PUF - Physical Unclonable Functions and Applications: A Tutorial

LAVI

Abstract

這篇論文在描述 在 low-cost authentication 和 key generation aplication 中使用 physical unclonable functions (PUFs) 技術

Introduction

Mobile and embedded devices are becoming ubiquitous, Many such tasks require the mobile device to securely authenticate and be authenticated by another party and/or securely handle private information.

The current best practice for providing such a secure memory or authentication source in such a mobile system is to place a secret key in a nonvolatile electrically erasable programmable read-only memory (EEPROM) or battery-backed static random-access memory (SRAM) and use hardware cryptographic operations such as digital signatures or encryption.

This approach is expensive both in terms of design area and power consumption.
In addition, such nonvolatile memory is often vulnerable to invasive attack mechanisms.

因為現有用於行動裝置的安全維護機制成本都很昂貴,所以提出了 PUFs 技術來解決問題

Physical unclonable functions (PUFs) are a promising innovative primitive that are used for authentication and secret key storage without the requirement of secure EEPROMs and other expensive hardware described above.

This is possible, because instead of storing secrets in digital memory, PUFs derive a secret from the physical characteristics of the integrated circuit (IC).

This paper will discuss a PUF that uses the innate manufacturing variability of gate delay as a physical characteristic from which one can derive a secret.

PUFs is advantageous over standard secure digital storage for several reasons:

  1. PUF hardware uses simple digital circuits that are
    easy to fabricate and consume less power and area. In addition, simple PUF applications do not require expensive cryptographic hardware, such as SHA or public/private key encryption algorithm.

  2. Any physical attack attempting to extract digital information from the chip, therefore, must do so while the chip is powered on.

  3. Invasive attacks are more difficult to execute without modifying the physical characteristics from which the secret is derived. Therefore, continually powered active antitamper mechanisms are not required to secure the PUF

  4. Nonvolatile memory is more expensive to manufacture.

Each IC is actually slightly different due to normal
manufacturing variability
. PUFs leverage this variability to
derive “secret” information that is unique to the chip.

Due to the manufacturing variability that defines the secret, one cannot manufacture two identical chips, even with full knowledge of the chip’s
design.

無論技術再高超,都無法製作出兩個完全一模一樣的晶片,PUF 就是利用這些物理特性來傳遞安全機密

PUF architectures exploit manufacturing variability
in multiple ways:

  1. gate delay
  2. gate architectures
  3. power-on state of SRAM
  4. threshold voltages
  5. many other physical characteristics

TYPES OF PUFs

The two primary applications of PUFs are for:

  1. low-cost authentication
  2. secure key generation

Each PUF can be modeled as a black-box challenge-response system, a PUF passed an input challenge and returns a response , where describes the input/output relations of the PUF and are hidden from the user since they represent the internal manufacturing variability.

PUF 像是黑盒子,可以隱藏內部參數的變異性

The fundamental difference between weak and strong PUFs is the domain of .
A weak PUF can only support a small number of challenges, a strong PUF can support a large enough number of challenges.

Weak PUF Model

These PUFs can be thought of as PUFs that directly digitize some “fingerprint” of the circuit.
This direct measurement results in a digital signature that can be used for cryptographic purposes.
Because the fingerprint signature remains largely invariant, this means that the PUF can only be interrogated by one or a small number of challenges.

Weak PUFs have the following properties:

  • a challenge always yields the same response
  • responses are unpredictable and depend strongly on
    the innate manufacturing variability of the device
  • it is impractical to manufacture two devices with
    the same physical fingerprint

Powering on the SRAM, the output signature is always the same.
For this reason, weak PUFs are well suited for use in key derivation processes.

For example, the weak PUF output may be used as the key in a keyed-hash message authentication code (HMAC) challenge–response sequence.
In addition, the output may be used as a secret key to encrypt/decrypt data on the device.

Strong PUF Model

Strong PUFs differ from weak PUFs in that a strong PUF can support a large number of CRPs. As a result, a strong PUF can be authenticated directly without using any cryptographic hardware.

The output of a weak PUF must be kept private, while a strong PUF’s responses do not have the same restriction.

Error Correction

If the parameters vary too much, the digital key (for the weak PUF) or response (for the strong PUF) will change, and the crypto operation will fail.

Even in optimal environmental conditions, noise will result in one or several of the output bits of the PUF being incorrect for any given challenge.

EXAMPLE STRONG PUF ARCHITECTURES (Overview)

Optical PUF

by R. S. Pappu, P. S. Ravikanth, B. Recht, J. Taylor, and N. Gershenfeld, “Physical one-way functions,” Science, vol. 297, pp. 2026–2030, 2002.

a device with three primary components:

  1. a laser directed along the Z-axis that can be moved in the XY plane and whose polarization can be modified
  2. a stationary scattering medium that sits along the path of the laser beam
  3. an imaging device that records the output “speckle” pattern of laser light exiting the scattering medium.

Arbiter PUF

An input edge is split to two multiplexors (muxes). Depending on the input challenge bits , this path will vary.

Although the layout is identical manufacturing variability in the gate delay of each mux will result in one edge arriving at the latch first, and the latch acts as the “arbiter.”

The output will, therefore, depend on the challenge bits.

In Fig. 1, there are 128 challenge bits and one response bit.
Of course, one typically operates multiple identical circuits in parallel to achieve 128 response bits. In this way, the arbiter PUF can be scaled to an almost arbitrary number of CRPs.

Reference

C. Herder, M. -D. Yu, F. Koushanfar and S. Devadas, “Physical Unclonable Functions and Applications: A Tutorial,” in Proceedings of the IEEE, vol. 102, no. 8, pp. 1126-1141, Aug. 2014, doi: 10.1109/JPROC.2014.2320516.