On Metrics to Quantify the Inter-Device Uniqueness of PUFs

Physically Unclonable Functions (PUFs) have been an emerging topic in hardware security and trust in recent years, and many different kinds of PUFs have been presented in the literature. An important criterion is always the diversity of PUF responses for different devices, called inter-device uniqueness. A very popular uniqueness metric consists of calculating the pairwise hamming distance between the response bit-strings of all devices, assuming that all response bits are uncorrelated. Such correlations, however, should be regarded when a statement about inter-device uniqueness is made. We therefore propose a novel correlation metric to fulfil this requirement. Furthermore, we show that the hamming distance metric is actually redundant when at the same time the also popular bit-aliasing metric is applied

Total Ionizing Dose Effects on a Delay-Based Physical Unclonable Function Implemented in FPGAs

Physical Unclonable Functions (PUFs) are hardware security primitives that are increasingly being used for authentication and key generation in ICs and FPGAs. For space systems, they are a promising approach to meet the needs for secure communications at low cost. To this purpose, it is essential to determine if they are reliable in the space radiation environment. In this work we evaluate the Total Ionizing Dose effects on a delay-based PUF implemented in SRAM-FPGA, namely a Ring Oscillator PUF. Several major quality metrics have been used to analyze the evolution of the PUF response with the total ionizing dose. Experimental results demonstrate that total ionizing dose has a perceptible effect on the quality of the PUF response, but it could still be used for space applications by making some appropriate corrections.Ministerio de Economía y Competitividad ESP2015-68245-C4-1-P, ESP-2015-68245-C4-4-P

Compact Field Programmable Gate Array Based Physical Unclonable Functions Circuits

The Physical Unclonable Functions (PUFs) is a candidate to provide a secure solid root source for identification and authentication applications. It is precious for FPGA-based systems, as FPGA designs are vulnerable to IP thefts and cloning. Ideally, the PUFs should have strong random variations from one chip to another, and thus each PUF is unique and hard to replicate. Also, the PUFs should be stable over time so that the same challenge bits always yield the same result. Correspondingly, one of the major challenges for FPGA-based PUFs is the difficulty of avoiding systematic bias in the integrated circuits but also pulling out consistent characteristics as the PUF at the same time. This thesis discusses several compact PUF structures relying on programmable delay lines (PDLs) and our novel intertwined programmable delays (IPD). We explore the strategy to extract the genuinely random PUF from these structures by minimizing the systematic biases. Yet, our methods still maintain very high reliability. Furthermore, our proposed designs, especially the TERO-based PUFs, show promising resilience to machine learning (ML) attacks. We also suggest the bit-bias metric to estimate PUF’s complexity quickly

Design and Implementation of Multiplexed and Obfuscated Physical Unclonable Function

Model building attack on Physical Unclonable Functions (PUFs) by using machine learning (ML) techniques has been a focus in the PUF research area. PUF is a hardware security primitive which can extract unique hardware characteristics (i.e., device-specific) by exploiting the intrinsic manufacturing process variations during integrated circuit (IC) fabrication. The nature of the manufacturing process variations which is random and complex makes a PUF realistically and physically impossible to clone atom-by-atom. Nevertheless, its function is vulnerable to model-building attacks by using ML techniques. Arbiter-PUF is one of the earliest proposed delay-based PUFs which is vulnerable to ML-attack. In the past, several techniques have been proposed to increase its resiliency, but often has to sacrifice the reproducibility of the Arbiter-PUF response. In this paper, we propose a new derivative of Arbiter-PUF which is called Mixed Arbiter-PUF (MA-PUF). Four Arbiter-PUFs are combined and their outputs are multiplexed to generate the final response. We show that MA-PUF has good properties of uniqueness, reliability, and uniformity. Moreover, the resilient of MA-PUF against ML-attack is 15% better than a conventional Arbiter-PUF. The predictability of MA-PUF close to 65% could be achieved when combining with challenge permutation technique

Suitability of Generalized GAROs on FPGAs as PUFs or TRNGs considering spatial correlations

