物理複製不能関数における安全性の評価と向上に関する研究

In this thesis, we focus on Physically Unclonable Functions (PUFs), which are expected as one of the most promising cryptographic primitives for secure chip authentication. Generally, PUFbased authentication is achieved by two approaches: (A) using a PUF itself, which has multiple challenge (input) and response (output) pairs, or (B) using a cryptographic function, the secret key of which is generated from a PUF with a single challenge-response pair (CRP). We contribute to:(1) evaluate the security of Approach (A), and (2) improve the security of Approach (B). (1) Arbiter-based PUFs were the most feasible type of PUFs, which was used to construct Approach (A). However, Arbiter-based PUFs have a vulnerability; if an attacker knows some CRPs, she/he can predict the remaining unknown CRPs with high probability. Bistable Ring PUF (BR-PUF) was proposed as an alternative, but has not been evaluated by third parties. In this thesis, in order to construct Approach (A) securely, we evaluate the difficulty of predicting responses of a BR-PUF experimentally. As a result, the same responses are frequently generated for two challenges with small Hamming distance. Also, particular bits of challenges have a great impact on the responses. In conclusion, BR-PUFs are not suitable for achieving Approach (A)securely. In future work, we should discuss an alternative PUF suitable for secure Approach (A).(2) In order to achieve Approach (B) securely, a secret key ? generated from a PUF response?should have high entropy. We propose a novel method of extracting high entropy from PUF responses. The core idea is to effectively utilize the information on the proportion of ‘1’s including in repeatedly-measured PUF responses. We evaluate its effectiveness by fabricated test chips. As a result, the extracted entropy is about 1.72 times as large as that without the proposed method.Finally, we organize newly gained knowledge in this thesis, and discuss a new application of PUF-based technologies.電気通信大学201

FPGA-Based PUF Designs: A Comprehensive Review and Comparative Analysis

Field-programmable gate arrays (FPGAs) have firmly established themselves as dynamic platforms for the implementation of physical unclonable functions (PUFs). Their intrinsic reconfigurability and profound implications for enhancing hardware security make them an invaluable asset in this realm. This groundbreaking study not only dives deep into the universe of FPGA-based PUF designs but also offers a comprehensive overview coupled with a discerning comparative analysis. PUFs are the bedrock of device authentication and key generation and the fortification of secure cryptographic protocols. Unleashing the potential of FPGA technology expands the horizons of PUF integration across diverse hardware systems. We set out to understand the fundamental ideas behind PUF and how crucially important it is to current security paradigms. Different FPGA-based PUF solutions, including static, dynamic, and hybrid systems, are closely examined. Each design paradigm is painstakingly examined to reveal its special qualities, functional nuances, and weaknesses. We closely assess a variety of performance metrics, including those related to distinctiveness, reliability, and resilience against hostile threats. We compare various FPGA-based PUF systems against one another to expose their unique advantages and disadvantages. This study provides system designers and security professionals with the crucial information they need to choose the best PUF design for their particular applications. Our paper provides a comprehensive view of the functionality, security capabilities, and prospective applications of FPGA-based PUF systems. The depth of knowledge gained from this research advances the field of hardware security, enabling security practitioners, researchers, and designers to make wise decisions when deciding on and implementing FPGA-based PUF solutions.publishedVersio

Applications Of Physical Unclonable Functions on ASICS and FPGAs

With the ever-increasing demand for security in embedded systems and wireless sensor networks, we require integrating security primitives for authentication in these devices. One such primitive is known as a Physically Unclonable Function. This entity can be used to provide security at a low cost, as the key or digital signature can be generated by dedicating a small part of the silicon die to these primitives which produces a fingerprint unique to each device. This fingerprint produced by a PUF is called its response. The response of PUFs depends upon the process variation that occurs during the manufacturing process. In embedded systems and especially wireless sensor networks, there is a need to secure the data the collected from the sensors. To tackle this problem, we propose the use of SRAM-based PUFs to detect the temperature of the system. This is done by taking the PUF response to generate temperature based keys. The key would act as proofs of the temperature of the system. In SRAM PUFs, it is experimentally determined that at varying temperatures there is a shift in the response of the cells from zero to one and vice-versa. This variation can be exploited to generate random but repeatable keys at different temperatures. To evaluate our approach, we first analyze the key metrics of a PUF, namely, reliability and uniqueness. In order to test the idea of using the PUF as a temperature based key generator, we collect data from a total of ten SRAM chips at fixed temperatures steps. We first calculate the reliability, which is related to bit error rate, an important parameter with respect to error correction, at various temperatures to verify the stability of the responses. We then identify the temperature of the system by using a temperature sensor and then encode the key offset by PUF response at that temperature using BCH codes. This key-temperature pair can then be used to establish secure communication between the nodes. Thus, this scheme helps in establishing secure keys as the generation has an extra variable to produce confusion. We developed a novel PUF for Xilinx FPGAs and evaluated its quality metrics. It is very compact and has high uniqueness and reliability. We also implement 2 different PUF configurations to allow per-device selection of best PUFs to reduce the area and power required for key-generation. We also evaluate the temperature response of this PUF and show improvement in the response by using per-device selection

