scispace - formally typeset
Search or ask a question
Author

Gookwon Edward Suh

Bio: Gookwon Edward Suh is an academic researcher from Massachusetts Institute of Technology. The author has contributed to research in topics: Signal generator & Physical unclonable function. The author has an hindex of 4, co-authored 6 publications receiving 1143 citations.

Papers
More filters
Journal ArticleDOI
TL;DR: It is shown that arbiter-based PUFs are realizable and well suited to build key-cards that need to be resistant to physical attacks and to be identified securely and reliably over a practical range of environmental variations such as temperature and power supply voltage.
Abstract: Modern cryptographic protocols are based on the premise that only authorized participants can obtain secret keys and access to information systems. However, various kinds of tampering methods have been devised to extract secret keys from conditional access systems such as smartcards and ATMs. Arbiter-based physical unclonable functions (PUFs) exploit the statistical delay variation of wires and transistors across integrated circuits (ICs) in manufacturing processes to build unclonable secret keys. We fabricated arbiter-based PUFs in custom silicon and investigated the identification capability, reliability, and security of this scheme. Experimental results and theoretical studies show that a sufficient amount of inter-chip variation exists to enable each IC to be identified securely and reliably over a practical range of environmental variations such as temperature and power supply voltage. We show that arbiter-based PUFs are realizable and well suited to build, for example, key-cards that need to be resistant to physical attacks.

1,002 citations

Patent
19 Sep 2008
TL;DR: Physical Unclonable Functions (PUFs) for authentication can be implemented in a variety of electronic devices including FPGAs, RFIDs, and ASICs as discussed by the authors, which can be used to authenticate a target object with a PUF.
Abstract: Physical Unclonable Functions (PUFs) for authentication can be implemented in a variety of electronic devices including FPGAs, RFIDs, and ASICs. In some implementations, challenge-response pairs corresponding to individual PUFs can be enrolled and used to determine authentication data, which may be managed in a database. Later when a target object with a PUF is intended to be authenticated a set (or subset) of challenges are applied to each PUF device to authenticate it and thus distinguish it from others. In some examples, authentication is achieved without requiring complex cryptography circuitry implemented on the device. Furthermore, an authentication station does not necessarily have to be in communication with an authority holding the authentication data when a particular device is to be authenticated.

201 citations

Proceedings ArticleDOI
08 May 2005
TL;DR: An adaptive tree-log scheme is presented to improve the performance of checking the integrity of arbitrarily large untrusted data, when using only a small fixed-sized trusted state, to harness the power of the constant runtime bandwidth overhead of a log-based scheme.
Abstract: We present an adaptive tree-log scheme to improve the performance of checking the integrity of arbitrarily large untrusted data, when using only a small fixed-sized trusted state. Currently, hash trees are used to check the data. In many systems that use hash trees, programs perform many data operations before performing a critical operation that exports a result outside of the program's execution environment. The adaptive tree-log scheme we present uses this observation to harness the power of the constant runtime bandwidth overhead of a log-based scheme. For all programs, the adaptive tree-log scheme's bandwidth overhead is guaranteed to never be worse than a parameterizable worst case bound. Furthermore, for all programs, as the average number of times the program accesses data between critical operations increases, the adaptive tree-log scheme's bandwidth overhead moves from a logarithmic to a constant bandwidth overhead.

39 citations

Patent
24 Jan 2007
TL;DR: In this paper, a set of multiple signal generator circuits embodied in a device are selected, and then a volatile value for the device is generated from the selected subsets, which may be used for authentication of the device and/or for cryptographic procedures performed on the device.
Abstract: Subsets of multiple signal generator circuits embodied in a device are selected, and then a volatile value for the device is generated from the selected subsets. The volatile value may be used for authentication of the device and/or for cryptographic procedures performed on the device. The signal generator circuits may each comprise an oscillator circuit, and the selection of the subsets may be according to a comparison of the outputs of the subsets of circuits, for example, according to a comparison of output oscillation frequencies.

18 citations


Cited by
More filters
Proceedings ArticleDOI
04 Jun 2007
TL;DR: This work presents PUF designs that exploit inherent delay characteristics of wires and transistors that differ from chip to chip, and describes how PUFs can enable low-cost authentication of individual ICs and generate volatile secret keys for cryptographic operations.
Abstract: Physical Unclonable Functions (PUFs) are innovative circuit primitives that extract secrets from physical characteristics of integrated circuits (ICs). We present PUF designs that exploit inherent delay characteristics of wires and transistors that differ from chip to chip, and describe how PUFs can enable low-cost authentication of individual ICs and generate volatile secret keys for cryptographic operations.

