Cryptographic Primitives from Physical Variables

In this dissertation we explore a new paradigm emerging from the subtleties of cryptographic implementations and relating to theoretical aspects of cryptography. This new paradigm, namely physical variables (PVs), simply describes properties of physical objects designed to be identical but are not due to manufacturing variability. In the first part of this dissertation, we focus our attention on scenarios which require the unique identification of physical objects and we show how Gaussian PVs can be used to fulfill such a requirement. Using this framework we present and analyze a new technique for fingerprinting compact discs (CDs) using the manufacturing variability found in the length of the CDs\u27 lands and pits. Although the variability measured is on the order of 20 nm, the technique does not require the use of microscopes or any advanced equipment. Instead, the electrical signal produced by the photo-detector inside the CD reader will be sufficient to measure the desired variability. We thoroughly investigate the new technique by analyzing data collected from 100 identical CDs and show how to extract a unique fingerprint for each CD. In the second part, we shift our attention to physically parameterized functions (PPFs). Although all the constructions we provide are centered around delay-based physically unclonable functions (PUFs), we stress that the use of the term PUF could be misleading as most circuits labeled with the term PUF are in reality clonable on the protocol level. We argue that using a term like PPFs to describe functions parameterized by a PV is a more accurate description. Herein, we thoroughly analyze delay-PUFs and use a mathematical framework to construct two authentication protocols labeled PUF-HB and HB+PUF. Both these protocols merge the known HB authentication family with delay-based PUFs. The new protocols enjoy the security reduction put forth by the HB portion of the protocol and at the same time maintain a level of hardware security provided by the use of PUFs. We present a proof of concept implementation for HB+PUF which takes advantage of the PUF circuit in order to produce the random bits typically needed for an HB-based authentication scheme. The overall circuit is shown to occupy a few thousand gates. Finally, we present a new authentication protocol that uses 2-level PUF circuits and enables a security reduction which, unlike the previous two protocols, stems naturally from the usage of PVs

Using physical unclonable functions for hardware authentication: a survey

Physical unclonable functions (PUFs) are drawing a crescent interest in hardware oriented security due to their special characteristics of simplicity and safety. However, their nature as well as early stage of study makes them constitute currently a diverse and non-standardized set for designers. This work tries to establish one organization of existing PUF structures, giving guidelines for their choice, conditioning, and adaptation depending on the target application. In particular, it is described how using PUFs adequately could enlighten significantly most of the security primitives, making them very suitable for authenticating constrained resource platforms.Junta de Andalucía P08-TIC-03674Comunidad Europea FP7-INFSO-ICT-248858Ministerio de Ciencia y Tecnología TEC2008-04920, DPI2008-03847 y TEC2007-6510

Hardware authentication based on PUFs and SHA-3 2nd round candidates

Security features are getting a growing interest in microelectronics. Not only entities have to authenticate in the context of a high secure communication but also the hardware employed has to be trusted. Silicon Physical Unclonable Functions (PUFs) or Physical Random Functions, which exploits manufacturing process variations in integrated circuits, have been used to authenticate the hardware in which they are included and, based on them, several cryptographic protocols have been reported. This paper describes the hardware implementation of a symmetric-key authentication protocol in which a PUF is one of the relevant blocks. The second relevant block is a SHA-3 2nd round candidate, a Secure Hash Algorithm (in particular Keccak), which has been proposed to replace the SHA-2 functions that have been broken no long time ago. Implementation details are discussed in the case of Xilinx FPGAs.Junta de Andalucía P08-TIC-03674Comunidad Europea FP7-INFSO-ICT-248858Ministerio de Ciencia y Tecnología TEC2008-04920 y DPI2008-0384

High secure buffer based physical unclonable functions (PUF’s) for device authentication

Physical Unclonable Function (PUF) is fast growing technology which utilizes the statistical variability of the manufacture variations acts as a finger print to the each device. It can be widely used in security applications such as device authentication, key generation and Intellectual Property (IP) protection. Due to the simplicity and low cost arbiter delay based PUFs have been mostly used as a cryptographic key in Internet of Things (IoT) devices. As conventional arbiter PUFs are suffers from less uniqueness and reliability. This paper provides designing of new buffer based arbiter PUF. It has been demonstrated that experimental results of new buffer based arbiter PUF shows the considerable improvement in the uniqueness and reliability of the proposed design and the Monte-Carlo analysis applied for delay variability of the PUFs

Authentication Algorithm for Portable Embedded Systems using PUFs

Physical Unclonable Functions (PUFs) are circuits that exploit chip-unique features to be used as signatures which can be used as good silicon biometrics. These signatures are based on semiconductor fabrication variations that are very difficult to control or reproduce. These chipunique signatures together with strong challenge-response authentication algorithm can be used to authenticate and secure chips. This paper expands the security avenues covered by PUF and FPGAs by introducing a new class of concept called 201C;Soft PUFs.201D; This scheme propose robust challenge- response authentication solution based on a PUF device that provides stronger security guarantees to the user than what previously could be achieved. By exploiting the silicon uniqueness of each FPGA device and incorporating a special authentication algorithms in existing FPGA fabric, FPGA based embedded systems can be used for new security-oriented and network- oriented applications that were not previously possible or thought of

