Barrel Shifter Physical Unclonable Function Based Encryption

Physical Unclonable Functions (PUFs) are circuits designed to extract physical randomness from the underlying circuit. This randomness depends on the manufacturing process. It differs for each device enabling chip-level authentication and key generation applications. We present a protocol utilizing a PUF for secure data transmission. Parties each have a PUF used for encryption and decryption; this is facilitated by constraining the PUF to be commutative. This framework is evaluated with a primitive permutation network - a barrel shifter. Physical randomness is derived from the delay of different shift paths. Barrel shifter (BS) PUF captures the delay of different shift paths. This delay is entangled with message bits before they are sent across an insecure channel. BS-PUF is implemented using transmission gates; their characteristics ensure same-chip reproducibility, a necessary property of PUFs. Post-layout simulations of a common centroid layout 8-level barrel shifter in 0.13 {\mu}m technology assess uniqueness, stability and randomness properties. BS-PUFs pass all selected NIST statistical randomness tests. Stability similar to Ring Oscillator (RO) PUFs under environment variation is shown. Logistic regression of 100,000 plaintext-ciphertext pairs (PCPs) failed to successfully model BS- PUF behavior

A Unified Multibit PUF and TRNG based on Ring Oscillators for Secure IoT Devices

Physically Unclonable Functions (PUFs) and True Random Number Generators (TRNGs) are cryptographic primitives very well suited for secure IoT devices. This paper proposes a circuit, named multibit-RO-PUF-TRNG, which offers the advantages of unifying PUF and TRNG in the same design. It is based on counting the oscillations of pairs of ring oscillators (ROs), one of them acting as reference. Once the counter of the reference oscillator reaches a fixed value, the count value of the other RO is employed to provide the TRNG and the multibit PUF response. A mathematical model is presented that supports not only the circuit foundations but also a novel and simple calibration procedure that allows optimizing the selection of the design parameters. Experimental results are illustrated with large datasets from two families of FPGAs with different process nodes (90 nm and 28 nm). These results confirm that the proposed calibration provides TRNG and PUF responses with high quality. The raw TRNG bits do not need post-processing and the PUF bits (even 6 bits per RO) show very small aliasing. In the application context of obfuscating and reconstructing secrets generated by the TRNG, the multibit PUF response, together with the proposal of using error-correcting codes and RO selection adapted to each bit, provide savings of at least 79.38% of the ROs compared to using a unibit PUF without RO selection. The proposal has been implemented as an APB peripheral of a VexRiscv RV32I core to illustrate its use in a secure FPGA-based IoT device

A hardware-embedded, delay-based PUF engine designed for use in cryptographic and authentication applications

Cryptographic and authentication applications in application-specific integrated circuits (ASICs) and field-programmable gate arrays (FPGAs), as well as codes for the activation of on-chip features, require the use of embedded secret information. The generation of secret bitstrings using physical unclonable functions, or PUFs, provides several distinct advantages over conventional methods, including the elimination of costly non-volatile memory, and the potential to increase the random bits available to applications. In this dissertation, a Hardware-Embedded Delay PUF (HELP) is proposed that is designed to leverage path delay variations that occur in the core logic macros of a chip to create random bitstrings. A thorough discussion is provided of the operational details of an embedded path timing structure called REBEL that is used by HELP to provide the timing functionality upon which HELP relies for the entropy source for the cryptographic quality of the bitstrings. Further details of the FPGA-based implementation used to prove the viability of the HELP PUF concept are included, along with a discussion of the evolution of the techniques employed in realizing the final PUF engine design. The bitstrings produced by a set of 30 FPGA boards are evaluated with regard to several statistical quality metrics including uniqueness, randomness, and stability. The stability characteristics of the bitstrings are evaluated by subjecting the FPGAs to commercial-grade temperature and power supply voltage variations. In particular, this work evaluates the reproducibility of the bitstrings generated at 0C, 25C, and 70C, and 10% of the rated supply voltage. A pair of error avoidance schemes are proposed and presented that provide significant improvements to the HELP PUF\u27s resiliency against bit-flip errors in the bitstrings

Synergistic Configurable Ring Oscillator PUF: Design, Characterization, and Implementation

Silicon Physical Unclonable Function (PUF) is a novel hardware primitive that uses the intrinsic variation of integrated circuit manufacturing process for various security applications. Ring oscillator PUF (RO PUF) is one of the most popular silicon PUFs due to its ease of implementation on both ASIC and FPGA. However, RO PUF can have severe reliability issues when the operating environment deviates from the normal environment and security issues when it lacks an efficient anti-cloning mechanism. In this work, we propose a novel approach to build reliable RO PUF efficiently and enhance its resistance against physical cloning attack. The key idea of our approach is to construct ring oscillators with carefully selected inverters during the testing phase after the chip is fabricated. Our experimental results show that our configurable approach outperforms the traditional RO PUF and 1-out-of-8 PUF by generating more reliable bits that pass the NIST randomness tests. Our approach is also more hardware efficient than these RO PUFs. We also demonstrate that the configuration vectors can prevent physical cloning and have the potential usage in chip-dependent applications such as device authentication

