physical ly unclonable functions
play

Physical(ly) Unclonable Functions An introduction to Intrinsic PUFs - PDF document

Apr 02, 2023 •166 likes •352 views

Physical(ly) Unclonable Functions An introduction to Intrinsic PUFs Ingrid Verbauwhede Slide courtesy: Roel Maes COSIC K.U.Leuven Supported by: IWT and Introduction Goal of this talk try to answer the question: What is a PUF?

  1. Physical(ly) Unclonable Functions An introduction to Intrinsic PUFs Ingrid Verbauwhede Slide courtesy: Roel Maes COSIC – K.U.Leuven Supported by: IWT and Introduction Goal of this talk � try to answer the question: � What is a PUF? � What is it usage? � Can we use it as an unclonable device identifier? � P.U.F.? P.U.F. � Physical Unclonable Function � a physical function which is unclonable in every sense P.U.F. � Physical ly Unclonable Function � a function which is unclonable in a physical sense ECRYPT, ALBENA, MAY 2011 2 1

  2. Introduction (cont.) � Need for unique identification of devices or goods Example: RFID tags � Secure storage of a key bit string (non volatile memory, battery � backed up SRAM, fuses, etc.) � Problem: personalization step during fabrication Expensive, extra processing steps � Post-processing e.g. by blowing fuses � � Idea: use physical uniqueness of devices � Idea: use CMOS process variations for this Threshold voltage � Oxide thickness � Metal line shapes � ECRYPT, ALBENA, MAY 2011 3 Functional description of PUF � For use in crypto applications � PUF = (physical) function which is physically unclonable Challenge Response PUF � Very hard (“impossible”) to produce two PUFs with similar challenge-response behavior � Easy to construct and evaluate a random PUF ECRYPT, ALBENA, MAY 2011 4 2

  3. Basic properties of PUF Minimum requirements: � For two random PUFs, difference between expected responses to same challenge, should be large = manufacturing variability is ‘large’ � For single random PUF, difference between two measured responses to same challenge, should be small = noise, aging, temperature effects,… are limited � For single random PUF, uncertainty about response to challenge is large, when one does not have access to this PUF instance = unpredictability is large ECRYPT, ALBENA, MAY 2011 5 Intrinsic PUFs � Use inherent manufacturing variability present in CMOS fabrication � Keep measured PUF responses inside chip Useful for secure key storage! Requirements: � PUF + measurement circuit + post-processing inside chip � Standard processing, no extra processing steps ECRYPT, ALBENA, MAY 2011 6 3

  4. MOS Transistor � Gate voltage below “threshold” - No current (there is subthreshold current) � Gate voltage above “threshold” - current can flow � Threshold = f(doping concentration) ECRYPT, ALBENA, MAY 2011 7 Delay of gate � Time to charge or discharge capacitances at output � Delay t = C x � V / I � I = f (Cox, (V GS - V Th )) 0-1 � Process variations: transition Oxide thickness � Threshold voltage � Capacitance � ECRYPT, ALBENA, MAY 2011 8 4

  5. Outline � Introduction � A few examples of Intrinsic PUFs � PUF properties � PUF applications � Conclusion ECRYPT, ALBENA, MAY 2011 9 First example: Arbiter PUF Delay based intrinsic PUF 5

  6. Arbiter PUF: basic operation � Initial design [Lee et al, MIT 2004] switch block: e.g. two muxes � arbiter: e.g. a latch or a flip-flop � n switch blocks � 2 n “different” delays � Challenge 0 1 0 0 1 1 Response Arbiter 0/1 Switch Block 11 ECRYPT, ALBENA, MAY 2011 Arbiter PUF: experiments [Lee04] � Results: [L04] 10000 CRPs from 37 ASICs � 64-stage arbiter PUF � μ inter = 23% μ intra � 0.7% μ intra � 3.47% (voltage variation) μ intra � 4.82% (temperature variation) [Lee04] Results on FPGA [Lee at al 04] : μ inter = 1.05%, μ intra = 0.3% � 12 ECRYPT, ALBENA, MAY 2011 6

  7. Arbiter PUF: analysis � delay � additive ! leads to model-building attack (linear programming) � also machine-learning techniques (Artificial Neural Networks, Support Vector � Machines, …) � Attack results: ASIC : 3.55% prediction error with SVM trained with 5000 CRPs ( < μ intra !!! ) � FPGA : 0.6% prediction error with perceptron trained with 90000 CRPs � � Extensions [Ozturk et al 2008] tri-state buffer based delay circuit � comparable to switch-based � Simulation : prediction error < 3% for linear programming on 4000 CRPs � � Conclusion : (Improved) arbiter PUFs can be accurately modelled (= “cloned”) from polynomial # known CRPs ECRYPT, ALBENA, MAY 2011 13 Second example: Ring Oscillator PUF Delay based Intrinsic PUF 7

