Challenge Codes for Physically Unclonable Functions (PUFs) A - PowerPoint PPT Presentation

Challenge Codes for Physically Unclonable Functions (PUFs) A Maximum Entropy Problem Alexander Schaub a , Olivier Rioul ab , Joseph Boutros c , Jean-Luc Danger ad & Sylvain Guilley ad a LTCI, Télécom ParisTech, Paris-Saclay Univ. b CMAP , Ecole Polytechnique, Paris-Saclay Univ. c Texas A&M University in Qatar d Secure-IC

Layout of the presentation Introduction to Physically Unclonable Functions (PUFs) Presentation of the Entropy Problem Entropy Problem: Results 2 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Layout of the presentation Introduction to Physically Unclonable Functions (PUFs) Presentation of the Entropy Problem Entropy Problem: Results 3 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Physically Unclonable Functions Motivation Embedded Security Anti-counterfeiting Secure password storage 4 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Physically Unclonable Functions Definition and Usage Definition PUF: Physical device, behavior defined by: Input: challenge bit-string C ∈ { 0 , 1 } n Output: bit response B ∈ { 0 , 1 } . and that is not clonable (physically and mathematically). 5 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Physically Unclonable Functions Definition and Usage Unclonability Physically Unclonable: Presence of uncontrollable physical factors during manufacturing, elements of the circuit are built slightly different each time → Anti-counterfeiting: Different circuit behavior for cloned hardware → Key storage: Different key generated for each device Mathematically Unclonable: Attacker cannot predict responses of challenges she did not observe yet. → Challenge-response authentication for embedded security (IoT, etc.). 6 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Technological dispersion Delay variation among devices ⇒ Gaussian distribution of the delays 7 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Loop-PUF Mathematical Description Definition Set of M challenges (codewords): C = ( c 1 , c 2 , . . . , c M ) , where � n � c i = ( c i , 1 c i , 2 ... c i , n ) ∈ + 1 , − 1 Loop-PUF: output results from delay differences, modeled by inner product: n � c i · X = c i , j X j j = 1 i . i . d . where X = ( X 1 , X 2 , ..., X n ) and X j ∼ N ( 0 , 1 ) PUF Response bits: B i = sign ( c i · X ) , i = 1 , . . . , M def. Objective: compute H C = H ( B 1 , B 2 , . . . , B M ) 8 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Layout of the presentation Introduction to Physically Unclonable Functions (PUFs) Presentation of the Entropy Problem Entropy Problem: Results 9 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Entropy Computation Motivation If challenges are orthogonal, responses are independent 1 . • The covariance matrix of the Gaussian vector C · X is equal to CC T n , and thus equal to the identity matrix in this case. Therefore, the delays are independent. Possible for M = n when a Hadamard matrix of rank n exists. However, not the case when there are more challenges. Open problems: • What is the entropy for a code that is not orthogonal ? • What is the maximum entropy for a given number of challenges ? • What is the maximum entropy for all possible challenges ? • What device complexity is needed for a given required key length ? 1 O. Rioul, P . Solé, S. Guilley, et al. , “On the entropy of physically unclonable functions”, in IEEE International Symposium on Information Theory (ISIT) , 2016, pp. 2928–2932. 10 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Entropy Computation Notations In order to compute the maximal entropy, we consider the first M = 2 n − 1 challenges in lexicographical order (adding more challenges does not increase the entropy) The corresponding entropy is denoted by H n . The possible outcomes of the random variables ( B 1 , ..., B M ) are denoted by b = b 1 b 2 ... b M , which we call sign vectors . We define P b = P b 1 b 2 ... b M = P [ B 1 = b 1 , B 2 = b 2 , ..., B M = b M ] Thus, � − P b log 2 ( P b ) H n = b ∈{± 1 } 2 n − 1 11 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Example Challenge Code n = 4 , M = 8  1 1 1 1   b 1   X 1 + X 2 + X 3 + X 4  1 1 1 − 1 b 2 X 1 + X 2 + X 3 − X 4             1 1 − 1 1 b 3 X 1 + X 2 − X 3 + X 4             1 1 − 1 − 1 b 4 X 1 + X 2 − X 3 − X 4 C 4 =       = sign ,       1 − 1 1 1 b 5 X 1 − X 2 + X 3 + X 4             − 1 − 1 X 1 − X 2 + X 3 − X 4 1 1 b 6             1 − 1 − 1 1 b 7 X 1 − X 2 − X 3 + X 4       − 1 − 1 − 1 X 1 − X 2 − X 3 − X 4 1 b 8 Hadamard matrix of order 4. 