Skip to main content
SpringerLink
Log in

Using Data Contention in Dual-ported Memories for Security Applications

  • Published:
Journal of Signal Processing Systems Aims and scope Submit manuscript

Abstract

Field Programmable Gate Arrays (FPGA) provide the invaluable feature of dynamic hardware reconfiguration by loading configuration bit files. However, this flexibility also opens up the threat of theft of Intellectual Property (IP) since these configuration files can be easily extracted and cloned. In this context, the ability to bind an application configuration to a specific device is an important step to prevent product counterfeiting. Furthermore, such a technology can also enable advanced business models such as device-specific feature activation. In this work, we present a new technique to generate entropy on FPGA device—based on data contention in the hardware circuitry. For this entropy, we use the output of intentionally generated write collisions in synchronous dual-ported block RAMs (BRAM). We show that the parts of this output generated by such write collisions can be either probabilistic but also deterministic and device-specific. The characteristics of such an entropy source can be used for a large variety of security applications, such as chip identification and device authentication. In addition to that, we also propose a solution to efficiently create cryptographic keys on-chip at runtime. As a last contribution, we eventually present a strategy how to transform this entropy source into a circuit for True Random Number Generation (TRNG).

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11

Similar content being viewed by others

Notes

  1. Preserving the confidentiality of the scheme or a corresponding secret key implies the use of FPGA configuration encryption.

  2. Note that the KDF can either consist of a simple scheme selecting a few bit positions out of z or, preferably, a cryptographic hash function such as NIST’s SHA-2 family of hash functions.

References

  1. Altera Corporation (2004). FPGA design security solution using MAX II devices. White Paper, September 2004. ver. 1.0 at http://www.altera.com/literature/wp/wp_m2dsgn.pdf.

  2. Bösch, C., Guajardo, J. Sadeghi, A.-R., Shokrollahi, J., & Tuyls, P. (2008). Efficient helper data key extractor on FPGAs. In Cryptographic Hardware and Embedded Systems—CHES 2008. Lecture notes in computer science (Vol. 5154, pp. 181–197). Berlin/Heidelberg: Springer.

    Chapter  Google Scholar 

  3. Bundesamt für Sicherheit in der Informationstechnik (2001). AIS 31—Functionality classes and evaluation methodology for physical random number generators. Application note, September 2001. http://www.bsi.bund.de/cae/servlet/contentblob/478130/publicationFile/30260/ais31e_pdf.pdf.

  4. Callegari, S., Rovatti, R., & Setti, G. (2005). First direct implementation of a true random source on programmable hardware: Research articles. International Journal of Circuit Theory and Applications, 33(1), 1–16.

    Article  MATH  Google Scholar 

  5. Danger, J. L., Guilley, S., & Hoogvorst, P. (2009). High speed true random number generator based on open loop structures in fpgas. Microelectronics Journal, 40(11), 1650–1656.

    Article  Google Scholar 

  6. Davies, R. B. (2002). Exclusive OR (XOR) and hardware random number generators. http://www.robertnz.net/pdf/xor2.pdf. Accessed 28 February 2002.

  7. Dichtl, M., & Golić, J. D. (2007). High-speed true random number generation with logic gates only. In Cryptographic hardware and embedded systems—CHES 2007 (pp. 45–62) Berlin/Heidelberg: Springer.

    Chapter  Google Scholar 

  8. Digilent Inc. (2009). Spartan-3 Board, populated with XC3S200 FPGAs, 2009. http://www.digilentinc.com/Products/Detail.cfm?Prod=S3BOARD.

  9. Dodis, Y., Ostrovsky, R., Reyzin, L., & Smith, A. (2008). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM Journal on Computing, 38(1), 97–139.

    Article  MATH  MathSciNet  Google Scholar 

  10. Epstein, M., Hars, L., Krasinski, R., Rosner, M., & Zheng, H. (2003). Design and implementation of a true random number generator based on digital circuit artifacts. In Cryptographic hardware and embedded systems—CHES 2003. Lecture notes in computer science (Vol. 2779, pp. 152–165). Berlin/Heidelberg: Springer.