MeLPUF: Memory in Logic PUF

Physical Unclonable Functions (PUFs) are used for securing electronic designs across the implementation spectrum ranging from lightweight FPGA to server-class ASIC designs. However, current PUF implementations are vulnerable to model-building attacks; they often incur significant design overheads and are challenging to configure based on application-specific requirements. These factors limit their application, primarily in the case of the system on chip (SoC) designs used in diverse applications. In this work, we propose MeL-PUF - Memory-in-Logic PUF, a low-overhead, distributed, and synthesizable PUF that takes advantage of existing logic gates in a design and transforms them to create cross-coupled inverters (i.e. memory cells) controlled by a PUF control signal. The power-up states of these memory cells are used as the source of entropy in the proposed PUF architecture. These on-demand memory cells can be distributed across the combinational logic of various intellectual property (IP) blocks in a system on chip (SoC) design. They can also be synthesized with a standard logic synthesis tool to meet the area,power, or performance constraints of a design. By aggregating the power-up states from multiple such memory cells, we can create a PUF signature or digital fingerprint of varying size. We evaluate the MeL-PUF signature quality with both circuit-level simulations as well as with measurements in FPGA devices. We show that MeL-PUF provides high-quality signatures in terms of uniqueness, randomness, and robustness, without incurring large overheads. We also suggest additional optimizations that can be leveraged to improve the performance of MeL-PUF.Comment: 5 pages, 16 figure

A Power-Gated 8-Transistor Physically Unclonable Function Accelerates Evaluation Speeds

\ua9 2023 by the authors.The proposed 8-Transistor (8T) Physically Unclonable Function (PUF), in conjunction with the power gating technique, can significantly accelerate a single evaluation cycle more than 100,000 times faster than a 6-Transistor (6T) Static Random-Access Memory (SRAM) PUF. The 8T PUF is built to swiftly eliminate data remanence and maximise physical mismatch. Moreover, a two-phase power gating module is devised to provide controllable power on/off cycles for the chosen PUF clusters in order to facilitate fast statistical measurements and curb the in-rush current. The architecture and hardware implementation of the power-gated PUF are developed to accommodate fast multiple evaluations of PUF Responses. The fast speed enables a new data processing method, which coordinates Dark-bit masking and Multiple Temporal Majority Voting (TMV) in different Process, Voltage and Temperature (PVT) corners or during field usage, hence greatly reducing the Bit Error Rate (BER) and the hardware penalty for error correction. The designs are based on the UMC 65 nm technology and aim to tape out an Application-Specific Integrated Circuit (ASIC) chip. Post-layout Monte Carlo (MC) simulations are performed with Cadence, and the extracted PUF Responses are processed with Matlab to evaluate the 8T PUF performance and statistical metrics for subsequent inclusion in PUF Responses, which comprise the novelty of this approach

Improved Reliability of FPGA-based PUF Identification Generator Design

Physical unclonable functions (PUFs), a form of physical security primitive, enable digital identifiers to be extracted from devices, such as field programmable gate arrays (FPGAs). Many PUF implementations have been proposed to generate these unique n -bit binary strings. However, they often offer insufficient uniqueness and reliability when implemented on FPGAs and can consume excessive resources. To address these problems, in this article we present an efficient, lightweight, and scalable PUF identification (ID) generator circuit that offers a compact design with good uniqueness and reliability properties and is specifically designed for FPGAs. A novel post-characterisation methodology is also proposed that improves the reliability of a PUF without the need for any additional hardware resources. Moreover, the proposed post-characterisation method can be generally used for any FPGA-based PUF designs. The PUF ID generator consumes 8.95% of the hardware resources of a low-cost Xilinx Spartan-6 LX9 FPGA and 0.81% of a Xilinx Artix-7 FPGA. Experimental results show good uniqueness, reliability, and uniformity with no occurrence of bit-aliasing. In particular, the reliability of the PUF is close to 100% over an environmental temperature range of 25°C to 70°C with ± 10% variation in the supply voltage. </jats:p

A hardware-embedded, delay-based PUF engine designed for use in cryptographic and authentication applications

Cryptographic and authentication applications in application-specific integrated circuits (ASICs) and field-programmable gate arrays (FPGAs), as well as codes for the activation of on-chip features, require the use of embedded secret information. The generation of secret bitstrings using physical unclonable functions, or PUFs, provides several distinct advantages over conventional methods, including the elimination of costly non-volatile memory, and the potential to increase the random bits available to applications. In this dissertation, a Hardware-Embedded Delay PUF (HELP) is proposed that is designed to leverage path delay variations that occur in the core logic macros of a chip to create random bitstrings. A thorough discussion is provided of the operational details of an embedded path timing structure called REBEL that is used by HELP to provide the timing functionality upon which HELP relies for the entropy source for the cryptographic quality of the bitstrings. Further details of the FPGA-based implementation used to prove the viability of the HELP PUF concept are included, along with a discussion of the evolution of the techniques employed in realizing the final PUF engine design. The bitstrings produced by a set of 30 FPGA boards are evaluated with regard to several statistical quality metrics including uniqueness, randomness, and stability. The stability characteristics of the bitstrings are evaluated by subjecting the FPGAs to commercial-grade temperature and power supply voltage variations. In particular, this work evaluates the reproducibility of the bitstrings generated at 0C, 25C, and 70C, and 10% of the rated supply voltage. A pair of error avoidance schemes are proposed and presented that provide significant improvements to the HELP PUF\u27s resiliency against bit-flip errors in the bitstrings