scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

Physical unclonable functions for device authentication and secret key generation

TL;DR: This work presents PUF designs that exploit inherent delay characteristics of wires and transistors that differ from chip to chip, and describes how PUFs can enable low-cost authentication of individual ICs and generate volatile secret keys for cryptographic operations.
Abstract: Physical Unclonable Functions (PUFs) are innovative circuit primitives that extract secrets from physical characteristics of integrated circuits (ICs). We present PUF designs that exploit inherent delay characteristics of wires and transistors that differ from chip to chip, and describe how PUFs can enable low-cost authentication of individual ICs and generate volatile secret keys for cryptographic operations.

Content maybe subject to copyright    Report

Citations
More filters
Journal ArticleDOI
30 May 2014
TL;DR: This paper motivates the use of PUFs versus conventional secure nonvolatile memories, defines the two primary PUF types, and describes strong and weak PUF implementations and their use for low-cost authentication and key generation applications.
Abstract: This paper describes the use of physical unclonable functions (PUFs) in low-cost authentication and key generation applications. First, it motivates the use of PUFs versus conventional secure nonvolatile memories and defines the two primary PUF types: “strong PUFs” and “weak PUFs.” It describes strong PUF implementations and their use for low-cost authentication. After this description, the paper covers both attacks and protocols to address errors. Next, the paper covers weak PUF implementations and their use in key generation applications. It covers error-correction schemes such as pattern matching and index-based coding. Finally, this paper reviews several emerging concepts in PUF technologies such as public model PUFs and new PUF implementation technologies.

977 citations


Cites background from "Physical unclonable functions for d..."

  • ...The SRAM is an extreme example of a weak PUF in the sense that it only has one ‘‘CRP.’’ Note that since weak PUFs in general have only a small number of CRPs, these pairs must be kept secret....

    [...]

Posted Content
TL;DR: In this article, the authors present a detailed and structured presentation of the publicly available information on SGX, a series of intelligent guesses about some important but undocumented aspects of SGX.
Abstract: Intel’s Software Guard Extensions (SGX) is a set of extensions to the Intel architecture that aims to provide integrity and confidentiality guarantees to securitysensitive computation performed on a computer where all the privileged software (kernel, hypervisor, etc) is potentially malicious. This paper analyzes Intel SGX, based on the 3 papers [14, 78, 137] that introduced it, on the Intel Software Developer’s Manual [100] (which supersedes the SGX manuals [94, 98]), on an ISCA 2015 tutorial [102], and on two patents [108, 136]. We use the papers, reference manuals, and tutorial as primary data sources, and only draw on the patents to fill in missing information. This paper’s contributions are a summary of the Intel-specific architectural and micro-architectural details needed to understand SGX, a detailed and structured presentation of the publicly available information on SGX, a series of intelligent guesses about some important but undocumented aspects of SGX, and an analysis of SGX’s security properties.

834 citations

Proceedings ArticleDOI
04 Oct 2010
TL;DR: In this article, numerical modeling attacks are used to break the security of physical unclonable functions (PUFs) by constructing a computer algorithm which behaves indistinguishably from the original PUF on almost all CRPs.
Abstract: We show in this paper how several proposed Physical Unclonable Functions (PUFs) can be broken by numerical modeling attacks. Given a set of challenge-response pairs (CRPs) of a PUF, our attacks construct a computer algorithm which behaves indistinguishably from the original PUF on almost all CRPs. This algorithm can subsequently impersonate the PUF, and can be cloned and distributed arbitrarily. This breaks the security of essentially all applications and protocols that are based on the respective PUF. The PUFs we attacked successfully include standard Arbited PUFs and Ring Oscillator PUFs of arbitrary sizes, and XO Arbiter PUFs, Lightweight Secure PUFs, and Feed-Forward Arbiter PUFs of up to a given size and complexity. Our attacks are based upon various machine learning techniques including Logistic Regression and Evolution Strategies. Our work leads to new design requirements for secure electrical PUFs, and will be useful to PUF designers and attackers alike.

754 citations

Proceedings ArticleDOI
10 Mar 2008
TL;DR: A novel comprehensive technique to end piracy of integrated circuits (EPIC), which requires that every chip be activated with an external key, which can only be generated by the holder of IP rights, and cannot be duplicated.
Abstract: As semiconductor manufacturing requires greater capital investments, the use of contract foundries has grown dramatically, increasing exposure to mask theft and unauthorized excess production. While only recently studied, IC piracy has now become a major challenge for the electronics and defense industries [6].We propose a novel comprehensive technique to end piracy of integrated circuits (EPIC). It requires that every chip be activated with an external key, which can only be generated by the holder of IP rights, and cannot be duplicated. EPIC is based on (i) automatically-generated chip IDs, (ii) a novel combinational locking algorithm, and (iii) innovative use of public-key cryptography. Our evaluation suggests that the overhead of EPIC on circuit delay and power is negligible, and the standard flows for verification and test do not require change. In fact, major required components have already been integrated into several chips in production. We also use formal methods to evaluate combinational locking and computational attacks. A comprehensive protocol analysis concludes that EPIC is surprisingly resistant to various piracy attempts.

