A PUF-and biometric-based lightweight hardware solution to increase security at sensor nodes

Security is essential in sensor nodes which acquire and transmit sensitive data. However, the constraints of processing, memory and power consumption are very high in these nodes. Cryptographic algorithms based on symmetric key are very suitable for them. The drawback is that secure storage of secret keys is required. In this work, a low-cost solution is presented to obfuscate secret keys with Physically Unclonable Functions (PUFs), which exploit the hardware identity of the node. In addition, a lightweight fingerprint recognition solution is proposed, which can be implemented in low-cost sensor nodes. Since biometric data of individuals are sensitive, they are also obfuscated with PUFs. Both solutions allow authenticating the origin of the sensed data with a proposed dual-factor authentication protocol. One factor is the unique physical identity of the trusted sensor node that measures them. The other factor is the physical presence of the legitimate individual in charge of authorizing their transmission. Experimental results are included to prove how the proposed PUF-based solution can be implemented with the SRAMs of commercial Bluetooth Low Energy (BLE) chips which belong to the communication module of the sensor node. Implementation results show how the proposed fingerprint recognition based on the novel texture-based feature named QFingerMap16 (QFM) can be implemented fully inside a low-cost sensor node. Robustness, security and privacy issues at the proposed sensor nodes are discussed and analyzed with experimental results from PUFs and fingerprints taken from public and standard databases.Ministerio de Economía, Industria y Competitividad TEC2014-57971-R, TEC2017-83557-

Contributions on using embedded memory circuits as physically unclonable functions considering reliability issues