In the last years, guaranteeing the security in Internet of things communications has become an essential task. In this article, the bias of a wide set of oscillators has been studied to determine their suitability as both true random number generators (TRNGs) and physically unclonable functions (PUFs). For this purpose, a generic configurable structure has been proposed and implemented in an field programmable gate array (FPGA). With this implementation, by introducing some external signals it is possible to configure the system in different oscillator topologies. This way, we have managed to analyze 2730 oscillators composed by seven lookup tables (LUTs) without having to resynthesize the code each time. The performed analysis has included conventional ring oscillators, Galois ring oscillators, and newly proposed oscillator topologies. From this analysis, we have concluded that none of these oscillators behave as an ideal TRNG but ring oscillators present the closest to an ideal behavior. Regarding their suitability as PUFs, some of the newly proposed oscillators in this article present a high reproducibility, higher than that of conventional ring oscillator PUF (RO-PUF) and a high uniqueness. Furthermore, we have noticed that both their reproducibility and their uniqueness tend to improve when increasing the length of the oscillators, which opens the possibility of finding new oscillators with even better properties by studying oscillators of bigger lengths. Finally, by studying the spatial correlation of the bias of these oscillators, we have observed that they present a much lower spatial correlation compared to the ring oscillators, which opens the possibility of using these oscillators in PUF architectures that use more comparisons than typical RO-PUFs

PUF for the Commons: Enhancing Embedded Security on the OS Level

Security is essential for the Internet of Things (IoT). Cryptographic operations for authentication and encryption commonly rely on random input of high entropy and secure, tamper-resistant identities, which are difficult to obtain on constrained embedded devices. In this paper, we design and analyze a generic integration of physically unclonable functions (PUFs) into the IoT operating system RIOT that supports about 250 platforms. Our approach leverages uninitialized SRAM to act as the digital fingerprint for heterogeneous devices. We ground our design on an extensive study of PUF performance in the wild, which involves SRAM measurements on more than 700 IoT nodes that aged naturally in the real-world. We quantify static SRAM bias, as well as the aging effects of devices and incorporate the results in our system. This work closes a previously identified gap of missing statistically significant sample sizes for testing the unpredictability of PUFs. Our experiments on COTS devices of 64 kB SRAM indicate that secure random seeds derived from the SRAM PUF provide 256 Bits-, and device unique keys provide more than 128 Bits of security. In a practical security assessment we show that SRAM PUFs resist moderate attack scenarios, which greatly improves the security of low-end IoT devices.Comment: 18 pages, 12 figures, 3 table

MeLPUF: Memory in Logic PUF

Physical Unclonable Functions (PUFs) are used for securing electronic designs across the implementation spectrum ranging from lightweight FPGA to server-class ASIC designs. However, current PUF implementations are vulnerable to model-building attacks; they often incur significant design overheads and are challenging to configure based on application-specific requirements. These factors limit their application, primarily in the case of the system on chip (SoC) designs used in diverse applications. In this work, we propose MeL-PUF - Memory-in-Logic PUF, a low-overhead, distributed, and synthesizable PUF that takes advantage of existing logic gates in a design and transforms them to create cross-coupled inverters (i.e. memory cells) controlled by a PUF control signal. The power-up states of these memory cells are used as the source of entropy in the proposed PUF architecture. These on-demand memory cells can be distributed across the combinational logic of various intellectual property (IP) blocks in a system on chip (SoC) design. They can also be synthesized with a standard logic synthesis tool to meet the area,power, or performance constraints of a design. By aggregating the power-up states from multiple such memory cells, we can create a PUF signature or digital fingerprint of varying size. We evaluate the MeL-PUF signature quality with both circuit-level simulations as well as with measurements in FPGA devices. We show that MeL-PUF provides high-quality signatures in terms of uniqueness, randomness, and robustness, without incurring large overheads. We also suggest additional optimizations that can be leveraged to improve the performance of MeL-PUF.Comment: 5 pages, 16 figure