    Chapter  Google Scholar 

  11. Fischer, V., & Drutarovský, M. (2002). True random number generator embedded in reconfigurable hardware. In Cryptographic hardware and embedded systems—CHES 2002.Lecture notes in computer science (Vol. 2523, pp. 415–430). Springer-Verlag.

  12. Gassend, B., Clarke, D., Van Dijk, M., & Devadas, S. (2002). Silicon physical random functions. In 9th ACM Conference on computer and communications security (pp. 148–160). New York: ACM.

    Chapter  Google Scholar 

  13. Golic, J. D. (2006). New methods for digital generation and postprocessing of random data. IEEE Transactions on Computers, 55(10), 1217–1229.

    Article  Google Scholar 

  14. Guajardo, J., Kumar, S., Schrijen, G., & Tuyls, P. (2007). FPGA intrinsic PUFs and their use for IP protection. In Cryptographic hardware and embedded systems—CHES 2007 (Vol. 4727, p. 63). Springer.

  15. Guajardo, J., Kumar, S., Schrijen, G., & Tuyls, P. (2007). Physical Unclonable Functions and public-key crypto for FPGA IP Protection. In International conference on field programmable logic and applications, 2007. FPL 2007 (pp. 189–195).

  16. Güneysu, T., Kasper, T., Novotný, M., Paar, C., & Rupp, A. (2008). Cryptanalysis with COPACOBANA. IEEE Transactions on Computers, 57(11), 1498–1513.

    Article  Google Scholar 

  17. Güneysu, T., Möller, B., & Paar, C. (2007). Dynamic intellectual property protection for reconfigurable devices. In Proceedings of the IEEE international conference on field-programmable technology (ICFPT 2007) (pp. 169–176). IEEE Computer Society.

  18. Güneysu, T., & Paar, C. (2009). Transforming write collisions in block RAMs into security applications. In International conference on field-programmable technology—FPT 2009. (pp. 128–134). IEEE.

  19. Jenkins J., Lesea, A., & Alfke, P. (2009). VIRTEX: Under the hood—an insider’s guide to Xilinx FPGAs. Technical report, Xilinx Inc.

  20. Kean, T. (2002). Cryptographic rights management of FPGA intellectual property cores. In 10th international symposium on field-programmable gate arrays (FPGA 2002). Monterey, CA.

  21. Kohlbrenner, P., & Gaj, K. (2004). An embedded true random number generator for fpgas. In FPGA ’04: Proceedings of the 2004 ACM/SIGDA 12th international symposium on field programmable gate arrays (pp. 71–78). New York: ACM.

    Chapter  Google Scholar 

  22. Kumar, S., Guajardo, J., Maes, R., Schrijen, G., & Tuyls, P. (2008). Extended abstract: The butterfly PUF protecting IP on every FPGA. In IEEE international workshop on hardware-oriented security and trust (HOST 2008) (pp. 67–70).

  23. Kwok, S. H. M., & Lam, E. Y. (2006). Fpga-based high-speed true random number generator for cryptographic applications. In IEEE proc. TENCON 2006 (pp. 1–4).

  24. Maes, R., Tuyls, P., & Verbauwhede, I. (2008). Intrinsic PUFs from flip-flops on reconfigurable devices. In 3rd Benelux workshop on information and system security (WISSec 2008).

  25. Maes, R., Tuyls, P., & Verbauwhede, I. (2009). Low-overhead implementation of a soft decision helper data algorithm for SRAM PUFs. In Cryptographic hardware and embedded systems—CHES 2009 LNCS (Vol. 5747, pp. 332–347). Springer-Verlag.

  26. Marsaglia, G. (1995). The Marsaglia random number CDROM including the Diehard Battery of tests of randomness. http://www.stat.fsu.edu/pub/diehard/. Accessed 28 June 2010.

