Physical Unclonable Functions
description
Transcript of Physical Unclonable Functions
Physical Unclonable Functions
Farzane Salehi MinapourAida MiralaeiMohammadKazem Taram
Department of Computer Eng. Sharif University of TechnologySpring 2014
Agenda
●Challenges in Hardware Security●What is PUF ?●Applications of PUFs●Classification of PUFs●PUF Circuits●Summery●References
Hardware Security and Trust, CE, SUT
Challenges=>Conventional Authentication
Hardware Security and Trust, CE, SUT
Conventional Authentication Schemes Need to store keys Power and area consuming
.
Challenges => Store Secrets
Hardware Security and Trust, CE, SUT
Conventional approach to embed secure secrets in IC• Non-volatile memory(ROM, Fuse, Flash or EEPROM)• Battery-backed RAM
Non-volatile memory technologies are often vulnerable to invasive and non-invasive attack
Adversaries can physically extract secret keys from EEPROM while processor is off
Challenges=>expensive tamper proof packs
Hardware Security and Trust, CE, SUT
Storing digital information in a device in a way that is resistant to physical attacks is difficult and expensive.
IBM 4758 ● Tamper-proof package containing
a secure processor which has a secret key and memory
● Tens of sensors, resistance, temperature, voltage, etc.
● Continually battery-powered● ~ $3500 for a 99 MHz processor
and 128MB of memory
Power and Area are criticalRFID tag can afford a maximum of 2000 gates for security features
Passive RFIDsA good cryptographic primitive should be lightweight, occupy little area on silicon and should have very low power consumption.
Challenges=>Power and Area
Hardware Security and Trust, CE, SUT
What is PUF? Physical Unclonable Function (PUF) Process variations can be turned into a
feature rather than a problem• Variation is inherent in fabrication process• Unique for each physical instance• Hard to remove or predict• Relative variation increases as the fab process
advances• Non-silicon PUFs
Hardware Security and Trust, CE, SUT
Types of PUFs
● Optical PUFs● Coating and Acoustic PUFs● Silicon PUFs(SPUF)
○ timing and delay information○ easy integrate into ICs
Applications of PUF1) Low cost authentication[1]
Hardware Security and Trust, CE, SUT
Applications of PUF2) Cryptographic Key Generator[1]
*ECC=Error Correction Code Hardware Security and Trust, CE, SUT
Applications of PUF3) Software Licensing and Anonymous Computation[3]
*CPUF=Controlled PUF Hardware Security and Trust, CE, SUT
Applications of PUF3) Software Licensing and Anonymous Computation
Hardware Security and Trust, CE, SUT
●0.1% of all challenges do not return a consistent response
●These meta-stable challenges generate responses which can vary unpredictably
Applications of PUF
4) Random Number Generation [2]
Classification of PUFs●Strong PUFs
○Large number of challenge response pairs○IC identification and secret key generation○E.g arbiter PUF and feed forward arbiter
●Weak PUFs○Limited number of challenge response pairs
(sometime just single)○Secret key generation○E.g SRAM PUF and butterfly PUF
Hardware Security and Trust, CE, SUT
PUF Circuits●Arbiter PUF[4]
Hardware Security and Trust, CE, SUT
PUF Circuits
●Arbiter PUF●delay paths with the same layout length●Simple->attackers can construct a timing
model
Hardware Security and Trust, CE, SUT
PUF Circuits●construct a k-bit response
●one circuit can be used k times with different inputs
● duplicate the single-output PUF circuit
Hardware Security and Trust, CE, SUT
PUF Circuits●Feed Forward Arbiter PUF
Hardware Security and Trust, CE, SUT
PUF Circuits●Lightweight Secure PUF[7]
Hardware Security and Trust, CE, SUT
PUF Circuits●Ring Oscillator PUF [1]
Hardware Security and Trust, CE, SUT
PUF Circuits
●Ring Oscillator PUF●Easier Implementation
●No need for careful layout and routing●Slower, Larger, more power to generate bits●Better for FPGAs and secure processors●Hard to generate many challenge response
pairs
Hardware Security and Trust, CE, SUT
PUF Circuits●Ring Oscillator PUF
●environmental conditions●Choose ring oscillator
pairs, whose frequencies are far apart=>remove key generation error
Hardware Security and Trust, CE, SUT
PUF Circuits SRAM●SRAM PUF[5]
Hardware Security and Trust, CE, SUT
PUF Circuits●Butterfly PUF[6]
Hardware Security and Trust, CE, SUT
Summery●PUFs are innovative circuit primitives that extract
secrets from physical characteristics of integrated circuits (ICs)
●PUFs can enable low-cost authentication of individual ICs
●Generate volatile secret keys for cryptographic operations both symmetric and asymmetric cryptographic operations
●PUF applications and circuits
Hardware Security and Trust, CE, SUT
References[1] Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: Design Automation Conference, pp. 9{14. ACM Press, New York, NY, USA (2007)[2] C. W. O’Donnell, G. E. Suh, and S. Devadas . PUF-based random number generation. In MITCSAIL CSG Technical Memo 481, November 2004[3] Gassend, Blaise, et al. "Controlled physical random functions and applications." ACM Transactions on Information and System Security (TISSEC) 10.4 (2008): 3.[4] J.W. Lee, D. Lim, B. Gassend, G. E. Suh, M. van Dijk and S. Devadas, “ A technique to build a secret key in integrated circuits with identification and authentication applications”, in Proceedings of the VLSI Circuits Symposium, June 2004. [5] D. E. Holcomb, W. P. Burleson, and K. Fu, “ Power-up SRAM State as an Identifying Fingerprint and Source of True Random Numbers”, in IEEE Transactions on Computers, 58(9):1198-1210, 2009.[6] S. S. Kumar, J. Guajardo, R. Maes, Geert-Jan Schrijen and P. Tuyls, “Extended Abstract: The Butterfly PUF Protecting IP on every FPGA”, in IEEE International Workshop on Hardware-Oriented Security and Trust, HOST 2008.[7] M. Majzoobi, F. Koushanfar and M. Potkonjak, “Lightweight Secure PUFs”, in IEEE International Conference on Computer-Aided Design, 2008
Hardware Security and Trust, CE, SUT
Thanks