379 research outputs found
Performance Metrics and Empirical Results of a PUF Cryptographic Key Generation ASIC
We describe a PUF design with integrated error correction that is robust to various layout implementations and achieves excellent and consistent results in each of the following four areas: Randomness, Uniqueness, Bias and Stability. 133 PUF devices in 0.13 μm technology encompassing seven circuit layout implementations were tested. The PUF-based key generation design achieved less than 0.58 ppm failure rates with 50%+ stability safety margin. 1.75M error correction blocks ran error-free under worst-case V/T corners (±10% V, 125°C/-65°C) and under voltage extremes of ±20% V. All PUF devices demonstrated excellent NIST-random behavior (99 cumulative percentile), a criterion used to qualify random sources for use as keying material for cryptographic-grade applications
A Group-Based Ring Oscillator Physical Unclonable Function
Silicon Physical Unclonable Function (PUF) is a physical structure of the chip which has functional characteristics that are hard to predict before fabrication but are expected to be unique after fabrication. This is caused by the random fabrication variations. The secret characteristics can only be extracted through physical measurement and will vanish immediately when the chip is powered down. PUF promises a securer means for cryptographic key generation and storage among many other security applications. However, there are still many practical challenges to cost effectively build secure and reliable PUF secrecy. This dissertation proposes new architectures for ring oscillator (RO) PUFs to answer these challenges. First, our temperature-aware cooperative (TAC) RO PUF can utilize certain ROs that were otherwise discarded due to their instability. Second, our novel group-based algorithm can generate secrecy higher than the theoretical upper bound of the conventional pairwise comparisons approach. Third, we build the first regression-based entropy distiller that can turn the PUF secrecy statistically random and robust, meeting the NIST standards. Fourth, we develop a unique Kendall syndrome coding (KSC) that makes the PUF secrecy error resilient against potential environmental fluctuations. Each of these methods can improve the hardware efficiency of the RO PUF implementation by 1.5X to 8X while improving the security and reliability of the PUF secrecy
Multi-factor Physical Layer Security Authentication in Short Blocklength Communication
Lightweight and low latency security schemes at the physical layer that have
recently attracted a lot of attention include: (i) physical unclonable
functions (PUFs), (ii) localization based authentication, and, (iii) secret key
generation (SKG) from wireless fading coefficients. In this paper, we focus on
short blocklengths and propose a fast, privacy preserving, multi-factor
authentication protocol that uniquely combines PUFs, proximity estimation and
SKG. We focus on delay constrained applications and demonstrate the performance
of the SKG scheme in the short blocklength by providing a numerical comparison
of three families of channel codes, including half rate low density parity
check codes (LDPC), Bose Chaudhuri Hocquenghem (BCH), and, Polar Slepian Wolf
codes for n=512, 1024. The SKG keys are incorporated in a zero-round-trip-time
resumption protocol for fast re-authentication. All schemes of the proposed
mutual authentication protocol are shown to be secure through formal proofs
using Burrows, Abadi and Needham (BAN) and Mao and Boyd (MB) logic as well as
the Tamarin-prover
Slender PUF Protocol: A lightweight, robust, and secure authentication by substring matching
We introduce Slender PUF protocol, an efficient
and secure method to authenticate the responses
generated from a Strong Physical Unclonable Function
(PUF). The new method is lightweight, and suitable for
energy constrained platforms such as ultra-low power embedded
systems for use in identification and authentication
applications. The proposed protocol does not follow the
classic paradigm of exposing the full PUF responses (or
a transformation of the full string of responses) on the
communication channel. Instead, random subsets of the
responses are revealed and sent for authentication. The
response patterns are used for authenticating the prover
device with a very high probability.We perform a thorough
analysis of the method’s resiliency to various attacks
which guides adjustment of our protocol parameters for
an efficient and secure implementation. We demonstrate
that Slender PUF protocol, if carefully designed, will be
resilient against all known machine learning attacks. In
addition, it has the great advantage of an inbuilt PUF error
tolerance. Thus, Slender PUF protocol is lightweight and
does not require costly additional error correction, fuzzy
extractors, and hash modules suggested in most previously
known PUF-based robust authentication techniques. The
low overhead and practicality of the protocol are confirmed
by a set of hardware implementation and evaluations
Algebraic Security Analysis of Key Generation with Physical Unclonable Functions
Physical Unclonable Functions (PUFs) provide cryptographic keys for embedded systems without secure non-volatile key storage. Several error correction schemes for key generation with PUFs were introduced, analyzed and implemented over the last years. This work abstracts from the typical algorithmic level and provides an algebraic view to reveal fundamental similarities and differences in the security of these error correction schemes.
An algebraic core is introduced for key generation with Physical Unclonable Functions (PUFs). It computes the secret key through the helper data from the input PUF response and an optional random number. For nearly uniformly distributed PUF responses, the leakage of the secret key and the helper data can be brought to zero if and only if the rank of the algebraic core is equal to the sum of the ranks of the key generating part and the rank of the helper data generating part. This rank criterion has the practical advantage that a security check can be performed for linear codes at an early design stage of an algorithm. The criterion is applied to state-of-the-art approaches to show that fuzzy commitment and systematic low leakage coding are the only analyzed schemes that achieve zero leakage
- …