We have so far focused on three directions of research on PUFs. They are:
We have briefly describes several projects in these directions below.
ECE: Electrical & Computer Engineering
- PUF Home
- PUF Background
- Projects
- Artifacts
- Publications
Projects on PUFs at SES Lab
1) Comparative Analysis of Different PUFs in terms of Performance
In this work, we propose a systematic method to evaluate and compare the performance of Physical Unclonable Functions (PUFs). The need for such a method is justifed by the fact that various types of PUFs have been proposed so far. However, there is no common method that can fairly compare them in terms of their performances. We first propose three generic dimensions of PUF measurements. We then define several parameters to quantify the performance of a PUF along these dimensions. We also analyze existing parameters proposed by other researchers. Based on our analysis, we propose a compact set of parameters that will be used as a tool to evaluate as well as compare the performance of different PUFs. To make the method independent of the underlying PUF technique, we focus on the statistical properties of the binary PUF responses. Finally, we show a detailed comparison analysis between two PUFs: ring-oscillator-based PUF (RO PUF) and Arbiter-based PUF (APUF) using measured PUF data.
- A. Maiti, V. Gunreddy and P. Schaumont, "A Systematic Method to Evaluate and Compare the Performance of Physical Unclonable Functions", IACR ePrint 2011/657 [PDF].
IACR LINK:2011/657
2) The Impact of Aging on An FPGA-Based Physical Unclonable Function
On-chip Physical Unclonable Functions (PUFs) are emerging as a powerful security primitive that can potentially solve several security problems. A PUF needs to be robust against reversible as well as irreversible temporal changes in circuits. While the effect of the reversible temporal changes on PUFs is well studied, it is equally important to
analyze the effect of the irreversible temporal changes i.e. aging on PUFs. In this work, we perform an accelerated aging testing on an FPGA-based ring oscillator PUF (RO-PUF) and analyze how it affects the functionality of the PUF. Based on our experiment using a group of 90-nm Xilinx FPGAs, we observe that aging makes PUF responses unreliable. On the other hand, the randomness of PUF responses remains unaffected despite aging.
- A. Maiti, L. McDougall and P. Schaumont, "The Impact of Aging on An FPGA-Based Physical Unclonable Function", Proceedings of the International Conference on Field Programmable Logic and Applications (FPL), IEEE, 2011, pp. 151-156.
[PDF] [DOI] Best Paper Award.
3) A Large Scale Characterization of RO PUF
To validate the effectiveness of a Physical Unclonable Function (PUF), it needs to be characterized over a large population of chips. Though simulation methods can provide
approximate results, an on-chip experiment produces more accurate result. In this paper, we characterize a PUF based on ring oscillator (RO) using a significantly large population of 125 FPGAs. We analyze the experimental data using a ring oscillator loop delay model, and quantify the quality factors of a PUF such as uniqueness and reliability. The RO-PUF shows an average inter-die Hamming distance of 47.31%, and an average intra-die Hamming distance of 0.86% at normal operating condition.
Additionally, we intend to make this large RO frequency dataset available publicly for the research community.
- A. Maiti, J. Casarona, L. McHale, and P. Schaumont, "A Large Scale Characterization of RO-PUF", Proceedings of the International Workshop on Hardware-Oriented Security and Trust (HOST), IEEE, 2010, pp. 94-99.
[PDF] [DOI]
4) An Analysis of Delay Based PUF Implementations on FPGA
Physical Unclonable Functions promise cheap, efficient, and secure identification and authentication of devices. In FPGA devices, PUFs may be instantiated directly from FPGA fabric components in order to exploit the propagation delay differences of signals caused by manufacturing process variations. Multiple delay based PUF architectures have been proposed. However, we have observed inconsistent results among them. Ring Oscillator PUF works fine, while other delay based PUFs show a significantly lower quality. Rather than proposing complex system level solutions, we focus on the fundamental building blocks of the PUF. In our effort to compare the various delay based PUF architectures, we have closely examined how each architecture maps into the FPGA fabric. Our conclusions are that arbiter and butterfly PUF architectures are ill suited for FPGAs, because delay skew due to routing asymmetry is over 10 times higher than the random variation due to manufacturing process. On the other hand, ring oscillator PUF does not suffer from the same limitations.
- S. Morozov, A. Maiti and P. Schaumont, "An Analysis of Delay Based PUF Implementations on FPGA", 6th International Symposium on Applied Reconfigurable Computing (ARC), Springer, 2010, pp. 382-387. [PDF]
- S. Morozov, A. Maiti and P. Schaumont, "An Analysis of Delay Based PUF Implementations on FPGA", IACR ePrint Archive 2009/629, [PDF]
1) A Robust Physical Unclonable Function with Enhanced Challenge-Response Set
A Physical Unclonable Function(PUF) is a promising solution to many security issues due its ability to generate a die-unique identifier that can resist cloning attempts as well as physical tampering. However, the efficiency of a PUF depends on its implementation cost, its reliability, its resiliency to attacks, and the amount of entropy in it. PUF entropy is used to construct cryptographic keys, chip identifiers or challenge-response pairs (CRPs) in a chip authentication mechanism. The amount of entropy in a PUF is limited by the circuit resources available to build a PUF. As a result, generating longer keys or larger sets of CRPs may increase PUF circuit cost.We address this limitation in a PUF by proposing an identity-mapping function that expands the set of CRPs of a ring-oscillator PUF (RO-PUF) with low area cost. The CRPs generated through this function exhibit strong PUF qualities in terms of uniqueness and reliability. To introduce the identity-mapping function, we formulate a novel PUF system model that uncouples PUF measurement from PUF identifier formation. We show the enhanced CRP generation capability of the new function using a statistical hypothesis test. An implementation of our technique on a low-cost FPGA platform shows at least 2 times savings in area compared to the traditional RO-PUF. The proposed technique is validated using a population of 125 chips, and its reliability over varying environmental conditions is shown.