639 citations

Proceedings ArticleDOI
09 Jun 2008
TL;DR: A new PUF structure called the butterfly PUF that can be used on all types of FPGAs is proposed and experimental results showing their identification and key generation capabilities are presented.
Abstract: IP protection of hardware designs is the most important requirement for many FPGA IP vendors. To this end, various solutions have been proposed by FPGA manufacturers based on the idea of bitstream encryption. An alternative solution was advocated in (E. Simpson and P. Schaumont, 2006). Simpson and Schaumont proposed a new approach based on physical unclonable functions (PUFs) for IP protection on FPGAs. PUFs are a unique class of physical systems that extract secrets from complex physical characteristics of the integrated circuits which along with the properties of unclonability provide a highly secure means of generating volatile secret keys for cryptographic operations. However, the first practical PUF on an FPGA was proposed only later in (J. Guajardo et al., 2007) based on the startup values of embedded SRAM memories which are intrinsic in some of the current FPGAs. The disadvantage of these intrinsic SRAM PUFs is that not all FPGAs support uninitialized SRAM memory. In this paper, we propose a new PUF structure called the butterfly PUF that can be used on all types of FPGAs. We also present experimental results showing their identification and key generation capabilities.

502 citations


Cites background from "Physical unclonable functions for d..."

  • ...[5] B. Gassend, D. Clarke, M. van Dijk, and S. Devadas....

    [...]

  • ...Suh and Devadas [20] present a PUF based on ring oscillators...

    [...]

  • ...[13] D. Lim, J. W. Lee, B. Gassend, G. E. Suh, M. van Dijk, and S. Devadas....

    [...]

  • ...Suh and Devadas [20] present a PUF based on ring oscillators which can also be implemented with the FPGA....

    [...]

  • ...[20] G. Edward Suh and Srinivas Devadas....

    [...]

References
More filters
Journal ArticleDOI
01 Jan 2001-Science
TL;DR: The concept of fabrication complexity is introduced as a way of quantifying the difficulty of materially cloning physical systems with arbitrary internal states as primitives for physical analogs of cryptosystems.
Abstract: Modern cryptography relies on algorithmic one-way functions—numerical functions which are easy to compute but very difficult to invert. This dissertation introduces physical one-way functions and physical one-way hash functions as primitives for physical analogs of cryptosystems. Physical one-way functions are defined with respect to a physical probe and physical system in some unknown state. A function is called a physical one-way function if (a) there exists a deterministic physical interaction between the probe and the system which produces an output in constant time; (b) inverting the function using either computational or physical means is difficult; (c) simulating the physical interaction is computationally demanding and (d) the physical system is easy to make but difficult to clone. Physical one-way hash functions produce fixed-length output regardless of the size of the input. These hash functions can be obtained by sampling the output of physical one-way functions. For the system described below, it is shown that there is a strong correspondence between the properties of physical one-way hash functions and their algorithmic counterparts. In particular, it is demonstrated that they are collision-resistant and that they exhibit the avalanche effect, i.e., a small change in the physical system causes a large change in the hash value. An inexpensive prototype authentication system based on physical one-way hash functions is designed, implemented, and analyzed. The prototype uses a disordered three-dimensional microstructure as the underlying physical system and coherent radiation as the probe. It is shown that the output of the interaction between the physical system and the probe can be used to robustly derive a unique tamper-resistant identifier at a very low cost per bit. The explicit use of three-dimensional structures marks a departure from prior efforts. Two protocols, including a one-time pad protocol, that illustrate the utility of these hash functions are presented and potential attacks on the authentication system are considered. Finally, the concept of fabrication complexity is introduced as a way of quantifying the difficulty of materially cloning physical systems with arbitrary internal states. Fabrication complexity is discussed in the context of an idealized machine—a Universal Turing Machine augmented with a fabrication head—which transforms algorithmically minimal descriptions of physical systems into the systems themselves. (Copies available exclusively from MIT Libraries, Rm. 14-0551, Cambridge, MA 02139-4307. Ph. 617-253-5668; Fax 617-253-1690.)

1,665 citations


"Physical unclonable functions for d..." refers methods in this paper

  • ...For example, Pappu proposed an optical PUF, which uses the speckle patterns of optical medium for laser light [ 12 ]....

    [...]