  8. Ring Oscillator PUF: basic operation � Initial design [Gassend et al 2003] Challenge Edge Counter Response ~ f Delay ++ detector f f A � Compensation Response ÷ r = f A / f B To eliminate (scaling) f B � environmental influence � One-bit compensation f A � Response [Suh 2007] 0 if f A < f B f B 1 if f A � f B To avoid costly division � 15 ECRYPT, ALBENA, MAY 2011 Ring Oscillator PUF: experiments � Results [Suh2007]: measurements on 15 FPGAs, 1024 � loops/FPGA and 1 out of 8 masking μ inter = 46.15% μ intra = 0.48% (with temp./volt. var.) 16 ECRYPT, ALBENA, MAY 2011 8

  9. Ring Oscillator PUF: analysis � Modelling attacks? � same as arbiter PUFs for basic design � not for fixed delay circuit as in [Suh 2007] � but much less challenges! [N/2 < #challenges < log 2 (N!)] � inefficient area use ECRYPT, ALBENA, MAY 2011 17 SRAM PUF Memory based Intrinsic PUF 9

  10. SRAM PUF: basic operation � SRAM cell: (6T-CMOS) Q Q Q Q 0 1 � Which state right after power-up? 1 0 depends on physical mismatch between M 2 and M 4 � power-up state = � 2 possible stable states measure for manufacturing variability � 1-bit storage ECRYPT, ALBENA, MAY 2011 19 SRAM PUF: basic operation � SRAM PUF challenge = SRAM address � response = power-up state of addressed cell(s) � power-up state: � Guajardo et al 2007 Q Q Q = 0 SRAM on FPGA � Q Q Q = 1 � Holcomb et al 2007 COTS SRAM � SRAM on embedded micro-controller � ECRYPT, ALBENA, MAY 2011 20 10

  11. SRAM PUF: experiments � Results [Guarjado et al CHES 2007] measurements on FPGA, 8190 bytes from different SRAM blocks � � intra = 3.57% , � intra = 0.13% � inter = 49.97% , � inter = 0.3% � ECRYPT, ALBENA, MAY 2011 21 SRAM PUF: experiments � Results [Holcomb, Burleson, Fu 2009] measurements on two types of devices � COTS SRAM chip: 5120 64-bit blocks on 8 ICs � Embedded SRAM in � C: 15 64-bit blocks on 3 ICs � μ inter = 43.16% μ inter = 49.34% μ intra = 3.8% μ intra = 6.5% SRAM chip Embedded SRAM ECRYPT, ALBENA, MAY 2011 22 11

  12. Outline � Introduction � Examples of Intrinsic PUFs � PUF properties � PUF applications � Conclusion ECRYPT, ALBENA, MAY 2011 23 Quick overview � Evaluatable: y = PUF (x) is easy � Unique: PUF(x) contains some unique information � Reproducible: PUF() has only small error � Unclonable: hard to make PUF’(x) given PUF(x) � Unpredictable: hard to find y N =PUF(x N ) given other x, y pairs � One-way: given y and PUF(), cannot find x � Tamper evident: tampering changes PUF() ECRYPT, ALBENA, MAY 2011 24 12

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hardware Security Chester Rebeiro IIT Madras 1 Physically Unclonable Functions Physical

Hardware Security Chester Rebeiro IIT Madras 1 Physically Unclonable Functions Physical

Hardware Security Chester Rebeiro IIT Madras 1 Physically Unclonable Functions Physical Unclonable Functions and Applications: A Tutorial http://ieeexplore.ieee.org/document/6823677/ Edge Devices 1000s of them expected to be deployed Low

1.94k views • 90 slides
Hardware Security Chester Rebeiro IIT Madras 1 Physically Unclonable Functions Physical

Hardware Security Chester Rebeiro IIT Madras 1 Physically Unclonable Functions Physical

Hardware Security Chester Rebeiro IIT Madras 1 Physically Unclonable Functions Physical Unclonable Func1ons and Applica1ons: A Tutorial h8p://ieeexplore.ieee.org/document/6823677/ Edge Devices 1000s of them expected to be deployed Low power

1.06k views • 71 slides
HOST Physical Unclonable Functions I ECE 525 Introduction We discussed the basic tenets of

HOST Physical Unclonable Functions I ECE 525 Introduction We discussed the basic tenets of

HOST Physical Unclonable Functions I ECE 525 Introduction We discussed the basic tenets of information security, including confidentiality, data integrity, authentication and non-repudiation Algorithms have been developed that provide these

694 views • 30 slides
HOST Physical Unclonable Functions II ECE 525 Weak PUF vs Strong PUF The distinction is rooted

HOST Physical Unclonable Functions II ECE 525 Weak PUF vs Strong PUF The distinction is rooted