- A. Maiti, I. Kim and P. Schaumont, "A Robust Physical Unclonable Function with Enhanced Challenge-Response Set", IEEE Transactions on Information Forensics and Security, Accepted.
[LINK] [DOI]
2) Improved Ring Oscillator PUF: An FPGA-friendly Secure Primitive
In this paper, we analyze ring oscillator (RO) based physical unclonable function (PUF) on FPGAs. We show that the systematic process variation adversely affects the ability of the RO-PUF to generate unique chip-signatures, and propose a compensation method to mitigate it. Moreover, a configurable ring oscillator (CRO) technique is proposed to reduce noise in PUF responses. Our compensation method
could improve the uniqueness of the PUF by an amount as high as 18%. The CRO technique could produce nearly 100% error-free PUF outputs over varying environmental conditions without post-processing while consuming minimum area.
- A. Maiti and P. Schaumont, "Improved Ring Oscillator PUF: An FPGA-Friendly Secure Primitive", IACR Journal of Cryptology, vol. 24, issue 2, April, 2011, pp. 375-397.
[PDF] [DOI]
- A. Maiti and P. Schaumont, "Improving the Quality of a Physical Unclonable Function using Configurable Ring Oscillators", Proceedings of the International Conference on Field Programmable Logic and Applications (FPL), IEEE, 2009, pp. 703-707.
[PDF] [DOI]
1) A Flexible Design Flow for Software IP Binding in FPGA
Software intellectual property (SWIP) is a critical component of increasingly complex field programmable gate arrays (FPGA)-based system-on-chip (SOC) designs. As a result,
developers want to ensure that their Software Intellectual Property (SWIP) is protected from being exposed to or tampered with by unauthorized parties. By restricting the execution of SWIP to a single trusted FPGA platform, SWIP binding addresses developer's concerns about maintaining control of their intellectual property and the market position it affords. This work proposes a novel design flow for SWIP binding on a commodity FPGA platform lacking specialized hardcore security facilities.We accomplish this by leveraging the qualities of a Physical Unclonable Function (PUF) and a tight integration of hardware and software security features. A prototype implementation
demonstrates our design flow's ability to successfully protect software by encryption using a 128 bit FPGA-unique key extracted from a PUF. Based on this proof of concept, a solution to perform secure remote software updates, a common challenge in embedded systems, is proposed to showcase the practicality and flexibility of the design flow.
- M. Gora, A. Maiti and P. Schaumont, "A Flexible Design Flow for Software IP Binding in FPGA", IEEE Transactions on Industrial Informatics, vol. 6, issue 4, November, 2010, pp. 719-728.
[PDF] [DOI]
- M. Gora, A. Maiti and P. Schaumont, "A Flexible Design Flow for Software IP Binding in Commodity FPGA", Proceedings of the International Symposium on Industrial Embedded Systems (SIES), IEEE, 2009, pp. 211-218.
[PDF] [DOI]
2) Physical Unclonable Function and True Random Number Generator : a Compact and Scalable Implementation
Physical Unclonable Functions (PUF) and True Random Number Generators (TRNG) are two very useful components in secure system design. PUFs can be used to extract chip-unique signatures and volatile secret keys, whereas TRNGs are used for generating random padding bits, initialization vectors and nonces in cryptographic protocols.
This paper proposes a scalable design technique to implement both a delay-based PUF and a jitter-based TRNG using ring oscillators. By sharing and reusing a significant amount of hardware resources, we achieve nearly 50% area reduction as compared to discrete implementations. We also propose and demonstrate a co-processor-based design that renders the circuit portable across various embedded processor platforms on FPGAs. Multiple scaled designs using 32 to 128 ring oscillators have been implemented and verified on Xilinx Spartan3S500E FPGA. A representative design uses 32 3-inverter ring oscillators, 64 flip-flops/latches, 31 2-input XOR gates and control circuitry giving a 3.2Mbps truly random stream and 31-bit unique device signature.
- A. Maiti, R. Nagesh, A. Reddy and P. Schaumont, "Physical Unclonable Function and True Random Number Generator : a Compact and Scalable Implementation", Proceedings of the Great Lake Symposium on VLSI (GLSVLSI), ACM, 2009, pp. 425-428.
[PDF] [DOI]
3) Online HW/SW Authentication for Reconfigurable Platforms
Many Field-Programmable Gate Array (FPGA) based systems uti lize third-party intellectual property (IP) in their development. When they are deployed in non-networked environments, the question raises how this IP can be protected against non-authorized use. We describe an offline authentication scheme for IP modules. The scheme
implements mutual authentication of the IP modules and the hardware platform, and enables us to provide authentication and integrity assurances to both the system developer and IP provider. Compared to the Trusted Computing Platform's approach to hardware, software authentication, our solution is more lightweight and tightly integrates with existing FPGA security features. We are able to demonstrate an implementation of the authentication scheme that requires a symmetric cipher and a Physically Unclonable Function (PUF). In addition to the low hardware requirements, our implementation does not require any on-chip, non-volatile storage.
