Physical Unclonable Functions

Farzane Salehi MinapourAida MiralaeiMohammadKazem Taram

Department of Computer Eng. Sharif University of TechnologySpring 2014

Agenda

●Challenges in Hardware Security●What is PUF ?●Applications of PUFs●Classification of PUFs●PUF Circuits●Summery●References

Hardware Security and Trust, CE, SUT

Challenges=>Conventional Authentication

Hardware Security and Trust, CE, SUT

Conventional Authentication Schemes Need to store keys Power and area consuming

.

Challenges => Store Secrets

Hardware Security and Trust, CE, SUT

Conventional approach to embed secure secrets in IC• Non-volatile memory(ROM, Fuse, Flash or EEPROM)• Battery-backed RAM

Non-volatile memory technologies are often vulnerable to invasive and non-invasive attack

Adversaries can physically extract secret keys from EEPROM while processor is off

Challenges=>expensive tamper proof packs

Hardware Security and Trust, CE, SUT

Storing digital information in a device in a way that is resistant to physical attacks is difficult and expensive.

IBM 4758 ● Tamper-proof package containing

a secure processor which has a secret key and memory

● Tens of sensors, resistance, temperature, voltage, etc.

● Continually battery-powered● ~ $3500 for a 99 MHz processor

and 128MB of memory

Power and Area are criticalRFID tag can afford a maximum of 2000 gates for security features

Passive RFIDsA good cryptographic primitive should be lightweight, occupy little area on silicon and should have very low power consumption.

Challenges=>Power and Area

Hardware Security and Trust, CE, SUT

What is PUF? Physical Unclonable Function (PUF) Process variations can be turned into a

feature rather than a problem• Variation is inherent in fabrication process• Unique for each physical instance• Hard to remove or predict• Relative variation increases as the fab process

advances• Non-silicon PUFs

Hardware Security and Trust, CE, SUT

Types of PUFs

● Optical PUFs● Coating and Acoustic PUFs● Silicon PUFs(SPUF)

○ timing and delay information○ easy integrate into ICs

Applications of PUF1) Low cost authentication[1]

Hardware Security and Trust, CE, SUT

Applications of PUF2) Cryptographic Key Generator[1]

*ECC=Error Correction Code Hardware Security and Trust, CE, SUT

Applications of PUF3) Software Licensing and Anonymous Computation[3]

*CPUF=Controlled PUF Hardware Security and Trust, CE, SUT

Applications of PUF3) Software Licensing and Anonymous Computation

Hardware Security and Trust, CE, SUT

●0.1% of all challenges do not return a consistent response

●These meta-stable challenges generate responses which can vary unpredictably

Applications of PUF

4) Random Number Generation [2]

Classification of PUFs●Strong PUFs

○Large number of challenge response pairs○IC identification and secret key generation○E.g arbiter PUF and feed forward arbiter

●Weak PUFs○Limited number of challenge response pairs

(sometime just single)○Secret key generation○E.g SRAM PUF and butterfly PUF

Hardware Security and Trust, CE, SUT

PUF Circuits●Arbiter PUF[4]

Hardware Security and Trust, CE, SUT

PUF Circuits

●Arbiter PUF●delay paths with the same layout length●Simple->attackers can construct a timing

model

Hardware Security and Trust, CE, SUT

PUF Circuits●construct a k-bit response

●one circuit can be used k times with different inputs

● duplicate the single-output PUF circuit

Hardware Security and Trust, CE, SUT

PUF Circuits●Feed Forward Arbiter PUF

Hardware Security and Trust, CE, SUT

PUF Circuits●Lightweight Secure PUF[7]

Hardware Security and Trust, CE, SUT

PUF Circuits●Ring Oscillator PUF [1]

Hardware Security and Trust, CE, SUT

PUF Circuits

●Ring Oscillator PUF●Easier Implementation

●No need for careful layout and routing●Slower, Larger, more power to generate bits●Better for FPGAs and secure processors●Hard to generate many challenge response

pairs

Hardware Security and Trust, CE, SUT

PUF Circuits●Ring Oscillator PUF

●environmental conditions●Choose ring oscillator

pairs, whose frequencies are far apart=>remove key generation error

Hardware Security and Trust, CE, SUT

PUF Circuits SRAM●SRAM PUF[5]

Hardware Security and Trust, CE, SUT

PUF Circuits●Butterfly PUF[6]

Hardware Security and Trust, CE, SUT

Summery●PUFs are innovative circuit primitives that extract

secrets from physical characteristics of integrated circuits (ICs)

●PUFs can enable low-cost authentication of individual ICs

●Generate volatile secret keys for cryptographic operations both symmetric and asymmetric cryptographic operations

●PUF applications and circuits

Hardware Security and Trust, CE, SUT

References[1] Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: Design Automation Conference, pp. 9{14. ACM Press, New York, NY, USA (2007)[2] C. W. O’Donnell, G. E. Suh, and S. Devadas . PUF-based random number generation. In MITCSAIL CSG Technical Memo 481, November 2004[3] Gassend, Blaise, et al. "Controlled physical random functions and applications." ACM Transactions on Information and System Security (TISSEC) 10.4 (2008): 3.[4]   J.W. Lee, D. Lim, B. Gassend, G. E. Suh, M. van Dijk and S. Devadas, “ A technique  to build a secret key in integrated circuits with identification and authentication applications”, in Proceedings of the VLSI Circuits Symposium, June 2004. [5]    D. E. Holcomb, W. P. Burleson, and K. Fu, “  Power-up SRAM State as an Identifying Fingerprint and Source of True Random Numbers”,  in  IEEE Transactions on Computers, 58(9):1198-1210, 2009.[6] S. S. Kumar, J. Guajardo, R. Maes, Geert-Jan Schrijen  and P. Tuyls,  “Extended Abstract: The Butterfly PUF Protecting IP on every FPGA”, in  IEEE International Workshop on Hardware-Oriented Security and Trust, HOST 2008.[7] M. Majzoobi, F. Koushanfar and M. Potkonjak, “Lightweight Secure PUFs”, in IEEE International Conference on Computer-Aided Design, 2008

Hardware Security and Trust, CE, SUT

Thanks