International Association for Cryptologic Research (IACR)
Abstract
We are at the dawn of a hyper connectivity age otherwise known as the Internet of Things (IoT). It is widely accepted that to be able to reap all benefits from the IoT promise, device security will be of paramount importance. A key requirement for most security solutions is the ability to provide secure cryptographic key storage in a way that will easily scale in the IoT age. In this paper, we focus on providing such a solution based on Physical Unclonable Functions (PUFs). To this end, we focus on microelectromechanical systems (MEMS)-based gyroscopes and show via wafer-level measurements and simulations, that it is feasible to use the physical and electrical properties of these sensors for cryptographic key generation. After identifying the most promising features, we propose a novel quantization scheme to extract bit strings from the MEMS analog measurements. We provide upper and lower bounds for the minimum entropy of the bit strings derived from the measurements and fully analyze the intra- and inter-class distributions across the operation range of the MEMS device. We complement these measurements via Monte-Carlo simulations based on the distributions of the parameters measured on actual devices. We also propose and evaluate a key derivation procedure based on fuzzy extractors for Hamming distance, using the min-entropy estimates obtained to derive a full entropy 128-bit key, requiring 1219-bits of helper data with an (authentication) failure probability of 4x10^-7.
Thereby, we present a complete cryptographic key generation chain.
In addition, we propose a dedicated MEMS-PUF design, which is superior to our measured sensor, in terms of chip area, quality and quantity of key seed features