12 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Layout of the presentation Introduction to Physically Unclonable Functions (PUFs) Presentation of the Entropy Problem Entropy Problem: Results 13 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Entropy Computation Quadrant probability of bivariate normal ( M = 2 ) Let Y 1 = c 1 · X , Y 2 = c 2 · X , ρ = E [ Y 1 Y 2 ] . n 1 and ρ 2 + ρ ′ 2 = 1. Then Y 1 ⊥ Define Y ′ 1 such that Y 2 ≡ ρ Y 1 − ρ ′ Y ′ ⊥ Y ′ 1 . ⇒ Y ′ Y 2 1 Y 1 Y 1 P [ Y 1 > 0 , Y 2 > 0 ] = 1 4 + arcsin ( ρ ) 2 π 14 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Entropy Computation Orthant probability of trivariate normal ( M = 3 ) def = E [( c i · X )( c j · X )] We define ρ i , j . n Orthant probability of trivariate normal: P ( c 1 · X > 0 , c 2 · X > 0 , c 3 · X > 0 ) = 8 + arcsin ( ρ 1 , 3 ) + arcsin ( ρ 1 , 2 ) + arcsin ( ρ 2 , 3 ) 1 4 π Exact computations for small M are possible. Thus, the exact computation of H n is possible for small n (thanks to the use of symmetries). 15 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Entropy Computation Small PUFs Exact entropy calculations for n ≤ 4 possible: n 1 2 3 4 14 H n 1 2 H 3 ≃ 3 . 6655 ... 3 + log 2 3 ≃ 6 . 2516 ... Where: � � � � 1 − 6arcsin 1 8 − 3arcsin 1 1 3 3 H 3 = − log 4 π π � arcsin 1 � � arcsin 1 � 3 3 − 6 log π π 16 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Maximal Entropy For M ≥ 4, no closed-form expression for orthant probabilities exists. Ideas to obtain entropy results for n up to 8: • Find sign vectors with zero probability. • For the resulting vectors: exploit symmetries to find sign vectors of equal probability. • Perform a simulation to evaluate the value of these probabilities. 17 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Zero-probability Sign-Vectors Definition and Results A zero-probability sign-vector is a sign vector b for which P b = 0 We have the following characterization: ⇒ ∃ α = ( α 1 , ..., α M ) ∈ R M \{ 0 } M : P b = 0 ⇐ M � sign ( α i ) = b i when α i � = 0 and α i c i = 0 i = 1 We call α an annihilator for b , if it exists. Fact: If b admits an annihilator, then there exists an annihilator for b with weight at most n + 1. Fact: for the maximal code of size M = 2 n − 1 , any annihilator has weight at least 4. 18 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Zero-probability Sign-Vectors Results and Conjectures Conjecture: If b admits an annihilator, then there exists an annihilator for b with minimal weight 4 (checked for n = 1 , . . . , 7). Knowing zero-probability vectors of order n rules out many vectors at order n + 1. H n ≤ Max-entropy = log 2 ( # non-zero probability vectors ) . n Maximum # of outcomes Non-zero probabilities Proportion among outcomes max-entropy (bits) 1 2 2 1. 1. 2 4 4 1. 2. 3 16 14 0.875 3.8073 4 256 104 0.40625 6.7004 5 65536 1882 0.0287 10.8780 2.202 · 10 − 5 6 4294967296 94572 16.5291 8.147 · 10 − 13 ∼ 1 . 8 · 10 19 7 15 028 134 23.8411 ∼ 3 . 4 · 10 38 2.462 · 10 − 29 8 8 378 070 864 32.9640 19 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018

Symmetry Exploitation Sign symmetry d Gaussian random variables are symmetric : X i = − X i . Changing the signs of the Gaussian r.v. is equivalent to multiplying all lines of the challenge matrix with these signs. If sign of X 1 is not changed: this is equivalent to a permutation of lines of the challenge matrix. The original and the permuted sign vectors have the same probability . 20 Télécom ParisTech Challenge Codes for Physically Unclonable Functions July 26, 2018