HOST Physical Unclonable Functions II ECE 525 Weak PUF vs Strong PUF The distinction is rooted in the security properties of their challenge-response pairs One definition of a Strong PUF : Even after giving a adversary access to the PUF instance

446 views • 33 slides
New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions (PUFs) Vincent

New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions (PUFs) Vincent

New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions (PUFs) Vincent Immler, Karthik Uppund Conference on Cryptographic Hardware and Embedded Systems, Atlanta, Aug 26, 2019 PUF in a Nutshell: Biometrics of Objects PUF

403 views • 21 slides
Error Correction for Physical Unclonable Functions Using Generalized Concatenated Codes uelich

Error Correction for Physical Unclonable Functions Using Generalized Concatenated Codes uelich

Ulm University Communications Engineering Error Correction for Physical Unclonable Functions Using Generalized Concatenated Codes uelich , Sven Puchinger , Martin Bossert , Sven M Matthias Hiller , Georg Sigl Institute

372 views • 12 slides
Algebraic Security Analysis of Key Generation with Physical Unclonable Functions Matthias Hiller 1

Algebraic Security Analysis of Key Generation with Physical Unclonable Functions Matthias Hiller 1

Algebraic Security Analysis of Key Generation with Physical Unclonable Functions Matthias Hiller 1 , Michael Pehl 1 , Gerhard Kramer 2 and Georg Sigl 1,3 1 Chair of Security in Information Technology 2 Chair of Communications Engineering 2

963 views • 19 slides
A Data Remanence based Approach to Generate 100% Stable Keys from an SRAM Physical Unclonable

A Data Remanence based Approach to Generate 100% Stable Keys from an SRAM Physical Unclonable

A Data Remanence based Approach to Generate 100% Stable Keys from an SRAM Physical Unclonable Function Muqing Liu, Chen Zhou, Qianying Tang, Keshab K. Parhi and Chris H. Kim University of Minnesota, Twin Cities liux3300@umn.edu International

494 views • 28 slides
Challenge Codes for Physically Unclonable Functions (PUFs) A Maximum Entropy Problem Alexander

Challenge Codes for Physically Unclonable Functions (PUFs) A Maximum Entropy Problem Alexander

Challenge Codes for Physically Unclonable Functions (PUFs) A Maximum Entropy Problem Alexander Schaub a , Olivier Rioul ab , Joseph Boutros c , Jean-Luc Danger ad &amp; Sylvain Guilley ad a LTCI, Tlcom ParisTech, Paris-Saclay Univ. b CMAP ,

693 views • 26 slides
LRR-DPUF: Learning Resilient and Reliable Digital Physical Unclonable Function Jin Miao 1 Meng Li

LRR-DPUF: Learning Resilient and Reliable Digital Physical Unclonable Function Jin Miao 1 Meng Li

LRR-DPUF: Learning Resilient and Reliable Digital Physical Unclonable Function Jin Miao 1 Meng Li 2 Subhendu Roy 1 Bei Yu 3 1 Cadence Design Systems 2 University of Texas at Austin 3 The Chinese University of Hong Kong 1 / 26 Outline

400 views • 26 slides
Analysis of the Strict Avalanche Criterion in variants of Arbiter-based Physically Unclonable

Analysis of the Strict Avalanche Criterion in variants of Arbiter-based Physically Unclonable

Analysis of the Strict Avalanche Criterion in variants of Arbiter-based Physically Unclonable Functions Akhilesh Anilkumar Siddhanti 1 , Srinivasu Bodapati 2 , Anupam Chattopadhyay 3 , Subhamoy Maitra 4 , Dibyendu Roy 5 and Pantelimon St a 6

678 views • 25 slides
Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der

Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der

Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der Meulen seminar Leuven, December 2011 1 Outline Security with noisy data - biometrics &amp; privacy - Physical Unclonable Functions (PUFs)

828 views • 39 slides
Calculus 3 Differentiation and Integration of Functions of Many Variables for Physical Sciences

Calculus 3 Differentiation and Integration of Functions of Many Variables for Physical Sciences

Calculus 3 Differentiation and Integration of Functions of Many Variables for Physical Sciences and Engineering Hu` ynh Qang V u Faculty of Mathematics and Computer Science, University of Science, Ho Chi Minh City 05/2014 Vector functions

974 views • 85 slides
Physical Layer (Part 2) Srinidhi Varadarajan Fourier Series Even and Odd functions: Even

Physical Layer (Part 2) Srinidhi Varadarajan Fourier Series Even and Odd functions: Even

Physical Layer (Part 2) Srinidhi Varadarajan Fourier Series Even and Odd functions: Even functions mirror around the Y-axis (cos ) Odd functions invert around the Y axis (sin ) A Fourier series expresses a time-domain

