watt and flexibility, they are being used more and more in cloud and data center applications. There are growing worries about the security risks posed by multi-tenant sharing as the demand for hardware acceleration increases and gradually gives way to FPGA multi-tenancy in the cloud. The confidentiality, integrity, and availability of FPGA-accelerated applications may be compromised if space-shared FPGAs are made available to many cloud tenants. We propose a root of trust-based trusted execution mechanism called \textbf{TrustToken} to prevent harmful software-level attackers from getting unauthorized access and jeopardizing security. With safe key creation and truly random sources, \textbf{TrustToken} creates a security block that serves as the foundation of trust-based IP security. By offering crucial security characteristics, such as secure, isolated execution and trusted user interaction, \textbf{TrustToken} only permits trustworthy connection between the non-trusted third-party IP and the rest of the SoC environment. The suggested approach does this by connecting the third-party IP interface to the \textbf{TrustToken} Controller and running run-time checks on the correctness of the IP authorization(Token) signals. With an emphasis on software-based assaults targeting unauthorized access and information leakage, we offer a noble hardware/software architecture for trusted execution in FPGA-accelerated clouds and data centers

The Monte Carlo PUF

Physically unclonable functions are used for IP protection, hardware authentication and supply chain security. While many PUF constructions have been put forward in the past decade, only few of them are applicable to FPGA platforms. Strict constraints on the placement and routing are the main disadvantages of the existing PUFs on FPGAs, because they place a high effort on the designer. In this paper we propose a new delay-based PUF construction called Monte Carlo PUF, that does not require low-level placement and routing control. This construction relies on the on-chip Monte Carlo method that is applied for measuring the delays of logic elements in order to extract a unique device fingerprint. The proposed construction allows a trade-off between the evaluation time and the error rate. The Monte Carlo PUF is implemented and evaluated on Xilinx Spartan-6 FPGAs