Modélisation et caractérisation des fonctions non clonables physiquement

Physically Unclonable Functions, or PUFs, are innovative technologies devoted to solve some security and identification issues. Similarly to a human fingerprint, PUFs allows to identify uniquely electronic devices as they produce an instance-specific signature. Applications as authentication or key generation can take advantage of this embedded function. The main property that we try to obtain from a PUF is the generation of a unique response that varies randomly from one physical device to another without allowing its prediction. Another important property of these PUF is to always reproduce the same response for the same input challenge even in a changing environment. Moreover, the PUF system should be secure against attacks that could reveal its response. In this thesis, we are interested in silicon PUF which take advantage of inherent process variations during the manufacturing of CMOS integrated circuits. We present several PUF constructions, discuss their properties and the implementation techniques to use them in security applications. We first present two novel PUF structures. The first one, called “Loop PUF” is a delay based PUF which relies on the comparison of delay measurements of identical serial delay chains. The major contribution brought by the use of this structure is its implementation simplicity on both ASIC and FPGA platforms, and its flexibility as it can be used for reliable authentication or key generation. The second proposed structure is a ring-oscillator based PUF cells “TERO PUF”. It exploits the oscillatory metastability of cross-coupled elements, and can also be used as True Random Number Generator (TRNG). More precisely, the PUF response takes advantage from the introduced oscillatory metastability of an SR flip-flop when the S and R inputs are connected to the same input signal. Experimental results show the high performance of these two proposed PUF structures. Second, in order to fairly compare the quality of different delay based PUFs, we propose a specific characterization method. It is based on statistical measurements on basic delay elements. The main benefit of this method is that it allows the designer to be sure that the PUF will meet the expected performances before its implementation and fabrication. Finally, Based on the unclonability and unpredictability properties of the PUFs, we present new techniques to perform “loop PUF” authentication and cryptographic key generation. Theoretical and experimental results show the efficiency of the introduced techniques in terms of complexity and reliabilityLes fonctions non clonables physiquement, appelées PUF (Physically Unclonable Functions), représentent une technologie innovante qui permet de résoudre certains problèmes de sécurité et d’identification. Comme pour les empreintes humaines, les PUF permettent de différencier des circuits électroniques car chaque exemplaire produit une signature unique. Ces fonctions peuvent être utilisées pour des applications telles que l’authentification et la génération de clés cryptographiques. La propriété principale que l’on cherche à obtenir avec les PUF est la génération d’une réponse unique qui varie de façon aléatoire d’un circuit à un autre, sans la possibilité de la prédire. Une autre propriété de ces PUF est de toujours reproduire, quel que soit la variation de l’environnement de test, la même réponse à un même défi d’entrée. En plus, une fonction PUF doit être sécurisée contre les attaques qui permettraient de révéler sa réponse. Dans cette thèse, nous nous intéressons aux PUF en silicium profitant des variations inhérentes aux technologies de fabrication des circuits intégrés CMOS. Nous présentons les principales architectures de PUF, leurs propriétés, et les techniques mises en œuvre pour les utiliser dans des applications de sécurité. Nous présentons d’abord deux nouvelles structures de PUF. La première structure appelée “Loop PUF” est basée sur des chaînes d’éléments à retard contrôlés. Elle consiste à comparer les délais de chaînes à retard identiques qui sont mises en série. Les points forts de cette structure sont la facilité de sa mise en œuvre sur les deux plates-formes ASIC et FPGA, la grande flexibilité pour l’authentification des circuits intégrés ainsi que la génération de clés de chiffrement. La deuxième structure proposée “TERO PUF” est basée sur le principe de cellules temporairement oscillantes. Elle exploite la métastabilité oscillatoire d’éléments couplés en croix, et peut aussi être utilisée pour un générateur vrai d’aléas (TRNG). Plus précisément, la réponse du PUF profite de la métastabilité oscillatoire introduite par une bascule SR lorsque les deux entrées S et R sont connectées au même signal d’entrée. Les résultats expérimentaux montrent le niveau de performances élevé des deux structures de PUF proposées. Ensuite, afin de comparer équitablement la qualité des différentes PUF à retard, nous proposons une méthode de caractérisation spécifique. Elle est basée sur des mesures statistiques des éléments à retard. Le principal avantage de cette méthode vient de sa capacité à permettre au concepteur d’être sûr que la fonction PUF aura les performances attendues avant sa mise en œuvre et sa fabrication. Enfin, en se basant sur les propriétés de non clonabilité et de l’imprévisibilité des PUF, nous présentons de nouvelles techniques d’authentification et de génération de clés de chiffrement en utilisant la “loop PUF” proposée. Les résultats théoriques et expérimentaux montrent l’efficacité des techniques introduites en termes de complexité et de fiabilit