Investigation of the Timing Parameters of The Arbiter-Based Physically Unclonable Function Using a Ring Oscillator

Рассматривается возможность использования схемы кольцевого осциллятора для измерения задержек распространения сигналов через симметричные пути различных длин, реализованных на FPGA. Описывается создание экспериментальной установки и ход проведения экспериментов. Исследуется зависимость абсолютных значений задержек распространения сигналов и их статистических характеристик от количества блоков симметричных путей. Рассчитываются метрики стабильности и межкристальной уникальности на основе полученных экспериментальных данных измерений задержек. Подтверждается улучшение характеристик стабильности и уникальности значений задержек с увеличением длины симметричных путей АФНФ

Sensor authentication in collaborating sensor networks

In this thesis, we address a new security problem in the realm of collaborating sensor networks. By collaborating sensor networks, we refer to the networks of sensor networks collaborating on a mission, with each sensor network is independently owned and operated by separate entities. Such networks are practical where a number of independent entities can deploy their own sensor networks in multi-national, commercial, and environmental scenarios, and some of these networks will integrate complementary functionalities for a mission. In the scenario, we address an authentication problem wherein the goal is for the Operator Oi of Sensor Network Si to correctly determine the number of active sensors in Network Si. Such a problem is challenging in collaborating sensor networks where other sensor networks, despite showing an intent to collaborate, may not be completely trustworthy and could compromise the authentication process. We propose two authentication protocols to address this problem. Our protocols rely on Physically Unclonable Functions, which are a hardware based authentication primitive exploiting inherent randomness in circuit fabrication. Our protocols are light-weight, energy efficient, and highly secure against a number of attacks. To the best of our knowledge, ours is the first to addresses a practical security problem in collaborating sensor networks. --Abstract, page iii

METAPUF: A challenge response pair generator

Physically unclonable function (PUF) is a hardware security module preferred for hardware feature based random number and secret key generation. Security of a cryptographic system relies on the quality of the challenge-response pair, it is necessary that the key generation mechanism must unpredictable and its response should constant under different operating condition. Metastable state in CMOS latch is undesirable since it response becomes unpredictable, this feature used in this work to generate a unique response. A feedback mechanism is developed which forces the latch into the metastable region; after metastable state, latch settle to high or state depends on circuit internal condition and noise which cannot be predicted. Obtained inter hamming variation for 8 PUF is 51% and average intra hamming distance is 99.76% with supply voltage variation and 96.22% with temperature variation

2D physically unclonable functions of the arbiter type

Цели. Решается задача построения нового класса физически неклонируемых функций типа арбитр (АФНФ), основанного на различии задержек по входам многочисленных модификаций базового элемента путем увеличения как количества входов, так и топологии их подключения. Подобный подход позволяет строить двухмерные физически неклонируемые функции (2D-АФНФ), в которых в отличие от классических АФНФ запрос, формируемый для каждого базового элемента, выбирает пару путей не из двух возможных, а из большего их количества. Актуальность данного исследования связана с активным развитием физической криптографии. В работе преследуются следующие цели: построение базовых элементов АФНФ и их модификаций, разработка методики построения 2D-АФНФ. Методы. Используются методы синтеза и анализа цифровых устройств, в том числе на программируе мых логических интегральных схемах, основы булевой алгебры и схемотехники. Результаты. Показано, что в классических АФНФ применяется стандартный базовый элемент, выполняющий две функции, а именно функцию выбора пары путей Select и функцию переключения путей Switch, которые за счет их совместного использования позволяют достичь высоких характеристик. В первую очередь это касается стабильности функционирования АФНФ, характеризующейся небольшим числом запросов, для которых ответ случайным образом принимает одно из двух возможных значений: 0 или 1. Предложены модификации базового элемента в части реализаций его функций Select и Switch. Приводятся новые структуры базового элемента с внесенными модификациями их реализаций, в том числе в части увеличения количества пар путей базового элемента, из которых путем запроса выбирается одна из них и конфигурации их переключений. Применение разнообразных базовых элементов позволяет улучшать основные характеристики АФНФ, а также нарушать регулярность их структуры, которая является главной причиной взлома АФНФ путем машинного обучения. Заключение. Предложенный подход к построению 2D-АФНФ, основанный на различии задержек сигналов через базовый элемент, показал свою работоспособность и перспективность. Экспериментально подтвержден эффект улучшения характеристик подобных ФНФ, и в первую очередь стабильности их функционирования. Перспективным представляется дальнейшее развитие идеи построения 2D-АФНФ, экспериментальное исследование их характеристик и устойчивости к различного рода атакам, в том числе с использованием машинного обучения

Физически неклонируемые функции с управляемой задержкой распространения сигналов

Решается задача построения нового класса физически неклонируемых функций (ФНФ), обеспечивающих управление задержкой распространения сигнала через эле-менты, которые расположены на пути его распространения. Актуальность такого исследования связана с активным развитием физической криптографии. В работе преследуются следующие цели: построение базовых элементов ФНФ и их модификаций, разработка методики построения управляемых кольцевых осцилляторов на базе элементов XOR и управляемых кольцевых осцилляторов, основанных на многовходовом переключении сигнала. Методы. Используются методы синтеза и анализа цифровых устройств, в том числе на программируемых логических интегральных схемах, основы булевой алгебры и схемотехники