2,014 citations

Proceedings Article
01 Jan 2007

1,944 citations

Posted Content
TL;DR: This paper defines and explores proofs of retrievability (PORs), a POR scheme that enables an archive or back-up service to produce a concise proof that a user can retrieve a target file F, that is, that the archive retains and reliably transmits file data sufficient for the user to recover F in its entirety.
Abstract: In this paper, we define and explore proofs of retrievability (PORs). A POR scheme enables an archive or back-up service (prover) to produce a concise proof that a user (verifier) can retrieve a target file F, that is, that the archive retains and reliably transmits file data sufficient for the user to recover F in its entirety.A POR may be viewed as a kind of cryptographic proof of knowledge (POK), but one specially designed to handle a large file (or bitstring) F. We explore POR protocols here in which the communication costs, number of memory accesses for the prover, and storage requirements of the user (verifier) are small parameters essentially independent of the length of F. In addition to proposing new, practical POR constructions, we explore implementation considerations and optimizations that bear on previously explored, related schemes.In a POR, unlike a POK, neither the prover nor the verifier need actually have knowledge of F. PORs give rise to a new and unusual security definition whose formulation is another contribution of our work.We view PORs as an important tool for semi-trusted online archives. Existing cryptographic techniques help users ensure the privacy and integrity of files they retrieve. It is also natural, however, for users to want to verify that archives do not delete or modify files prior to retrieval. The goal of a POR is to accomplish these checks without users having to download the files themselves. A POR can also provide quality-of-service guarantees, i.e., show that a file is retrievable within a certain time bound.

1,783 citations

Proceedings ArticleDOI
28 Oct 2007
TL;DR: In this article, the authors define and explore proofs of retrievability (PORs), which are a kind of cryptographic proof of knowledge (POK) that enables an archive or back-up service (prover) to produce a concise proof that a user (verifier) can retrieve a target file F, that is, that the archive retains and reliably transmits file data sufficient for the user to recover F in its entirety.
Abstract: In this paper, we define and explore proofs of retrievability (PORs). A POR scheme enables an archive or back-up service (prover) to produce a concise proof that a user (verifier) can retrieve a target file F, that is, that the archive retains and reliably transmits file data sufficient for the user to recover F in its entirety.A POR may be viewed as a kind of cryptographic proof of knowledge (POK), but one specially designed to handle a large file (or bitstring) F. We explore POR protocols here in which the communication costs, number of memory accesses for the prover, and storage requirements of the user (verifier) are small parameters essentially independent of the length of F. In addition to proposing new, practical POR constructions, we explore implementation considerations and optimizations that bear on previously explored, related schemes.In a POR, unlike a POK, neither the prover nor the verifier need actually have knowledge of F. PORs give rise to a new and unusual security definition whose formulation is another contribution of our work.We view PORs as an important tool for semi-trusted online archives. Existing cryptographic techniques help users ensure the privacy and integrity of files they retrieve. It is also natural, however, for users to want to verify that archives do not delete or modify files prior to retrieval. The goal of a POR is to accomplish these checks without users having to download the files themselves. A POR can also provide quality-of-service guarantees, i.e., show that a file is retrievable within a certain time bound.

1,652 citations

Book ChapterDOI
10 Sep 2007
TL;DR: New protocols for the IP protection problem on FPGAs are proposed and the first construction of a PUF intrinsic to current FPGA based on SRAM memory randomness present on current FFPAs is provided.
Abstract: In recent years, IP protection of FPGA hardware designs has become a requirement for many IP vendors. In [34], Simpson and Schaumont proposed a fundamentally different approach to IP protection on FPGAs based on the use of Physical Unclonable Functions (PUFs). Their work only assumes the existence of a PUF on the FPGAs without actually proposing a PUF construction. In this paper, we propose new protocols for the IP protection problem on FPGAs and provide the first construction of a PUF intrinsic to current FPGAs based on SRAM memory randomness present on current FPGAs. We analyze SRAM-based PUF statistical properties and investigate the trade offs that can be made when implementing a fuzzy extractor.

1,235 citations