Two IP Protection Schemes for Multi-FPGA Systems

International audienceThis paper proposes two novel protection schemes for multi-FPGA systems providing high security of IP designs licensed by IP vendors to system integrators and installed remotely in a hostile environment. In the first scheme, these useful properties are achieved by storing two different configuration keys inside an FPGA, while in the second scheme, they are obtained using a hardware white-box cipher for creating a trusted environment. Thanks to the proposed principles, FPGA configurations coming from different IP owners cannot be cloned or reverse-engineered by any involved party, including system integrator and other IP owners. The proposed schemes can be directly implemented in recent FPGAs such as Xilinx Spartan 6 and Virtex 6

Multiply Constant-Weight Codes and the Reliability of Loop Physically Unclonable Functions

We introduce the class of multiply constant-weight codes to improve the reliability of certain physically unclonable function (PUF) response. We extend classical coding methods to construct multiply constant-weight codes from known $q$-ary and constant-weight codes. Analogues of Johnson bounds are derived and are shown to be asymptotically tight to a constant factor under certain conditions. We also examine the rates of the multiply constant-weight codes and interestingly, demonstrate that these rates are the same as those of constant-weight codes of suitable parameters. Asymptotic analysis of our code constructions is provided

Evaluation of Delays PUFs on CMOS 65 nm Technology: ASIC vs FPGA

This paper presents a work in progress on the comparison between the performance of two types of Physically Unclonable Functions (PUFs), namely the arbiter and the loop PUFs. The arbiter and the loop PUF are designed on two CMOS-65nm technology platforms: ASIC and FPGA (Xilinx Virtex-5). A mixed PUF design is proposed to allow a fair comparison between the two structures. The principal of the mixed PUF design consists on the use of the same delay chains on both arbiter and loop PUF structures. The comparison analysis reveals that the arbiter PUF structure has the worst performance when compared to the loop PUF, on both platforms. We also observe that the performance for both structures are better when designed on ASIC

Evaluation of Delay PUFs on CMOS 65 nm Technology: ASIC vs FPGA

This work presents a comparison between the performance of two types of silicon Physically Unclonable Functions (PUFs), namely the arbiter and the loop PUFs. The arbiter and the loop PUF are designed on two CMOS-65nm technology platforms: ASIC and FPGA (Xilinx Virtex-5). A mixed PUF design is proposed to allow a fair comparison between the two structures. The principal of the mixed PUF design consists on the use of the same delay chains on both arbiter and loop PUF structures. The comparison analysis reveals that the arbiter PUF structure has the worst performance when compared to the loop PUF, on both platforms. We also observe that the performance for both structures are better when designed on ASIC

Methods to Enhance the Reliability of Key Generation from Physically Unclonable Functions

International audienc

Practical Study of A Physical Unclonalbe Function Based on Transient Effect Ring Oscillators.

This paper presents a practical study of a new silicon physical unclonable function (PUF). It is based on recently proposed transient effect ring oscillator (TERO) cells that were originally designed for a true random number generator (TRNG). The proposed PUF has state of the art PUF characteristics with a good ratio of PUF response stability to length. The novel architecture using differential structures guarantees high stability of the TERO-PUF response and low sensitivity to temperature. The area of the TERO-PUF is relatively high, but is still comparable with other PUF designs. However, since the same piece of hardware can be used for both PUF and random number generation, the proposed principle offers an interesting area efficient mixed solution

Evaluation of delay PUFs on CMOS 65nm technology: ASIC vs FPGA

International audienceThis paper presents a comparative study of delay Physically Unclonable Functions (PUFs) designed in CMOS-65nm technology platforms: ASIC and FPGA (Xilinx Virtex-5). The performances are analyzed for two types of silicon PUFs, namely the arbiter and the loop PUFs. For this purpose, a PUF has been speci cally designed, the \mixed PUF", to allow a fair comparison between the two structures. The principle of the mixed PUF design consists on the use of the same delay chains for both PUFs. The analysis is based on PUF responses obtained at di erent operating conditions for 18 ASICs. Each one embeds 49 PUF instances. The comparison analysis reveals that overall the arbiter PUF structure has the worst performance when compared to the loop PUF, on both platforms