A Unified Multibit PUF and TRNG based on Ring Oscillators for Secure IoT Devices

Physically Unclonable Functions (PUFs) and True Random Number Generators (TRNGs) are cryptographic primitives very well suited for secure IoT devices. This paper proposes a circuit, named multibit-RO-PUF-TRNG, which offers the advantages of unifying PUF and TRNG in the same design. It is based on counting the oscillations of pairs of ring oscillators (ROs), one of them acting as reference. Once the counter of the reference oscillator reaches a fixed value, the count value of the other RO is employed to provide the TRNG and the multibit PUF response. A mathematical model is presented that supports not only the circuit foundations but also a novel and simple calibration procedure that allows optimizing the selection of the design parameters. Experimental results are illustrated with large datasets from two families of FPGAs with different process nodes (90 nm and 28 nm). These results confirm that the proposed calibration provides TRNG and PUF responses with high quality. The raw TRNG bits do not need post-processing and the PUF bits (even 6 bits per RO) show very small aliasing. In the application context of obfuscating and reconstructing secrets generated by the TRNG, the multibit PUF response, together with the proposal of using error-correcting codes and RO selection adapted to each bit, provide savings of at least 79.38% of the ROs compared to using a unibit PUF without RO selection. The proposal has been implemented as an APB peripheral of a VexRiscv RV32I core to illustrate its use in a secure FPGA-based IoT device

Compact Field Programmable Gate Array Based Physical Unclonable Functions Circuits

The Physical Unclonable Functions (PUFs) is a candidate to provide a secure solid root source for identification and authentication applications. It is precious for FPGA-based systems, as FPGA designs are vulnerable to IP thefts and cloning. Ideally, the PUFs should have strong random variations from one chip to another, and thus each PUF is unique and hard to replicate. Also, the PUFs should be stable over time so that the same challenge bits always yield the same result. Correspondingly, one of the major challenges for FPGA-based PUFs is the difficulty of avoiding systematic bias in the integrated circuits but also pulling out consistent characteristics as the PUF at the same time. This thesis discusses several compact PUF structures relying on programmable delay lines (PDLs) and our novel intertwined programmable delays (IPD). We explore the strategy to extract the genuinely random PUF from these structures by minimizing the systematic biases. Yet, our methods still maintain very high reliability. Furthermore, our proposed designs, especially the TERO-based PUFs, show promising resilience to machine learning (ML) attacks. We also suggest the bit-bias metric to estimate PUF’s complexity quickly

On Metrics to Quantify the Inter-Device Uniqueness of PUFs

Physically Unclonable Functions (PUFs) have been an emerging topic in hardware security and trust in recent years, and many different kinds of PUFs have been presented in the literature. An important criterion is always the diversity of PUF responses for different devices, called inter-device uniqueness. A very popular uniqueness metric consists of calculating the pairwise hamming distance between the response bit-strings of all devices, assuming that all response bits are uncorrelated. Such correlations, however, should be regarded when a statement about inter-device uniqueness is made. We therefore propose a novel correlation metric to fulfil this requirement. Furthermore, we show that the hamming distance metric is actually redundant when at the same time the also popular bit-aliasing metric is applied

Statistical evaluation of PUF implementation techniques as applied to quantum confinement semiconductors

Physically unclonable functions, or PUFs, present a means to securely identify objects, both implicit and attached, alongside several uses in conventional secure communication techniques. Many types of PUF based on varying sources of fingerprint entropy have been suggested, and the higher-level theoretical properties and implications of this primitive have been extensively discussed. However, each different prospective implementation of PUF typically approaches the practical considerations for the conversion from a unique entropy source to ultimate PUF implementation anew. These studies typically treat the intermediate processing schema, such as response binning, solely as a means to an end rather than a subject of explicit discussion and evaluation. As such, there exist few studies into developing a general framework for the optimisation and simulation of the important elements that lie between the measurement of the particular entropy source and the evaluation of the final device as a whole. This thesis seeks to outline and validate a generalised schema for the conversion of entropy source to final results, presenting the fundamental design elements and figures of merit for the process at every stage where applicable. Further to this, each stage of the process is expressed analytically, allowing the direct derivation of the ultimate figures of merit based on the measurement outcomes of the initial source of entropy. To validate, this process is applied towards the resonant tunnelling diode (RTD) as the prospective entropic unit cell. This type of semiconductor device has several properties that make it an interesting candidate upon which to base a PUF, and this work additionally seeks to outline these benefits and enumerate the general comparative figures of merit for a PUF derived therefrom

Jornadas Nacionales de Investigación en Ciberseguridad: actas de las VIII Jornadas Nacionales de Investigación en ciberseguridad: Vigo, 21 a 23 de junio de 2023

Jornadas Nacionales de Investigación en Ciberseguridad (8ª. 2023. Vigo)atlanTTicAMTEGA: Axencia para a modernización tecnolóxica de GaliciaINCIBE: Instituto Nacional de Cibersegurida