Proceedings ArticleDOI
18 Nov 2002
TL;DR: It is argued that a complex integrated circuit can be viewed as a silicon PUF and a technique to identify and authenticate individual integrated circuits (ICs) is described.
Abstract: We introduce the notion of a Physical Random Function (PUF). We argue that a complex integrated circuit can be viewed as a silicon PUF and describe a technique to identify and authenticate individual integrated circuits (ICs).We describe several possible circuit realizations of different PUFs. These circuits have been implemented in commodity Field Programmable Gate Arrays (FPGAs). We present experiments which indicate that reliable authentication of individual FPGAs can be performed even in the presence of significant environmental variations.We describe how secure smart cards can be built, and also briefly describe how PUFs can be applied to licensing and certification applications.

1,644 citations


"Physical unclonable functions for d..." refers background in this paper

  • ...Section 7), this paper focuses on silicon PUFs (SPUFs) that are based on the hidden timing and delay information of integrated circuits [6, 7]....

    [...]

  • ...Physical Unclonable Functions (PUFs) [5, 6, 7] are innovative primitives to derive secrets from complex physical characteristics of ICs rather than storing the secrets in digital memory....

    [...]

18 Nov 1996
TL;DR: It is concluded that trusting tamper resistance is problematic; smartcards are broken routinely, and even a device that was described by a government signals agency as 'the most secure processor generally available' turns out to be vulnerable.
Abstract: An increasing number of systems from pay-TV to electronic purses, rely on the tamper resistance of smartcards and other security processors. We describe a number of attacks on such systems -- some old, some new and some that are simply little known outside the chip testing community. We conclude that trusting tamper resistance is problematic; smartcards are broken routinely, and even a device that was described by a government signals agency as 'the most secure processor generally available' turns out to be vulnerable. Designers of secure systems should consider the consequences with care.

1,133 citations


"Physical unclonable functions for d..." refers background in this paper

  • ...Non-volatile memory technologies are often vulnerable to invasive attack as secrets always exist in a digital form, and even battery-backed RAMs can be read after storing keys for a long time [1, 2, 14]....

    [...]

Journal ArticleDOI
TL;DR: It is shown that arbiter-based PUFs are realizable and well suited to build key-cards that need to be resistant to physical attacks and to be identified securely and reliably over a practical range of environmental variations such as temperature and power supply voltage.
Abstract: Modern cryptographic protocols are based on the premise that only authorized participants can obtain secret keys and access to information systems. However, various kinds of tampering methods have been devised to extract secret keys from conditional access systems such as smartcards and ATMs. Arbiter-based physical unclonable functions (PUFs) exploit the statistical delay variation of wires and transistors across integrated circuits (ICs) in manufacturing processes to build unclonable secret keys. We fabricated arbiter-based PUFs in custom silicon and investigated the identification capability, reliability, and security of this scheme. Experimental results and theoretical studies show that a sufficient amount of inter-chip variation exists to enable each IC to be identified securely and reliably over a practical range of environmental variations such as temperature and power supply voltage. We show that arbiter-based PUFs are realizable and well suited to build, for example, key-cards that need to be resistant to physical attacks.

1,002 citations


"Physical unclonable functions for d..." refers background in this paper

  • ...(For an analysis of modelbuilding on arbiter PUFs see [8]....

    [...]

  • ...Because the PUF circuit is rather simple, attackers can try to construct a precise timing model and learn the parameters from many input-output pairs [8]....

    [...]

Journal ArticleDOI
TL;DR: In this paper, a model describing the maximum clock frequency distribution of a microprocessor is derived and compared with wafer sort data for a recent 0.25-/spl mu/m microprocessor.
Abstract: A model describing the maximum clock frequency (FMAX) distribution of a microprocessor is derived and compared with wafer sort data for a recent 0.25-/spl mu/m microprocessor. The model agrees closely with measured data in mean, variance, and shape. Results demonstrate that within-die fluctuations primarily impact the FMAX mean and die-to-die fluctuations determine the majority of the FMAX variance. Employing rigorously derived device and circuit models, the impact of die-to-die and within-die parameter fluctuations on future FMAX distributions is forecast for the 180, 130, 100, 70, and 50-nm technology generations. Model predictions reveal that systematic within-die fluctuations impose the largest performance degradation resulting from parameter fluctuations. Assuming a 3/spl sigma/ channel length deviation of 20%, projections for the 50-nm technology generation indicate that essentially a generation of performance gain can be lost due to systematic within-die fluctuations. Key insights from this work elucidate the recommendations that manufacturing process controls be targeted specifically toward sources of systematic within-die fluctuations, and the development of new circuit design methodologies be aimed at suppressing the effect of within-die parameter fluctuations.

751 citations


"Physical unclonable functions for d..." refers background in this paper

  • ...It is widely known that significant process variations exist in IC fabrication making each IC unique [3, 4, 10]....

    [...]