[eng] Moving towards Internet-of-Things (IoT) era, hardware security becomes a crucial research topic, because of the growing demand of electronic products that are remotely connected through networks. Novel hardware security primitives based on manufacturing process variability are proposed to enhance the security of the IoT systems. As a trusted root that provides physical randomness, a physically unclonable function is an essential base for hardware security. SRAM devices are becoming one of the most promising alternatives for the implementation of embedded physical unclonable functions as the start-up value of each bit-cell depends largely on the variability related with the manufacturing process. Not all bit-cells experience the same degree of variability, so it is possible that some cells randomly modify their logical starting value, while others will start-up always at the same value. However, physically unclonable function applications, such as identification and key generation, require more constant logical starting value to assure high reliability in PUF response. For this reason, some kind of post-processing is needed to correct the errors in the PUF response. Unfortunately, those cells that have more constant logic output are difficult to be detected in advance. This work characterizes by simulation the start-up value reproducibility proposing several metrics suitable for reliability estimation during design phases. The aim is to be able to predict by simulation the percentage of cells that will be suitable to be used as PUF generators. We evaluate the metrics results and analyze the start-up values reproducibility considering different external perturbation sources like several power supply ramp up times, previous internal values in the bit-cell, and different temperature scenarios. The characterization metrics can be exploited to estimate the number of suitable SRAM cells for use in PUF implementations that can be expected from a specific SRAM design.[cat] En l’era de la Internet de les coses (IoT), garantir la seguretat del hardware ha esdevingut un tema de recerca crucial, en especial a causa de la creixent demanda de productes electrònics que es connecten remotament a través de xarxes. Per millorar la seguretat dels sistemes IoT, s’han proposat noves solucions hardware basades en la variabilitat dels processos de fabricació. Les funcions físicament inclonables (PUF) constitueixen una font fiable d’aleatorietat física i són una base essencial per a la seguretat hardware. Les memòries SRAM s’estan convertint en una de les alternatives més prometedores per a la implementació de funcions físicament inclonables encastades. Això és així ja que el valor d’encesa de cada una de les cel·les que formen els bits de la memòria depèn en gran mesura de la variabilitat pròpia del procés de fabricació. No tots els bits tenen el mateix grau de variabilitat, així que algunes cel·les canvien el seu estat lògic d’encesa de forma aleatòria entre enceses, mentre que d’altres sempre assoleixen el mateix valor en totes les enceses. No obstant això, les funcions físicament inclonables, que s’utilitzen per generar claus d’identificació, requereixen un valor lògic d’encesa constant per tal d’assegurar una resposta fiable del PUF. Per aquest motiu, normalment es necessita algun tipus de postprocessament per corregir els possibles errors presents en la resposta del PUF. Malauradament, les cel·les que presenten una resposta més constant són difícils de detectar a priori. Aquest treball caracteritza per simulació la reproductibilitat del valor d’encesa de cel·les SRAM, i proposa diverses mètriques per estimar la fiabilitat de les cel·les durant les fases de disseny de la memòria. L'objectiu és ser capaç de predir per simulació el percentatge de cel·les que seran adequades per ser utilitzades com PUF. S’avaluen els resultats de diverses mètriques i s’analitza la reproductibilitat dels valors d’encesa de les cel·les considerant diverses fonts de pertorbacions externes, com diferents rampes de tensió per a l’encesa, els valors interns emmagatzemats prèviament en les cel·les, i diferents temperatures. Es proposa utilitzar aquestes mètriques per estimar el nombre de cel·les SRAM adients per ser implementades com a PUF en un disseny d‘SRAM específic.[spa] En la era de la Internet de las cosas (IoT), garantizar la seguridad del hardware se ha convertido en un tema de investigación crucial, en especial a causa de la creciente demanda de productos electrónicos que se conectan remotamente a través de redes. Para mejorar la seguridad de los sistemas IoT, se han propuesto nuevas soluciones hardware basadas en la variabilidad de los procesos de fabricación. Las funciones físicamente inclonables (PUF) constituyen una fuente fiable de aleatoriedad física y son una base esencial para la seguridad hardware. Las memorias SRAM se están convirtiendo en una de las alternativas más prometedoras para la implementación de funciones físicamente inclonables empotradas. Esto es así, puesto que el valor de encendido de cada una de las celdas que forman los bits de la memoria depende en gran medida de la variabilidad propia del proceso de fabricación. No todos los bits tienen el mismo grado de variabilidad. Así pues, algunas celdas cambian su estado lógico de encendido de forma aleatoria entre encendidos, mientras que otras siempre adquieren el mismo valor en todos los encendidos. Sin embargo, las funciones físicamente inclonables, que se utilizan para generar claves de identificación, requieren un valor lógico de encendido constante para asegurar una respuesta fiable del PUF. Por este motivo, normalmente se necesita algún tipo de posprocesado para corregir los posibles errores presentes en la respuesta del PUF. Desafortunadamente, las celdas que presentan una respuesta más constante son difíciles de detectar a priori. Este trabajo caracteriza por simulación la reproductibilidad del valor de encendido de celdas SRAM, y propone varias métricas para estimar la fiabilidad de las celdas durante las fases de diseño de la memoria. El objetivo es ser capaz de predecir por simulación el porcentaje de celdas que serán adecuadas para ser utilizadas como PUF. Se evalúan los resultados de varias métricas y se analiza la reproductibilidad de los valores de encendido de las celdas considerando varias fuentes de perturbaciones externas, como diferentes rampas de tensión para el encendido, los valores internos almacenados previamente en las celdas, y diferentes temperaturas. Se propone utilizar estas métricas para estimar el número de celdas SRAM adecuadas para ser implementadas como PUF en un diseño de SRAM específico