  27. Mick, J. R. (1996). Application note AN-45: Introduction to IDT’s FourPort RAM. Technical report, Integrated Device Technology, Inc.

  28. National Institute of Standards and Technology (NIST) (2007). Recommendation for random number generation using deterministic random bit generators. NIST Special Publication SP 800-90.

  29. Pappu, R., Recht, B., Taylor, J., & Gershenfeld, N. (2002). Physical one-way functions. Science, 297(5589), 2026–2030.

    Article  Google Scholar 

  30. J. Rice. Mathematical statistics and data analysis. Duxbury Press, 1995. ISBN: 0-534-20934-3.

  31. Schindler, W. (2001). Efficient online tests for true random number generators. In Cryptographic hardware and embedded systems—CHES 2001. Lecture notes in computer science (Vol. 2162, pp. 103–117). Berlin/Heidelberg: Springer.

    Chapter  Google Scholar 

  32. Schindler, W., & Killmann, W. (2003). Evaluation criteria for true (physical) random number generators used in cryptographic applications. In Cryptographic hardware and embedded systems—CHES 2002. Lecture notes in computer science (Vol. 2523, pp. 431–449). Berlin/Heidelberg: Springer.

    Chapter  Google Scholar 

  33. Simpson, E., & Schaumont, P. (2006). Offline hardware/ software authentication for reconfigurable platforms. In Cryptographic hardware and embedded systems—CHES 2006. LNCS (Vol. 4249, pp. 311–323).

  34. Smerdon, M. (2008). Security solutions using Spartan-3 generation FPGAs. Xilinx Inc., April 2008. http://www.xilinx.com/support/documentation/white_papers/wp266.pdf.

  35. Sunar, B., Martin, W. J., & Stinson, D. R. (2007). A provably secure true random number generator with built-in tolerance to active attacks. SIAM Journal on Computing, 56(1), 109–119.

    MathSciNet  Google Scholar 

  36. Trusted Computing Group (TCG) (2006). TPM specification, version 1.2 revision 94, March 2006. http://www.trustedcomputinggroup.org/specs/TPM/.

  37. Tsoi, K. H., Leung, K. H., & Leong, P. H. W. (2003). Compact fpga-based true and pseudo random number generators. In FCCM ’03: Proceedings of the 11th annual IEEE symposium on field-programmable custom computing machines (p. 51). Washington: IEEE Computer Society.

    Chapter  Google Scholar 

  38. Tuyls, P., Schrijen, G.-J., kori, B., van Geloven, J., Verhaegh, N., & Wolters, R. (2006). Read-proof hardware from protective coatings. In Cryptographic hardware and embedded systems—CHES 2006. Lecture notes in computer science (Vol. 4249, pp. 369–383). Berlin/Heidelberg: Springer.

    Chapter  Google Scholar 

  39. Walker, S., & Foo, S. (2001). Evaluating metastability in electronic circuits for random number generation. In Proc. IEEE computer society workshop VLSI (pp. 99–101).

  40. Xilinx Application Note (2005). XAPP463—Using block RAM in Spartan-3 generation FPGAs. March 2005. http://www.xilinx.com/support/documentation/application_notes/xapp463.pdf.

Download references

Author information

Authors and Affiliations

  1. Horst Görtz Institute for IT Security, Ruhr-Universität Bochum, Bochum, Germany

    Tim Güneysu

Authors
  1. Tim Güneysu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tim Güneysu.

Electronic Supplementary Material

Below is the link to the electronic supplementary material.

(PDF 280 KB)

Appendix

Appendix

Table 1 Results obtained from T(i, j) relatively scaled according the maximum number of 8,192 bits for write collisions generated in 12 BRAMs on a Xilinx XC3S200 FPGA.
Full size table

Rights and permissions

Reprints and permissions

About this article

Cite this article

Güneysu, T. Using Data Contention in Dual-ported Memories for Security Applications. J Sign Process Syst 67, 15–29 (2012). https://doi.org/10.1007/s11265-010-0560-z

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11265-010-0560-z

Keywords

Search

Navigation