559 views • 12 slides
Formal Design of Composite Physically Unclonable Function Durga Prasad Sahoo Debdeep

Formal Design of Composite Physically Unclonable Function Durga Prasad Sahoo Debdeep

Formal Design of Composite Physically Unclonable Function Durga Prasad Sahoo Debdeep Mukhopadhyay Rajat Subhra Chakraborty Computer Science and Engineering Indian Institute of Technology, Kharagpur, India Workshop on Security Proofs for

783 views • 21 slides
More on Functions Thomas Schwarz, SJ Marquette University Functions of Functions Functions

More on Functions Thomas Schwarz, SJ Marquette University Functions of Functions Functions

More on Functions Thomas Schwarz, SJ Marquette University Functions of Functions Functions are full-fledged objects in Python This means you can pass functions as parameters Example: Calculate the average of the values of a function at

332 views • 12 slides
The intrinsic dimension of importance sampling Omiros Papaspiliopoulos www.econ.upf.edu/~omiros

The intrinsic dimension of importance sampling Omiros Papaspiliopoulos www.econ.upf.edu/~omiros

Theorem[section] [theorem]Lemma [theorem]Example [theorem]Definition The intrinsic dimension of importance sampling Omiros Papaspiliopoulos www.econ.upf.edu/~omiros Jointly with: Sergios Agapiou (U of Cyprus) Daniel Sanz-Alonso (U of

506 views • 37 slides
VTA: Open &amp; Flexible DL Acceleration Thierry Moreau TVM Conference, Dec 12th 2018 TVM Stack

VTA: Open &amp; Flexible DL Acceleration Thierry Moreau TVM Conference, Dec 12th 2018 TVM Stack

VTA: Open &amp; Flexible DL Acceleration Thierry Moreau TVM Conference, Dec 12th 2018 TVM Stack High-Level Differentiable IR Tensor Expression IR LLVM CUDA Metal TVM Stack High-Level Differentiable IR Tensor Expression IR LLVM CUDA Metal

1.01k views • 84 slides
/ IntrinsicAutoRegressieModels Spaial daa anali in San Se

/ IntrinsicAutoRegressieModels Spaial daa anali in San Se

/ IntrinsicAutoRegressieModels Spaial daa anali in San Se Mae Daa Sciei a The Rckefelle Fdai / H! Se Mae, Manage and Daa

1.03k views • 43 slides
Casimir effect due to a single boundary as a manifestation of the Weyl problem Eugene B.

Casimir effect due to a single boundary as a manifestation of the Weyl problem Eugene B.

Casimir effect due to a single boundary as a manifestation of the Weyl problem Eugene B. Kolomeisky University of Virginia Work done with: Joseph P . Straley (University of Kentucky) Luke S. Langsjoen (University of Virginia) Hussain Zaidi

337 views • 23 slides
CS4495/6495 Introduction to Computer Vision 3C-L2 Intrinsic camera calibration Geometric Camera

CS4495/6495 Introduction to Computer Vision 3C-L2 Intrinsic camera calibration Geometric Camera

CS4495/6495 Introduction to Computer Vision 3C-L2 Intrinsic camera calibration Geometric Camera calibration Composed of 2 transformations: From some (arbitrary) world coordinate system to the cameras 3D coordinate system. Extrinisic

892 views • 23 slides
Estimation of Intrinsic Dimensionality Using High-Rate Vector Quantization Maxim Raginsky and

Estimation of Intrinsic Dimensionality Using High-Rate Vector Quantization Maxim Raginsky and

Estimation of Intrinsic Dimensionality Using High-Rate Vector Quantization Maxim Raginsky and Svetlana Lazebnik Beckman Institute and University of Illinois Dimensionality Estimation from Samples Problem: Estimate the intrinsic dimensionality d

306 views • 14 slides
Topics in Brain Computer Interfaces Topics in Brain Computer Interfaces CS295- -7 7 CS295

Topics in Brain Computer Interfaces Topics in Brain Computer Interfaces CS295- -7 7 CS295

Topics in Brain Computer Interfaces Topics in Brain Computer Interfaces CS295- -7 7 CS295 Professor: M ICHAEL B LACK TA: F RANK W OOD Spring 2005 Automated Spike Sorting Frank Wood - fwood@cs.brown.edu Today Particle Filter Homework

718 views • 36 slides
Lecture 22: Light and shading 1 Announcements PS10 out 2nd-to-last lecture on

Lecture 22: Light and shading 1 Announcements PS10 out 2nd-to-last lecture on

Lecture 22: Light and shading 1 Announcements PS10 out 2nd-to-last lecture on low-level vision. Rest of course: recent vision topics. Many interpretations of color! 3 The Workshop Metaphor 4 Source: J. Barron The Workshop

747 views • 47 slides

More recommend