SRAM PUF의 신뢰성 개선을 위한 전원 공급 기법

학위논문 (석사) -- 서울대학교 대학원 : 융합과학기술대학원 융합과학부(지능형융합시스템전공), 2021. 2. 전동석.PUF (Physically Unclonable Function)은 하드웨어 레벨의 인증 과 정에서 널리 이용되는 방법이다. 그 중에서도 SRAM PUF는 가장 잘 알 려진 PUF의 방법론이다. 그러나 예측 불가능한 동작으로 인해 발생되는 낮은 재생산성과 전원 공급 과정에서 발생하는 노이즈의 문제를 가지고 있다. 본 논문에서는 효과적으로 SRAM PUF의 재생산성을 향상시킬 수 있는 두 가지 전원 공급 기법을 제안한다. 제시한 기법들은 값이 산출되 는 영역 혹은 전원 공급원의 기울기(ramp-up 시간)를 조절함으로써 원 하지 않는 비트의 뒤집힘(flipping) 현상을 줄인다. 180nm 공정으로 제 작된 테스트 칩을 이용한 측정 결과 재생산성이 2.2배 향상되었을 뿐만 아니라 NUBs(Native Unstable Bits)는 54.87% 그리고 BER (Bit Error Rate)는 55.05% 감소한 것을 확인하였다.Physically unclonable function (PUF) is a widely used hardware-level identification method. SRAM-based PUFs are the most well-known PUF topology, but they typically suffer from low reproducibility due to non-deterministic behaviors and noise during power-up process. In this work, we propose two power-up control techniques that effectively improve reproducibility of the SRAM PUFs. The techniques reduce undesirable bit flipping during evaluation by controlling either evaluation region or power supply ramp-up speed. Measurement results from the 180 nm test chip confirm that native unstable bits (NUBs) are reduced by 54.87% and bit error rate (BER) decreases by 55.05% while reproducibility increases by 2.2×.Chapter 1 Introduction 1 1.1 PUF in Hardware Securit 1 1.2 Prior Works and Motivation 2 Chapter 2 Related works and Motivation 5 2.1 Uniqueness 7 2.2 Reproducibility 7 2.3 Hold Static Noise Margin (SNM) 8 2.4 Bit Error Rate (BER) 9 2.5 PUF Static Noise Margin Ratio (PSNMratio) 9 Chapter 3 Microarchitecture-Aware Code Generation 11 3.1 Scheme 1: Developing Fingerprint in Sub-Threshold Region 13 3.2 Scheme 2: Controlling Voltage Ramp-up Speed 17 Chapter 4 Experimental Evaluation 19 4.1 Experimental Setup 19 4.2 Evaluation Results 21 Chapter 5 Conclusion 28 Bibliography 29 Abstract in Korean 33Maste

On Improving Robustness of Hardware Security Primitives and Resistance to Reverse Engineering Attacks

The continued growth of information technology (IT) industry and proliferation of interconnected devices has aggravated the problem of ensuring security and necessitated the need for novel, robust solutions. Physically unclonable functions (PUFs) have emerged as promising secure hardware primitives that can utilize the disorder introduced during manufacturing process to generate unique keys. They can be utilized as \textit{lightweight} roots-of-trust for use in authentication and key generation systems. Unlike insecure non-volatile memory (NVM) based key storage systems, PUFs provide an advantage -- no party, including the manufacturer, should be able to replicate the physical disorder and thus, effectively clone the PUF. However, certain practical problems impeded the widespread deployment of PUFs. This dissertation addresses such problems of (i) reliability and (ii) unclonability. Also, obfuscation techniques have proven necessary to protect intellectual property in the presence of an untrusted supply chain and are needed to aid against counterfeiting. This dissertation explores techniques utilizing layout and logic-aware obfuscation. Collectively, we present secure and cost-effective solutions to address crucial hardware security problems

FPGA-Based PUF Designs: A Comprehensive Review and Comparative Analysis

Field-programmable gate arrays (FPGAs) have firmly established themselves as dynamic platforms for the implementation of physical unclonable functions (PUFs). Their intrinsic reconfigurability and profound implications for enhancing hardware security make them an invaluable asset in this realm. This groundbreaking study not only dives deep into the universe of FPGA-based PUF designs but also offers a comprehensive overview coupled with a discerning comparative analysis. PUFs are the bedrock of device authentication and key generation and the fortification of secure cryptographic protocols. Unleashing the potential of FPGA technology expands the horizons of PUF integration across diverse hardware systems. We set out to understand the fundamental ideas behind PUF and how crucially important it is to current security paradigms. Different FPGA-based PUF solutions, including static, dynamic, and hybrid systems, are closely examined. Each design paradigm is painstakingly examined to reveal its special qualities, functional nuances, and weaknesses. We closely assess a variety of performance metrics, including those related to distinctiveness, reliability, and resilience against hostile threats. We compare various FPGA-based PUF systems against one another to expose their unique advantages and disadvantages. This study provides system designers and security professionals with the crucial information they need to choose the best PUF design for their particular applications. Our paper provides a comprehensive view of the functionality, security capabilities, and prospective applications of FPGA-based PUF systems. The depth of knowledge gained from this research advances the field of hardware security, enabling security practitioners, researchers, and designers to make wise decisions when deciding on and implementing FPGA-based PUF solutions.publishedVersio