A Group-Based Ring Oscillator Physical Unclonable Function

Silicon Physical Unclonable Function (PUF) is a physical structure of the chip which has functional characteristics that are hard to predict before fabrication but are expected to be unique after fabrication. This is caused by the random fabrication variations. The secret characteristics can only be extracted through physical measurement and will vanish immediately when the chip is powered down. PUF promises a securer means for cryptographic key generation and storage among many other security applications. However, there are still many practical challenges to cost effectively build secure and reliable PUF secrecy. This dissertation proposes new architectures for ring oscillator (RO) PUFs to answer these challenges. First, our temperature-aware cooperative (TAC) RO PUF can utilize certain ROs that were otherwise discarded due to their instability. Second, our novel group-based algorithm can generate secrecy higher than the theoretical upper bound of the conventional pairwise comparisons approach. Third, we build the first regression-based entropy distiller that can turn the PUF secrecy statistically random and robust, meeting the NIST standards. Fourth, we develop a unique Kendall syndrome coding (KSC) that makes the PUF secrecy error resilient against potential environmental fluctuations. Each of these methods can improve the hardware efficiency of the RO PUF implementation by 1.5X to 8X while improving the security and reliability of the PUF secrecy

Comprehensive Designs of Innovate Secure Hardware Devices against Machine Learning Attacks and Power Analysis Attacks

Hardware security is an innovate subject oriented from growing demands of cybersecurity and new information vulnerabilities from physical leakages on hardware devices. However, the mainstream of hardware manufacturing industry is still taking benefits of products and the performance of chips as priority, restricting the design of hardware secure countermeasures under a compromise to a finite expense of overheads. Consider the development trend of hardware industries and state-of-the-art researches of architecture designs, this dissertation proposes some new physical unclonable function (PUF) designs as countermeasures to side-channel attacks (SCA) and machine learning (ML) attacks simultaneously. Except for the joint consideration of hardware and software vulnerabilities, those designs also take efficiencies and overhead problems into consideration, making the new-style of PUF more possible to be merged into current chips as well as their design concepts. While the growth of artificial intelligence and machine-learning techniques dominate the researching trends of Internet of things (IoT) industry, some mainstream architectures of neural networks are implemented as hypothetical attacking model, whose results are used as references for further lifting the performance, the security level, and the efficiency in lateral studies. In addition, a study of implementation of neural networks on hardware designs is proposed, this realized the initial attempt to introduce AI techniques to the designs of voltage regulation (VR). All aforementioned works are demonstrated to be of robustness to threats with corresponding power attack tests or ML attack tests. Some conceptional models are proposed in the last of the dissertation as future plans so as to realize secure on-chip ML models and hardware countermeasures to hybrid threats

Obtaining Statistically Random Information from Silicon Physical Unclonable Functions

Silicon physical unclonable functions (PUF) uti- lize the variation during silicon fabrication process to extract information that will be unique for each chip. There have been many recent approaches to how PUF can be used to improve security related applications. However, it is well-known that the fabrication variation has very strong spatial correlation1 and this has been pointed out as a security threat to silicon PUF. In fact, when we apply NIST’s statistical test suite for randomness [1] against the random sequences generated from a population of 125 ring oscillator (RO) PUFs [2] using classic 1-out-of-8 Coding [3], [4] and Neighbor Coding [5], none of them can pass all the tests. In this paper, we propose to decouple the unwanted systematic variation from the desired random variation through a regression-based distiller, where the basic idea is to build a model for the systematic variation so we can generate the random sequences only from the true random variation. Applying Neighbor Coding to the same benchmark data [2], our experiment shows that 2nd and 3rd order polynomials distill random sequences that pass all the NIST randomness tests. So does 4th order polynomial in the case of 1-out-of-8 Coding. Finally, we introduce two generic random sequence generation methods. The sequences they generate fail all the randomness tests, but with the help of our proposed polynomial distiller, all but one tests are passed. These results demonstrate that our method can provide statistically random PUF information and thus bolster the security characteristics of existing PUF schemes.National Science Foundation of China under grant 61228204; Air Force Office of Scientific Research under grant FA95501010140; University Partnership with the Laboratory of Telecommunications Sciences, contract number H9823013D00560002; Taiwan Merit Scholarships from the National Science Council of Taiwan (NSC-095-SAF-I-564-056-TMS